Privacy Policy

Introduction

 

Welcome to converse360’s Privacy Policy, effective 1st January 2020. Please read this agreement carefully before accessing our Platform or using the website.

 

converse360 is a UK-based business to business technology provider whose service automation platform enables dynamic self-service experiences on demand. “Service” refers to the Company’s services accessed via various interfaces, in which users can utilise service automation technology. The terms “we,” “us,” and “our” refer to the converse360. “You” refers to you, as a user of our Site or our Service; note that if you are accessing or using the Services on behalf of your company, you represent and warrant that you are authorised to accept this Agreement on behalf of your company, and all references to "you" or "Customer" reference your company.

 

This Agreement applies to all visitors, users and others who wish to access or use our Services.  Please review the following terms carefully. By accessing or using the Service, you signify your agreement to these Terms of Use. If you do not agree to be bound by these Terms of Service in their entirety, you may not access or use the Service.  

 

This page informs you of our policies and practices regarding the collection, use and disclosure of information which personally identifies you (“Personal Information”) when you use our Services. We will not use or share your information with anyone except as described in this privacy policy (the “Privacy Policy”). We use your Personal Information for providing and improving the Services. By using the Services, you agree to the collection and use of your Personal Information in accordance with this Privacy Policy. For further detail of UK-GDPR compliance and the processing of data please see our UK-GDPR Policy.  In addition converse360 has outlined the security measures it undertakes when collecting your data, please see our converse360 Security Measures terms for more information.

 

Changes to these terms: converse360 may modify the Privacy Policy. We will use reasonable efforts to notify Customer of the changes through communications via Customer's account, email, or other means in advance of the effective date. 

 

General Personal Data Terms 

 

Personal Information Collection and Use

We may ask you to provide us, or third parties may provide us, with certain Personal Information that can be used to contact or identify you. Personal Information may include, but is not limited to, your name, postal address, email address, phone number, your organisation, and authentication data. We collect Personal Information for the purpose of providing and improving our Services, identifying and communicating with you about our Services, responding to your requests/inquiries, servicing your Purchase Orders, and to communicate with you about our Services, articles published and promotions.

Please note, we only process your information when we have the legal basis to do so. That is, we will only process your Personal Information when:

  • We need it to provide you the Services.

  • You give us consent for a specific purpose; or

  • It satisfies converse360’s legitimate interests (which are not overridden by your data protection interests), such as for improving, marketing, and promoting the Services and protecting our legal rights.

  • We need to process your data to comply with our legal obligations.

 

How Long We Keep Your Personal Information

How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

 

Account Information

We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, it will be anonymised and used to uncover collective insights about the use of our Services, not to specifically analyse personal characteristics about you.

 

 

Types of Personal Data Processed

There are 2 broad categories of personal data that we process:

User Data: The information collected and generated about End Users’ interactions with a Virtual Assistant using our Platform.

Subscriber Data: The information we collect about current and prospective subscribers through our website, by our sales team, or provided to us through the process of signing up to use our Platform.

User Data

We offer our Platform to subscribers and they then allow End Users to interact with converse360 Virtual Assistants. There are several ways a subscriber can utilise our Platform, this will consequently change the type of User Data that we have access to and use. We require each of our subscribers to consider their particular use of our Services and share with End Users correct information about the User Data that is being collected and gain the consents that are required.

 

The User Data we collect and use during any given interaction with a Virtual Assistant may be more or less than the description of the User Data we collect in this Privacy Notice, depending on how a subscriber has configured our Platform.

 

User Data we may collect

  • Information to identify and verify a user, including but not limited to Username, email address, phone number

  • Transcripts of the conversation: We may collect text transcripts of what an End User has said or written to a converse360 Virtual Assistant, and what the Virtual Assistant has said or written in reply.

  • Audio from an End User: We may collect audio of what an End User is saying to a converse360 Virtual Assistant and the Virtual Assistants response

  • IP addresses of End Users: We may collect IP addresses of End Users who have interacted with a Converse360 Virtual Assistant. 

 

How we use User Data

User Data is primarily used to allow End Users to interact with converse360 Virtual Assistants and User Data is necessary for that purpose, and/or because we have an End User’s consent to use it. Specifically, we use it to:

  • Enable a Virtual Assistant to understand an End User: We use conversation transcripts and audio data so that a converse360 Virtual Assistant can understand what an End User is saying to it. To do this, we share text and audio data with third party service partners who provide Natural Language Understanding processing to understand dialog. Neither they nor we store any audio User Data once we have completed the transcription.

  • Enable the converse360 Virtual Assistant to behave appropriately: We use text transcripts to allow the Virtual Assistant to behave more intelligently. For example, to highlight a lack of conversation understanding so that training can be given.  

  • Troubleshoot problems with the Platform: We may inspect conversation transcripts or audit logs containing IP addresses if we are investigating a problem with our Platform that we have been made aware of.

 

Aside from third party service partners who help us utilise the User Data in this way, we do not share or sell User Data to anyone unless we have consent, a legal requirement to do so, or are acting on lawful instructions from a subscriber.

 

Subscriber Data we collect

  • Information you provide to us: You may provide us Subscriber Data such as your name, email address, phone number when signing up for an account to use our Platform, exchanging information with our team at an event, or communicating with a Virtual Assistant on our website to receive more information or to contact us.

  • Information an Account Owner provides to us: You may be granted access to our Platform by an Account Director or someone else who is authorised [See Terms of Service]. During this process, they may provide us Subscriber Data including your email address.

  • Information we collect automatically: The converse360 website [https://www.converse360.co.uk/] collects some information automatically when you visit. This includes browsing behaviour, preferences and browser device details. Some of this information is collected using cookies or other similar tracking approaches depending upon whether you accept cookies and what your cookie settings are set to.

  • Information we get from third parties: Whilst converse360 collects most Subscriber Data directly from you, we may also collect data about you from other sources such as publicly available information, or from trusted third parties like marketing and research partners. We use this information to supplement and ensure the accuracy of the data we already hold about you.

 

How we use Subscriber Data

Our interest in using your Subscriber Data is because we are required by contract to provide you with our Services, because we have your consent to use it, or have a legitimate interest in that data. Specifically, we use it to:

  • Provide you access to our Platform: We use it to enable you to register, login and access our Platform, use it to invoice you and to support you on our Platform.

  • Communicate with you: We also use it to communicate any important information about our Platform, to provide you with the information you have requested, and also send you marketing communications. You are always able to control what types of communications you receive from us and may withdraw your permission from any processing activities that use consent as the lawful basis.

  • Improve our converse360 website: We use it to understand how people are using our website [https://www.converse360.co.uk/] and how we can improve it to provide a better experience for visitors.

  • For marketing purposes: We use Subscriber Data to display targeted advertising to you online, on our own websites, or through third party websites and their platforms. 

 

 

How we share your data

There will be times when we need to share your Subscriber Data with third parties. This data will only be shared with:

  • Third-party service providers who provide functionality on converse’s website or support us in our marketing and promotion of our Platform to you.

  • Regulators, law enforcement bodies, government agencies, courts or third parties where we think it is necessary to comply with applicable laws or regulations or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure.

  • Other people where we have your consent. 

 

Listed below are the five main Third Party Organisations we utilise to provide our platform and with these are the URL links to their specific Policy Procedures for retention of data.

·        Amazon -  https://www.amazon.co.uk/gp/help/customer/display.html?nodeId=502584

·        Google - https://policies.google.com/privacy?hl=en-US

·        Microsoft - https://privacy.microsoft.com/en-gb/privacystatement

·        IBM - https://www.ibm.com/uk-en/privacy

·        Voximplant - https://voximplant.com/legal/privacy

 

 

Where we process data [Both User and Subscriber]

  • Data transfers: When we share data, it may be transferred to, and processed in, countries other than the country you live in where many of our third-party service providers are located. Data is only transferred in order for our technology to understand the conversations and improve the service. In these cases, measures are taken to ensure your data remains protected.

  • Transfers outside of the UK and Europe: For individuals in the UK or the European Economic Area (EEA), your data may be transferred outside of the UK or the EEA. Where Subscriber Data is transferred outside the UK or the EEA, it will only be transferred to countries that have been identified as providing adequate protection for UK or EEA data, or to a third party where we have approved transfer mechanisms in place to protect your Personal Data – for example, by entering into the European Commission’s Standard Contractual Clauses.

How we keep it secure

  • Our approach: We employ several technical measures and processes to protect your personal data. These security measures are different depending on the type of data and what we are using it for. All data is stored in UK Datacentres. See our converse360 Security Measures for further information.

  • Service providers: We also take steps to ensure our service providers also have appropriate security measures in place to protect any personal data they are processing on our behalf.

 

Security of Personal Information

The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorised access, destruction, use, modification, or disclosure. We understand that no method of transmission over the internet, or method of electronic storage is 100% secure but we do everything we can to guarantee the absolute security of the Personal Information we have collected from you.

Your rights

If you have questions about, or want to make changes to the data we process, regarding converse360's Privacy Notice. You can exercise your rights to your personal information under EU GDPR and UK Data Protection by emailing support@converse360.co.uk. E-mails to this address are logged and tracked to closure. converse360 aims to resolve any requests within 30 days, but sometimes may seek additional information to verify data subject identity prior to fulfilling requests to disclose, alter or delete information we would otherwise consider confidential.

 

converse360 makes sure that your personal information is collected lawfully and fairly. Using reasonable endeavours to make sure it remains accurate, relevant and is not excessive for the purpose it is collected for. We do not re-purpose personal information we collect. We retain personal information for no longer than is necessary (although the duration varies depending on the nature of the data - CCTV images are not kept.

 

Your personal information is held in systems where we employ procedural and technical controls to minimise risks to the security (Confidentiality, Integrity or Availability) of the data. If we are ever breached, depending on whether we are acting as a controller or processor of the data, we will follow the UK ICO guidelines, and any data subjects that are at risk will also be informed. We use a process of continual security improvement - protection and testing - to minimise risk and ensure that our information systems are resistant to modern cyber threats.

 

We will not unreasonably turn down any well-formed subject access request to have personal information deleted from our information systems. If we do, there is a chance that your personal information may reappear in our information system during the normal course of our business activities (e.g. in data we purchase from third parties from time to time).

 

Security of the personal information we collect

converse360 is constantly reviewing and improving its information security standards. We continue to add Information Security Management processes, policies, tools and assessments to meet our regulatory obligations.  This is further outlined in converse360 Security Measures.

 

Where we store the information, how long do we store information

We make use of third-party processors for some of our applications (e.g. CRM application, e-mail services) handling personal information flows - many of them store and process data in data centres across the world.

 

We have mapped our information flows and converse360 is satisfied that our processors meet the standards for security that we expect for ourselves and our data subjects. We have set internal policies on retention duration which is different for each information flow based on the principle of storage limitation and secure disposal/deletion.