How can we help? 👋

Privacy & GDPR

Our role as a data processor, UK GDPR compliance, our DPO, and how we handle data subject requests.

Our role

For the personal data our customers process through Talkative, our customers are the data controllers and Talkative acts as the data processor. We process that data on our customers' documented instructions, as set out in our data processing terms.

Regulatory compliance

  • We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
  • We have appointed a Data Protection Officer (DPO).
  • Our policies and procedures are maintained to reflect these obligations, and compliance is validated at least annually.

Records & assessments

  • We maintain Records of Processing Activities (ROPA) in line with Article 30 of the GDPR.
  • We conduct Data Protection Impact Assessments (DPIAs) where appropriate.

Data subject requests

We support our customers in responding to data subject requests (such as access or deletion) in accordance with our data processing terms.

Sub-processors

Where we use sub-processors, they are engaged under contract with appropriate data-protection terms. Our current sub-processor list is available on request.

Retention

Customer data is retained by default for 60 days after contract termination, with customers retaining ultimate control. (See Data Management & Privacy.)

Our Data Processing Agreement (DPA) is publicly available. Read the Data Processing Addendum. To request our current sub-processor list, contact our security team.
Did this answer your question?
😞
😐
🤩