How Botmind respects the privacy and security of personal data
First, we have worked on the mandatory requirements and processes defined by the legislation. Here are the actions we have taken:
- Appointing a DPO (Data Protection Officer) who is responsible for regulating and monitoring the use of personal data.
- Establish a record of stored/used data that allows the use of each type of stored data to be determined.
- Seek the explicit consent of the individuals concerned by the data processed
- Provide a “data erasure process” if a user makes such a request.
- Set up an escalation procedure with the CNIL in the event of a breach of confidentiality of personal data
Then we went a step further to ensure that our users’ data would be protected and confidential. In automating responses to customer requests, we often handle personalized information and have therefore defined the following good practices:
- The “expressions” used for our projects are not shared between accounts, even those related to “menu items” (“Hello”, “Goodbye”, “How are you”, etc.).
- We integrate into our platform the principles of “Data Minimisation” and “Privacy by default”.
- We apply the principle of “Protection by Design” in the development of our platform and other components.
- We secure access to our data servers, and we host these servers within the European Union.