Doc type Privacy Data Sheet
Cisco public
Cisco Meraki Cloud Service
This Privacy Data Sheet describes the processing of personal data (or personally identifiable information) by
Cisco in connection with providing the Cisco Meraki Cloud Service known as “Dashboard” (“Dashboard” or the
“Product”) to companies or persons who acquire it for use by their authorized users.
Cisco will process personal data in connection with providing the Product in a manner that is consistent with
this Privacy Data Sheet. In jurisdictions that distinguish between Data Controllers and Data Processors, Cisco is
the Data Controller for the personal data processed to administer and manage the customer relationship. Cisco
is the Data Processor for the personal data processed by the Product in order to provide its functionality.
1. Overview
The Product is a cloud-based platform that allows customers to centrally configure, manage and monitor their
global deployments of compatible Cisco networking, video and sensor Hardware, Software and corresponding
licenses through a single pane of glass. The suite of compatible Cisco networking products includes
compatible hardware devices (wireless access points, switches, and security appliances/firewalls), surveillance
cameras, sensors, endpoint management (EM) software, and web application and WAN performance software
(such software is referred to in this data sheet as “Software Products”).
Hardware devices deployed in a customer’s network and Software Products, including EM software deployed
on customer-owned assets (e.g. company-owned iPads), collect and transmit limited types of data, including
network ‘metadata’ (such as hardware device configuration data and network usage statistics), to Cisco servers
for the Product. Importantly, the Product’s out of band control plane separates network management data (e.g.
hardware device configuration data and network usage statistics, etc.) from customer user data. The network
management data from connected devices is then transmitted to the Product over a secure Internet
connection. Finally, the Product’s back-end systems process the network management data in order to display
network information to customers via the Dashboard interface.
Generally, customer user data does not flow to the Product, instead flowing directly to its destination on a
customer’s LAN or WAN. That means that, outside a few limited exceptions, only data regarding network
traffic, not network traffic itself, from a customer’s network (e.g. bandwidth used by a device but not actual
files transferred, etc.) is collected or transmitted to Product servers.
Cisco provides 24x7 worldwide technical support for the Product via telephone, email and through the
Dashboard interface. Details on Meraki technical support locations and services are available here:
https://meraki.cisco.com/support. Meraki technical support aims to connect customers with a technical support
engineer in their local region at the time of contact, but customers may be connected with a representative
outside of their local region depending on availability.
The Product integrates with various Cisco products. If you elect to leverage or enable integration between the
Product and another Cisco cloud service or feature, you should review the data sheet of such other cloud
service or feature for information regarding the processing of personal data by that cloud service or feature by
visiting the Cisco Trust Portal. The Product also may be integrated with third-party products. You are
responsible for ensuring you have the proper data protection and contractual agreements in place with any
third parties to whom you elect to send data.
Privacy Enhancing Features of Meraki Products
Out of Band Architecture
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
Subject to few exceptions, only network ‘metadata’ such as hardware endpoint configuration and terminal
device information is collected and sent to Cisco’s servers as a result of the Product’s out of band architecture.
Further details about the Product’s out of band architecture are available here:
https://meraki.cisco.com/trust/#data.
“Single Pane of Glass” Management Portal (Dashboard)
Through the centralized Meraki Dashboard, a customer’s network administrator can access and view all
controls related to their network under a “single pane of glass”. The types of data collected, limitations to data
collection, the granularity of information collected and the duration it’s visible, and warnings and alerts are all
made available to network administrators through the Dashboard. Customers also have the ability to block
Cisco’s access to a customer’s Dashboard account through a simple checkbox feature available in Dashboard.
Customizable Splash Pages
Through Dashboard, customers can deploy a fully-customizable splash page to enable notice to and consent
from (including in the form of a click-through agreement), their individual network users for data collection prior
to allowing them to connect to their network.
Traffic Information and Network Traffic Data Minimization
We process and store traffic information (information about devices that connect to your network) on your
behalf so you can monitor the use and performance of your network and exercise control. Optional Layer 7
traffic analysis and shaping tools available in Dashboard provide an overview of application based traffic to
Dashboard administrators. Applications are based on various types, such as file sharing, social media, email,
etc. Network administrators that choose to turn such features on in Dashboard benefit from having access to
analytics on their network performance and traffic patterns in order to ensure that network resources are being
used appropriately, yet can minimize the information being sent to the Meraki cloud via the Product’s out of
band architecture described above. Customers have the option to turn such features on or off directly in their
Dashboard account.
Privacy Sensitive Packet Capture
The packet capture tool in Dashboard, Intelligent Capture, gives the option to store data from a packet capture
in the Meraki Cloud or send such data directly to the Dashboard administrator’s browser. Cisco also places
limitations on the duration of the packet capture, as well as the number of packets to be captured to limit the
packet capture tool to its intended purposes of network troubleshooting and diagnosis. More information about
Intelligent Capture is available here: https://documentation.meraki.com/General_Administration/Cross-
Platform_Content/Packet_Capture_Overview.
Security
Through Dashboard, Meraki makes available to its customers a number of security features including two-
factor authentication, encrypted administrator passwords, enhanced password requirements, role-based
privileges for network administrators, verified SSL certificates, and auditable change logs and alerts. A further
description of these security tools and best practices is available here: https://meraki.cisco.com/trust#tools.
For the security of Meraki’s back-end architecture, all Meraki datacenters maintain state of the art physical,
technical, and administrative security measures and undergo annual third party certification audits against
industry-recognized security standards such as SOC 2 and ISO 27001. Additional information about Meraki’s
secure storage architecture is available here: https://meraki.cisco.com/trust#storage-architecture. And details
regarding Meraki data centers are available here: https://meraki.cisco.com/trust#data-centers.
Location Analytics
When turned on in Dashboard at the customer’s election, the optional Location Analytics feature makes use of
the ‘probe requests’ sent out by Wi-Fi-enabled devices, like smartphones, to determine if a nearby wireless
network is available. These probe requests contain two pieces of information: the device’s MAC address and a
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
piece of data called the Relative Signal Strength Indicator (RSSI). A compatible Cisco AP detects these probe
requests and, using the MAC and RSSI, determines the device’s proximity to that AP. Cisco specifically built its
Location Analytics feature so that tracking of devices across different customers’ networks is not possible.
Location Analytics cannot tell a Cisco customer where a device was before coming within range of its network
or where the device went after leaving the range of its network. In addition, customers maintain the ability to
turn Location Analytics on or off directly in their Dashboard account. Location Analytics, along with other
privacy sensitive features, is disabled by default for Dashboard organizations created in the Product’s EU
Cloud.
Cisco built its own opt-out web page that individual users can access in order to opt-out their device’s MAC
address from being tracked by ANY Cisco-enabled location analytics feature. Individual users can access this
web page here: https://account.meraki.com/optout. Individual users and customers can learn more about this
opt-out capability here: https://meraki.cisco.com/trust#presence.
Cisco also encrypts the MAC addresses of the devices collected by the Location Analytics feature by first
applying the SHA1 hash function to the MAC address of each device. This type of hash cannot be reversed;
however, it can be replicated. Next, Cisco adds a customer-specific ‘salt’ to the hashing function, which means
that the same MAC results in a different hash on each customer’s network. Last, Cisco truncates the resulting
hashes, reducing the hash from a 6-byte MAC to a 4-byte hash. This introduces ‘theoretical loss’ into the mix,
making it virtually impossible to re-identify a MAC address from the customer-specific, truncated hash. This
process also results in a unique device identifier—necessary in order to offer customers statistical data
regarding how long a device has been near the customer’s network and whether it is a first-time or repeat
visitor—that can never be used to identify a specific device or person. Cisco includes mathematical details of
this encryption in its Location Analytics whitepaper available at:
https://documentation.meraki.com/MR/Monitoring_and_Reporting/Location_Analytics#Privacy_for_Location_A
PI. Cisco does not store these MAC addresses on its servers, except in a de-identified form, and they are not stored on your
hardware. You are responsible for whether and how you configure the API to transfer this data to non-Cisco servers and what
happens to this data following such a transfer.
Cisco also makes a Scanning API available to customers which, when enabled by a customer, allows the
customer to download to a third party designated server the MAC address and RSSI for each device that pings
a compatible Cisco AP in the customer’s network. This data cannot be stored on Cisco servers, and the Meraki
platform does not enable identity tie-in or communication with the individual devices. Customers that choose to
enable the Scanning API in their Dashboard account should review the data privacy considerations and best
practices outlined here: https://developer.cisco.com/meraki/scanning-api/#!introduction.
MV
The Meraki MV platform was designed to transmit footage directly to the administrator’s browser across the
customer’s LAN and, consistent with the Product’s out of band architecture described above, limit the footage
that flows through the Cisco cloud. Each camera is equipped with on-device storage and has enough flash
memory to store up to 30 days’ worth of footage, depending on the configuration. As a result, camera footage
will only be sent to the Cisco cloud when the administrator is viewing the footage remotely or when there is a
device on the LAN which is blocking communication between the camera and the administrator’s computer. In
such a case, a small cloud icon appears in the bottom left of the Dashboard viewing pane, alerting the
administrator that the footage is being transmitted through Cisco servers.
In addition, the MV platform was designed to preclude Cisco personnel from viewing a customer’s camera
footage, including Cisco technical support engineers and software engineers, without a legitimate business
purpose. A customer must specifically authorize access to their camera footage in the Support Case window of
their Dashboard account when requesting Meraki Support. Access to such footage is revoked as soon as the
Support case is closed and logged in a customer-facing Dashboard log. Subject to compliance with internal
policy requirements requiring a legitimate business purpose for any access of customer information, certain
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
limited back-end engineering teams within Cisco may access customer’s camera footage solely in order to
facilitate debugging and other support processes.
Systems Manager (SM)
Meraki Systems Manager offers enterprise mobility management for expanding organizations. If You use
Systems Manager, certain agent software must be installed on the mobile devices, laptops or other devices
You choose to enroll. Depending on the type of device, You will be able to perform remote actions such as
accessing and deleting files, tracking location, enforcing policies, and installing and removing apps on enrolled
devices.
2. Personal Data Processing
The table below lists personal data collected by Dashboard from devices that authenticate to a network using
compatible Cisco products and describes why Cisco processes that data.
Dashboard also allows customers to configure Dashboard fields, including organization names, network names,
network tags, SSID names, user authentication methods and organization address (optional) directly in their
Dashboard account. Customers that wish to avoid inadvertently sending personal data to Cisco should not
include personal data in these fields when configuring their Dashboard account. Cisco may process Dashboard
data, including personal data, for the following basic processing activities: (a) customer service activities, such
as processing orders, providing technical support and improving products, (b) sales and marketing activities as
permissible under applicable law, (c) delivery of the Cisco products, including the Product, and (d) internal
business processes and management, fraud detection and prevention, and compliance with governmental,
legislative, and regulatory requirements.
Type of Personal Data Purpose of Processing
MAC Address ● Access and Authentication Services and
(All products) Communications
● Security Services
● Dashboard Change Management and Logging
● Network Traffic Mapping
● Network monitoring
● Splash Page Authorization Services
● Group Policy Application
● Client Performance Analytics
● Elastic Search
● Cisco global threat intelligence research
MAC Address with Username ● Access and Authentication Services
(Dashboard, MR products, Cisco Catalyst Wireless ● Device Connectivity Mapping and Monitoring
products, MX products, SM product) ● Event Logging
● Network Management
● Splash Page Authorization Services
● Device Management
● Elastic Search
MAC Address with IP Address ● Network Activity Trend Metrics
(MR products, Cisco Catalyst Wireless products, MX ● Elastic Search
products, MG products)
MAC Address with Relative Signal Strength Indicator ● Location Analytics
(RSSI) ● Elastic Search
(MR products, Cisco Catalyst Wireless products)
MAC Address with URL ● Network Activity Monitoring
(MX products, MG products) ● Elastic Search
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
IP Address ● Authentication Services
(All products) ● Splash Page Authorization Services
● Group Policy Assignment
● Location Analytics
● Client Performance Analytics
● Elastic Search
● Cisco global threat intelligence research
Email Address with IP Address ● Login metrics
(Dashboard) ● Elastic Search
Email Address ● Login metrics
(Dashboard) ● Elastic Search
● Marketing communications and advertising
Video ● Video thumbnails
(MV products) ● Video exports
● Motion Metadata
● Network and activity monitoring
● Surveillance
● Elastic Search
Audio ● Surveillance
(MV products) ● Activity monitoring
● Elastic Search
Data Backups ● Backup Dashboard-critical databases
(All products) ● Elastic Search
Unique Universal Identifier ● Analytics
(MR products, Cisco Catalyst Wireless products, MX ● Elastic Search
wireless products)
Client Hostname ● Network Management
(All products depending on name selected by device ● Elastic Search
owner)
Active Directory Server Username, Password and Groups ● Syncing Active Directory server contacts
(SM product depending on name selected by owner) ● User tagging
● Elastic Search
Directory Information (ie: username) ● Assign devices and apps to SM users
(SM product if entered by administrator) ● Elastic Search
User Account Information (ie: username) ● Assign devices and apps to SM users
(SM product if entered by user) ● Reporting
● Elastic Search
● Marketing communications and advertising
LDAP Username ● Performance analytics
(MI product) ● Elastic Search
International Mobile Subscriber Identification Number ● Network Monitoring
(MG products) ● Elastic Search
Mobile Subscriber Integrated Services Digital Network ● Network Monitoring
Number ● Elastic Search
(MG products)
Note on Meraki Go products: Personal data elements collected via MR, MX and MS products also apply to
Meraki Go products. Meraki Go devices are small business-oriented versions of Meraki enterprise grade
products.
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
3. Data Center Locations
The Product is colocated in tier-1 datacenters and select public cloud service providers (together, “data
centers”). These data centers hold certifications against industry leading standards, such as SOC 2 and ISO
27001, and feature state of the art physical and cyber security and highly reliable designs. All Dashboard
services are replicated across multiple independent data centers, so that customer-facing services fail over
rapidly in the event of a catastrophic datacenter failure. Further information about the Product’s data centers is
available here: https://meraki.cisco.com/trust#data-centers.
Cisco offers multiple regions where customers can choose to host Dashboard data, including, but not limited
to, an EU cloud with data centers located in the EU, a China cloud with data centers located in China and a
Canada cloud with data centers located in Canada. Additional information about the location of data centers
and where Cisco hosts Dashboard data is available here:
https://documentation.meraki.com/zGeneral_Administration/Privacy_and_Security/Dashboard_Data_Storage_
Privacy_and_Security.
Note:
● Customer networks configured to operate in the Product’s EU cloud can ensure that network
management information is stored in the European Economic Area (EEA), including failover and back-
up. Instructions to ensure that Customer Data is stored in the EEA are included in the Product’s EU
Cloud Configuration Guide here:
https://documentation.meraki.com/zGeneral_Administration/Privacy_and_Security/EU_Cloud_Configur
ation_Guide.
● Information for users of the Product’s Canada cloud is available here:
https://documentation.meraki.com/General_Administration/Cross-
Platform_Content/Cisco_Meraki_Canada_Region.
● Information for users of the Product’s China cloud is available here:
https://documentation.meraki.com/zGeneral_Administration/Support/Information_for_Users_in_China.
● Information for users of Meraki’s India cloud is available here:
https://documentation.meraki.com/General_Administration/Cross-
Platform_Content/Cisco_Meraki_India_Region.
● Dashboard account registration data, some of which is optional at the time of account setup, including
account owner email address and company name, will be synced with other Cisco global data storage
locations in North America and Asia Pacific, excluding China, Canada and India. Additional information
is available here:
https://documentation.meraki.com/General_Administration/Organizations_and_Networks/Data_Stored
_on_the_Meraki_Primary_Controller.
4. Cross-Border Data Transfer Mechanisms
Cisco leverages the following transfer mechanisms to enable the lawful use of data across jurisdictions:
● Binding Corporate Rules (Controller)
● APEC Cross-Border Privacy Rules
● APEC Privacy Recognition for Processors
● EU Standard Contractual Clauses
● EU-U.S. Data Privacy Framework and the U.K. Extension to the EU-U.S. Data Privacy Framework
● Swiss-U.S. Data Privacy Framework
5. Access Control
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
Access to the Product’s cloud architecture and production systems is tightly controlled. Cisco maintains
Payment Card Industry (PCI) Level 1 certification and PCI-compliant access control policies for the Product,
and all developer access is performed exclusively over encrypted connections to secure and hardened
infrastructure. Password-based authentication for login is disabled and all access requires PKI-based
authentication.
User rights and permissions to Cisco systems and applications related to the Product are assigned based on
employee role and relevant Cisco teams have access to Dashboard data exclusively for the purpose of
providing the Cisco products. Subject to compliance with internal policy requirements requiring a legitimate
business purpose for any access of customer information, back-end engineering teams within Cisco may
access customer’s Meraki’s products solely in order to facilitate debugging and other support processes.
Cisco does not use contractors or consultants for software development or to administer its production
systems in relation to the Product. Access is further restricted by username and password.
Customers also have the ability to block Cisco’s access to their Dashboard account through a simple checkbox
feature available in Dashboard.
Finally, Cisco employs all necessary provisions to ensure that customer data cannot co-mingle and cannot be
accessed by other customers. These provisions also ensure that each ‘Organization' within Dashboard is
independent of all other Organizations. To protect customer data stored by Cisco, Cisco has logically
separated the data elements for each customer. Customer information is stored in an "Organization" with the
configuration for their Networks and Devices within the Organization. The Organization ID is a unique attribute
that identifies and links the customer's data. No customer can see data linked to another customer's
Organization ID.
6. Data Portability
Dashboard data is accessible by the customer via the Dashboard interface, subject to the deletion time periods
described below. Customers may also download Dashboard data into CSV files directly from their Dashboard
account or use a Meraki API endpoint to facilitate personal data access and export requests from users of their
networks. More information about the data access and portability API endpoint is available here:
https://documentation.meraki.com/zGeneral_Administration/Privacy_and_Security/Meraki_Data_Privacy_and_
Protection_Features#API_Endpoints.
7. Data Deletion and Retention
Customer data is deleted from the Product’s EU cloud servers on a rolling 14-month basis. This time period
supports the features of Dashboard that enable the user to view up to 12 months of past network monitoring
data. The additional two months of retention time accounts for deletion of such data from backup servers. To
make use of the EU cloud, customers must select the EMEA region at the time of Dashboard account creation.
Details of how to select the EMEA region are available here:
https://documentation.meraki.com/zGeneral_Administration/Privacy_and_Security/EU_Cloud_Configuration_G
uide. Customer data is deleted from Meraki servers in all other regions on a rolling 26-month basis.
Note that separate from our servers, Dashboard data is also retained in a third-party data warehouse for data
science and analytics purposes. Such data will be deleted from such warehouse after seven years or upon your
request at https://privacyrequest.cisco.com/, whichever occurs earlier.
Customers may use a Meraki API endpoint to delete personal data in Dashboard, either for themselves, or in
response to a data subject request under local privacy regulations. Such API endpoint may also be used to
restrict personal data processing. More information about the deletion and restriction API endpoints is
available here:
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
https://documentation.meraki.com/zGeneral_Administration/Privacy_and_Security/Meraki_Data_Privacy_and_
Protection_Features.
8. Personal Data Security
The Product adopts technical and organizational security measures as required by law and in accordance with
industry standards to protect customer data from unauthorized access, use or disclosure. A list of technical
and organizational measures applicable to the Product is publicly available at:
https://meraki.cisco.com/lib/pdf/eu_technical_organizational_measures.pdf.
Information about Dashboard data encryption is described in the table below.
Data Type Treatment
Data in Transit (between compatible Cisco hardware endpoints and the Cisco cloud) Encrypted
Data in Use (i.e. data stored on servers in the primary and secondary datacenters) Encrypted
Data at Rest (i.e. data stored in the tertiary backup locations) Encrypted
9. Sub-processors
Cisco may from time to time partner with service providers who contract to provide the same level of data
protection and information security that customers can expect from Cisco. A current list of third party service
providers that have access to and process personal data in order to provide the Product is available here:
https://meraki.cisco.com/trust#subprocessors.
10. Information Security Incident Management
Breach and Incident Notification Processes
The Information Security team within Cisco’s Security & Trust Organization coordinates the Data Incident
Response Process and manages the enterprise-wide response to data-centric incidents. The Incident
Commander directs and coordinates Cisco’s response, leveraging diverse teams including the Cisco Product
Security Incident Response Team (PSIRT), the Cisco Security Incident Response Team (CSIRT), and the
Advanced Security Initiatives Group (ASIG).
PSIRT manages the receipt, investigation, and public reporting of security vulnerabilities related to Cisco
products and networks. The team works with Customers, independent security researchers, consultants,
industry organizations, and other vendors to identify possible security issues with Cisco products and networks.
The Cisco Security Center details the process for reporting security incidents.
The Cisco Notification Service allows Customers to subscribe and receive important Cisco product and
technology information, including Cisco security advisories for critical and high severity security vulnerabilities.
This service allows Customers to choose the timing of notifications, and the notification delivery method (email
message or RSS feed). The level of access is determined by the subscriber's relationship with Cisco. If you
have questions or concerns about any product or security notifications, contact your Cisco sales representative.
11. Certifications and Compliance with Privacy Requirements
The Security & Trust Organization and Cisco Legal provide risk and compliance management and consultation
services to help drive security and regulatory compliance into the design of Cisco products and services. The
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
� Doc type Privacy Data Sheet
Cisco public
Product is built with privacy in mind and is designed so that it can be used in a manner consistent with global
privacy requirements.
Further, in addition to complying with our stringent internal standards, Cisco also maintains third-party
validations to demonstrate our commitment to information security.
12. Exercising Data Subject Rights
Users whose personal data is processed by the Product have the right to request access, rectification,
suspension of processing, or deletion of the personal data processed by the Product.
We will confirm identification (typically with the email address associated with a Cisco account) before
responding to the request. If we cannot comply with the request, we will provide an explanation. Please note,
users whose employer is the Customer/Controller, may be redirected to their employer for a response.
Requests can be made by submitting a request via:
1) the Cisco Privacy Request form
2) by postal mail:
Chief Privacy Officer
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
UNITED STATES
Americas Privacy Officer APJC Privacy Officer EMEAR Privacy Officer
Cisco Systems, Inc. Cisco Systems, Inc. Cisco Systems, Inc.
170 W. Tasman Drive Bldg 80, Lvl 25, Mapletree Biz Haarlerbergweg 13-19, 1101 CH
San Jose, CA 95134 City, Amsterdam-Zuidoost
UNITED STATES 80 Pasir Panjang Road, NETHERLANDS
Singapore, 117372
SINGAPORE
We will endeavor to timely and satisfactorily respond to inquiries and requests. If a privacy concern related to
the personal data processed or transferred by Cisco remains unresolved, contact Cisco’s US-based third-party
dispute resolution provider. Alternatively, you can contact the data protection supervisory authority in your
jurisdiction for assistance. Cisco’s main establishment in the EU is in the Netherlands. As such, our EU lead
authority is the Dutch Autoritiet Persoonsgegevens.
13. General Information
For more general information and FAQs related to Cisco’s Security and Privacy Program please visit The Cisco
Trust Center.
Cisco Privacy Data Sheets are reviewed and updated on an annual, or as needed, basis. For the most current
version, go to the Personal Data Privacy section of the Cisco Trust Center.
To receive email notifications of updates to the Privacy Data Sheet, click the “Subscribe” link in the upper right
corner of the Trust Portal.
©2024 Cisco and/or its affiliates. All rights reserved. Version 5.0, November 13, 2024
Cisco Confidential
