Data Privacy
Spoko.ai takes the protection of our customers' information seriously and is committed to complying with applicable data privacy laws, including GDPR, UK GDPR, and CCPA, when providing services to our customers. Data privacy is a collaborative effort, and Spoko.ai is also committed to ensuring that you can use Spoko.ai services while complying with your obligations under applicable data privacy laws. This page is designed to help you with your data privacy obligations by providing information about Spoko.ai's data protection practices and the choices that you have regarding the data processed by Spoko.ai when you use Spoko.ai services.
Spoko.ai has ongoing processes to protect your data and privacy rights:
EU-US Data Privacy Framework (DPF) Program
Spoko.ai has certified our compliance with the EU-US Data Privacy Framework (DPF), the UK Extension, and the Swiss-US DPF as set forth by the US Department of Commerce. You can confirm Spoko.ai's certification and participation via the participant list page (search for "Spoko.ai") on the Data Privacy Framework Program website.
Legal Review
Spoko.ai collaborates with legal and other professional counsel to understand its role under both current and proposed data privacy laws and regulations such as GDPR, UK GDPR, and CCPA. Spoko.ai regularly reviews and periodically updates its Privacy Policy, Data Processing Addendum, and Terms of Service with respect to compliance with such data privacy laws and regulations.
Internal Data Audits
Spoko.ai periodically reviews the types of data that it collects, the reasons for collecting that data, and when Spoko.ai personnel might need to access it.
Vendor Audits
Spoko.ai audits its vendors, both at the time of onboarding and thereafter, to ensure that they adhere to data privacy laws/regulations and sign all relevant Data Processing Addendums.
Communications
Spoko.ai documents pertinent changes in its privacy compliance practices. Customer and partner notification occurs via email, this webpage, and the updates blog. Spoko.ai also maintains an FAQ below that may be useful to review.
Ongoing Process Changes
Spoko.ai continues to refine processes for how it performs customer support, builds services, and handles data. This includes internal documentation, training, and other processes.
For Customer Content (content transferred in and out of Spokes or other Spoko.ai services), you, the customer, are considered the "data controller" of that data from a privacy perspective.
In turn, Spoko.ai is the "data processor" responsible for safeguarding Customer Content as it flows through Spoko.ai's systems. Spoko.ai's security measures are described on Spoko.ai's Security and Compliance page.
As data controller, you are responsible for safeguarding Customer Content as you interact directly with services integrated with Spoko.ai. You should configure your Spokes and integrations to not trigger or work with other users' data without proper consent.
Read more about your role and Spoko.ai's role in privacy compliance.
Privacy Policy
Our detailed privacy policy explaining how we collect, use, and protect your data.
View Privacy PolicyYour Role as Data Controller
As a data controller, you determine the purposes and means of processing personal data. You are responsible for establishing a legal basis for processing, providing appropriate notices to data subjects, and responding to data subject requests.
Spoko.ai's Role as Data Processor
As a data processor, Spoko.ai processes personal data on your behalf and according to your instructions. Spoko.ai implements appropriate technical and organizational measures to protect the data and assists you in fulfilling your obligations to data subjects.
For questions about our data privacy practices, please contact us at legal@spoko.ai