Related links
At Gorgias we are committed to keeping YOUR data safe and secure while we provide the best service we can for you.
This page describes everything we do with your data. How we use it and for what purpose. How long we keep it and how can you take control of it.
First, we have a few services that we offer to our customers, and we collect information about their activity on these services:
What information do we collect?
There are also two ways we collect and store data about your activity:
- Using tracking scripts (aka pixels) in the browser, that makes use of cookies to persist the data between your website visits or between pages. These tracking scripts are usually made by a 3rd party processor (Google Analytics for example).
- Using our HTTP based backend (for example when you login/register). On the backend, we usually store them in our own database and/or send them to 3rd party processors similar to tracking scripts described above.
Why do we need to collect information on our customers in the first place?
We are a data-driven company meaning that we try to make rational decisions based on what we measure. This hopefully puts us on a good path to implement our customers needs (what feature to build, what bug to fix first, etc..) and ultimately provides them with more value. This is why we're using tools like Google Analytics to collect and analyze this data.
End-customers data
Data about customers (people who buy or contact Gorgias' customers) is not shared with any third party. It is stores on Google Cloud as outlined in the How & where we store your data section. Below is the list of end-customer data that we collect, along with the source:
Source
End-customer data collected
Gorgias
- Conversations through chat, messenger, email, phone, smooch_inside, facebook, instagram, aircall, tickets created via the API
- Email address, phone number
Shopify
- Customer profile (name, email, phone, address)
- Order history
- Product information
ReCharge
- Address
- Order history
- Sex, age
Aircall
- Phone number
Smile.io
- Name
Magento
- Customer profile (name, email, phone, address)
- Order history
- Product information
3rd party processors
Below you can find the tables of the services we use, what data we collect, its purpose and for how long.
This website (gorgias.com)
Below you can find the tables of the services we use, what data we collect, its purpose and for how long.
Processor
Data collected
Purpose of data collection
How long the data is stored
Number of visits, browser languages, general geographical location.
Data retention policy
Page views
A/B testing
Data retention policy
GDPR compliance
Data retention policy
GDPR compliance
Data retention policy
GDPR compliance
Data retention policy
GDPR compliance
Custom events on our website. Clicks, input field values.
Event tracking aggregator used to distribute the event data to other sources.
event data to other sources. Data retention policy
Cookies
Re-targeting advertising
Privacy policy (contains data retention policy)
Data policy
Advertising
Data policy
Email addresses
Analysis of our onboarding process
GDPR compliance
Cookies
Track visits from prospects on the website
Privacy policy containing data retention policy, GDPR compliance
Email addresses & custom events
Drip campaigns, onboarding emails
How & where we store your data
Below you can find the list of cloud service that we’re using to store and serve your data.
Data type |
Processor |
Purpose of data collection |
Location |
Helpdesk ticketing data. Customer messages, email addresses, phone numbers, and
other personal information.
|
Google Cloud Platform
|
We store emails/facebook messages & comments and end-user data
(the customers of our customers) so that we can provide the core of our service.
We do however automatically obfuscate (or remove) Credit Card numbers, IBAN, SSN and
other sensitive private information.
|
US East
|
Helpdesk attachments - our customers' and end-users' file attachments.
|
Google Cloud Platform
|
When you send an email we store the attachment in Google Cloud's object storage so
we can serve it to the end-user and vice-versa for the our own customers.
|
US East
|
Gorgias Templates for Chrome: Only data for paying customers such as
Users/Templates/Tags/Teams
|
Google Cloud Platform |
All Gorgias Templates for Chrome data is stored in our main database |
US East
|
Backups for Gorgias Templates for Chrome and Gorgias Helpdesk |
Amazon Web Services |
If experience a catastrophic data loss we can recover our main database from
continuous backups. The data is stored in the S3 object storage
|
US East
|
Data retention policy or How long do we store your data and why
We try to store data for our paying customers only (with a few exceptions).
For paying customers, if they stop paying for a given period of time, or ask us to delete their
account and their data we do it no questions asked. In fact we have a money saving incentive to
get rid of their data: storing Terabytes of data costs us a lot of money and since we’re not in
the business of selling your data - and will never be - we’ll just simply delete it to reduce
our hosting bills.
The exceptions of keeping the personal data includes law enforcement cases, billing/accounting
information, etc..
So what exactly is our policy for data removal in our products?
Gorgias Helpdesk
IF customer in free trial THEN
IF customer free trial expires THEN
start data deletion process
ELSE IF paying customers asks us to delete their account or stops paying THEN
start data deletion process
Gorgias Templates
IF free user THEN
do nothing as we don't store anything
ELSE IF paying customers asks us to delete their account or stops paying THEN
start data deletion process
Data deletion process
By default, a customer’s data is stored for the duration of his or her contract with Gorgias. The data may be deleted within one quarter after the contract ends, at the latest, with the exception of data that is required to establish proof of a right or a contract, which will be stored for the duration provided by enforceable law. Once deleted, a user’s data cannot be restored.
We may provide the option for customers to delete data after their subscription ends. This request must be made by the customer, and we may require additional ID verification.
Gorgias should hard delete all information from currently-running production systems within one 90 days of the deletion request.
Security
We've created a dedicated page specifically to answer what is our security policy and how we keep your data secure. Read more here.
GDPR
Even though we think that this page should answer most of the issues raised by GDPR we've created a dedicated page it here.
Feedback
If there are any questions regarding this page, please contact us: support@gorgias.com.