We value your security.
1.1 We are committed to safeguarding the privacy of our SmartBot™ users.
1.2 This notice applies where we are acting as a data processor for your personal data supplied by Microsoft through its Chatbot software on the Microsoft Teams product and we are the data controller with respect to the personal data that may be included in the chat messages between you and the SmartBot™ . This notice describes the purposes and means of the processing of that personal data.
1.3 Our technology incorporates privacy controls which affect how we will process your personal data. We only will use your personal data only to the extent necessary to provide the SmartBot™ service to you. We will not use it for any other purpose.
1.4 In this notice, "we", "us" and "our" refer to Sieena, Inc., dba Definity First.
2.1 The following categories of personal data is supplied through Microsoft Teams are:
We will only use this data to provide the SmartBot™ service to enhance the runtime experience while interacting with SmartBot, e.g. the chatbot’s responses and their content and to validate permission levels when setting up SmartBot’s connection to your Azure Open.ai service.
2.2 Should you communicate any additional personal data in the SmartBot™ chat during a chat session, we may be able to view that personal data as part of our system monitoring. While these messages are encrypted, we do receive a text version of the content to process the transmission to Microsoft. This information is neither retained nor stored by us. If you do not want to share personal data with us in this way, please do not include any personal data in the SmartBot™ chat session.
3.1 Services - We may process your personal data solely to the extent necessary for providing the SmartBot™ chat service to you, specifically to identify you as an authorized user of the SmartBot™ services in your company’s account for Microsoft Teams, and to the extent applicable, for transmitting chat inquiries between you and the Microsoft server(s). We may also process your personal data for the reasons stated in this Section 3.
3.2 Relationships and communications - We may process contact data, account data, transaction data and/or communication data for the purposes of managing our relationships, communicating with you (excluding communicating for the purposes of direct marketing) by email, SMS, post, fax and/or telephone, providing support services and complaint handling. The legal basis for this processing is our legitimate interests, namely communications with you, your company and with Microsoft.
3.3 Improvements - We may process your usage data and/or transaction data for the purposes of researching and analyzing the use of our SmartBot™, to improve the usage of SmartBot™ features and service to you. The legal basis for this processing is our legitimate interests, namely supporting, improving, and securing our SmartBot™ technology.
3.4 Record keeping - We may process your personal data for the purposes of creating and maintaining our databases, back-up copies of our databases and our business records generally. The legal basis for this processing is our legitimate interests, namely ensuring that we have access to all the information we need to properly and efficiently run our business in accordance with this notice.
3.5 Security - We may process your personal data for the purposes of security and the prevention of fraud and other criminal activity. The legal basis of this processing is our legitimate interests, namely the protection of the Smartbot technology, our services and business, and the protection of others].
3.6 Insurance and risk management - We may process your personal data where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks and/or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
3.7 Legal claims - We may process your personal data where necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
3.8 Legal compliance and vital interests - We may also process your personal data where such processing is necessary for compliance with a legal obligation to which we are subject or in order to protect your vital interests or the vital interests of another natural person.
4.1 In addition to the specific disclosures of personal data set out in Section 3, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise, or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
5.1 If you are located in the European Economic Area (“EEA”), we may transfer your personal data from the EEA to the United States or wherever your company’s instance of Microsoft Teams is being hosted.
6.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
6.2 We may also retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
7.1 Your principal rights under EEA data protection laws are:
(a) the right to access—you can ask for copies of your personal data;
(b) the right to rectification—you can ask us to rectify inaccurate
personal data and to complete incomplete personal data;
(c) the right to erasure—you can ask us to erase your personal data;
(d) the right to restrict processing—you can ask us to restrict the processing of your personal data;
(e) the right to object to processing - you can object to the processing of your personal data;
(f) the right to data portability - you can ask that we transfer your personal data to another organization or to you;
(g) the right to complain to a supervisory authority - you can complain about our processing of your personal data; and
(h) the right to withdraw consent - to the extent that the legal basis of our processing of your personal data is consent, you can withdraw that consent.
7.2 These rights are subject to certain limitations and exceptions. You can learn more about the rights of data subjects by visiting [https://edpb.europa.eu/our-work-tools/general-guidance/gdpr-guidelines-recommendations-best-practices_en and https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/].
7.3 You may exercise any of your rights in relation to your personal data by written notice to us, using the contact details set out below.
8.1 We may update this notice from time to time by publishing a new version on https://smartbot.definityfirst.com/privacy-policy
8.2 You should check this page occasionally to ensure you continue to agree with any changes to this notice.
All notices, inquiries, requests and complaints can be sent to Sieena, Inc., dba Definity First Attn: Compliance Department 600 B Street., Suite 300 San Diego CA 92101-4505.
