Data Processing Policy

Last updated: 27 September 2022

We understand you take your customers’ data very seriously, so we are 100% blunt on how we handle the data that you provide us with for processing, including your Zendesk data. Below, please find a detailed explanation on how we access, store, and use your and your customers’ data when you use one or more of our Apps.

 

Please note that, in instances where we act as a data processor with regard to your or your customers’ personal data, our Data Processing Agreement (DPA) applies. The DPA is incorporated by reference to our Service Agreement

How we access your Zendesk data

In order to provide our Apps functionalities, we need to read and store a set of records and fields from your Zendesk Support account. To do so, we use Zendesk's secure REST API and follow best practices when accessing this API.

 

All the traffic between our apps and Zendesk API is exchanged via HTTPS, so is 100% encrypted.

 

We use OAuth 2 to authenticate all our application's API requests to Zendesk. OAuth provides a secure way for our application to access your Zendesk data without having to store and use the passwords of Zendesk users, which is sensitive information. All you have to do is authorize us to read your Zendesk data. No passwords or API keys, no mess.

How we store your Zendesk data

All the data is stored securely in Amazon Web Services (AWS) facilities in Europe, Ireland. This service provider meets international security standards such as ISO 27001 and SOC 1, 2 and 3.

 

All of our servers are within our own virtual private cloud (VPC) with firewalls and network access control lists (ACLs) that prevent unauthorized requests from getting to our internal network.

 

All the data stored is encrypted both at rest and in motion.

What Zendesk data we read and store, and why

App: Help Center Manager

We read your Help Center articles to analyze their content, extract links and images, and make them available to you.

 

We use the Zendesk Articles API endpoint to read the articles data from your Help Center instance. None of your customers or tickets data is accessed from this endpoint.

 

We read and store all the articles fields made available by Zendesk at this endpoint.

 

To enable Apps features such Find & Replace and Duplicate articles, we also need to ask for write access to your Help Center. This permission is only required for Help Center data, none of the other Zendesk data is accessed.

App: Help Center Analytics

When the analytics script is enabled and active on your Help Center, it will send traffic data to our servers for every user event such as page change or search.

 

Traffic data stored on Swifteq servers to enable Analytics only contains non-personal data, such as: timestamp; device type; URL; search terms; article ID; user id hash; and user email hash (an anonymized identifier that cannot reveal any personal data about the user).

 

The user email address, where available, is also sent to the App but ONLY stored as an anonymized hash. The raw email address or name of the user is NOT stored on our servers.

 

In the Help Center Analytics App, you can optionally choose to enable Integrated Analytics: analyze together the Help Center traffic data and the ticketing data from your helpdesk, i.e. comparing ticket volumes with Help Center visits to calculate the Self Service Score. When Integrated Analytics is enabled, we need to read and store a small number of standard non-sensitive fields for each Zendesk ticket and user, such as: TicketId; User ID; and  Anonymized User Email Hash. 

NO personal data from tickets are stored on our servers.

App: Help Center Export

We access and use your Help Center articles to analyze their content, detect broken links and make them available to you.

 

We use the Zendesk Articles API endpoint to read the articles data from your Help Center instance. None of your customers’ data is accessed from this endpoint.

 

We read and store the following fields: article title & body, author name, dates & times, url, language, section, category, labels, votes.

App: Merge Duplicates
App: Remove CC
App: Attachment Workflows
App: Auto-Remove Attachments

Ticket Data Fields

NO personal data from Zendesk tickets (your employees or customers) will be stored on our servers. A cache service running on our servers persists the following fields for each ticket for up to 5 minutes, after which they are automatically deleted: ticket id, requester id, group id, priority, channel. Such information does not contain personal data.

 

App Merge Duplicates only: in order to allow for the exclusion of tickets from certain email addresses, the requester email address is also sent to the App for verification only (on the fly), but it is NOT stored in any shape or form on our servers. If, for security concerns, you don't need this field to be sent to the App, please get in touch with us.

Configuration Data

This is data that you knowingly configure in the App to exclude certain tickets from merging (groups, priority, requester emails).

App: Answer Search

In order to provide our rich search functionality in Zendesk, we need to read, store and index a set of records and fields from your Zendesk Support account. To do so, we use Zendesk's secure REST API and follow best practices when accessing this API.

 

With Answer Search, we put you in the driving seat when it comes to data handling. You have full control on what data from your Zendesk account you allow us to read and store. Obviously, this will impact the level of functionality available in the App.

Help Center Articles

We use your Help Center articles to index and make them available to your Customer Support team for fast searching and linking into an existing response.

 

We use this API endpoint to read the articles data from your Help Center instance. None of your customers’ data is accessed from this endpoint.

 

We read and store the following fields: article title & body, author name, dates & times, url, language, section, category, labels, votes.

 

We need the articles to provide the core functionality of our App, so loading of this data point cannot be disabled.

Tickets in Zendesk Support

We use the content of your Zendesk tickets to index and make them available to your Support team for fast searching of old answers and customer questions.

 

We read the tickets data using the following API endpoints:

•           Search API: read the archive of old tickets; and

•           Ticket Audits: read the entire conversation flow of each ticket (public and private comments).

 

For each ticket we (optionally) store the following data on our secure servers:

Agent Replies

This is the agent-side of the conversation, both public and private comments. For each agent message in the conversation we store:

•           the content of the message;

•           date & time; and

•           agent name. 

 

Loading this data point is optional and can be disabled before you connect your Zendesk account.


However, it enables an important part of the App's functionality: searching and reusing past answers from older support tickets. Our advice is to keep this enabled.

Customer Messages

This is the customer-side of the conversation: what the customer said when he created the ticket and after that. For each customer message in the conversation we store:

•           the content of the message;

•           date & time; and

•           customer’s name. 

 

Loading this data point is optional and can be disabled before you connect your Zendesk account.

 

When this data point is disabled, the loss in functionality is relatively small: your team will not be able to search for questions customers previously asked.

Standard ticket fields

We read and store a small number of standard fields for each ticket: Ticket ID; Channel, Group; Data & time; and Tags.

We think there is no privacy concern in relation to these fields and we need them to index, filter and sort the tickets data.