Privacy Policy

The Privacy Policy explains how data is collected, used and disclosed by when you use our website and services (collectively, “Services”), or when you otherwise interact with us.   1. OVERVIEW TUF Software SA / (”us”,”we”, or ”our”) operates the domain and their websites (the ”Service”). This document informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.  2. DEFINITIONS “Service” consists of the customer service technologies, including but not limited to the agent assistance tools, the automation solution, analytics, dashboard and any related services.“Customer” is the legal entity purchasing the Service from us.“Personal Data” is data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).“Cookies” are small pieces of data stored on your device (computer or mobile device).“Website” refers to the web domain.GDPR data protection legislation has two key roles for companies handling personal data: Data Controllers and Data Processors. Our customers are Data Controllers and their Data Processor.I. Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, you (the Customer)is the Data Controller of the Customer Data.II. Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. For the purpose of this Privacy Policy, we (TUF Software SA) are the Data Processor of the Customer Data.III. Data Subject is a visitor to a Customer’s website who engages in a customer service request.  3. DATA PROCESSING 3.1“Customer Data” is data processed by us on behalf of the Customer using the Service. Customer data contains Personal Data, such as full IP addresses and the contents of customer service conversations. Most of this data is provided by the visitor themselves during a customer service conversation. The purpose of the processing of this data is the provision and improvement of the Service. The Customer Data is owned by the Customer. In regard to Customer Data, the Customer is the Data Controller and the Data Processor in the meaning of the EU data protection legislation.The Customer Data categories processed are listed in the table below.“Benchmark Data” is anonymous analytics data which we collect from the use of the Service for our own purposes. We use it across Services to provide better Service. Benchmark data is stored and handled separately from Customer Data. It does not contain personal data, nor is it ever combined, analysed or stored together with personal data. Benchmark Data is proprietary to us. The Benchmark data categories collected are listed in the table below.The use of Benchmark Data is limited to the following purposes:Improving the quality of our ServicesKeeping our Services and integrations safe and secureTroubleshooting and testingData analysis (e.g. industry benchmarking) and research purposesTrend detectionUser profilingContent ranking and recommendationsThe below table details the complete list of all Customer Data processed and Benchmark Data collected by through provision of the Service.A) Customer Data 3.2. Web Analytics Data (per visitor)Customer specific cookie identifier (CID)IP addressVisited URLsReferrer URLTimestampOperating systemDeviceBrowserB) Benchmark Data 3.3. Web Analytics Data (per visitor)Generic cookie identifier (GID)Visited URLsReferrer URLTimestampOperating systemDevice typeBrowser type*Anonymous data used by for troubleshooting, Service improvements, statistics and trend detection. Benchmark data is stored and processed separately from Customer Data   4. COOKIES 4.1Our Service uses Session Cookies, primarily local storage technologies such as browser web storage and application data caches.Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device.By accessing our website or websites which use Services, you accept the use of cookies and tracking, as well as the collection of benchmark data for the purposes stated above. Most browsers accept cookies automatically. However, browser settings can be changed to erase cookies or prevent them. In that case, we cannot guarantee that our website or Services will be able to provide the intended user experience.On our website and web dashboard we may collect information about visitors to generate statistics which we use to improve our services and communication channels. Here we also use Third Party Cookies from the following Service providers to help us analyse trends and for tracking purposes, and to gather general information about our visitor base:Google Analytics collects data and analytics regarding the visitor base and traffic of the website.Google Ads is used for showing ads in connection with Google search resultsFacebook Ads is used for showing ads in connection with Facebook platform  5. USE OF processes Customer Data and collects Benchmark Data for the following purposes:To provide and maintain our ServiceTo notify our Customers about changes to our ServiceTo allow our Customers to participate in interactive features of our Service when they choose to do soTo provide Customer supportTo gather analysis or valuable information so that we can improve our ServiceTo monitor the usage and performance of our ServiceTo detect, prevent and address technical issuesTo provide our Customers with news, special offers and general information about other goods, services and events which we offer that are similar to those that already purchased or enquired about unless our Customers have opted not to receive such information.  6. LEGAL BASIS FOR PROCESSING PERSONAL DATA UNDER GENERAL DATA PROTECTION REGULATION (GDPR)6.1For Customer Data containing Personal Data of individuals from within the European Economic Area (EEA), legal basis for processing the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect may process Personal Data because:It is part of the Customer Data contained within the customer service transcripts / conversationsThe Data Controller has given us permission to do soThe processing is in our legitimate interests and it’s not overridden by the Data Subject’s rightsTo comply with the law  7. RETENTION OF will retain Customer Data only for as long as we have a valid contract with the Customer. We will retain and use Customer Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. will also retain Benchmark Data for internal analysis purposes. Benchmark Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.  8. VISITOR CONSENTS8.1When using the Service on any website, the Customer is responsible for acquiring all applicable consents (regarding for example the processing of personal data and cookies) from the website visitors as necessary for the delivery of the Service.  9. TECHNICAL AND ORGANISATIONAL SECURITY9.1The GDPR requires for adequate technical and organisational measures to be taken to safeguard personal data. Our services ensure security by:Daily data backupsHigh internal confidentiality and privacy guidelinesRegular data protection training for our staffAll persons who we have authorised to process personal data of the Customer are bound with a written undertaking of confidentialityIn case we become aware of a data security breach affecting personal data we will report this to the Customer within a time frame of 48 hours. In such case we will coordinate and assist the Customer in minimising any damage and provide the Customer with the required information about the breach.  10. DATA SUBJECT RIGHTS AND RIGHT TO AUDIT10.1We are committed to assisting our Customers with their responsibilities regarding the data subject rights. Our contact for this type of requests is cases where such assistance causes us a substantial amount of work, we reserve the right to invoice such work in accordance with our standard hourly fees.Our Customers are welcome to perform data protection/security audits on us as long as they compensate for all costs involved. For audits causing us a substantial amount of work, we reserve the right to invoice such work in accordance with our standard hourly fees.  11. CHANGES TO THIS PRIVACY POLICY11.1We may update our Privacy Policy from time to time. We will notify our Customers of any changes by posting the new Privacy Policy on our website.We will inform Customers via email and/or a prominent notice on our Service, prior to the change becoming effective and update the ”effective date” at the top of this Privacy Policy.You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on our website  12. CONTACT12.1For questions regarding privacy please contact: