Clustaar & GDPR

Our pledge to data protection and right of individuals to data

Right to data is a fundamental for every individual. With organizations across the world collecting customer data to enable them to provide services. It becomes important that companies manage data in a transparent manner with the customer’s consent.

GDPR is one of the most important change to data privacy regulations in the last two decades. It stands for “General Data Protection Regulation”. It establishes a new framework for handling and protecting the personal data of EU-based residents which came into effect on May 25, 2018. It provides the citizens of the EU greater control over their personal data and assures that their information is being securely protected across Europe.

Does GDPR affect you?

Yes! Although GDPR is a data protection framework for the citizens residing in the EU. It also applies to all companies that handle personal data of individuals from the EU, which means almost every major corporation in the world.

Clustaar GDPR Positionning

We are fully committed towards being GDPR compliant. We’ve built product features for great privacy and data control for our product.

As a SaaS company, Clustaar is to be seen as a Data Processor. The role of Data Controller is held by our clients. All the data we store and process is only used in the purpose of improving our client’s bots. User consent has to be managed by our B2B customers, who are directly dealing with their users; that’s why we ask them to do their best to be GDPR-compliant.

On our end, we have built our platform with the GDPR in mind. We have put in place all the necessary mechanisms to comply with GDPR rules and provide our customer with a GDPR-compliant service. The data we store (User IDs and conversation content) are processed with the new regulation in mind. Our privacy, security & data storage policies are also streamlined with the GDPR goals and objectives.

Final users IDs

Final users are only represented as a temporary ID, and are not associated to any metadata in our database. This means there is no way to retrieve their real identity.

Final users conversations

We only store the questions asked by the users to the bots, but with a very strict policy:

  • questions are in a separated database
  • user ids are different from the main database
  • questions are encrypted (not readable in case of leak)
  • questions are erased from database after two years

Questions are only stored with the purpose of improving the bot they relate to, understand its strength and weaknesses, and suggest improvements to it.

Right to be Forgotten

Clustaar lets you delete your profile on the platform permanently. You can delete your account and all the data associated.

Right to Portability

Clustaar supports export requests. You can ask for all your profile data on the platform.

Is my users data stored in an EU data centre ?

Yes. All our data centers are located in Europe.

For more information or questions about the Clustaar Privacy Policy and GDPR, please contact support@clustaar.com

Subprocessors

 

Final users (users talking to the bot)

Amazon AWS
  • Users queries computing
  • Users queries storage
Mlab
  •  interlocutors id storage, unique identifier of a bot interlocutor

Platform users (Bot Builder)

Mixpanel
  • Platform use tracking
Intercom
  • Support conversations
Hotjar
  • Users navigation recordings
SalesMachine
  • Users qualification according to their activity on the platform