We take your data’s security extremely seriously. That’s why in addition to our
Terms of Service we’ve expanded on our policies below:
- Wherever possible, we limit the collection of data to the absolute minimum
- When data collection is necessary, we retain the data for the shortest time
- As part of what Thankful does, we collect customer communications to:
- Present in the Thankful dashboard on a ticket-by-ticket basis
- Provide analytics showing Thankful’s performance over time
- Train Thankful’s machine learning models
- Data collected principally includes the content of user messages, unique user
identifiers, and key data extracted from conversations such as order numbers
or emails (“memories”).
- Upon completion of any conversation, Thankful deletes any memories collected
from conversations. Memories containing long-term user preferences (e.g.
“favorite color: blue”) are retained beyond the life of a conversation at the
businesses’ request so a customer does not need to answer the same questions
in each interaction.
GDPR-specific policies and proceedures
- Upon receipt of a data-deletion request from a company on behalf of a user,
Thankful will delete all data connected to that user ID. That user ID is
forever recorded as a “blacklisted ID.”
- If a database is restored from a backup, as a first step an engineer ensures
any blacklisted ID from past deletion requests are again deleted from the
- If any data breaches are discovered, they will be patched as a highest
priority. The disclosure of a breach will be clearly communicated to Team
Managers in Thankful’s dashboard.
For a complete write-up covering our data security, corporate policies, and
proceedures, please contact us at firstname.lastname@example.org.