The GDPR & iAdvize

Here are the various actions we have put in place to help you comply with the GDPR. 
 
The General Data Protection Regulation (GDPR) is a new set of legislation that aims to strengthen the protection of EU citizens' personal data while reinforcing the obligations of organizations to process such data in a transparent and secure manner. The GDPR applies not only to companies established within the EU but also to any company controlling or processing EU citizens' data. 
 
At iAdvize, starting in 2017 we have created a dedicated GDPR team to work on improving our processes and our solution to help you be GDPR compliant. 
 
This page is the place where you will find all the information about iAdvize product updates related to GDPR. 

1. What information and data do we collect?

1.1 Visitor data collected BEFORE chat (functionality cookies):

Data collected
  • The Visitor Unique Identifier (VUID) through cookie

Data associated with a visitor and stored in the visitor’s browser
 
The data are not collected through cookies but are associated with the VUID.
Purpose: Processing these data help ensure that the targeting rules are working properly
 
  • Data attached to this VUID :
    - Browser type (12 months)
    - Terminal type (12 months)
    - Page URL (12 months)

 

  • Session data (expires after 30 minutes of inactivity):
    - Number of pages viewed by the Visitor (Page View)
    - Date/time of new session (Connection Time)
    - Browser language to contextualize chat language (Lang)
    - Site browsing time (NavTime)

1.2 Data collected DURING the chats:

To collect personal data from Visitors, iAdvize recommends these 2 options:

 

1) Activate the iAdvize chat window's consent form to ask Visitors for their consent

(opt-in mode with clear and transparent information), or

2) The customer relies on legitimate interest

 


User identification data :


Purpose: Collection of User data enabling the management and authentication of User roles.

  • Last name, first name, pseudonym, username (duration of contract with iAdvize)
  • Customer position (duration of contract with iAdvize)
  • Connection data, logs: Access-token (platform connection identifier) refresh_token (platform connection identifier)
  • Platform (platform concerned) (1 day)

 

Visitor data :

 

Purpose: Collection and storage of Visitors' conversations to enable Users to interact directly with these Visitors

 

  • Conversations (content of conversation, number of conversations, duration, date, response to satisfaction questionnaire if applicable)
  • Visitor's IP address
  • If transmitted by the Visitor: identity, e-mail, telephone number

2. For what purpose(s) is the Data collected?

iAdvize User identification data:
Collection of Users' personal data for management and authentication purposes.
Visitor Login Data:

The VUID (cookie) is used to adapt engagement methods according to the Visitor's path, for the purposes of

user interface personalization.

It is also used to record the collection of Visitor consent via the Chatbox (RGPD), so that consent is only requested again after 12 months.

Visitor Conversations:
Collecting Visitor conversations to enable e-commerce site agents to interact directly with Visitors.


3.
How long is the Data retained?

The length of time conversations and associated data (visitor profile etc...) are stored varies depending on the channel used:
  • Chat/Social media: 3 years (by default – unless the Customer specifies another duration) in active database
  • Call/SMS: 12 months in active database
  • Temporary archive: The retention of the temporary archive is 5 years. Stored personal data can no longer be processed by operational services. They are now stored only for litigation purposes and are subject to restricted access (3 AWS Administrators at iAdvize + VP Engineering).
NB: The video stream is not recorded.


TEMPORARY ARCHIVE
Legal basis: Legal obligation to retain the data or legitimate interest of the data controller (interest in retaining evidence) for the duration of the applicable limitation/foreclosure period. 
Purpose: Personal data stored in this way can no longer be processed by iAdvize operational services. They are now stored only for litigation purposes and are only accessible to a limited extent.
Retention Period: 5 years 
Storage: Amazon Web Services - Servers located in the Frankfurt area (Germany)
Restrictive access: Only AWS administrators at iAdvize (3 people) + VP Engineering 
Data Encryption: All data is encrypted - AES 256 Key 
Data access: The access is made only in 2 cases:
  • To restore the data and the database in case of crashes or incidents leading to data loss. Restoration will take place only on the last backup.
  • For legal reasons: Only in case we receive a judicial requisition. This means that we will not have access to the data and will not process (communicate) it without a court order or other injunction.


4. Anonymization and deletion of Data :

At the end of the retention period of the conversations, only personal data is deleted and we save the anonymized data.
Deleted
Anonymized
The IP address of the Visitor
Aggregate statistics
  • The number of conversations
  • Conversation processing time (response time; duration of conversations ...)
  • Unique Visitor ID (VUID)
Contain the chat conversations

3 years (by default – unless the Customer specifies another inferior duration) 

The personal data contained in the Visitor file 
E.g.: First name/last name; Email address; phone number…

3 years (by default – unless the Customer specifies another duration)

Call conversations
12 months

 

5. Who has access to the Data?

The persons having access to the Data are the following:
  1. Users: There are three types of profiles: Advisor; Manager; Admin and, if applicable, ibbü Experts.
The Admin profile has access to the full iAdvize Solution:
  • Consult all the Data stored in the Solution (Performance, KPIs, Conversations)
  • Create/delete/modify profiles: a new Admin, a Manager, an Advisor, a bot
  • Modify your account settings, for example: activate/deactivate the GDPR consent request, modify the rules of engagement of your visitors, modify the UX of your chatbox and chat notification, ...
The Manager profile only has access to the reports and advisers that are part of his group :
  • Consult all the reports but with only the data of his group of respondents (KPI, conversation history,...)
  • Create/delete/modify Advisor profiles that can only be associated with his group.
The Advisor / Expert profile only has access to the chat room.
  1. iAdvize support team

6. Is the Data shared with third parties?

No. Your personal data will not be passed on to third parties under any circumstances.


7.
Where is the Data stored?

Chat conversations: the Data is hosted within the European Union (Frankfurt (Germany)) in accordance with the data processing contract signed with our service provider, AWS.

Calls
: The Data is stored in the United States for the duration of the conversation. At the end of the call, the Data is deleted from the servers in the United States and then transferred to and hosted on AWS servers in the Frankfurt (Germany) area).

SMS
: the Data is hosted in the United States, in accordance with the data processing contract signed with Twilio.

For Social Networks and Messaging Apps (Facebook, Messenger, WhatsApp, Apple Messages for Business): the Data is hosted within the European Union (Frankfurt (Germany)) in accordance with the data processing contract signed with our service provider, AWS.
For Third Parties (Facebook, Messenger) host them within the European Union (Ireland) and the USA (see special conditions relating to the protection of privacy defined by these third parties).

For videos:
the metadata is hosted within the European Union (Frankfurt (Germany)) in accordance with the data processing contract signed with our service provider, AWS.

NB: The video stream is not recorded (peer-to-peer between agents and visitors).

Invalidation of the Privacy Shield on 16/07/2020 by the JCEU :

According to the decision of the JCEU, to ensure the compliance of a transfer from the EU to the USA, the exporter must ensure that the importer has put in place the best guarantees
(appropriate technical and operational measures).
iAdvize has taken the following actions to ensure an adequate level of protection for data transfers:
  • We have signed a Data Processing Agreement with our subcontractors which includes standard contractual clauses as validated by the JCEU.
  • We have verified the numerous security measures implemented by our subcontractors, such as ISO 27001 certification or data encryption.
  • We have also kept all of our subcontractors' technical white papers detailing these technical measures.

8. Privacy by Design

The iAdvize solution has been developed using a "Privacy By Design" approach, which ensures the compliance of Personal Data processing. This involves adapting appropriate organizational and technical measures to guarantee the protection of privacy and fundamental freedoms, right from the project design stage and by default.

 


By way of example, the iAdvize Solution includes advanced confidentiality functionalities that notably enable :

 

  • hide form fields in the Advisor console that the customer considers sensitive (e.g. credit card number in a payment area of the customer's site) by adding the code "idz_hide" to the field in question

OR

  • deactivate the mirroring function (allowing the Advisor to view the content of the page the Visitor is visiting)
    activate the visitor's consent directly from the chat window.

 

It is up to the customer, as data controller, to decide whether or not to activate these security features. These features are described in the technical implementation documentation for the iAdvize Solution and in the iAdvize knowledge base to which the Customer has access.


9.
Data Processing Agreement

iAdvize contracts include a Data Processing Agreement (DPA) as an appendix. When you work with suppliers who will process personal data (of customers, prospects, employees, etc.) in the course of providing services, it is mandatory to enter into a DPA.
In the context of the GDPR, the implications are as follows:
  • You, as a Customer, are responsible for the processing (the data controller) of these data. In particular, you decide which data is processed, what you do with it and why you use it. The GDPR provides this role with a series of obligations and responsibilities;
  • In this context, iAdvize is the subcontractor (data processor) of this data. iAdvize processes your data solely on your behalf.
The GDPR requires all data managers and data processors to sign a DPA.
In addition to the fact that the DPA is required by law, the signature of this agreement is important for both parties.

10. Functionality Request of consent  

You can consult the knowledge base article on the GDPR consent request.


11.
Chat preview - Mirroring - Co-browsing

  • Preview of the chats:
This is the feature that allows an Agent to preview and thus anticipate the question of the Visitor on the Brand's website. This feature is only activated when the Visitor expressly agrees to chat with the Agent.

 

  • Mirroring:
This is the feature that allows the Agent, when chatting with a Visitor, to view the page he is browsing in the background of his desktop.
The Visitor's consent to Mirroring is linked to the GDPR consent (when the consent feature is enabled): Thus, when the Visitor gives his consent to chat, he gives his consent to mirroring at the same time.
iAdvize collects proof of the Visitor's consent and can provide it upon request.

 

  • Co-browsing:
This is the feature that allows the Agent, when chatting with a Visitor, to take control of the Visitor's navigation to guide him through the site.
The Agent can ask the Visitor to take control of his navigation. This request is displayed in the discussion thread of the dialogue window on the Visitor's side and is the subject of a specific consent form. The Visitor can thus accept or refuse the request to take control of his navigation.
The Visitor has the possibility to end the grip as soon as he closes the dialogue window on his side.

cobrowsing_request.png

The Visitor has the possibility to end the grip as soon as he closes the dialogue window on his side. For more information: Viewing or taking control of the visitor's navigation (mirroring / cobrowsing)