Right Menu B2C

Security & CISO Verification

Technical Declaration of Non-Interference for Enterprise Security Officers

Consumer (B2C) Product

Right Menu is offered as a consumer (B2C) product for individual end users. We do not enter into enterprise agreements, custom SLAs, vendor assessments, or data processing agreements (DPAs). This security overview is provided for transparency. For organizations, use the B2B edition for extended support and security collaboration. For questions, contact ciso@open-europe.cz.

Zero Data Exfiltration

100% Local Processing

All worksheet operations — navigation, cross-sheet references, and data validation reports — run entirely within the local Excel process. All data scanning and report generation happens locally on the user's device. No spreadsheet data is transmitted to our servers.

Zero Payload Transfer

No cell content, formulas, sheet names, or workbook metadata leaves your local Excel environment. This can be independently verified by monitoring network traffic.

Minimal Network Footprint

Outbound HTTPS requests are limited to the open-europe.cz domain only. All network traffic is restricted to:

  • License session verification (no Excel data)
  • Anonymous trial provisioning (no personal information, no Excel data)
  • One-time license key submission (key only, no Excel data)
  • Static UI assets

None of these requests contain any Excel cell data, formulas, or workbook content.

Standard Office Add-in

Right Menu is a standard Office Task Pane Add-in that operates within the sandboxed runtime provided by the Microsoft Office platform. No macros, no VBA, no ActiveX.

Privacy by Design

No Access to Your Microsoft 365 Identity

Right Menu does not access your Microsoft 365 user profile, email address, organizational directory, or any other identity information from your Microsoft account.

Anonymous Trials

Trial access requires no personal information. No email, no Microsoft account, and no user identity is needed to evaluate the product.

GDPR Data Minimisation

We collect the absolute minimum data required: an anonymous identifier for trials, and an email address only for paid license holders (provided during checkout). This aligns with the GDPR principle of data minimisation (Art. 5(1)(c)).

No Admin Consent Required

IT administrators can deploy Right Menu without granting any OAuth permissions or third-party application access to the organization's directory.

ReadWriteDocument Permission

The ReadWriteDocument permission is required by the Office Add-in platform for the following features:

  • Read worksheet names, visibility, and tab colors for navigation
  • Activate (navigate to) selected worksheets
  • Insert user-initiated cross-sheet formula references
  • Run the Data Validation Report (scans cells locally for errors, formatting issues, and external links)

All data accessed through this permission is processed locally and is never transmitted to our servers.

Verification Protocol

Install the add-in, use all features with test data, and monitor outbound network traffic with your preferred tool. You will confirm that zero requests contain any Excel cell data.

Microsoft AppSource Certification — Pending

Right Menu is submitted for distribution through Microsoft AppSource and is undergoing Microsoft's certification process, which includes automated security scanning and manual review. This section will be updated upon successful certification.

For detailed information, please review our compliance documentation:

Privacy Policy Terms of Service ciso@open-europe.cz