Our approach to data security
ResponseiQ (registered as Response iQ LTD) is an intelligent calling platform that puts customer security at the centre of their operations. ResponseiQ holds a Cyber Essentials certification.
ResponseiQ has two main products. The first is a callback widget that allows customers to add a widget to their website that enables their website visitors to request an instant callback or schedule one for a time that works for them. Our second product is Instant Lead Response. This product allows you to integrate ResponseiQ with any forms you have on your website. Once a user submits a form our platform will then instantly generate a call to the user or if it is outside working hours we will schedule a call for the next day.
What call related data does ResponseiQ process and store?
When calls or attempted calls are generated by the ResponseiQ platform we store and process certain caller data. This data includes:
● Phone Number - the number a user uses to request a call
● Device - the device the user is using when they request a call copy
● Browser - the browser the user is using when they request a call
● URL of call page - the URL of the page the user is on when they request a call
● Source - the source of where the user came to the customer's website from.
● Location - the geographical location of the user when they request a call.
● Time Zone - the time zone of the user.
● Call Recording (optional) - recordings of calls made using ResponseiQ.
● Duration - duration of calls.
● Agent - the agent who answered the users call.
● Date and time - the date and time the user requested the call or scheduled the call.
● Anonymized IP address - We only store an anonymised version of the IP
the same way Google Analytics is storing IPs in a GDPR compliant way.
What additional data does ResponseiQ process and store?
We also store data for day to day operations and also customer data for CRM purposes. This data is stored in our cloud SaaS providers:
● Website contact form and CRM
○ Data type: email address, name, title, company name, phone number, message ○ Transfer to third countries is governed by GDPR-compliant Data Processing
Addendums signed with Hubspot and Google
● System logs and errors
○ Data type: system logs, system errors, system usage and performance
○ Transfer to third countries is governed by a GDPR-compliant Data Processing
Addendum signed with Stackdriver and Pingdom
● Chat and related files
○ Data type: customer service information, related files, internal project information, HR information
○ Transfer to third countries is governed by GDPR-compliant Data Processing
Addendums signed with Slack and Intercom
Where does ResponseiQ store data?
All the data managed by ResponseiQ in relation to calls, is received and processed by our servers in London. These are managed by Google in their Google Cloud Platform infrastructure.
For backup purposes, snapshots of the data are further encrypted and backed up across Google Cloud Platform within other EEA countries to increase resilience, the transfer is governed by a Data Processing Addendum.
backup data for 30 days,
call recordings and call debugging information (PCAPs) for 90 days,
call related data as described in a previous section until the customer account is terminated.
Customers can request all their data to be removed at any time.
How Does ResponseiQ safeguard data?
On the technical side, ResponseiQ encrypts data at rest using a set of rotating AES 128-bit keys and has a number of security procedures to ensure the safety and integrity of its data.
How does ResponseiQ comply with GDPR?
ResponseiQ is fully compliant with EU data protection regulation, we regularly update the different systems where we store and process our data and customer’s data. We strive to implement GDPR-compliant Data Processing Addendums with all our third-party data sub-processors.
ResponseiQ has been certified by Cyber Essentials for all our products which all fall under the ResponseiQ platform umbrella. We renew our certification on an annual basis and also perform our own penetration testing on a regular basis. Our Cyber Essentials covers “The internet facing infrastructure for ResponseiQ LTD and it’s products including firewalls and hosted systems located in the UK and Europe”. Please find a copy of our certification attached.
If you have any questions about our GDPR compliance policies, please contact