“Service” consists of the ultimate.ai customer service technologies, including but not limited to the agent assistance tools, the automation solution, analytics, dashboard and any related services.2.2
“Customer” is the legal entity purchasing the Service from us.2.3
“Personal Data” is data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).2.4
“Cookies” are small pieces of data stored on your device (computer or mobile device).2.5
“Website” refers to the ultimate.ai web domain.2.6
GDPR data protection legislation has two key roles for companies handling personal data: Data Controllers andData Processors. Our customers are Data Controllers and ultimate.ai their Data Processor.
III. Data Subject is a visitor to a Customer’s website who engages in a customer service request.3.0
“CustomerData” is data processed by us on behalf of the Customer using the Service. Customer data contains Personal Data, such as full IP addresses and the contents of customer service conversations. Most of this data is provided by the visitor themselves during a customer service conversation. The purpose of the processing of this data is the provision and improvement of the Service. The Customer Data is owned by the Customer. In regard to Customer Data, the Customer is the Data Controller and ultimate.ai the Data Processor in the meaning of the EU data protection legislation.
The Customer Data categories processed are listed in the table below.
“Benchmark Data” is anonymous analytics data which we collect from the use of the Service for our own purposes. We use it across ultimate.ai Services to provide better Service. Benchmark data is stored and handled separately from Customer Data. It does not contain personal data, nor is it ever combined, analysed or stored together with personal data. Benchmark Data is proprietary to us. The Benchmark data categories collected are listed in the table below.
The use of Benchmark Data is limited to the following purposes:
III. Improving the quality of our Services
IV. Keeping our Services and integrations safe and secure
V. Troubleshooting and testing
VI. Data analysis (e.g. industry benchmarking) and research purposes
VII. Trend detection
VIII. User profiling
IX. Content ranking and recommendations
The below table details the complete list of all Customer Data processed and Benchmark Data collected by ultimate.ai through provision of the Service.
A) Customer Data
3.2. Web Analytics Data (per visitor)
3.3. Customer service agent data (registered user)
3.4. Customer service related data
3.5. Additional data provided by Customer
B) ultimate.ai Benchmark Data
3.6. Web Analytics Data (per visitor)
*Anonymous data used by ultimate.ai for troubleshooting, Service improvements, statistics and trend detection. Benchmark data is stored and processed separately from Customer Data
On our website and web dashboard we may collect information about visitors to generate statistics which we use to improve our services and communication channels. Here we also use Third Party Cookies from the following Service providers to help us analyse trends and for tracking purposes, and to gather general information about our visitor base:
Google Analytics collects data and analytics regarding the visitor base and traffic of the website.
Google Adwords is used for showing ads in connection with Google search results.
LinkedIn Marketing Solutions collects data and analytics regarding traffic flows to/from LinkedIn and displays ads.5.0
ultimate.ai processes Customer Data and collects Benchmark Data for the following purposes:
I. To provide and maintain our Service
II. To notify our Customers about changes to our Service
III. To allow our Customers to participate in interactive features of our Service when they choose to do so
IV. To provide Customer support
V. To gather analysis or valuable information so that we can improve our Service
VI. To monitor the usage and performance of our Service
VII. To detect, prevent and address technical issues
VIII. To provide our Customers with news, special offers and general information about other goods, services and events which we offer that are similar to those that already purchased or enquired about unless ourCustomers have opted not to receive such information6.0
ultimate.ai may process Personal Data because:
I. It is part of the Customer Data contained within the customer service transcripts / conversations
II. The Data Controller has given us permission to do so
III. The processing is in our legitimate interests and it’s not overridden by the Data Subject’s rights
IV. To comply with the law7.0
ultimate.ai will retain Customer Data only for as long as we have a valid contract with the Customer. We will retain and use Customer Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. ultimate.ai will also retain Benchmark Data for internal analysis purposes. BenchmarkData is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.8.0
All ultimate.ai data is stored on servers inside the EU. ultimate.ai rents servers from GoogleCloud, ISO 27001, ISO 27017 and ISO 27018 certified data centers located in Belgium and Germany.
ultimate.ai does not transfer any data outside of the EU/ETA.9.0
When using the ultimate.ai Service on any website, the Customer is responsible for acquiring all applicable consents (regarding for example the processing of personal data and cookies) from the website visitors as necessary for the delivery of the Service.10.0
The GDPR requires for adequate technical and organisational measures to betaken to safeguard personal data. Our services ensure security by:
I. Always using TSL protection
II. Hourly data backups
III. High internal confidentiality and privacy guidelines
IV. Regular data protection training for our staff
V. All persons who we have authorised to process personal data of the Customer are bound with a written undertaking of confidentiality
In case we become aware of a data security breach affecting personal data we will report this to the Customer within a time frame of 48 hours. In such case we will coordinate and assist the Customer in minimising any damage and provide the Customer with the required information about the breach.11.0
We are committed to assisting our Customers with their responsibilities regarding the data subject rights. Our contact for this type of requests is email@example.com.
In cases where such assistance causes us a substantial amount of work, we reserve the right to invoice such work in accordance with our standard hourly fees.
Our Customers are welcome to perform data protection/security audits on us as long as they compensate for all costs involved. For audits causing us a substantial amount of work, we reserve the right to invoice such work in accordance with our standard hourly fees.12.0
For questions regarding privacy please contact: firstname.lastname@example.org