OrdoDesk shares limited data with the following third-party providers to deliver specific features. Each provider is contractually bound to handle data appropriately.
All OrdoDesk data is stored on Mikestudio-managed servers. We do not use third-party cloud providers (AWS, GCP, Azure) for primary data storage.
Only authenticated users with appropriate roles within your organisation can access your data. Mikestudio personnel do not access organisational content except in limited technical support or security contexts, with appropriate authorisation.
Your data is retained for 30 days after cancellation, during which you can request an export. After this grace period, all data is permanently and irreversibly deleted from our systems.
Yes. Enterprise customers can request a DPA at ordodeskadmin@gmail.com. We are committed to acting as a compliant data processor under applicable law.
Please send a detailed report to ordodeskadmin@gmail.com with "Security Disclosure" in the subject line. We aim to acknowledge all reports within 48 hours and resolve confirmed vulnerabilities within 30 days.
Contact our team directly — we take every report seriously.
ordodeskadmin@gmail.com