Nubitalk Data Privacy Notice
Collab is a Contact Center provider that delivers Digital Transformation to Contact Centers of all sizes, combining omnichannel capabilities, ease of use, agility and quick deployment, while unleashing the disruptive power of Artificial Intelligence.
Nubitalk is a Contact Center as a Service using OneContact CC core engine, hosted in Microsoft Azure public cloud, provided and managed by Collab.
Personal Data about individuals
Some of our Services (“Services”) allow you (“Customer”) to upload, submit, store, send or receive personal data (“Personal Data”) that can identify, directly or indirectly, a natural person (“Data Subject”). This Personal Data include, but are not limited to, name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.
When you upload, submit, store, send or receive Personal Data to or through our Services, you give Collab (and those we work with) the right to store and process Personal Data for the limited purpose of operate, maintain and support our Services.
Collab cannot be made accountable for any misconducted action by the Customer regarding the collection and use of Personal Data. The Customer is responsible to comply with all national, regional, and industry-specific requirements governing the collection and use of Personal Data. These might include, but are not limited to, insuring consent was freely given, specific, informed and unambiguous; be able to demonstrate that consent was given; ensure the Data Subject’s rights of information, access to and rectification or erasure of personal data, the right to data portability, the right to object.
Data Collection, Generation and Storage
Some of our Services allow you to manage user’s accounts, profiles and roles. These include, but are not limited to, administrative users, agents, supervisors, resellers and administrators. Some Services allow you to input Personal Data about the users, we advise you to consider carefully the use of those fields as they are not mandatory for any purposes.
We also recommend the use of pseudonyms for usernames, and other mandatory fields, in such a way an individual cannot be identified without additional information that you must kept separate from the user account.
Some customizations of our Services are allowed to the Customers. These include, but are not limited to, adding custom fields to contact lists and other entities.
All customizations are optional for making full use of our Services. The Customer should consider carefully which customizations to perform and which data upload on those customizations. Collab cannot be made accountable for any underlying bad practices related with management of Personal Data or any other information.
Reporting Information (Individual)
Our Services might generate reporting information with the purpose of giving you useful insights and metrics on your business.
By design, the only Personal Data we store is related to the contact information of the Data Subject (e.g., telephone number, email address) and the time and duration of the interactions. Some of our Services have the option, at Customer’s own discretion, of adding extra information to label the records.
Reporting Information (Aggregate)
Some of our Services might process data in a way that generate aggregated reporting data about a user. These processes remove most of the Personal Data, like contact information of the user (e.g., telephone number, email address). If additional label information is, as per Customer’s choice, added to the records, some of the aggregations may maintain this information.
Conversations (Instant Messaging)
For reporting and auditing purposes of the Customer, our Services store all the instant message conversations and the Display Name assigned by the Data Subject to the conversation.
Some of our Services allow you to receive and send emails through an email service provider of your choice, using appropriate credentials provided by you.
All email data is stored on your email service provider and our Services will access and temporarily store email data for runtime operations. These include, but are not limited to, queueing, routing, delivering, processing and answering emails.
Email temporary stored data is deleted from our Services after handling the email. These include, but are not limited to, reject the email and deliver the email to an agent. No email data is stored for historical purposes.
All social media data is not stored on our Services and the data is only accessed for runtime operations. These include, but are not limited to, queueing, routing, delivering, processing and answering social media interactions and data.
No social media data is stored for historical purposes. When social media uses messaging features or applications to allow the exchange of messages with other users, this data may be handled as conversations based on Instant Messages (see “Conversations -Instant Messaging” above) and the content of those messages may be stored.
Recordings (voice and screen)
The Customer is responsible for instructing all personnel that use our Services to pause or stop the recordings on the likelihood of sensitive information transmission. This process might also be automated and fully integrated with CRM systems, thus avoiding the need to manually suspend or resume the recordings.
The recordings are encrypted and stored in encrypted systems.
By default, all audio and video communications are transmitted using SRTP between Our Services and any Media Gateways. We strongly discourage the use of a Media Gateway provided by the Customer which do not support SRTP.
Electronic Communications Security
Our Services electronic communication are based on and supported by secure protocols.
Communications are encrypted and the data is only readable by our Services and the other authenticated & authorized party.
Integration with other systems
Bellow we describe how we process and handle Personal Data when integrating our Services with other systems.
Some of our Services in order to present contextualized information of a contact integrate with external customer relationship management (CRM) systems via a popup or a computer telephony integration (CTI). We do not store any data other than the contact information of the Data Subject (e.g., telephone number, email address), time and duration of the interaction for history and reporting purposes.
The integration may work in one of two ways. The first by providing the contact information to the CRM which in turn will perform a set of action we do not control in order to find and show the appropriate record. The second by performing a search on the CRM for the id of the record with the specific contact information followed by a request to the CRM to show the record with the id returned by the search.
This means that contextualized information is only available if the Customer uses an integration with a CRM controlled and owned by him. The Customer should consider carefully the upload of any Personal Data to our Services as this data is not required for making full use of our Services. Collab cannot be made accountable for any underlying bad practices related with management of Personal Data or any other information.
When the Customer voice telecommunications are provided as part of our services, they are supported by telecommunications service providers.
Our Services are hosted on the Microsoft Azure. Microsoft Azure is the first security barrier between our Services and access to them, offering the most comprehensive set of certifications and attestations of any cloud service provider to help organizations comply with national, regional, and industry-specific requirements governing the collection and use of Data.
For more details, please consult the following links: