Genesys Cloud Services, Inc. (“Genesys”) processes Personal Data (defined below) on behalf of our customers all around the world. Some of these customers transfer Personal Data to Genesys from the European Economic Area (EEA). To that end, Genesys complies with the Data Protection Framework Framework, and its extensions, as further explained below, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the EEA to the United States.
This EU Privacy Notice sets forth the practices that Genesys follows for such information.
Definitions Used:
Agent: any third-party data processor that processes Personal Data provided by Genesys on its behalf and under its instructions.
Data Controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Data Processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Data Protection Laws: means the EU GDPR, UK GDPR, Swiss Data Federal Data Protection Act and other regional applicable regulations in the European Economic Area, as well as United States’ state laws appliacable to the company when conducting business and processing Personal Data.
Personal Data: any information or set of information that identifies or could be used to identify (together with other information) a living individual. Personal Data does not include information that is anonymized or aggregated.
Sensitive Personal Data: any Personal Data that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions. In this Privacy Notice, all references to Personal Data include Sensitive Personal Data.
Data Protection Framework Principles: the Data Protection Framework principles agreed to between the U.S. Department of Commerce and the European Commission concerning the transfer of Personal Data from the E.U. to the U.S.