Dixa.com

The EU General Data Protection Regulation, GDPR, grants and protects the rights of individuals – our customers and their customers as well – in regard to how their personal data is collected and processed.

Since customer service agents work with personal data every minute of every day, GDPR has a huge impact on the operation of most call and contact centers. In most companies supporting technology needs to be reviewed, data flow needs to be mapped, new processes will have to be instated and agents trained.

As a vendor of customer service technology that helps businesses talk to and store their customers’ data, we are GDPR compliant ourselves and are committed to helping you comply with GDPR legislation as well.

Does GDPR affect me?

Most likely yes. If your company processes the personal data of people (data subjects) residing in EU, you’re affected. It doesn’t matter where the processing itself takes place; even if both your company and servers are based in the US – or anywhere else for that matter – you still must be GDPR compliant.

So, where does Dixa fit in?

New rights of data subjects & what we’ve done

We’ve built new features that will enable you to comply with your customers’ GDPR-related requests, most notably the right to be forgotten and right to access their data.

The right to be forgotten

Data subjects have the right to have their data deleted – and be effectively forgotten – upon request. To handle this we’ve implemented a feature that irreversibly anonymizes a contact’s details. In other words, we don’t delete the data (which will still be there for reporting purposes), but instead we anonymize it in a way that makes it impossible to trace any interaction back to the data subject, who will also no longer be identifiable.

As a part of this, we’re also able to obfuscate the content of emails & chats as well as delete voicemails & call recordings as these will often contain the exchange of personal data.

We expect anonymization instead of deletion to become the industry standard as it retains all the stats that a contact center needs for reporting purposes.

The right to access & data portability

In short, customers can request access to all their data, which will include data stored in Dixa. Businesses are required to deliver these in an electronic format, and data subjects may pass this on to other companies.

Please be aware that when you get such a request, you will have to state where and justify why you collect and process their data.

We got a request – what do we do?

Just send an email to hello@dixa.com in which you clearly identify the contact and nature of the request. We’ll take care of the rest 🙂

New terms & conditions plus data processing agreement

We’ve updated our T&C to comply with GDPR ourselves, and we have a data processing agreement (DPA) ready to sign upon request for those customers who need it.

In conjunction with the T&C update, we’re also now able to collect express consent to process our customers’ data, which is another GDPR requirement.

Consent & call recording

While many countries have demanded that people be informed when recorded, now GDPR requires the express and informed consent in the form of a positive opt-in of each individual. This is a pretty big change. How you go about getting consent isn’t up to us, but we would like to give you a tip for call recording specifically.

You can build an IVR into your call flow that has a two-way split: One to a queue without call recording, and one to the same queue with call recording. Inform customers correctly in the IVR announcement and you will have obtained the required consent for recording.

I have questions – who do I contact?

We’ve appointed a Data Protection Officer (or DPO). It’s the DPO’s job to oversee our data management, including the data flow and processing of, well, everything. You can contact the DPO on dpo@dixa.com.

Minimum subprocessors

Core sub-processors are integrated into Dixa's services and required to process the customer's personal data in order for the Customer to enjoy and make use of the Dixa Services.

Supplier	Address	Purpose	Transfer mechanism	Categories of data
Amazon Web Services EMEA SARL	Avenue John F. Kennedy 38, Luxembourg, 1855, Luxembourg	Data Center infrastructure (Hosting and computing power) / Infrastructure for e-mail handling		All customer data in the Dixa services, including: full name, messages, notes, phone number, email, phone call details, analytics reports.
Dagasan	Monaco	Platform development and maintenance.	EU SCC	All customer data in the Dixa services.

Dixa Group Companies

Supplier	Address	Purpose	Transfer mechanism	Categories of data
Elev.io Pty Ltd	Level 6, 43 Hardware Lane, Melbourne, 3000, Victoria, Australia	Platform development and maintenance.	EU SCC	All customer data in the Dixa services.
Dixa GmbH (formerly Solvemate GmbH)	Friedrichstraße 114 A, 10117 Berlin, Germany	Platform development and maintenance.		All customer data in the Dixa services.
Miuros SAS	92 Cours Lafayette, CS 53515, 69489 Lyon, Cedex 03, France	Platform development and maintenance.		All customer data in the Dixa services.
Dixa Ltd	Knotel, Clerks Court, 18-20 Farringdon Ln, London EC1R 3AU, United Kingdom	Pre- & post-sales solutions consulting, and customer support.	Adequacy decision, alternatively EU SCC	Customer Data in the Dixa services.
Dixa Inc.	211 East 43rd Street, 7th Fl – PMB #AV104, New York, NY, 10017, USA	Pre- & post-sales solutions consulting, and customer support.	EU SCC or EU-US DPF	Customer Data in the Dixa services.

Modular sub-processors

Sub-processors may be used by a Customer as part of the Dixa Services (if purchased as a service or channel). Sub-processors relevant to an individual customer will depend on add-ons and channels that the customer uses.

Supplier	Address	Purpose	Transfer mechanism	Categories of data
Voxbone S.A. (Bandwidth Group)	Avenue Louise 231, 1050 Ixelles, Belgium	Telecommunications/ VoIP provider	EU-US DPF, EU SCC	Contact information, Customer communication data
DIDWW Ireland Limited	10/13 Thomas Street, The Digital Hub, Dublin 8, Ireland	Telecommunications/ VoIP provider	EU SCC	Contact information, Customer communication data
Gradwell Communications Ltd.	Onecom House 4400 Parkway Whiteley, Fareham, Hampshire, England, PO15 7FJ, United Kingdom	Telecommunications/ VoIP provider	EU SCC	Contact information, Customer communication data
Elev.io Pty Ltd	Level 6, 43 Hardware Lane, Melbourne, 3000, Victoria, Australia	Knowledge base functionality.	EU SCC	Content stored and accessed in the knowledge base functionality provided by Elev.io, including author information.
Twilio, Inc.	101 Spear Street, 5th floor, San Francisco, CA 94105. Twilio Ireland Limited: 70 Sir John Rogerson's Quay, Dublin 2, D02 R296, Ireland	Call/Text handling technology/infrastructure. E.g. SIP trunk provisioning, client calls, conference mixing, voice routing, outbound PSTN provider. Telecommunications and integration provider for instant messaging (WhatsApp)	EU-US DPF, EU SCC	Contact information, Customer communication data
Avoxi, Inc.	300 Galleria Parkway SE, Suite 610, Atlanta, Georgia 30339, USA	Telecommunications/ VoIP provider	EU-US DPF, EU SCC	Contact information, Customer communication data
Dixa GmbH (formerly Solvemate GmbH)	Friedrichstraße 114 A, 10117 Berlin, Germany	Chatbot intelligence		Content stored in the chatbot functionality, such as personal identification, contact information, and inputs of end-users sent in the feedback forms.
Miuros SAS	92 Cours Lafayette, CS 53515, 69489 Lyon, Cedex 03, France	Customer Service Performance Platform/ Analytics	EU SCC	Content used for the analytical data reports, including personal identification, analytics, contact information, and messages.
Bird Eats Bug (Bird Labs GmbH)	c/o Factory Works GmbH Rheinsberger Straße 76/77, 10115 Berlin, Germany	Bug reporting	EU SCC	All customer data included in the bug report.
Microsoft Ireland Operations Limited	ONE MICROSOFT PLACE, SOUTH COUNTY BUSINESS PARK, LEOPARDSTOWN, Dublin 18, D18 P521, Dublin, IRELAND	Processing of data by Azure OpenAI Service (e.g. ChatGPT) in order to provide artificial intelligence capabilities in relation to linguistic analytics of, and replies to, conversations.	EU-US DPF, EU SCC	Conversations, incl. End-User Contact information (name, email, id. etc), Knowledge Articles.
Bandwidth Inc. (Bandwidth Group)	2230 Bandmate Way, Raleigh, NC 27607, USA	Telecommunications/ VoIP provider	EU-US DPF, EU SCC	Contact information, Customer communication data
Auth0 (Okta Inc)	100 First Street, 6th Floor, San Francisco, CA 94105, USA	Provider of advanced authentication options for login to the Dixa Platform.	EU SCC	Agent login identifier (e.g. email)
Lab08 ApS	Bredgade 21B, 1260 Copenhagen K, Denmark	An integration partner which may assist with building custom integrations, if the Customer has purchased services for development or maintenance of custom integrations.	N/A	Conversations, incl. End-User Contact information (name, email, id. etc), Knowledge Articles.
Anthropic Ireland, Limited	6th Floor, South Bank House, Barrow Street, Dublin 4, Dublin, Ireland	Processing of data by Anthropic AI models in order to provide artificial intelligence capabilities in the Dixa Platform.	EU SCC, EU-US DPF	Conversations, incl. End-User Contact information (name, email, id. etc), Knowledge Articles.
Makes You Local	Østbanegade 123, 2100 Copenhagen, Denmark	An onboarding partner which may assist with onboarding our Customers to the Dixa Services, if Dixa assigns Makes You Local to perform the onboarding. The onboarding partner will be able to see the content of the Customers organisation for onboarding purposes.		All customer data in the Dixa services, including: full name, messages, notes, phone number, email, phone call details, analytics reports which may be accessed in the course of the vendor providing assistance with onboarding.
BrowserStack	4512 Legacy Dr, Ste 100, Plano, Texas 75024, USA	Bug reporting services	EU SCC or EU-US DPF	All customer data included in the bug report.
EverHelp Ltd	5-9 Main Street, GX11 1AA, Gibraltar, Gibraltar	Provision of external support team services.	EU SCC	Conversations with Dixa customer's agents; Agent information; All Customer Data in Customer when needed to access to troubleshoot Dixa Customer's support request.
Langfuse GmbH	Gethsemanestr. 4, 10437, Berlin, Germany	A management platform for Artificial Intelligence, Machine Learning and Large Language Models (AI/ML/LLM). This service helps process the data and send the data to the appropriate AI/ML/LLM solution, optimize prompts, and return the results from AI/ML/LLM to Dixa.	Adequacy decision, EU SCC	Conversations, incl. the content of message/communication, end-user and agent information (name, email, number, id. etc), knowledge articles and their meta-data, as well as derived output material resulting from analysis of said input data.
Elevenlabs Inc.	169 Madison Ave #2484, New York, NY 10016, USA	Provides services for AI powered Voice/Speech functionalities, e.g. input analysis and output generation for Speech-to-Text, Text-to-Speech and Speech-to-Speech functionalities.	Adequacy decision, EU SCC and/or EU-US DPF	Conversations, incl. the content of message/communication, end-user and agent information (name, email, number, id. etc), knowledge articles and their meta-data, as well as derived output material resulting from analysis of said input data.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

GDPR

Legal Hub Overview