GDPR Statement - Talkative
Talkative is familiar with European data privacy (including Data Protection Directive 95/46/EC) and is prepared for the EU General Data Protection Regulation (GDPR).
Talkative has customers and end users in the EU, and is thus affected by GDPR, both as a controller (for customer data, e.g. business information, email correspondence) and a data processor (for our customers' end user data, e.g. web chat transcripts).
As per Article 28, Talkative has several obligations as a Data Processor.
- only act on the documented instructions of the controller (unless required by law to act without such instructions).
- ensure that staff processing the data are subject to a duty of confidence.
- not use a sub-processor without consent from the controller.
- take appropriate measures to ensure the security of processing (Article 32 GDPR).
- assist the data controller in providing the subject access and allowing data subjects to exercise their rights under the GDPR (Articles 15-22 GDPR).
- assist the data controller in meeting its GDPR obligations in relation to the security of processing (Article 32 GDPR), the notification of personal data breaches (Article 33 GDPR) and data protection impact assessments (Article 35 GDPR).
- delete or return all personal data to the controller as requested at the end of the contract.
- submit to audits and inspections, provide the controller with whatever information it needs to ensure that they are both meeting their Article 28 obligations, and tell the controller immediately if asked to do something infringing the GDPR or other data protection law of the EU or a member state.
Talkative maintains rigorous organisational and technical security measures in how end user data is handled, including any personal information located therein and in how the Talkative services assist you in safeguarding data. We continue to evaluate industry standard practices with respect to data privacy and information security and strive to continuously meet or exceed those standards. Talkative employees follow Information Security Training provided by Hut Six Security. More info here: https://support.talkative.uk/security/data-centre-security
Modifying Talkative UI
Talkative stores summarised information for up to 6 months as default. If an agreement is in place this duration can be changed based on your organisation’s requirements.
End users can request that their data is deleted under the right to be forgotten. Talkative interaction logs can be removed in this case. Account holders and supervisors within your organisation can filter to find any information regarding the end user and remove it permanently. Alternatively, authorised Talkative admin staff can also delete data upon request. End users can request their personal data either via your organisation or from this page. Reports containing the end user's details and interaction information can be sent directly from within the interaction logs page to the end user.
Considerations for organisations using Talkative
If your organisation is based in the EU or your customers are EU citizens, you need to two things:
If your organisation is located in the EU, or if your country’s law requires it from your organisation, you can sign a Data Processing Agreement with Talkative.
For any further information, please email firstname.lastname@example.org with your query.