- Information and Communications Technology
- Application Software
EU-U.S. Privacy Shield Framework: Active
Swiss-U.S. Privacy Shield Framework: Active
Purpose of Data Collection
We process PII submitted by our customers for the purposes of providing the Service to our customers, which typically entails personalizing and facilitating communication with our customers’ sales and marketing leads. Conversica acts as an agent, also known as a data processor, for the PII we process for our customers through the Service. This means that Conversica’s customers determine the type of PII they provide to the Service for Conversica to process on their behalf. Conversica has no direct relationship with the individuals whose PII it receives from its customers and Conversica’s customers are responsible for providing notice to the individuals whose PII will be collected and provided to Conversica. Conversica processes full email and SMS messages, including the header and body of each message, along with any PII contained therein. As a result, it is not possible to list all types of PII that may be processed, however, the PII typically includes: • First names; • Last names; • Email addresses; • Phone numbers; and • Physical addresses. We share PII with our affiliates and our service providers, who process PII on behalf of Conversica, and who agree to use the PII only to perform the Services for us or as required by law. Our service providers include those providing the following services: • data analytics; • API integration software; • cloud-based web and application hosting; • contact data verification; • communications/SMS integration software; • database performance forecasting software; • data loss prevention software; • security software; and • translation software. Our service providers may be located within or outside of the United States and we will require that those third parties maintain at least the same level of data security that we maintain for such PII. Conversica remains liable if its service providers process PII on behalf of Conversica in a manner inconsistent with the Privacy Shield Principles if we are responsible for the event giving rise to the damage. We may also share PII with select business partners that our customers have contracted with and authorized us to disclose the PII in connection with customer’s use of the Service. Some of our service providers may be located outside of Switzerland, the European Union or the European Economic Area (“EEA”). In some cases, the European Commission may not have determined that the countries’ data protection laws provide a level of protection equivalent to European Union law. We will only transfer PII to third parties in these countries when there are appropriate safeguards in place. These may include the Standard Contractual Clauses as approved by the European Commission (“SCCs”). Conversica does not currently use the Privacy Shield as its data transfer mechanism from the EEA and Switzerland, and uses the SCCs as its primary data transfer mechanism for EEA and Swiss PII. The SCCs are formally integrated into our agreements with third parties from whom and on behalf of whom we receive such PII. In addition, Conversica regularly reviews and confirms its compliance with the most up-to-date guidance and obligations on valid data transfer under applicable privacy regulations. If we find it necessary to update the data transfer mechanism used, we will update this Privacy Notice accordingly.
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact Conversica, Inc. at:
VP Legal and General Counsel
Foster City, California 94404
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from Conversica, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against Conversica, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission