DESC Compliance Notice – Important Information

DESC Compliance Notice – Important Information

If you are signing up from Dubai or selecting the UAE Data Center, please note that Zoho FSM is currently not compliant with the Dubai Electronic Security Center (DESC) regulatory framework.

Zoho, as an organization, aligns with robust security and compliance standards. However, Zoho FSM is presently exempt from DESC compliance requirements due to specific technical integrations (such as third-party mapping services) that fall outside the DESC-approved service framework.

This notice is displayed to ensure transparency for customers who may be subject to DESC regulations.

Please review the FAQs below for more details regarding DESC applicability, third-party integrations, data handling, and Zoho’s security and compliance standards.

FAQs

How DESC Relates to Zoho FSM
  1. What is DESC Compliance?
    DESC (Dubai Electronic Security Center) compliance is a regulatory framework mandated by the Government of Dubai to ensure secure handling of data for government and government-aided entities.
    DESC focuses on:
    1. Approved cloud service providers
    2. Restricted use of third-party services
    3. Strict data residency and access controls
    4. Government-grade cybersecurity policies

  2. Is DESC Compliance Mandatory for All Businesses in the UAE?
    No.

    DESC compliance is mandatory only for:
    - UAE government departments
    - Government-owned or government-aided organizations
    - Entities explicitly required by contracts or regulators to comply with DESC

    DESC compliance is NOT mandatory for:
    - Private companies
    - SMEs and startups
    - Commercial field service businesses
    - Enterprises operating in non-regulated sectors

    Private businesses in the UAE can legally and safely use non-DESCcompliant SaaS applications, including Zoho FSM.

  3. Why is Zoho FSM Not DESC Compliant?
    Zoho FSM relies on Google Maps for:
    - Technician live location tracking
    - Route optimization (upcoming)
    - Distance and ETA calculations

    Since Google Maps is not on the DESC-approved services list, Zoho FSM does not qualify as DESC compliant—even though it is hosted in Zoho’s UAE Data Center.

    ⚠️ This is a regulatory classification, not a security weakness.

  4. When Should You Avoid Using Zoho FSM?
    Zoho FSM may not be suitable if:
    - You are a Dubai Government entity
    - You are a government-aided organization
    - Your contract explicitly mandates DESC-compliant software only

    If this applies to you, please contact Zoho Support to discuss alternatives or architectural options.

  5. Why Am I Seeing a DESC Notice During Signup?
    During signup, you may see a clear notification regarding DESC compliance.
    This notice is displayed to ensure transparency for users signing up from Dubai or selecting the UAE Data Center.
    The notification clarifies that:
    - Zoho FSM is not DESC compliant
    - DESC compliance is mandatory only for Dubai government and government-aided entities
    - Private businesses, SMEs, and commercial organizations can continue using Zoho FSM without regulatory concerns

    You may review this help document for detailed information before proceeding with signup.
Google Maps Integration & Data Handling
  1. What data is shared with Google Maps?
    Zoho FSM shares only the address information required to calculate geographic coordinates (Latitude and Longitude).
    Specifically:
    - Service Address and Billing Address within transaction modules such as:
      - Requests
      - Estimates
      - Work Orders
      - Appointments
    These addresses are used solely for Latitude and Longitude (Lat, Lng) calculation, distance measurement, and map display.

  2. Are coordinates calculated for Contacts and Company modules?
    No. Latitude and Longitude are not automatically calculated or stored for addresses in the Contacts or Company modules. Coordinates are generated only on demand, when those addresses are used within a transaction module.

  3. Is the data stored in Google Maps?
    No. The address data sent for geocoding is not stored in Google Maps by Zoho FSM.

  4. Does the shared data contain customer or organization identifiers?
    No. The data shared for geocoding does not include any customer names, organization identifiers, or business references. Only the address required for coordinate calculation is transmitted
Zoho Security, Privacy & Compliance Resources
  1. Where can I learn more about Zoho’s overall security practices and policies?
    You can find detailed, official information on Zoho’s security framework, privacy practices, and compliance certifications on Zoho’s Security page: https://www.zoho.com/security.html

    This page explains how Zoho protects customer data, its security controls, and how it manages operational, physical, and infrastructure security.

  2. Where can I read about Zoho’s privacy policies?
    Zoho’s privacy policy explains how personal data is collected, used, stored, and protected.
    Zoho Privacy Policy: https://www.zoho.com/privacy.html

  3. How can I check Zoho’s compliance certifications and standards?
    Zoho’s compliance page lists industry certifications, regulatory standards, and audit reports that Zoho products adhere to.
    Zoho Compliance Details: https://www.zoho.com/compliance.html