Salespeak + GDPR
OVERVIEW.
Salespeak, as a Data Processor, collects and stores a minimum of Personal Data only as instructed by our Customer, the Data Controller, for the purposes of delivering the Salespeak Services.
This page will cover:
- The data we collect and store on behalf of our customers.
- How we comply with GDPR with respect to obtaining consents, honoring Data Subject Requests, putting in place the appropriate contracts, and maintaining appropriate safeguards.
- Our sub-processors and what we do to ensure they keep customer data safe.
Looking for more information? Here are some reference pages:
THE DATA WE COLLECT AND STORE.
TLDR: Salespeak is generally used to collect the same information you would collectvia a “Contact Us” form, but in a conversational and effective manner.
Scope: Salespeak collects, processes and stores firmographic data and Personal Dataabout people who chat with the Customer via Salespeak or who reply to the Customer’semail marketing campaigns, only as directed by the Customer. Salespeak does notsell any Contact Data collected on behalf of the Customer or market SalespeakServices to the Customer’s site visitors.
Categories of Data Subjects:
- Customer’s end-user customers or prospects
- Customer’s employees or other authorized users or administrators of Salespeak
Categories of Personal Data:
- Name
- Contact information (company, business email address and phone number)
- IP Address*
- Cookie Data**
*Salespeak will only use the IP address for data enrichment, i.e. to determine if it isassociated with a business and then give you additional information re: that businesssuch as industry and # of employees).
**Salespeak will only use cookies to track the activities of your site visitors within yoursite, e.g. whether they visited a particular product page or the pricing page beforeengaging with the messaging widget. Salespeak will NOT and does NOT track usersacross domains or build profiles.
HOW WE COMPLY WITH GDPR.
COLLECTING CONSENTS.
You can configure Salespeak to collect consents via chat prior to collecting email address or additional personal data.Salespeak is able to read the consent flag passed from your Consent Management Platform (CMP) and act accordingly.
APPROPRIATE SAFEGUARDS.
Per Article 32 of the GDPR and the requirements of the Standard Contractual Clauses, we have in place appropriate technical and organizational measures to keep your data secure. All data is securely stored in Amazon Web Services. Please visit our Security Page for additional information on how we keep your data secure.
CONTRACTS.
We have in place the appropriate Data Processing Agreements (DPAs) with all vendors and sub-processors that process data on our behalf. Check out the Sub-processor section below for more information on how we vet and contract with our sub-processors.
HONORING DATA SUBJECT RIGHTS.
We have processes in place to honor data subject requests. Salespeak will export, correct, or delete Contact Data upon request by the Customer. If we receive a request directly from a Data Subject, we will work with the Customer to honor the request.
OUR SUBPROCESSORS.
Some important notes on sub-processors:
- We have a diligence process to ensure that we only trust parties who have stringent standards regarding the safety and security of Personal Data.
- We have in place Data Processing Agreements with all of our sub-processors.
- We rely on a combination of DPAs, execution of EU Standard Contractual Clauses, and transfer impact assessments where data is being transferred across borders.
- We will notify you of new sub-processors via our Sub-processor Notification Process and give you an opportunity to object.
Here is a list of our sub-processors: