close
close

Privacy Notice for Call Attendees

Last updated: March 25, 2024

Understanding your business needs is Syndigo’s top priority. We record some of our sales calls to focus on your needs and expectations, instead of taking notes, and to coach our team to provide you with an even better experience. If at any moment you’d like us to stop recording a call, let the host of the call know immediately and we will stop recording the conversation.

This privacy notice for call attendees (“Notice”) describes the types of personal data that Syndigo collects from or about you as a potential customer (“Prospect”) or as a current or former customer (“Customer”) who participates in a call recorded by Syndigo (together, “Call Attendees”). This Notice also explains how Syndigo uses and discloses the personal data it collects during calls and how you can exercise your privacy rights and choices with regards to that personal data.

This Notice does not apply to Syndigo’s processing of the personal data of our employees and contractors who participate in calls recorded by Syndigo.

1. Syndigo’s Role and Responsibilities

Syndigo is a global organization providing web-based content management solutions which help businesses access products’ details and digital assets in real-time (the “Services”). For the purposes of this Notice, the term “Syndigo”, “we”, “us” or “our” refers to Syndigo LLC – a Delaware limited liability company headquartered in Chicago – together with its worldwide affiliates, including but not limited to Syndigo UK Limited, Syndigo Canada Inc, Syndigo Mexico S.A. DE C.V., Syndigo Europe SAS, Syndigo Polska Sp. z o. o., Wisebase GmbH, Riversand Technologies India Private Limited, and Riversand Technologies Europe AG.  

The Syndigo companies share personal data amongst themselves pursuant to an intra-group data transfer agreement that complies with the requirements of applicable data protection laws and regulations, and the Syndigo companies are jointly presenting you with this Notice.

When Syndigo records a call, Syndigo processes personal data and acts as a controller with respect to that personal data. This means that Syndigo is primarily responsible for ensuring that the personal data is processed in an appropriate way and in compliance with applicable data protection laws and regulations.

2. Categories of Personal Data that Syndigo Collects and Processes in the Context of Recorded Calls & Syndigo’s Purposes for Processing that Personal Data

When Syndigo records a call, Syndigo may obtain the following information about Call Attendees from the relevant conference provider (for example, Zoom and Microsoft Teams):

  • The recording of the call, including voice and video.
  • A transcript of the call.
  • Your user identifier (your name and last name or your videoconferencing username).
  • Your email address.
  • Your Internet Protocol (IP) address.
  • The web browser type you used for the call.

When a recorded call gets uploaded to Syndigo’s call recording platform, we also obtain certain inferred information about interactions which Syndigo can use for training on key topics such as product positioning and objection handling and focus its enablement efforts on topics where they are most needed.

Data protection and privacy laws like the California Consumer Privacy Act (“CCPA”) require us to categorize the types of personal data we process about you. Under the CCPA, the above personal data would fall under the following categories: Identifiers (your user identifier, your email address, and your IP address), Internet or other electronic network activity information (your IP address and your web browser), Audio, electronic information, and visual information (the recording of the call), and Inferences (inferred information about interactions).

We ask you not to share any sensitive personal data of any kind (for example, your credit card or Social Security number, religion, or political opinion). We do not request and have no intention of collecting this type of information. Additionally, we do not intend to record people around you. It is your responsibility to make sure that other people in your surroundings are not recorded unintentionally, or that you have provided them with this Notice, and that they have acknowledged their approval of the recording.

We do not intend to collect the personal data of anyone we know to be under 16 years old. If you believe that we have collected such information, please contact your call host or privacy@syndigo.com, and we will delete that information as soon as possible.

We process the recording, transcripts, your user identifier, email address, IP address, and web browser type for the following purposes:

  • To focus on conversing with you instead of taking notes during the call.
  • To ensure that appropriate steps are taken with each existing or former Customer and Prospect, to focus on your key needs.
  • To ensure that we capture key next steps at each stage of lead and opportunity progression.
  • To allow Syndigo’s sales’ team managers to review recorded calls.
  • To coach our customer-facing teams and ensure that important messaging is delivered and consistent with Syndigo’s overall sales strategy.
  • To automatically update our customer relationship management (CRM) system.
  • To refer to past conversations easily and quickly.
  • To allow unavailable attendees to review recorded calls at a later stage.

If Syndigo, as a controller, collects or processes personal data from a Call Attendee for any purpose not listed above, that purpose will be disclosed to you at the time you provide the personal data. 

3. Syndigo’s Lawful Basis for Processing Personal Data

Some of the personal data processed by Syndigo in the context of recorded calls is subject to, for example, the General Data Protection Regulation (“GDPR”), which is effective throughout the European Economic Area (“EEA”), or other similar laws applicable within the United Kingdom (“UK”) or Switzerland (collectively, the “European Data Protection Laws”). The European Data Protection Laws require controllers, like Syndigo, to have a “lawful basis” for processing your personal data for their stated purposes.

Syndigo’s lawful bases for processing your personal data include the following:

  • Call Attendees’ consent: Syndigo asks for consent before recording calls with Call Attendees. Where we process your personal data based on your consent, you may withdraw it at any time by asking the host to stop the recording or use any technical settings offered by our tool or the relevant videoconferencing tool, if any. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect the validity of our processing of personal data performed on other lawful grounds.
  • Syndigo’s legitimate interests: Syndigo processes information obtained during the call (not the recording itself, for which we need your consent) when such processing is necessary for the legitimate interests pursued by Syndigo, except where such interests are overridden by your interests or fundamental rights and freedoms. Syndigo processes personal data in the pursuit of several legitimate interests. These include:
  • Administering and conducting business.
    • Sharing information with partners regarding potential interest in our products.
    • Preventing or investigating suspected or actual violations of law, breaches of a business customer contract, or non-compliance with Syndigo policies.
    • Maintaining information about your marketing interests, attendance, and contract and contact preferences.

Please note that you have the right to ask us not to process your personal data for marketing purposes, which you may exercise at any time by sending an email to privacy@syndigo.com, or clicking on the ‘unsubscribe’ link in the last Syndigo marketing email you received.

Whenever we process your personal data based on our legitimate interests, it means that we have conducted a balancing test and determined that those legitimate interests outweigh any risks to your rights and freedoms. Where relevant, you have the right to ask us more about how we decided to choose this legal basis. To do so, please send an email to privacy@syndigo.com.

4. How Syndigo Shares Personal Data

As a global business, Syndigo shares personal data among the Syndigo companies and with select third parties, subject to appropriate safeguards. In the context of recorded calls, Syndigo shares personal data with the Syndigo companies and with selected third parties for the purposes of operating our business, delivering, improving, and customizing our Services and sales strategy, and for other legitimate purposes permitted by applicable law. When we share personal data, we do so in accordance with applicable data protection laws and regulations. We do not disclose your information to third parties except as noted below: 

  • Syndigo Companies. The Syndigo companies share personal data between and among themselves pursuant to an intra-group data transfer agreement.
  • Service Providers. Syndigo engages third-party vendors to perform certain functions, and Syndigo shares personal data about Call Attendees with those vendors. Syndigo employs vendors in the following categories:
  • Sales enablement software providers.
    • Customer relationship management (CRM), and sales engagement platform providers.
    • Customer insights and user experience software providers.
    • Data analysis software providers.

To learn how Syndigo ensures the protection of your personal data when Syndigo shares it with vendors in jurisdictions other than yours, please review Section 7, below.

  • Legal Obligations. Syndigo may disclose your personal data when necessary to comply with the law, such as to comply with a subpoena, regulation, or legal request, to respond to a government request, to address fraud or security issues, to protect the safety of any person, to enforce our agreements with you, and to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing or to protect our own rights or property. This includes sharing such information with our legal counsel.
  • Business Transfers. If Syndigo is involved in a bankruptcy, merger, acquisition, reorganization, or sale of assets, your personal data may be transferred as part of that transaction to a successor in interest and to the applicable legal authorities, as well as legal counsel and other professional personnel, such as accountants and other officers of the government. You will be notified via email and/or a prominent notice on our website for at least 30 days after any such change in ownership or control.

We reserve the right to use, transfer, sell and share aggregated or anonymous data for any legal purpose. Such data does not include any personal data. The purposes may include analyzing usage trends or seeking compatible advertisers, sponsors, and customers.

5. For California Consumers: Sale and Sharing of Your Personal Data

Syndigo does not sell nor share (as those terms are defined under the data protection laws of California) personal data obtained in the context of recorded calls.

If you have any questions about your California rights, you can email us at privacy@syndigo.com.

6. How Syndigo Transfers Personal Data across Borders

Syndigo is a US-based global company, and Syndigo affiliates and their websites and Services operate around the globe. This means your personal data may be processed in the country where you live, as well as in other countries where the laws regarding the processing of personal data may be less stringent. However, Syndigo has implemented organizational and contractual measures designed to ensure that your personal data receives the same level of protection that you would expect, no matter where it goes.

When the personal data is subject to the European Data Protection Laws, these measures include: 

  • Adequacy Decisions:
    • Where Syndigo shares personal data subject to European Data Protection laws with a recipient located in a country that has been deemed to grant a similar level of protection to personal data, the personal data is sometimes transferred under or pursuant to the decisions adopted by the relevant authorities of the European Union, Switzerland or the UK, as relevant. For example, the European Commission has so far recognized AndorraArgentinaCanada (commercial organizations), Faroe IslandsGuernseyIsraelIsle of ManJapanJerseyNew ZealandRepublic of KoreaSwitzerland, the United Kingdom under the GDPR and the Law Enforcement Directive, and Uruguay as providing adequate protection.
    • As of the Last Updated Date, Syndigo transfers personal data subject to the GDPR and obtained in the context of recorded calls to Syndigo Companies in the UK pursuant to the European Commission’s adequacy decisions for the UK.
  • Standard Contractual Clauses:
    • The Syndigo companies share personal data subject to European Data Protection Laws with each other pursuant to an intra-group data transfer agreement that incorporates and implements the most recent version of the standard contractual clauses, as those clauses have been approved by the European Commission as an “adequate safeguard” pursuant to Article 46(2) of the GDPR, as well as analogous mechanisms under UK and Swiss law.
    • As of the Last Updated Date, Syndigo transfers personal data subject to the GDPR with vendors located outside of the EU, Switzerland, and the UK and implements the standard contractual clauses and analogous mechanisms effective under UK and Swiss law as well as the requirements of Article 28 of the GDPR with such vendors.
    • You can ask us for a copy of the standard contractual clauses we have executed with each vendor or the Syndigo companies.
  • Data Privacy Framework:
    • In addition to the foregoing, Syndigo complies with the EU-U.S., Swiss-U.S., and UK Extension to the EU-U.S. Data Privacy Frameworks, as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal data transferred from the EU and the UK and/or Switzerland to the United States. To learn more about the Data Privacy Framework program, please visit https://www.dataprivacyframework.gov/.
    • In addition to the foregoing, Syndigo complies with the EU-U.S., Swiss-U.S., and UK Extension to the EU-U.S. Data Privacy Frameworks, as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal data transferred from the EU and the UK and/or Switzerland to the United States. To learn more about the Data Privacy Framework program, please visit https://www.dataprivacyframework.gov/.
    • Syndigo is responsible for the processing of personal data it receives, under the Data Privacy Framework, and subsequently transfers to a third-party acting as an agent on its behalf. Syndigo complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EU, UK, or Switzerland, including the onward transfer liability provisions. With respect to personal data received or transferred pursuant to the Data Privacy Framework, Syndigo is subject to the investigatory and regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Syndigo may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
    • In compliance with the Data Privacy Framework Principles, Syndigo commits to resolve complaints about our collection or use of your personal data. EU and Swiss individuals with inquiries or complaints regarding our Data Privacy Framework compliance or this Notice should first contact Syndigo’s Privacy Office using the information in the “How to Contact Us” section below.
    • Syndigo has further committed to refer unresolved Data Privacy Framework complaints to VeraSafe, LLC (“VeraSafe”) an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://verasafe.com/public-resources/dispute-resolution/privacy-shield-dispute-resolution-procedure for more information or to file a complaint. The services of VeraSafe are provided at no cost to you.
    • Additionally, Syndigo commits to co-operate with the EU Data Protection Authorities, the UK Information Commissioner’s Office, and the Swiss Federal Data Protection and Information Commissioner (as applicable) and to comply with the advice given by such authorities regarding personal data transferred from the EU, UK, and Switzerland. Under certain conditions, more fully described on the Data Privacy Framework website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

7. How Syndigo Secures Your Personal Data

Syndigo uses appropriate technical and organizational measures to protect the personal data that we collect and process. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal data. If you have any questions about the security of your personal data, you can contact us at privacy@syndigo.com

8. How Long Syndigo Keeps Your Personal Data

Syndigo retains your personal data for as long as is necessary to fulfill the purpose for which we collected your personal data and any other permitted linked purpose, and in compliance with our data retention policies. For example, we will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

If Syndigo processes your personal data for more than one purpose, we will retain it until the purpose with the longest retention period expires, but we will stop using it for the purpose with a shorter retention period once that period expires.

Our retention periods are also based on our business needs and good practice.

9. Personal Data about Children

Syndigo’s Services are not designed for and are not marketed to people under the age of 16 (“minors”). We do not knowingly collect or ask for information from minors. We do not knowingly allow minors to use our Services. We do not knowingly process any personal data about minors. Please contact us if you believe we might have information from or about a minor. 

10. Your Rights as a Data Subject

You may have certain rights with respect to the personal data we obtain in the context of recorded calls. In this section, we describe the privacy rights and choices that you may have, and we explain how you might exercise those rights. These include rights under applicable laws and frameworks, including but not limited to the GDPR, the CCPA and the Data Privacy Framework.

  • Right to Know What Happens to Your Personal Data. This is called the right to be informed. It means that you may have the right to obtain certain information from us regarding our data processing activities that concern you, such as how we collect and use your personal data, how long we will keep it, and who it will be shared with, among other things. We are informing you of how we process your personal data with this Notice.
  • Right to Know What Personal Data We Have About You. This is called the right of access. It means that you may have the right to ask for full details regarding the personal data we hold about you. For example, you may have the right to obtain confirmation from us as to whether we are processing your personal data, and, where that is the case, you may have the right to obtain a copy or access that personal data. Once we receive and confirm that the request came from you or your authorized agent, we will disclose to you:
    • The categories of your personal data that we process.
    • The categories of sources for your personal data.
    • Our purposes for processing your personal data.
    • Where possible, the retention period for your personal data, or, if not possible, the criteria used to determine the retention period.
    • The categories of third parties with whom we share your personal data.
    • The specific pieces of personal data we process about you in an easily sharable format.
    • If we sold or disclosed your personal data for a business purpose, the categories of personal data and categories of recipients of that personal data for both sale and disclosure.
    • If we rely on legitimate interests as a lawful basis to process your personal data, the specific legitimate interests; and
    • The safeguards used to transfer your personal data from the EEA or the UK to a third country, if applicable.

Under some circumstances, we may deny your access request. In that event, we will respond to you with the reason for the denial.

  • Right to Change Your Personal Data. This is called the right to rectification. It may give you the right to ask us to correct anything that you think is wrong with the personal data we have on file about you, and to complete any incomplete personal data.
  • Right to Delete Your Personal Data. This is called the right to erasure, right to deletion, or the right to be forgotten. This right means that you may be able to ask for your personal data to be deleted. Sometimes we can delete your information, but other times it is not possible, for either technical or legal reasons. If that is the case, we will consider whether we can limit how we use it. We will also inform you of our reason for denying your deletion request.
  • Right to Ask Us to Limit How We process Your Personal Data. This is called the right to restrict processing. It may give you the right to ask us to only use or store your personal data for certain purposes. You have this right in certain instances, such as where you believe the data is inaccurate or the processing activity is unlawful.
  • Right to Ask Us to Stop Using Your Personal Data. This is called the right to object. This is your right to tell us to stop using your personal data. You have this right where we rely on our legitimate interests, or the interests of a third party, to process or share your personal data. You may also object at any time to the processing of your personal data for direct marketing purposes. We will stop processing the relevant personal data unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, or freedoms; or (ii) we need to continue processing your personal data to establish, exercise, or defend a legal claim.
  • Right to Move Your Personal Data. This is called the right to data portability. It is the right to ask for and receive a portable copy of your personal data that you have given us or that you have generated by using our services, so that you can move it; copy it; keep it for yourself; or transfer it to another organization. We will provide your personal data in a structured, commonly used, and machine-readable format. When you request this information electronically, we will provide you with a copy in electronic format.
  • Right to Withdraw Your Consent. Where we rely on your consent as the legal basis for processing your personal data, you may withdraw your consent at any time. If you withdraw your consent, our use of your personal data before you withdraw it is still lawful. If you have given consent for your personal data to be shared with a third party and you wish to withdraw this consent, please also contact the relevant third party to change your preferences.
  • Right to Non-Discrimination. Syndigo will not discriminate against you for exercising your privacy rights. Unless the applicable data protection laws permit it, we will not deny you goods or services, charge you different prices or rates, or provide you with a different level or quality of goods or services simply because you exercise your privacy rights.

11. How to Contact Syndigo

To exercise any of your privacy rights and choices, or to ask for more information regarding Syndigo’s data protection practices, you may contact Syndigo by:

  • Contacting us by email at privacy@syndigo.com (Preferred method);
  • Contacting the host of the call;
  • Sending postal mail to the address listed below: Syndigo LLC, 141 W. Jackson Blvd., Ste 1220, Chicago, IL 60604, United States.

Verification of Your Identity: To correctly respond to any privacy request that you may make, we may need to begin by confirming that you made the request. Consequently, we may require additional information to confirm that you are who you say you are. For requests submitted via password-protected accounts, your identity is already verified. For requests sent by other means, we will verify your identity by comparison to information that we already have on file, or by asking you to provide additional information. We will only use the personal data you provide us in a request to verify your identity or authority to make the request.

Verification of Authority: If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual. When contacting us, please provide us with proof that the individual gave you signed permission to submit the request, a valid power of attorney on behalf of the individual, or proof of legal guardianship. Alternatively, you may ask the individual to directly contact us by using the contact details above to verify their identity with Syndigo and confirm with us that they gave you permission to submit this request.

Response Timing and Format: Please allow us up to one (1) month to reply to your requests from the day we received your request. If we need more time (up to 90 days in total), we will inform you of the reason why and the extension period in writing.

If we cannot satisfy a request, we will explain why in our response. For data portability requests, we will choose a format to provide your personal data that is readily useable and should allow you to transmit the information from one entity to another entity without difficulty.

We will not charge a fee for processing or responding to your requests. However, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will explain our decision and provide you with an estimate before completing the request.

Right to Lodge a Complaint with a Supervisory Authority: We are committed to working with you to obtain a fair resolution of any complaint or concern that you may have about your privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located within the EEA, UK, or Switzerland, you have the right to lodge a complaint with the appropriate supervisory authority. 

12. Our EU/UK Data Protection Representatives

We have appointed VeraSafe as our representative in the EU for data protection matters. While you may also contact Syndigo directly, you may choose to contact VeraSafe on matters related to the processing of personal data subject to the GDPR. To contact VeraSafe as our EU Data Protection Representative, please use this contact form or reach out via telephone at +420 228 881 031.

Alternatively, you can contact VeraSafe at:

VeraSafe Ireland Ltd
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland

We have also appointed VeraSafe as our representative in the UK for data protection matters. While you may also contact Syndigo directly, you may choose to contact VeraSafe on matters related to the processing of personal data subject to the UK GDPR. To contact VeraSafe as our UK Data Protection Representative, please use this contact form or reach out via telephone at +44 (20) 4532 2003.

Alternatively, VeraSafe can be contacted at:

VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
United Kingdom

13. Cookies

We use cookies and other tracking technologies on our website and in marketing communications to help us manage and improve our websites, your browsing experience, and the materials or information that we send to our Customers, Prospects, website visitors, partners, and event attendees. For more information on this topic, please visit our Cookie Notice.

14. Updates to This Privacy Notice

Syndigo will update this Notice on a regular basis, and the Last Updated Date will always appear at the top. We invite you to visit this Notice whenever you interact with our website, so that you may remain constantly informed on how we collect and use your personal data.