Commitment to GDPR
Our pledge to data protection and right of individuals to data
Control over personal data is a fundamental right of every individual. With organizations across the world collecting customer data to enable them to provide services, it becomes important that companies manage data in a transparent manner with the customer’s consent.
GDPR, stands for “General Data Protection Regulation”. It is one of the most important changes made to data privacy regulations in the last two decades. It establishes a new framework for handling and protecting the personal data of EU-based residents and is in effect since May 25, 2018. It provides the citizens of the EU greater control over their personal data and assures them that their information is protected.
Our commitment to GDPR
We are fully GDPR compliant since the 25th of May 2018. Over the past few months, multiple internal teams have been working towards making sure that we are aligned to the GDPR framework. Also, we’ve built product features for greater privacy and data control.
As an organization, Adesyon has always implemented and practiced processes which ensure that customer data is stored and processed in ways necessary only to serve our customers in the best possible way. Our privacy, security and data storage policies are also streamlined with the GDPR goals and objectives.
GDPR Readiness Initiatives at Adesyon
Adesyon is committed towards upholding the underlying principles of GDPR and here are some of the initiatives we’ve undertaken.
Customer’s Personal Data with Adesyon
Privacy by Design and Default
Programs, projects, and processes at Adesyon are aligned to Privacy Principles right from the inception of an idea or project, thereby supporting Privacy by Design and Default principles.
Individual Rights, Subject Access, and Communication
The GDPR program thoroughly evaluates how Adesyon, both as a data controller and processor, is placed with its existing procedures for readiness to
- Provide rights of individuals under GDPR
- Assist customers in responding to data access requests from individuals.
Features built for GDPR readiness
Right to be Forgotten
Adesyon lets you delete customer/agent data permanently. You can delete the customer/agent’s profile and all the data associated with it like tickets raised by them, team huddle discussions, phone conversations, chats, satisfaction ratings provided, topics created and discussions in forums.
A delete or an export request from a customer would have to be routed via the admin who validates if the requestor is genuine.
End-User Profile Deletion
Adesyon currently supports the deletion of end-user profile information with an option of soft delete as well as permanent delete which will erase all associated data like tickets, forums, calls and so on.
Agent Profile Deletion
We currently support the deletion of Agent profile information with soft delete and permanent delete options where all their contributions like knowledge base articles, tickets and team huddle discussions are anonymized and all PII (Personally Identifiable Information) is deleted forever.
Users of Adesyon can delete tickets. In doing so, all team huddle discussion associated with the ticket are deleted along with it.
Attachment and Image Deletion
Customers can delete attachments and images by deleting the support tickets to which those attachments and images are attached.
Right to Portability
Adesyon supports export request from customers. A customer can export user contact details, tickets of the user, forums the user has contributed to with the respective APIs.
An export request from a customer would have to be routed via the admin who validates if the requestor is genuine.
User profile can be accessed using the API. You may want to only export fields visible to the customer using ‘displayed_for_customers’ property of the API
Tickets of the User
List Ticket by Requestor using List Tickets API
Access conversations by Ticket Id
- Loop through all tickets of the user and use the API to fetch conversations
- Use only public notes for export by using the ‘private’ property in the response
Forum contributions of the User
User contribution to forums can be accessed using the API.
Satisfaction ratings of the User
The users’ provided satisfaction rating can be accessed vía API.
Right to Rectification
The GDPR includes a right for individuals to have inaccurate personal data rectified or completed if it is incomplete. End-users and agents in Platform can rectify any errors in their personal data by editing their profiles.
Note: We will be updating the above section continuously with our latest road map and progress.
Do I need to move my data to an EU data centre?
- GDPR does not require EU personal data to stay in the EU, nor does it place any new restrictions on the transfer of personal data outside the EU. GDPR only mandates that such transfers be legitimized through any of the mechanisms provided in the regulation.
- Adesyon supports both EU-US Privacy Shield Certification and Model Contractual Clauses for data transfer provided in the regulation.
We, at Adesyon, are committed towards providing a product which enables our customers to provide customer service responsibly by implementing and adhering to prescribed compliance policies, both as a data controller and processor. The upcoming GDPR enforcement is critical to our mission of providing EU and all our global customers with safe and dependable customer support software.
Disclaimer: This is for informational purposes only and should not be relied upon as legal advice or to determine how GDPR might apply to you and/or your organization. We encourage you to obtain independent professional advice, before taking or refraining from any action on the basis of the information provided here.