Industries
- Information and Communications Technology
- Software
- Application Software
Participation
UK Extension to the EU-U.S. Data Privacy Framework Framework: Active
EU-U.S. Data Privacy Framework Framework: Active
Swiss-U.S. Data Privacy Framework Framework: Active
Purpose of Data Collection
Conversica provides conversational AI-powered services (“Services”) to businesses and other organizations (our “Customers”) to help them grow their revenue by attracting, acquiring, growing, and better serving their customers. AI powers the conversations conducted by Conversica revenue digital assistants (“RDAs”) which Customers deploy for this purpose in a growing number of different conversation channels such as chat, email, and SMS text. Conversica processes personal data submitted by Customers for the purposes of providing the Services to our Customers, which entails personalizing and facilitating communications with our Customers’ sales and marketing leads as well as existing customers. Conversica acts as a data processor for the personal data we process for our Customers through the Services. Our Customers determine the type of personal data they provide to the Services for Conversica to process on their behalf. Conversica has no direct relationship with the individuals whose personal data it receives from its Customers (except, perhaps, Customer’s authorized users of the Services) and Conversica’s Customers are responsible for providing notice to the individuals whose personal data will be collected and provided to Conversica. Conversica processes full email and SMS messages, including the header and body of each message, along with any personal data contained therein. As a result, it is not possible to list all types of personal data that may be processed. However, the personal data typically includes: • First names; • Last names; • Email addresses; • Phone numbers; and may include • Physical addresses. We share personal data with our service providers (“Subprocessors”) who process personal data on behalf of Conversica in order for Conversica to provide the Services to its Customers. These Subprocessors agree to use the personal data only to perform the Services for us or as may be otherwise required by law. The Subprocessors include those providing the following services: • data analytics; • API integration software; • cloud-based web and application hosting; • contact data verification; • communications/SMS integration software; • database performance forecasting software; • data loss prevention software; • security software; and • translation software. We require our Subprocessors to maintain at least the same level of data security that we maintain for such personal data. Conversica remains liable if its Subprocessors process personal data on behalf of Conversica in a manner inconsistent with the Data Privacy Framework principles if we are responsible for the event giving rise to the damage. We may also share personal data with select business partners (such as CRM platform providers) with whom our Customers have contracted and authorized us to disclose the personal data in connection with Customers' use of the Services. With respect to personal data transfers from the European Union, European Economic Area, United Kingdom (“UK”), and Switzerland (collectively “Europe”) to Conversica in the United States, Conversica relies upon, complies with, and certifies to the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework program (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. With respect to personal data transfers from Europe to Subprocessors, if any, outside the United States, we will only transfer personal data to such Subprocessors if and when there are appropriate data transfer safeguards in place. These may include applicable Standard Contractual Clauses approved by the European Commission. Conversica regularly reviews and confirms its compliance with the most up-to-date guidance and obligations on valid data transfer under applicable data protection and privacy regulations. If we find it necessary to update the data transfer mechanisms used, we will update our Privacy Policy accordingly.
Privacy Policy
Non-HR Data
Conversica Privacy Policy
Verification Method
Self-Assessment
Dispute Resolution
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact Conversica, Inc. at:
Director Information Security
SAN MATEO, California 94402
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from Conversica, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against Conversica, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission