Customer Management
1. General
A. Location
With the possible exception of customers that reside outside of the EU all processing and storage of personal data takes place inside the European Union (Sweden).
Puzzel Digital Engagement data center facilities in Stockholm and Falkenberg, Sweden are operated by GleSYS. The data center facilities and operational staff controls physical access to Puzzel Digital Engagement servers.
Puzzel Digital Engagement has signed a back to back data processing agreement with GleSYS.
Information on GleSYS data centres and compliance and security can be found in the respectives links.
B. Storage of Personal Data
The general principle from a personal data protection perspective has been pseudonymisation through encryption.
Production databases as well as backups are encrypted through AES256, as well as by checksummed.
GleSYS staff are not able to read any data on the servers, the data is encrypted and GleSYS personnel does not have access to Puzzel Digital Engagement data in unencrypted format.
C. Safeguards for data transfer
All data is transferred under the https protocol.
VPN, security tokens and other measures can be added to further strengthen security if needed in integrations.
2. Categories of personal data that are processed
A. Digital Engagement Standard
As standard, two types of personal data might be processed and stored;
-
IP-number – personal record by default
-
Chat Transcript – might contain personal data such as name and social security number in running text. This is not collected by default, but the customer might enter such data in running text while chatting
Since some Chat Transcripts will contain personal data Digital Engagement standard policy is to treat all chat transcripts as if containing personal data.
B. Digital Engagement Custom Settings
Only if defined in the DPA with a customer, more types of personal data might be processed and stored;
Example of such data is:
-
E-mail address
-
Social security number
-
Customer ID
if integration exists with authentication service or with CRM/similar system the authentication key can also be processed and stored against the session
3. Processing of data
Puzzel Digital Engagement is a cloud SAAS application. The system can be deployed as public or private cloud.
A. Pre-chat
As a web visitor enters a web page where Puzzel Digital Engagement is implemented a profile is being created of all visitors which is then analysed through the engagement rules and proactive scoring algorithms.
-
Puzzel Digital Engagement Standard – no personal data is collected on the profile (pre-chat)
-
IP-number is saved in the web activity logs for security reasons
-
Puzzel Digital Engagement Custom settings – Only if defined in the DPA with a customer. Personal data, see Puzzel Digital Engagement Custom Settings, Categories of Personal Data that are processed (2.A) (for instance CRM data) might be processed in order to determine who to engage with
B. During a chat
Personal data according to chapter 2 above can be processed. Puzzel Digital Engagement can be configured to search for and automatically erase text (chat) input data in the form of regular expressions. From a personal data perspective this is typically represented by a social security number.
4. Storage of personal data
A. Production data bases
Puzzel Digital Engagement is a cloud service with an industry strength application architecture. It is a highly scalable, redundant and secure SaaS platform. SaaS, scalability, security and redundancy systems are inherently complex and expensive. There are many moving parts that need to work together. The Puzzel cloud computing is the workhorse for Puzzel Digital Engagement
B. Puzzel Digital Engagement Standard & Puzzel Digital Engagement Custom Settings
Data that is stored according to 2 A above, for retention policy and periods see chapter 6.
-
IP-number is not stored in the application itself but can be connected to a chat session by Puzzel support staff is needed. IP-addresses are stored in temporary web activity logs by a session key in the application logger tool.
-
Chat transcripts are stored in customer account data in the application databases. Chat transcripts can be retrieved by account users with necessary privileges. Puzzel operational IT staff can access the data if assigned access to necessary operational tools. Chat transcripts are by default only tagged with a case id and searchable by agent, time and case ID through the application tools. If you have a Chat transcript ID retrieved, Puzzel support staff can search logs to connect a visitor IP address to a chat session. This functionality is sometimes used to support customer in situations where threats have been involved. This is only possible for the duration of the log files’ lifespan.
-
User profile, by default the user profile only contains the visitor web session id and no personal data. The profile can be extended to contain personal data such as typically an e-mail address or social security number through account specific customization. If such customizations are done users with necessary privileges can access the data through the generic search methods for chat transcripts as described above.
5. Access to customer data
Access to personal data stored in customer accounts requires that you are either a system super user, called an Account Administrator, and that the administrators has explicitly been granted access to a specific customer account data. Account Administrators are most often employees of the Data Controller given privileges to configure and administer the solution.
Puzzel operations server administrator team also has access when they are assigned as a member of the server operator administrator team.
Access to information within the Puzzel Digital Engagement Platform is controlled through roles and authorizations. An authorization can be assigned to a role, allowing that role to perform an operation, such as reading some data or taking some action. In this sense, a role is a grouping of authorizations. Roles can be given to roles hierarchically and a user may have one or more roles.
6. Retention
System logs are maintained in a central repository with restricted access on a need-to-know basis. The central repository logs are deleted automatically by a time-to-live that is set to 7 days or less.
What data is processed and for how long
-
Logger data is stored for 7 days and thereafter deleted
-
Chat transcripts are stored for 14 days by default. Retention period is customisable and can be set to other lifespan as an account setting. Customer can decide the lifespan as a custom setting defined by the DPA
-
User profile, by default the user profile contains only the visitor web session id and no personal data. The profile can be extended to contain personal data such as E-mail address or Social security number by account specific customisation
7. Erasure of data
Data will be automatically erased according to chapter 6.
-
Logger data is stored for no more than 7 days and thereafter deleted. If requested, logs related to an IP address can be deleted
-
Chat transcript are stored for no more than 14 days and thereafter deleted if not defined otherwise through a custom setting. Upon Request Chat transcripts can be individually deleted
-
User profile is stored alongside the chat transcript and will be deleted together with the chat transcript