Privacy policy


This Privacy Policy outlines our practices for collecting, using, maintaining, protecting and disclosing Customer Data, including Personal Data, through PureCloud, and what we do with that information. Additionally this Privacy Policy describes the privacy principles followed by Genesys Telecommunications Laboratories, Inc. (“Genesys”) with respect to transfers of Personal Data (defined below) from the European Economic Area and from Switzerland to the United States and addresses our EU-U.S. Privacy Shield and U.S.-Swiss Privacy Shield Frameworks.  If you have questions about this Privacy Policy, or how we respect your information, contact us at DataPrivacy@genesys.com.  “Customer Data” means Your proprietary information and information about your customers (including Personal Data) submitted through PureCloud by You or Your Users. Customer Data does not include Service Improvements as defined below.  “Personal Data” means any information relating to Your customers that is protected by applicable privacy law.

Privacy Shield Framework

If you are located in the European Economic Area (“EEA”) or Switzerland, Genesys and its controlled United States subsidiaries have certified to the EU-U.S. Privacy Shield and U.S.-Swiss Privacy Shield Frameworks for the transfer of Personal Information from the EEA or Switzerland to the United States, as described in our Privacy Shield Privacy Notice. To learn more about the EU-U.S. or U.S.-Swiss Privacy Shield Framework and to view our certification, please visit www.privacyshield.gov.

What Customer Data does Genesys collect through the PureCloud services?

In general, PureCloud collects information that your organization already stores by connecting with services such as Active Directory and Customer Relationship Management (CRM) software. Additionally, you may choose to provide information to PureCloud, such as through importing your own information from third party websites, uploading files, screensharing, video or audio calls, or chat messages.  

Genesys will only collect Customer Data when it is voluntarily made available to us by you or your organization.

How may we use Personal Data collected through the PureCloud services?

We will use this information to provide PureCloud services to you.  For example, we may allow you to share files you provide to use with other members of your organization.  As another example, we may allow you to share your screen with other members of your organization.

We will also use this information to comply with your request for information. For example, if you request technical support assistance, we may ask who you are, which services you are using, and in what computer system environment you are using the services in order to respond to your request as efficiently and effectively as possible. If you are interested in signing up for one of our Webinars, the Customer Data you provide to us will enable us to tailor the Webinar more closely to your specific needs. In addition, from time to time, we may refer to your Customer Data to better understand your needs and how we can improve our products and services. We may use that information to contact you.

As between Genesys and You, You retain ownership of and all intellectual property rights in Customer Data and grant Us a non-exclusive, non-sublicenseable (except to parties working on Our behalf), non-transferable, royalty-free license to access, process, store, transmit, and otherwise make use of the Customer Data as necessary to provide the Services and to otherwise fulfill Our obligations under the Agreement.

You agree that the Customer Data may be transferred or stored outside the country where You and Your customers are located in order to carry out the Services and Our other obligations under the Agreement.

You represent and warrant that You have obtained all consents necessary for Us to collect, access, process, store, transmit, and otherwise use Customer Data in accordance with the Agreement.

You shall comply with all requirements of integrity, quality, legality and all other similar aspects in respect of Customer Data.  We may, but are not obligated to, review or monitor any Customer Data. We expressly disclaim any duty to review or determine the legality, accuracy or completeness of Customer Data.

We have developed and will maintain a privacy program designed to respect and protect Customer Data under our control. We will not rent or sell any Customer Data.

We may aggregate data and information related to the performance, operation and use of the Cloud Services to create statistical analyses, to perform benchmarking, to perform research and development and to perform other similar activities (“Service Improvements”).  We will not incorporate Customer Data in Service Improvements in a form that could identify You or Your customers and we will use industry standard techniques to anonymize Customer Data prior to performing Service Improvements.  We retain all intellectual property rights in Service Improvements and may make them publicly available.

How may you direct or restrict the use of your information?

Certain features, such as screensharing and video chat, allow users to direct the use of their information.  For example, when you initiate a screensharing session, you may choose what aspects of your screen to share, who can view those aspects of your screen, and when you want to stop sharing your screen.  Your screen will not be shared with users that you do not choose, and aspects of your screen that you choose not to be shared at all will not be shared with any other users.

We will provide you with the opportunity to opt out of (1) any disclosure of your Personal Data to any third party that is not authorized to receive such data (e.g. our Agents); or (2) the use of that data for a purpose other than the purpose for which it was originally collected from, or subsequently authorized by you.

Some Personal Data is considered Sensitive Personal Data, such as any Personal Data that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions. We will not disclose Sensitive Personal Data to a third party that is not our Agent or use Sensitive Personal Data for a purpose other than the purpose for which it was originally collected from, or subsequently authorized by, you unless we have received your affirmative and explicit consent to do so (opt-in).

For additional information regarding how you may restrict the use of your Personal Data please contact us at DataPrivacy@genesys.com.

What steps will we take before transferring your information to third parties?

PureCloud uses third-party data processors (Agents) around the world to provide certain services, such as a cloud processing, monitoring, and troubleshooting. During the course of their services, the Agents may process Personal Data provided by Genesys, on its behalf and under its instruction.  We will obtain assurances from our Agents that they will safeguard Personal Data in accordance with this Privacy Policy.

Such assurances may include:

  • Requiring our Agent to provide at least the same level of protection as is required under the Privacy Shield Framework;
  • The use of Model Clauses;
  • Requiring our Agent to comply with appropriate certain governmental data protection regulations, such as EU Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data, or findings of adequacy by the European Commission under Article 25(6) of Data Protection Directive; or,
  • Requiring our Agent to have their own Privacy Shield certification.

How can you access or correct information held about you?

Upon request, we will provide you with reasonable access to the Personal Data that we hold about you except where the burden or expense of providing this access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated by the provision of such access.

We will take reasonable steps to enable you to correct, amend or delete Personal Data related to you in our possession and control that is inaccurate or incomplete.

How will your information be protected?

Genesys is committed to protecting the Personal Data entrusted to us. We have implemented appropriate physical, electronic and administrative procedures to safeguard and secure this information from loss, misuse, unauthorized access or disclosure, alteration and destruction.

We will take special care to ensure the security of Sensitive Personal Data. We will use Personal Data only in a way that is compatible with and relevant to the purpose for which it was collected or authorized by you or for other compatible purposes.

To the extent necessary for those purposes, we will take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete, current and reliable for its intended use.

What information may be gathered from children?

The Sites are not intended or designed to attract children under the age of 13. Genesys does not collect personally identifiable data from any person it knows to be under the age of 13.

What are cookies and how are they used?

Some pages within the Sites may use a technology called “cookies”. A cookie is a token that a server gives to your browser when you access an Internet website. Cookies are capable of storing many types of data. Cookies help provide additional functionality to the Sites or to help us analyze site usage more accurately. In all cases in which cookies are used, the cookie will not collect Personal Data except with your explicit permission.

How will we ensure compliance with this policy?

We will conduct compliance audits of our privacy practices to verify compliance with this Privacy Policy.

Any Genesys employee that we determine has acted in violation of this Privacy Policy will be subject to disciplinary action up to and including termination of employment.

Any questions or concerns regarding our use or disclosure of Personal Data should be addressed to the Genesys legal department at the address given below.

We will investigate and attempt to resolve any complaints and disputes regarding the use and disclosure of Personal Data in accordance with the provisions of this Privacy Policy.

Please contact DataPrivacy@genesys.com with any questions or concerns.

Changes to this Privacy Policy

Any changes we make to this Privacy Policy will be posted on this page. If we make material changes to how we treat the Personal Data that falls within the scope of our Privacy Policy, we will notify you by email to the email address specified in your account or through a notice in the PureCloud services.

The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date, active and deliverable email address for you, and for periodically visiting the Site and this Privacy Policy to check for any changes.

Who should you contact if you have any questions concerning this Privacy Policy or the Sites?

We encourage you to contact us to inform us of any complaints or disputes you may have regarding the use of your Personal Data. We will investigate the matter and attempt to resolve the issue quickly.

Please contact us at DataPrivacy@genesys.com with any questions or concerns you may have about this Privacy Policy or our use of your Customer Data.