GDPR Compliance

Purpose
‍This GDPR Compliance Statement outlines how Voiceflow collects, processes, and protects personal data in accordance with the General Data Protection Regulation (GDPR).

‍Contact Information
‍For any inquiries related to data protection and GDPR compliance, you can reach out to the following contact details:
‍
Director of Engineering
Name: Frank Gu                   
Email: frank.gu@voiceflow.com
‍
Head of Legal and Compliance
Name: Adam Loo
Email: adam.loo@voiceflow.com
‍
‍Commitment to GDPR
‍Voiceflow is committed to upholding the principles and requirements outlined in the GDPR. We ensure that personal data is processed lawfully, transparently, and for legitimate purposes. Data subjects' rights, including the rights to access, rectification, erasure, restriction, and data portability, are respected and supported by our data processing practices.

‍Information Collected and Processed
‍Voiceflow collects and processes various types of personal data for the purpose of delivering our voice and chat technology solutions effectively. The data we collect may include but is not limited to: Contact information (name and email address), User-generated content, Usage data (interactions with our technology).

‍Purposes for Processing Personal Data
‍Voiceflow processes personal data for the following purposes: providing and improving our services, responding to customer inquiries and support requests, sending product updates, promotional materials, and relevant communications, conducting analytical research to enhance our products and services, ensuring compliance with legal obligations.

‍Rights
‍As a Data Subject pursuant to the GDPR, you have certain rights.  This GDPR Compliance Statement summarizes what these rights under the GDPR involve and how you can exercise these rights.  More detail about each right, including exceptions and limitations, can be found in Articles 15-21 and 77 of the GDPR.

The Right to Be Informed: You have the right to be informed about how your personal data is being processed. Voiceflow is committed to transparency and will provide you with clear and concise information about the purposes, legal basis, and recipients of your data.

The Right of Access: You can request access to the personal data we hold about you. This enables you to verify the lawfulness of processing and ensure the accuracy of your information.

The Right to Rectification: If your personal data is inaccurate or incomplete, you have the right to request its rectification. We will promptly update any data that is found to be incorrect.

The Right to Erasure: Also known as the "right to be forgotten," you can request the deletion of your personal data. Voiceflow will comply unless there are legal reasons to retain the information.

The Right to Restrict Processing: You can request the restriction of processing your personal data. This means we will store the data but not process it further, in certain circumstances.

The Right to Data Portability: You have the right to receive the personal data you've provided to us in a structured, commonly used, and machine-readable format. This enables you to transfer it to another data controller.

The Right to Object: You can object to the processing of your personal data for specific purposes, including direct marketing. Voiceflow will respect your objection unless there are compelling legitimate grounds for processing.

The Right to Avoid Automated Decision-Making:You have the right not to be subject to decisions based solely on automated processing, including profiling, if it significantly affects you. Voiceflow ensures that human intervention is available in such processes.

At Voiceflow, we are dedicated to upholding these rights and ensuring that your personal data is treated with the utmost care and respect. If you wish to exercise any of these rights, please contact our Director of Engineering or Head of Legal. 

‍Safeguarding and Security Measures:
Voiceflow takes security seriously, and ensures that it incorporates industry standard security controls in all its products and services, including the following:1. Data Security Governance 2. Physical Access Control 3. Virtual Access Control 4. Data Access Control 5. Disclosure Control 6. Data Entry Control 7. Instructional Control 8. Availability Control 9. Separation Control

‍Privacy Policy
‍For detailed information on how Voiceflow collects, processes, stores, and shares personal data, as well as data subjects' rights and choices, please refer to our Privacy Policy. The Privacy Policy can be accessed at the following link: Voiceflow Privacy Privacy .

‍International Data Transfers
‍Voiceflow may transfer personal data to countries outside the European Economic Area (EEA) or to third parties located in such countries. In such cases, we ensure that appropriate safeguards, such as standard contractual clauses or security certifications, are in place to protect the data and ensure its secure transfer in compliance with GDPR requirements.Voiceflow is dedicated to safeguarding the privacy and rights of individuals with regard to their personal data. By adhering to the principles of transparency, accountability, and data protection, we strive to maintain the trust and confidence of our users and partners.This GDPR Compliance Statement is subject to updates as necessary to ensure ongoing compliance with changing regulations and standards.

Contact

If you believe you've discovered a security-related issue or would like to learn more about Voiceflow's security practices, please contact us at security@voiceflow.com.

‍Adam Loo
Head of Legal and Compliance
Voiceflow, Inc.
Toronto, Canada