Data Privacy and Trust | Convercent Compliance Solutions

We’ve been trusted by ethics and compliance leaders around the globe for:

Years

Days

Hours

Mins

In that time, we’ve faced:

Subpoenas

Total Orders

Warrants

Law Enforcement Requests

Convercent is committed to transparency in its privacy practices. Download our Full Transparency Report for our policy on government and law enforcement requests for customer data, detailing the request types and how we would respond to them.

Get Transparency Report

Convercent customers are fully protected, even after Schrems II

The invalidation of Privacy Shield. was a significant development, but Convercent has always provided our customers with overlapping protections. Our Data Processing Agreements incorporate the updated Standard Contractual Clauses (SCCs) from the European Commission, as well as European Data Protection Board (EDPB) recommendations on supplementary measures to ensure compliance with the EU level of protection of personal data. The measures we have taken ensure that we don’t just meet data privacy requirements, we exceed them.

With Convercent, Your Data is Safe

We value the trust that you place in us, and we’re here to protect the trust placed in you by your employees, vendors, and customers. We are certified in data security and ensure that all our solutions don’t just comply with regulatory requirements; they exceed them. Furthermore, we adhere to the strictest security protocols and pass four security audits every year. Internally, our security testing methods include:

Frequent network
scans

Dynamic application system tests on Convercent applications

Annual third-party penetration tests to verify application safety from the hacker’s perspective

Static application system tests to test our code

Common Data Privacy Questions

1. How is my data protected?

– Data encrypted at rest using AES 256
– Data encrypted in transit using TLS 1.2
– Data Loss Prevention (DLP) alerts for extraction of data
– Administrative access to data alerts

2. Where is my data hosted?

Convercent customers may choose where their data is hosted. Our cloud topology has two environments in the EU and two in the US. Our EU data is hosted in Microsoft Azure in Dublin, Republic of Ireland with Failover in Amsterdam, Netherlands. Within the US, data is hosted primarily in Seattle, Washington, with Failover in Cheyenne, Wyoming. Data hosted in all locations adheres to the strictest data privacy and security regulations.

3. Can call centre associates access reporting data?

All Convercent by OneTrust customers have a choice to select the available call centre country if using dedicated lines and programming.

European Customers
Computer Generated Solutions (CGS) operate Convercent’s outsourced call centre handlers based in Romania. Call centre associates do not have access to the underlying database. The data will NEVER leave the EU for customers who opt for the Romanian call centre operation.

US Customers
Computer Generated Solutions (CGS) operate Convercent’s outsourced call centre handlers based in Georgia, North Carolina, Florida. Call centre associates do not have access to the underlying database.

4. Who has access to my data?

– Hardened security protocols and encryption protect all data from sub processor access
– Microsoft Azure (EU): MS Azure as a sub processor does not have access due to AES 256 encryption at rest

5. How do you handle GDPR compliance?

In order to meet GDPR requirements for customers, redaction was introduced to Convercent’s Case Management Application. Administrators can easily select which information they need to redact following an individual request.