Is there also an on-premise version of Echometer?
No, Echometer does not have an on-premise version that customers can host themselves. Echometer is only available as a cloud solution.
More FAQs from Data protection & security
Show all FAQsCan I appoint several admins in Echometer?
Yes, you can assign administration rights to any number of users at both team level and workspace level. Please note the following:
- Only workspace admins can take out and manage a Echometer subscription for a Echometer workspace.
- Only workspace admins can create additional teams and name or remove additional workspace admins.
- Team admins can appoint and remove additional team admins and team members for their team
Where is the server location of Echometer?
Echometer uses the servers of the Open Telekom Cloud in Germany. The Open Telekom Cloud data centers are located in Magdeburg and Biere in Saxony-Anhalt.
These two locations form what is known as a twin-core data center, which is connected to each other by its own high-speed network that is separate from the Internet.
Does Echometer have a GDPR-compliant contract for commissioned data processing?
Yes, Echometer is GDPR-compliant and accordingly has a data processing agreement (also known as “DPA”), which automatically becomes part of the contractual cooperation when a subscription is concluded:
Echometer Contract for commissioned data processing in accordance with GDPR
Does Echometer have terms and conditions?
Yes, Echometer has publicly available terms and conditions for the use of its software: Echometer GTC
Does Echometer offer an uptime SLA?
In the standard T&Cs of Echometer, an SLA (Service Level Agreement) for the availability of the service of 98% applies. In practice, the availability is well above 99.9% anyway.
The availability of Echometer can be viewed transparently and publicly: https://echometer.instatus.com/
Does Echometer have a recovery plan?
A frequent question in safety questionnaires is: Is there an emergency plan and a disaster prevention plan?
Yes, Echometer has documented emergency plans and recovery plans.
Every incident is handled and documented in accordance with internal guidelines. This includes assessing and containing the impact, restoring regular operations as quickly as possible, notifying customers if necessary and evaluating and implementing measures to prevent similar incidents in the future.
Which network protocols does Echometer use?
Echometer uses HTTPS, Websockets and gRPC as network protocols.
How are authorizations managed in Echometer?
The roles and authorizations in Echometer are managed by the customer’s workspace admins by assigning roles to employees directly in Echometer:
- Normal employees only have access to teams, retrospectives and 1:1 series to which they have been invited.
- Team administrators can create and moderate retrospectives in their teams, control the team settings and add or remove team members.
- Workspace administrators can create and archive teams, assign team administrators, manage the workspace settings and add or remove members from the workspace.
Which authentication method does Echometer use?
Several authentication mechanisms are supported in Echometer:
- E-mail address + password
- OAuth via Google
- SAML-SSO with IDP provided by the customer (can be enforced)
How is data encrypted in Echometer?
Echometer uses the following methods to encrypt data:
- Encryption In transit: TLS
- Encryption At rest: LUKS
Is Echometer's 1-on-1 meeting software secure and GDPR compliant?
Yes, both the software tool for 1-on-1 meetings and the tool for team retrospectives from Echometer are secure and GDPR-compliant.
Data in Echometer is sent in encrypted form and also stored in encrypted form on servers in Germany.
Several European financial institutions have chosen to purchase Echometer over competitors due to Echometer’s stringent data security measures.
Does Echometer offer SSO?
Yes, Echometer also allows SSO or single sign-on in its paid plans. This applies to both the retro tool and the tool for 1:1 meetings.
Is Echometer's retro tool secure and GDPR compliant?
Yes, Echometer’s retro tool is technically secure and GDPR-compliant.
Several European financial institutions and insurance companies have chosen to purchase Echometer’s retrospective tools over other alternatives due to the strict regulatory requirements.
The data is stored in Germany and processed securely. The data processing agreement with details on the technical and organizational security measures for processing by Echometer can be viewed here: https://echometerapp.com/gdpr-and-security/
Is Echometer GDPR compliant?
Yes! Echometer is a German software provider and is GDPR-compliant.
Echometer has been designed to ensure data security to the highest standards. All communication and data storage is encrypted accordingly.
Echometer’s data processing agreement and other documents can be viewed here: https://echometerapp.com/de/gdpr-and-security/#dpa
If you have any questions about data protection, please contact support[at]echometer.de.
Where does Echometer store my data?
Echometer customer data is encrypted and stored on servers within the EU in compliance with the GDPR.
How is consent for the use of AI in Echometer's transcription ensured and documented?
The transcription can only be started by the person whose share of the conversation is to be recorded. For example, if the manager starts recording their part in a 1:1 conversation, the other person will only be notified that their counterpart is currently transcribing.
In this message, there is also the option to start a transcription of your own speech. Starting the transcription itself is therefore the documented consent. If this consent is missing, no recording will start - and consequently no transcription will take place.
Can the contents of the DPA – for example, regarding subcontractors or inspection/response deadlines – be individually adapted upon request?
Individual adjustments to the Data Processing Agreement (DPA) – for example, regarding subcontractors or response times – are not part of our standard prices.
In principle, such adjustments can be implemented after a review of the content and legal aspects. The expenses incurred for this will be invoiced separately.
How long are audio transcriptions, AI-generated content, and other information stored?
We only store audio data for the duration of processing. It is deleted immediately after the transcription process is complete; only the generated transcript remains.
Transcripts, as well as AI-generated summaries and moderation tips, are stored identically to manually created meeting notes. They are available until the associated 1:1 series is deleted.
We delete all other workspace data no later than two months after the workspace is terminated – or earlier upon request.
What data is transmitted to OpenAI and where is it processed?
For each AI function, Echometer exclusively sends the data required for the respective purpose. Users can see transparently in the application which processing takes place for what purpose. Currently, the following scenarios apply in particular:
- Action recommendations in retrospectives: Only the linked feedback plus the current draft of the action is transmitted.
- Transcription of 1:1 conversations: The audio and the names of the participants are shared.
- Summaries and moderation tips: Only the generated transcript is processed here.
OpenAI Ireland Ltd. is our data processor. Processing may also take place in the USA – in accordance with OpenAI’s Data Processing Addendum (DPA). OpenAI does not use our customers’ data for training purposes.
There is no additional external documentation because we are constantly developing the functions. Instead, we describe all concrete processing directly in the software as soon as users activate a function.
What happens if the OpenAI integration is deactivated - is the AI function then completely switched off?
If the OpenAI integration is deactivated for a workspace, all AI functions of Echometer are completely deactivated for this workspace.
Even if the integration is active, data is only processed when users consciously trigger certain AI functions. There is no automatic background processing without clear, proactive user interaction.
Which AI model does Echometer use? Is there a choice?
Echometer’s AI functions currently work entirely with OpenAI’s models. We do not currently offer a selection of different models within the application.
For enterprise customers, connecting their own models or infrastructure can be reviewed as part of an individual contract and – if technically possible – also implemented.