Updated: March 24, 2022
Uniphore Technologies Inc., including its subsidiaries (“Uniphore,” “we,” “our,” or “us”), understands and respects our users’ need for privacy. We provide conversational artificial intelligence (AI) and communications platforms to enterprises that have entered into an agreement with us to use our products and services (collectively, our “Customers”) to deliver personalized and automated customer experiences. This Privacy Notice (“Notice”) describes what personal information we collect; how we collect, use, share, and process personal information; what rights and choices you may have with respect to your personal information; how you may contact us, and how we protect the personal information that we collect when you:
- Visit Uniphore’s websites, such as http://www.uniphore.com/ (our “Sites”);
- Use or access the products, services, and related applications offered by Uniphore, engage directly with Uniphore, or use third party products or interfaces that employ Uniphore technology, including our mobile and web-based applications, (collectively, the “Services”) as a Customer or a Customer employee, representative, call center agent, or other Customer user (“Authorized User”) to:
- Provide support services to Customer end users via our virtual agents or technology for live agents;
- Generate insights and trends from interactions with Customer end users to inform our business objectives;
- Provide Customer call center agent coaching and employee management;
- Perform real-time customer support agent authentication and verification;
- Understand and enhance audio and video interactions with prospective customers during the sales process;
- Perform sentiment, emotion, and engagement detection and intent recognition; and
- Interact with us in any way, including registering for, attending, or otherwise partaking in our events, tutorials, or webinars (collectively, “Marketing Activities”).
This Notice does not cover:
- Uniphore employees – Please contact firstname.lastname@example.org to learn more about our privacy practices regarding the personal information of Uniphore employees.
- Job applicants – To learn more about our privacy practices related to personal information collected and used for recruiting purposes, please see our Job Applicant Privacy Notice.
Our Customers are the controllers (“Data Controllers”) of their end users’ personal information. We process information on behalf and under the direction of our Customers as a “Data Processor.” We have no direct relationship with our Customers’ end users. In that context, our Services may process personal information in ways not covered by this Notice. Our Customers are responsible for providing notice of privacy and data processing to their end users, including information concerning (1) the purposes for which personal information is collected and used; (2) a contact person to whom inquiries or complaints may be directed; (3) the types of third parties to whom personal information is disclosed; and (4) the choices and means that individuals are offered for limiting use and disclosure of personal information. If you are a Customer end user and would like to understand how our Customers use your personal information, please contact the Customer that you interact with directly. Uniphore is a Data Controller of certain information collected from other individuals, as described in this Notice.
About Uniphore Products and Services
Uniphore offers AI-based, conversational service automation platforms that change the way our Customers engage with their end users. Uniphore offers native cloud and on-premises solutions customized based on our Customers’ existing infrastructure. Uniphore’s core products and their functionalities include:
- U-Self Serve: U-Self Serve is a multi-modal virtual agent that provides a complete self-service offering through UI, text and voice that can be combined into a single experience and through multiple channels.
- U-Trust: U-Trust is a biometric agent authentication tool.
- U-Assist In-Call: U-Assist In-Call provides agents with live step-by-step in-call guidance, customer intent and emotion detection, and automation of repetitive tasks.
- U-Assist Aftercall: U-Assist Aftercall automatically generates call and interaction summaries and call dispositions as well as promise detection from live calls and post-call promise fulfilment monitoring.
- Unified Agent Desktop (UAD): The UAD enables all U-Assist capabilities in a tailored single agent desktop application, integrated with other applications.
- U-Analyze: U-Analyze processes and analyzes Customer end user and agent conversations across voice, email and chat providing post-conversation quality analytics and business insight.
- Q for Sales: Q for Sales offers real-time and post-call sentiment, engagement, and conversation insights for virtual meetings hosted by sales teams.
Information We Collect
The information that we collect depends on the context of your interactions with us and the choices that you make (including your privacy settings), the products and features you use, your location, and applicable law. In some cases, we receive information directly from you, such as your name and email address when you or your organization sign up for our Services. In other cases, we receive information through your use of our Services, such as engagement levels and sentiment when Customers or their end users interact with virtual or live agents.
A. Information You Provide Directly to Us
We collect the following information through your use of our Sites and Services.
- Contact information – We collect your contact information when you use, inquire about, or purchase our Services. This information may include your full name, email, address, and phone number.
- Professional information – We collect professional information about you including company name, job title, role, functional team.
- Account information – We collect information about your Uniphore account. This information includes your username, user ID, password, details for Services purchased or subscribed to, purchase price, date of transaction, payment information, and billing address. You provide this information to us directly during the account registration process, and when you log into the Services for the first time, we automatically receive this information.
- Transactional information – We collect payment and other transactional information related to our Services, such as hashed payment card values and billing address.
- Biometric information – We collect image and/or voice information provided by Customers and Authorized Users during account set up to train the Uniphore AI model and provide Services.
- Marketing information – When you engage in Marketing Activities, we collect information that you provide, including through form submissions, email communications, or phone calls to inquire about Uniphore and our Services. We also collect information you provide to us when participating in a survey, interacting with us virtually or in person at an event, or via a phone or video call with one of our sales or customer support representatives (e.g., the nature of your communication, your contact information, your contact preferences, and any information you choose to provide to us when completing any “free text” boxes in our forms).
- Office visitor information – We collect information about you if you visit a Uniphore office, including name, date and time of visit, reason for visit, COVID screening protocols and other visitor registration information.
- Social media information – We use social media features, such as sharing widgets (“Social Media Features”), and we receive information about you if the Social Media Features are hosted directly on our Site. If the Social Media Features are hosted by the social media network, and you click through to them from our Site, the social media network may receive information showing that you have visited our Site. Your interactions with Social Media Features are governed by the privacy and user policies of the companies that provide them, and we are not responsible for how those companies collect, use, or disclose your information. We encourage you to review the privacy notices of those companies before connecting to or using their Social Media Features to learn more about their privacy practices.
- Troubleshooting and support data – We collect information about your account preferences or data you provide when you contact Uniphore for help, such as the solution you use, the content of chats and other communications with Uniphore, and other details that help us provide support.
B. Information We Collect from Third Parties
We receive information about Customers, Authorized Users, and Customer end users from third parties that provide services or support Uniphore’s business operations. We limit our use of personal information to the purposes described in this Notice. Personal information we receive from third parties includes:
- Contact information, such as name and email address;
- Organization information, such as company name, job title, and company address;
- Customer relationship management (CRM) and Sales pipeline information, such as deal name, deal value, deal stage, deal close date;
- Account information from video conferencing platforms, such as video conferencing platform, username, and single sign-on password authentication;
- Meeting information, such as participant names and emails, number of meetings, meeting duration, and time of day;
- Social Media information related to our Marketing Activities, such as URLs, profile pictures, and profile ID.
C. Information We Collect Automatically
When you use or interact with the Services, we automatically collect or receive certain information about you, your device and your usage of our Sites and Services. This information includes:
- Usage information – We collect information about your usage and behavior on our Sites and Services. This information includes browser type and settings, usage details, such as timestamps, frequency, and use pattern, language preferences, and device event information, such as system activity and hardware settings, application version and amount of time spent on the mobile application or our Sites, information about how you interact with our Services, Marketing Activities and Sites, such as clicks, scrolls, mouseovers, internal links, pages viewed, searches, page response times, download errors, and date/time stamps associated with your usage, request information (speed, frequency, the site from which you linked to us (“referring page”), the name of the website you choose to visit immediately after ours (“exit page”), and information about other websites you have recently visited and the web browser used.
- Device information – We collect information about your device automatically when you use our Sites and Services. This information includes IP address, location, device type, operating system, Internet service provider, mobile network, system configuration information, model, model number, push notification tokens, unique device identifiers such as your username and password, and web browser.
- Biometric information – Through some of our Services, we collect voice prints, image, facial feature information, and/or voice information from Customers, Authorized Users and Customer end users when they use or interact with our Services, such as during a video meeting.
- Engagement, interaction, and performance information – When interacting with us or using certain Services, we collect information about Authorized Users and Customer end users’ interactions, sentiment, and engagement levels. This information includes participant sentiment ratings (i.e., positive, negative); behavioral information (i.e., choice of words, patterns of speech, facial expressions; communication style information (i.e., pitch, tone, and intonation of participants, frequency and volume of participants and conversation duration); estimations relating to engagement levels (i.e., low, medium, high), emotions (i.e., anger, happiness, frustration), speech tracks, conversational techniques (i.e., talk ratio, talking speed); Authorized User performance and actions when interacting with Customer end users; conversation content (i.e., types and volume of promises and resolutions offered to Customer end users, conversation summaries and notes); length and disposition of interactions, contact type, date of contact, video and audio files that include Customer end users’ video/audio input and output, including screen share, and conversation and interaction transcripts.
- Meeting information – Through certain features and integrations of our Services, we collect information about Customer, Authorized User, and Customer end users’ meetings. This information includes meeting details, such as the date and times, meeting subject and description, meeting platform information, and any meeting access details (i.e., meeting ID and login information), volume of meetings, meeting invitee and participant information (name, email, job title), date of last contact, speech tracks, conversational techniques (i.e., talk ratio, talking speed). We do not share this information with third parties.
- Sales Opportunity information – Through certain Services, we collect information about sales activity history. This information includes deal size, account name, deal summary, topics of interest, deal pipeline and health trends (i.e., projected win rates, number of active deals, and deal stage).
- Anonymized Statistical information – We collect anonymized statistical information, such as de-identified demographic or location information, information about devices used to access our Services, or other aggregated, de-identified information about how you use our Services.
- Customer end user information – We collect Customer end user information during interactions with Customers, such as customer ID, name, email, company, account information and other personal information that may be disclosed or generated during customer support interactions. Uniphore uses tools to minimize and redact personal information that is incidental to a customer service interaction and not relevant to the Services.
Some information automatically collected within the Services, whether alone or together with other data, may personally identify you. We collect this information on behalf of our Customers and/or requested by the Customer and under the direction of our Customers, such as video and audio transcripts and other information related to their customer support inquiries and sales pipeline activities. Personal information may be included in Customer end user messages, conversations, and video meetings. If you are a Customer end user and would like to understand what information our Customers collect, please contact the Customer that you interact with directly.
How We Use Information
Uniphore uses collected information in the following ways:
- Communicate with you about our Services – We use your personal information to enable you to access and use our Services, including sending you technical notices, updates, security alerts, and support and administrative messages.
- Provide our Sites and Services – We use your information to operate and administer our Sites, and to provide, operate, monitor, and maintain our Services.
- Provide and improve necessary functionality – We use your information to provide you with the necessary functionality required during your use of our Sites and Services as described in the About Uniphore Product and Services section. We also analyze how you use our Sites and Services to deliver the Sites and Services, and improve functionality, quality, and user experience. Our analysis includes using Customer end user information to train Customer AI models.
- Transactional purposes – We use your information to complete transactions, and send you related information, including purchase confirmations, receipts, invoices, recall notices, and customer experience surveys.
- Handle contact and support requests – We use your information to fulfill your requests and communicate with you. We also process your personal information to respond to your comments, questions, and requests, and provide customer service and support via email, chat, or phone.
- Develop and improve our Marketing Activities and Services – We use your personal information to review and analyze trends, usage, and interactions with our Services, Sites, and perform other Marketing Activities to personalize and improve our Marketing Activities and the Services. We also use your information to provide content and/or features that match your interests and preferences or otherwise customize our Marketing Activities and your experience on the Services. To learn more about how we track and use your information, see our Cookie Notice.
- Send marketing communications – We use your personal information for marketing purposes according to your preferences, such as to communicate with you via email, SMS, in-app features, surveys, newsletters, promotions, trainings, or events that we think may be of interest to you and/or provide other news or information about Uniphore and/or our select partners. Please see the “Your Privacy Choices and Rights” section below to learn how to manage your communication preferences.
- Promote the security of our Sites and Services – We use your information to investigate and prevent fraudulent transactions, unauthorized access to the Services, and other malicious, deceptive, fraudulent, or illegal activity.
- Legal, Regulatory, Safety and Compliance purposes – We process your information for purposes of compliance with laws or regulations and to review compliance with applicable usage terms.
- Other purposes – We process your information for other purposes about which we notify you in advance, or for which we receive your consent (such as in the event of a sale, merger, or acquisition).
We do not engage in automated decision-making or profiling as defined under GDPR. See Appendix B for more information about our GDPR compliance.
How We Share Information
Uniphore shares Customer and their end user’s personal information with third parties as required by law and as part of our business practices. Uniphore does not sell personal information to third parties for their independent business use. For example, we do not sell personal information to third parties for their own marketing and advertising purposes. Uniphore only shares personal information on a need-to-know basis where appropriate safeguards and contractual arrangements are in place and as described below.
We share end user information with our Customers when end users use certain Services. For example, when a Customer end user interacts with an Authorized User during a customer support inquiry, we share Customer end user details (such as name and email) with that Customer.
B. Third-Party Service Providers
We share information with third-party service providers that require access to Customer, Authorized User, and Customer end user information to support our operations and delivery of Services. The third parties that Uniphore shares information with include:
- Billing and payment providers to authorize, record, settle and clear transactions;
- Cloud hosting providers to provide data storage and processing services;
- Communications providers to process new queries and to manage our emails;
- Corporate services to facilitate business operations and communications;
- Professional services advisors to protect and manage our business interests;
- Analytics companies to perform analysis on our Marketing Activities and Services; and
- Any other suppliers, sub-contractors, resellers distributors, vendors and other service providers acting on our behalf.
These service providers are authorized to use personal information only as necessary to provide Services to Uniphore.
C. Legal or Public Authorities
We only disclose personal information when disclosure is:
- Reasonably necessary to comply with any applicable law or regulation;
- Required by law to comply with a legal process, or government request;
- Necessary to enforce our agreements and this Notice;
- Necessary to protect the security or integrity of our Sites and Services;
- Necessary to protect against harm to the rights, property, or safety of Uniphore, you, or the public as required or permitted by law;
- Necessary to respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person; or
- Otherwise directed by you.
Where required or permitted by applicable law, Uniphore protects personal information by requesting protective orders or confidentiality agreements, redacting personal information from documents prior to production or disclosure, or other legally permissible means.
D. Corporate Affiliates
We may share or transfer information to any person or entity which directly or indirectly controls, is controlled by or is under common control with Uniphore, whether by ownership or otherwise (“Corporate Affiliate”), in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Notice. Personal information may be part of the transferred assets. You may be notified thereafter of any such change in ownership or control through email or other means as applicable.
E. Advertising Partners
We may partner with third-party advertising networks, exchanges, and social media platforms (e.g., Facebook, Twitter) to display advertising on our Sites or to manage and service advertising on other sites and we may share personal information with them for this purpose. Please see our Cookie Notice for more information about how you can turn off tracking technologies.
Cookies and Other Tracking Technologies
How We Transfer and Store Information
We use data hosting service providers in the United States or other region as directed by the Customer to store Customer, Authorized User, and Customer end user information, and we use reasonable technical measures to secure that information. Uniphore may transfer, process, or store personal information outside of your country of residence, which may have different data protection laws than the country in which you initially provided the information, to provide our Services. To the extent required by applicable law, whenever we transfer your information, we take the appropriate steps to protect your information. This includes the use of standard contractual data protection clauses or other appropriate legal mechanisms to safeguard the transfer.
How Long We Retain Information
Uniphore retains Customer, Authorized User, and Customer end user information for the minimum necessary period to fulfil our legal and contractual obligations; support business operations; develop our Sites and Services; resolve disputes; enforce our rights; for legitimate business purposes outlined in this Notice, and as recommended by industry standards.
How We Protect Your Information
We use reasonable and appropriate administrative, technical, and physical safeguards to protect the information that we have about you from loss, theft, and unauthorized use, access, modification, or destruction. We also require third-party service providers acting on our behalf or with whom we share your information to maintain security measures in accordance with industry standards.
Notwithstanding our security safeguards, it is impossible to guarantee absolute security in all situations. If you have any questions about the security of our Sites and Services, please contact us as described in the “Contact Us” section. For your own security, please do not send any confidential personal information to us via email or through our Sites.
Third-Party Services, Applications, and Websites
Our Sites and Services may contain links to other websites not operated or controlled by Uniphore. Certain third-party services, applications, or websites used to navigate to and from our Sites and Services have separate user terms and privacy notices that are independent of this Notice.
Uniphore requires third-party service providers acting on our behalf or with whom we share your information to provide appropriate security measures in accordance with industry standards and in compliance with this Notice, contractual obligations, their privacy and security obligations, and any other appropriate confidentiality and security measures. However, we are not responsible for the content, accuracy or opinions expressed in such websites, or the privacy and data security practices of third parties outside of the personal information we receive from or transfer to them. We do not investigate, monitor, or check these websites for accuracy or completeness. We recommend carefully reviewing the terms and privacy notices of each third-party service, website, and/or application prior to use.
Your Privacy Choices and Rights
A. Privacy Choices
You have certain choices available when it comes to how we collect and use your personal information. Below is a summary of those choices and how to exercise them.
- Opt-out of marketing email communications: You may opt-out of receiving any email marketing communications from us by using the “Unsubscribe” link within each email or by contacting us as provided in our “Contact Us” section. If you opt-out of receiving marketing messages, you will continue to receive transactional communications from us regarding our Services.
- Communications Preferences: If you elect to receive periodic email communications from us (i.e., company news, product, and service information), you may choose to opt out from receiving such communications by following the instructions in those communications. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.
- Account Preferences: You may update and correct certain account information at any time by logging into your account or emailing us at email@example.com. If you wish to delete your account, please email us at firstname.lastname@example.org with your account information, but note that we may retain certain information as required by law or for our legitimate business purposes. If you are a Customer end user and wish to delete your account with a Customer, please contact that Customer directly.
- In-App Preferences: Customers have the ability to adjust certain preferences within our applications. For example, Customers can disable certain application features from collecting information during virtual meetings or remove an application from a meeting similarly to how any other participant would be removed.
- Opt-out of SMS communications: Certain features and integrations with our Services provide Customers and Authorized Users the option to enable SMS communications. You may opt-out of receiving SMS communications from us by following the opt-out process described in the SMS communications. If you opt-out of receiving SMS messages, you will continue to receive transactional communications from us regarding our Services.
- Managing Cookies and Other Tracking Technologies: Relevant browser-based cookie controls are described in our Cookie Notice. Our Services participate in the Network Advertising Initiative (“NAI”) and Digital Advertising Alliance (“DAA”) programs to opt-out of customized or targeted advertising online. If you sign up for either of these programs, you will not see targeted ads from us on other websites based on your browsing history or other online activities. To learn more about preference-based advertising, change your preferences or to opt-out visit:
Your mobile device settings may also allow you to prohibit mobile app platforms (such as Apple and Google) from sharing certain information obtained by automated means.
B. Privacy Rights
Depending on where you are located, you may have certain rights in connection with your personal information that we obtain. These rights vary depending on your jurisdiction. To learn more about your rights, see:
- Appendix A for CCPA rights if you are a California resident.
- Appendix B for GDPR rights if you are an EEA resident.
Minimum Age Requirements to Use Our Services
Uniphore Sites and Services are not directed to children under 13. To use Uniphore’s Sites and Services, you must be old enough to consent to the processing of your personal information in your jurisdiction. We do not knowingly collect personal information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from anyone under the age of 13 without verification or parental consent, we take steps to remove such information.
Changes to Our Privacy Notice
We periodically review and update this Notice to describe new Services or changes to our practices. You can determine when this Notice was last revised by referring to the “Updated” date at the top of this Notice. We encourage you to review the Notice whenever you interact with us to stay informed about our privacy practices and the ways that you can help protect your privacy.
If we make significant changes to this Notice, we will notify you through a prominent notice on our Site. If you do not agree with the privacy practices disclosed in the Notice, we recommend you stop using our Sites and Services.
To submit questions about this Notice or to update or request changes to your personal information, please contact us at email@example.com or write to us:
Uniphore Technologies, Inc.
Attn: General Counsel
1001 Page Mill Road
Building 4, Suite 100-B
Palo, Alto, California 94304
Appendix A: California Consumer Privacy (“CCPA”)
Last Updated: March 24, 2022
Additional provisions applicable to processing personal information of California residents.
Scope and Applicability
This Appendix A (“Appendix A”) applies to California residents (“you” or “your”) and outlines your rights and choices with respect to the processing of your personal information under the California Consumer Privacy Act (“CCPA”). This Appendix A does not apply to Uniphore employees or job applicants. This Appendix A controls to the extent it conflicts with any provision in the main body of the Privacy Notice (“Notice”). Capitalized terms not defined in this Appendix A are defined in our Notice.
Data Collection, Use and Sharing
The CCPA requires that we tell you whether we collect any categories of personal information as classified under the CCPA, and whether we share this information with selected recipients for specific purposes.
A. Categories of Information
We collect the following categories of information as classified under CCPA:
- Personal identifiers – We collect your email address, shipping and billing addresses, login credentials, and IP address.
- Personal information – We collect your contact information and billing information.
- Professional information – We collect your job title, company name, and type of company.
- Biometric information – We collect your image and voice files.
- Characteristics of protected classifications – Even though your date of birth may be collected, we do not use this information to infer whether you belong to a protected age group. Similarly, we may also collect your gender. When you communicate with us using your social media account, you may share with us, or direct others to share with us, your gender and other protected information that we do not request.
- Commercial information – We collect information about the products you request and records of Services purchased.
- Internet or other network activity information – We collect browsing and search history, information collected from cookies and similar technologies, and analytics data.
- Geolocation data – We collect approximate location information.
- Sensory data – We collect audio, electronic, visual, or similar information.
- Other inferences drawn from personal information – We draw inferences from the categories of information collected to understand a Customer’s preferences, characteristics, or predispositions.
Please see the “Information We Collect” section in our Notice to see the full description of the information that we collect.
Publicly Available Information: Personal information does not include publicly available information. For purposes of this paragraph, “publicly available” means information that is lawfully made available from federal, state, or local government records. “Publicly available” does not mean biometric information collected by a business about a consumer without the consumer’s knowledge.
B. Sharing Information
We share the information collected with service providers such as suppliers, vendors, business partners, such as advertising partners and consultants to operate our business and provide you with our Sites and Services.
We do not sell the personal information of our Customers.
C. Using Information
We collect and use your personal information for the following purposes:
- Interact with Customers
- Facilitate transactions
- Provide our Services
- Conduct internal research and development
- Improve the quality and safety of our Sites and Services
- Detect security incidents and prevent fraud
Please see the “How We Use Information” section in our Notice to see the full description of how we use your personal information.
Your CCPA Rights
The CCPA grants California consumers certain rights in connection with the personal information collected, as described below.
- Right to Know: You have the right to know the categories and specific pieces of your personal information we have collected in the previous 12 months.
- Right to Deletion: You have the right to request that we delete any of your personal information we have collected.
- Right to Request Information: You have the right to request information about the collection, sale, and disclosure of your personal information from the previous 12 months.
- Right to Opt-out of the Sale of Information: You have the right to opt-out of the sale of personal information we have collected about you.
- Right to Non-Discrimination: You have the right to not receive discriminatory treatment for exercising any of your CCPA rights. We do not treat Customers differently for exercising any of the rights described above.
Exercising your Rights
If you wish to exercise any of the above rights, see the “Contact Us” section in this Appendix A. You may also authorize an individual to submit a verifiable consumer request relating to your personal information.
We verify your request by asking you to provide certain identifying information, such as your email address or information related to your recent interactions with us. If you have created an account with us, we also verify your request using the information associated with your account, including billing or shipping information. We cannot respond to your request if we cannot verify your identity and/or authority to make the request on behalf of another and confirm the personal information relates to you. Submitting a verifiable consumer request does not require you to create an account with us.
If you wish to use an authorized agent to submit a request to opt-out on your behalf, you must provide the authorized agent written permission signed by you, the consumer. We may deny a request from an authorized agent if the agent cannot provide Uniphore your signed permission demonstrating that they have been authorized to act on your behalf.
We fulfill requests within 45 days of receiving your request. Please note that your request may be limited in certain cases, for example if complying with your request would conflict with:
- Federal, state, or local law;
- Regulatory inquiries;
- Subpoenas; or
- Exercising or defending legal claims.
To submit questions about this Appendix A or to update or request changes to your personal information, please contact us at firstname.lastname@example.org or write to us:
Uniphore Technologies, Inc.
Attn: General Counsel
1001 Page Mill Road
Building 4, Suite 100-B
Palo, Alto, California 94304
Appendix B – General Data Protection Regulation (“GDPR”)
Additional provisions applicable to Uniphore’s processing personal information of individuals based in the European Economic Area (“EEA”) and the United Kingdom (“UK”).
Scope and Applicability
This Appendix B (“Appendix B”) applies to individuals based in the EEA and UK (“you” or “your”) and outlines your rights and choices regarding the processing of your personal information under the General Data Protection Regulation (“GDPR”). This Appendix B controls to the extent it conflicts with any provision in the main body of the Privacy Notice (“Notice”). Capitalized terms not defined in this Appendix B are defined in our Notice.
Data Collection, Use and Sharing
Uniphore acts as a Data Controller for personal information that we collect about you while using our Site or interacting with our Marketing Activities as described in the Privacy Notice.
We act as a Data Processor on behalf of our Customers for most of the personal information that we process through our Services. This means that our Customers mainly control what personal information we collect and process through the Services and how we use it, and we only process the information in accordance with their instructions.
This Appendix B does not apply to any personal information that we process as a Data Processor, as we only process that information on behalf of our Customers and in accordance with our agreement with them. A Customer that has entered into an agreement to use the Service (e.g., your employer or another entity or person) controls its instance of the Service and any associated data. If your personal information is contained in Customer data and you have any questions about the specific settings and privacy practices the relevant Customer has made to share your personal information with us, please contact the relevant Customer or review its privacy notice.
We collect and process personal information about you only where we have a legal basis for doing so under applicable data protection laws. Our legal bases include processing personal information under:
- Your consent: Where appropriate or legally required, we collect and use information about you subject to your consent. For example, we collect your email address when you sign up for marketing emails and updates on our Site.
- Performance of contract: We collect and use information about you to contract with you or to perform a contract that you have with us. For example, we collect your name, email and shipping and billing addresses when you purchase our Services and to process payments.
- Legitimate interests: We collect and use information about you for our legitimate interests to improve our Services, deliver content, optimize your experience, and market our Services. For example, we collect your IP address and device information when you use our Services to prevent against malicious activity and fraudulent transactions.
- Compliance with laws: We may also collect and use information about you:
- As required by law, such as to comply with a subpoena or similar legal process;
- When we believe in good faith that disclosure is necessary to protect our rights or property, protect your health and safety or the health and safety of others, investigate fraud, or respond to a government request; or
- If we participate in a merger, acquisition, or sale of all or a portion of its assets.
Transfer of Personal Information to Other Countries
When you use our Services and provide personal information to us, we use data hosting service providers in the U.S. or other region as directed by the Customer to store information we have about you.
We also transfer personal information we have about you to third parties as described in the “How We Transfer and Store Information” section above. These third parties may be located outside of the EEA. In circumstances that require us to transfer your information to third parties outside the EEA, we will only transfer such information where we have adequate measures in place to provide appropriate safeguards such as standard contractual clauses produced by the EU Commission.
Although the data protection laws of various countries may differ from those in your own country, we take appropriate steps to ensure that your personal information is handled as described in this Notice and under the law.
Data Subject Rights
You have certain rights related to the personal information we hold about you when you use our Services. Some of these rights only apply in certain circumstances, as set out below. We also describe how to exercise these rights in the “Exercising your Rights” section of this Appendix B.
Depending on the Services provided, Customer end users seeking to access, correct, amend, or delete personal information should contact our Customer (the Data Controller) which has transferred such data to us for processing. If our Customer receives a data subject request and sends the request to us, we will respond to the Customer’s request within the agreed timeframe outlined in our Customer agreements. The Customer is responsible for responding to Customer end user data subject requests as determined under the applicable local data protection law.
The GDPR provides data subjects with the following rights:
- Right of Access: You have the right to request access and receive certain information about how we use personal information about you and who we share it with.
- Right to Rectification: You have the right to request correction of personal information we hold about you where it is inaccurate or incomplete.
- Right to Data Portability: You have the right to request a copy of data we hold about you in a structured, machine-readable format, and to ask us to share this information with another entity.
- Right to Erasure: You have the right to request deletion of the personal information we hold about you:
- Where you believe that it is no longer necessary for us to hold your personal information;
- Where we are processing your personal information based on legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing;
- Where you have provided your personal information to us with your consent, and you wish to withdraw your consent and there is no other ground under which we can process your personal information; or
- Where you believe your personal information is being unlawfully processed by us.
- Right to Restriction of Processing: You have the right to ask us to restrict (stop any active) processing of your personal information:
- Where you believe your personal information is inaccurate and while we verify accuracy;
- Where we want to erase your personal information as the processing is unlawful, but you want us to continue to store it;
- Where we no longer need your personal information for our processing, but you require us to retain the data for the establishment, exercise, or defense of legal claims; or
- Where you have objected to us processing your personal information based on our legitimate interests and we are considering your objection.
- Right to Object: You can object to our processing of your personal information based on our legitimate interests. We will no longer process your personal information unless we can demonstrate an overriding legitimate purpose.
- Objection to Marketing, Automated Decision Making, and Profiling: You have the right to object to our processing of personal information for marketing communications, automated decision making and profiling. We will stop processing the data for that purpose.
- Withdrawal of Consent: Where you have provided your consent for us to process your personal information, you can withdraw your consent by emailing email@example.com.
Please note that before we respond to requests for information, we will require that you verify your identity, or the identity of any data subject for whom you are requesting information. Our verification methods may include requesting that you log into your account, confirm your contact information or email address, and/or provide documents for identity verification.
Exercising your Rights
To exercise any of the rights above, please contact us as noted in the “Contact Us” section in this Appendix B. If you are a Customer end user, contact the Customer acting as the Data Controller directly to fulfill any requests.
We will fulfill your request within 30 days of receipt. Please note that the above rights may be limited in the following situations:
- Where fulfilling your request would adversely affect other individuals, company trade secrets or intellectual property;
- Where there are overriding public interest reasons; or
- Where we are required by law to retain your Personal Information.
If you have unresolved concerns, we encourage you to come to us in the first instance, but you are entitled to address any grievance directly to the relevant Supervisory Authority. If you are a Customer end user, we encourage you to reach out to the relevant Customer first to address any complaints.
To submit questions about this Appendix B or to update or request changes to your personal information, please contact us at firstname.lastname@example.org or write to us:
Uniphore Technologies, Inc.
Attn: General Counsel
1001 Page Mill Road
Building 4, Suite 100-B
Palo, Alto, California 94304