The Personal Data and Browser Data (here-in-after collectively referred to as “Data”), automatically
collected from this website (here-in-after the “Site”), by means of automated systems or freely entered by
the User or the Interested Party, are collected for the purposes, and processed, as follows below.
PARTIES PROCESSING THE DATA
Vivocha S.p.A. | Via dei Valtorta, 47 – 20127 Milano (MI) Italy | VAT# IT03423450927 | email
firstname.lastname@example.org | email@example.com |
“Contact details of the Company DPO’s: email firstname.lastname@example.org “.
The Data that may be collected by this Site are name, surname, address, phone number, email, fax, social security number, IP address and other Data relating to the User’s identity or technical access to the Site by the User.
The User must be able to transfer his/her personal data from one computer system to another without the data controller being able to prevent it.
The Browser Data referring to the technical use of the Site must be collected, and transfer is not optional. The User may freely provide the remaining Data, including personal information, unless it is expressly indicated otherwise.
Failure to process certain Data (e.g. contact details, or addresses, or data concerning behavior or user preferences, etc.) may make it impossible for the Site to provide its services.
If the User utilizes the Site to publish or otherwise share Personal Data with third parties, he or she assumes full responsibility: the User states possession of the right to communicate or disclose personal data to third parties, and that they have received prior information thereto, thus relieving the Site of all responsibility for their improper use following disclosure or dissemination.
Method of Processing
The Data Controller processes the Data of the Interested Parties and Users in a lawful and proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the Data. Processing is carried out using computers and / or telematic means, with organizational methods and logics strictly related to the stated purposes. In addition to the owner, in some cases, access to the Data may be available to personnel involved in the organization of the Site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, mail carriers , hosting providers, IT companies, communications agencies) appointed, if necessary, as Managers by the Owner of the Processing procedure. The updated list of Managers can be requested from the Owner by contacting the above address at any time.
The Data are processed at the headquarters of the Data Controller. Any processing of Data outside one of the EU Member States may require the consent of the User or the Interested Party.
The Data are kept for the time necessary to perform the service requested by the User, who shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay.
The provision of the service or delivery of goods for sale purchased on the Site, and more generally, for administrative and accounting or technical purposes;
- The Provision Of The Service
- a response to specific requests for information by the User;
- a User update on new products or services provided by the Site or concerning particular business offers;
- the User to be informed of any Site maintenance or inconvenience;
- any commercial profiling of the User;
- to display banners related to User interests (behavioral targeting / advertising);
- defense by the Website Owner, in court or in the stages leading to possible legal action, against improper use of the same or related services by the User.
Some forms of processing (sending promotional information, commercial profiling, behavioral advertising, geolocation, etc.) may require the express consent of the User or the Interested Party.
Specific information may be shown on the pages of the Site in connection with particular services or processing of Data provided by the User or by the Interested Party.
The use of Data for additional purposes by the Data Controller, or for services for which it is necessary to collaborate with third parties, listed below, may in some cases require the free and specific consent of the User or the Interested Party.
Registration (This Website) The registered User consents to provide his/her Personal Data to enable the execution of the services by the Website, and/or the purchase of products sold on this Site The personal data collected are: First Name, Last Name, Email, Phone number and Company name.
PURPOSE OF THE INFORMATION COLLECTED AND SERVICES UTILIZED ON THE WEBSITE
The purpose of the treatment of the personal information, the personal information collected and any suppliers of third party services involved are mentioned hereinafter.
The Comment services allow Users to formulate and share their views on the content of the Site.
Disqus is a service that allows the display and exchange of Users’ comments on this Site. The Personal Data are collected by Big Heads Labs Inc, USA, a company that adheres to the Privacy Shield Policy Framework and ensures General Data Protection Regulation safety standards. Personal Data are collected using permanent cookies, session cookies, or provided voluntarily by the User. The Personal Data collected are used to give notice to the User of the comments left on the Website and to provide, directly or indirectly, commercial information, including sending out newsletters. The User is solely liable for the information provided in the discussion windows and no liability is assumed for the use of such information by third parties. Place of Data Processing: USA More information: docs.disqus.com/help/30/ The personal data collected are: Cookie and IP.
The services contained in this section, provided by third parties, are used to track User behavior and, in case of profiling, they can require the User’s express consent.
Google Analytics (Google)
Google Analytics is a web analysis service supplied by Google, Inc. (“Google”), which uses “cookies” to collect Users’ Personal Data which are forwarded to, and deposited on, Google’s servers in the United States. Google uses the Data collected to (i) track and examine the Website’s usage, (ii) prepare reports on the Website’s activities for the website managers and (iii) supply other optional services. Google may use the Data collected to carry out behavioral targeting of the Website’s Users. Google does not associate the user’s IP address with any other information in Google’s possession. Any refusal to utilize the cookies, by selecting the appropriate setup on your browser, may prevent the use of some functions of this Website. Place of Data Processing: USA More information:www.google.com/intl/en/analytics/privacyoverview.html The personal data collected are: Cookie and IP.
Facebook social buttons/widgets (Facebook)
Facebook Social button is a service run by Facebook Inc., a company that complies with the Privacy Shield Policy Framework initiative, guaranteeing the handling of Personal Data in compliance with General Data Protection Regulation security standards. The service makes it possible to interact with the social network via this Website. Facebook, through the User click, acquires information about his/her/its visit to the Site. Facebook does not share any information or data in its possession with the Site or the Data Controller. Place of Data Processing: USA More information: www.facebook.com/privacy/explanation.php The personal data collected are: Cookie and IP.
Google +1 Button (Google)
Twitter social buttons/widgets (Twitter)
This is a service supplied by Twitter, a company that complies with the Privacy Shield Policy Framework initiative, guaranteeing the handling of Personal Data in compliance with General Data Protection Regulation security standards. By simply clicking on the Twitter push-button on the Site (“Twitter Button”), the service makes it possible to share liking of the Site on Twitter.com, without having to exit the Website’s page. In this way the User links his/her/its Twitter profile to the Webite and makes this information accessible to anyone on the web. Place of Data Processing: USA More information:twitter.com/privacy. The personal data collected are: Cookie and IP.
FURTHER DATA COLLECTION
Vivocha Analytics is a web analysis service, which utilizes “cookies” by means of which it collects Personal Information on the User, which is forwarded to, and deposited on, Vivocha’s servers in the United States. Vivocha utilizes this information in order to track and examine your use of the website, to prepare reports on the activities of the website for the website operators and to supply other services relevant to the activities of the website and to the use of the Internet. Vivocha does not associate the user’s IP address with any other information in Vivocha possession. Any refusal to utilize the cookies, by selecting the appropriate setup on your browser, may prevent the use of all the functions of this website.
Rights of Parties
Those persons to whom the Data refer, have the right, at any time, to obtain confirmation of the existence or otherwise of information by consulting the Data Controller, to learn about their contents and origin, to verify their accuracy or to ask for their integration, cancellation, update or correction, their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the Data Processor at the address cited in the “Data Controller” section.
DEFINITION AND LEGAL REFERENCES
Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Details collected automatically from the site, including the IP addresses or domain names of the computers utilized by the users who connect to the site, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of provenance, the features of the browser and the operating system utilized by the visitor, the various time details per visit (for instance the time spent on each page) and the details about the path followed within the site with special reference to the sequence of pages visited, other parameters about the operating system and the user’s IT environment.
Means the individual user of the Site’s services or products
Indicates the subject to which the Personal Data refers, using the services or the products of the site.
The natural person, legal person, public administration or any other organization, association or organization designated by the Data Controller for the Personal Data processing system.
The natural person, legal person, public administration or any other organization, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Site.
This privacy statement has been prepared in fulfillment of the obligations under Regulation EU 2016/679, and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of cookies.
This privacy statement applies solely to the Site and is not meant to refer to other sites whose links are possibly contained therein.
Vivocha has put in place processes and procedures to comply with the various provisions of the European General Data Protection Regulation GDPR). In addition, we have incorporated GDPR principles in our product development planning.
•Visitor consent (opt-in) collection for chat, call and video. (Currently available)
Vivocha Administrators can create an option to collect an opt-in consent at the beginning of every conversation. This can be enabled in the Vivocha Web Foundry, or Campaign Builder (Vivocha service creation environment).
•Legal information displayed to visitors for them to give their consent (opt-in). (Currently available)
It is possible to insert a link in the pre-engagement widget. The Vivocha widget is customizable in order to comply with the requirement through the Vivocha service creation environment.
•Visitor consent (opt-in) collection for audio session. (Currently available)
At the beginning of every audio session, we ask for the visitor consent.
•Visitors are able to stop (opt-out) for audio session. (Currently available)
Whenever they want, during an audio session, visitors will be able to stop the session and come back to the chat.
•Visitor consent (opt-in) collection for video session. (Currently available)
At the beginning of every video session, we ask for the visitor consent.
•Visitors are able to stop (opt-out) for video session. (Currently available)
Whenever they want, during a video session, visitors will be able to stop the session and come back to the chat.
•Visitor consent (opt-in) collection for co-browsing. (Currently available)
At the beginning of every co-browsing session, we ask for the visitor consent.
•Visitors are able to stop (opt-out) a co-browsing session. (Planned for 2019)
The feature has been planned for a future release.
•Consent/non-consent events logging. (Currently available)
We store every consent/non-consent events related to audio and video sessions in our database. We don’t store the same consent for co-browsing yet, but it will be stored starting from one of the next releases. However, even today it is possible to store the co-browsing consent with a widget customisation.
•Visitors have the right to obtain info from the data controller. (Currently available)
Visitors have the right to obtain info from the data controller, the access, modification, download or deletion of their personal data, by sending their request to the data controller (to the address displayed in the legal information notice).
•Visitors can access, update, download and delete their data. (Currently available)
Visitors have the right to obtain info from the data controller. The data controller will then submit a “Personal Data” ticket to the Vivocha support team, in order to get all the information within 15 days of the request date.
•Ability to permanently delete customer data. (Currently available)
The Vivocha account owner (Admin) has access to a customer data delete tool that allows him to fully delete specific interactions and all the related customer data.
•Data encryption via key management. (Currently available)
From the latest Vivocha release, we disabled the possibility of non encrypting the data. All the data is encrypted by default, with the Vivocha key. It is also possible to use a third-party key for the encryption.
•Data Storage is in Europe (Currently available)
Personal data of EU consumers is hosted on our European infrastructure, leveraging AWS, and all the customers’ data are stored within Europe.