Workforce Wave Privacy Policy

Effective Date: November 21, 2024

Introduction

Workforce Wave ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our services.

1. Information We Collect

Personal Data:

We may collect personally identifiable information ("Personal Data") that you voluntarily provide when registering or interacting with our services. This includes:

  • Email Address
  • First Name and Last Name
  • Usage Data (e.g., IP address, browser type, pages visited, unique device identifiers)
  • Audio recordings of customer interactions with AI agents (for quality assurance).
  • Sensitive data (e.g., specific client preferences or needs communicated during interactions).

Cookies and Tracking Technologies:

We use cookies and similar technologies to track activity on our service and improve user experience.

2. How We Use Your Information

We use the collected data for various purposes:

  • To provide, maintain, and improve our services.
  • To monitor and evaluate the performance of AI agents for quality assurance.
  • For marketing and analytics purposes to improve service offerings.
  • To prevent fraud, ensure compliance with regulations, and enhance security.
  • To notify clients about changes or updates to our services.

3. Disclosure of Data

Workforce Wave shares data with trusted third-party service providers solely to deliver, maintain, and improve our services. We do not sell personal information or facilitate third-party tracking for targeted advertising.

Key Data-Sharing Partners:

  • AWS: Provides secure cloud storage and hosting services.
  • Google Workspace: Manages email communications and document storage.
  • Twilio: Facilitates telecommunication services such as call handling and SMS capabilities.
  • Proprietary White-Labeled Platform: Supports conversational AI services with HIPAA, SOC 2, and GDPR compliance certifications.

Categories of Data Disclosed:

  • Identifiers (e.g., names, email addresses, and phone numbers) for service facilitation.
  • Audio recordings (used internally for quality assurance and improvement).
  • Usage data (e.g., IP addresses, timestamps) for system monitoring and diagnostics.

Purpose of Data Sharing:

  • To enable core service functionality.
  • To maintain and enhance service quality.
  • To comply with legal or regulatory requirements.

4. Retention and Deletion of Data

Workforce Wave retains data only for as long as necessary to fulfill the purposes outlined in this policy and to comply with legal obligations. Retention periods are as follows:

  • Personal data: Retained during the client relationship and deleted within 90 days after termination of services.
  • Audio recordings: Retained for 12 months for quality assurance, unless deletion is requested sooner.
  • Usage data: Retained for analytics and troubleshooting for up to 18 months.

Deletion Requests:

Clients can request deletion of their data by contacting us at
worker@workforcewave.com.

5. Legal Compliance and Consumer Rights

Workforce Wave adheres to U.S. state privacy laws and federal regulations.

Your Rights Include:

  • Access: Request a copy of your data.
  • Correction: Update or correct inaccuracies in your data.
  • Deletion: Request the deletion of your data.
  • Opt-Out: Decline certain data uses, such as marketing communications.

Mechanisms to Exercise Rights:

Clients can exercise these rights by contacting us via:

Requests will be addressed within 30 days unless an extension is necessary.

6. Security Practices

Workforce Wave implements "reasonable security measures" to protect your data while acknowledging inherent risks.

Security Measures Include:

  • Third-Party Security Services: AWS and other partners ensure secure storage and hosting.
  • Internal Practices: Endpoint security, regular internal audits, and continuous monitoring.
  • Encryption: Data is encrypted both in transit and at rest.
  • Access Controls: Strict access protocols to safeguard sensitive data.

7. Use of Cookies and Tracking

We use cookies to enhance user experience and gather analytics.

Opt-Out Mechanisms:

  • Clients can manage cookie preferences through their browser settings or visit www.youradchoices.com for additional options.
  • To disable cookies for analytics, install the Google Analytics opt-out browser add-on.

8. Data Sales or Sharing

Workforce Wave does not sell personal information or share data for cross-context behavioral advertising. Data is used exclusively to deliver services to our clients.

9. Accessibility and Updates

Workforce Wave is committed to ensuring this policy is accessible to all users, including those with disabilities. Clients can request this Privacy Policy in alternative formats by contacting worker@workforcewave.com.

Policy Updates:

Changes to this Privacy Policy will be communicated via email and published on our website with an updated effective date.

10. State and International Laws

Workforce Wave complies with state-specific laws, including those in California, Colorado, and Virginia.

Opt-Out Preference Signals:

We recognize the Global Privacy Control (GPC) signal for California and Colorado residents. Clients can set opt-out preferences via supported browsers.

GDPR Compliance:

For EEA residents, Workforce Wave honors GDPR rights for access, correction,
deletion, and portability of data.

11. AI Agent Privacy and Security

At Workforce Wave, we recognize that our AI agents play a central role in delivering exceptional service to our clients. To ensure the privacy and security of data managed through these systems, we implement the following measures:

Secure Logging of Interactions

All interactions with Workforce Wave AI agents are securely logged and stored using encrypted systems that meet or exceed HIPAA, SOC 2, and GDPR standards. These logs are protected from unauthorized access and are retained only for as long as necessary to fulfill operational, compliance, or legal requirements.

Periodic Transcript Reviews

To maintain the highest standards of quality assurance and regulatory compliance, AI interaction transcripts are reviewed periodically. These reviews are conducted by trained personnel who operate under strict confidentiality agreements and are subject to regular audits to ensure adherence to privacy policies.

Access Controls and Monitoring

Access to AI agent logs and transcripts is strictly limited to authorized personnel with a legitimate business purpose. All access is monitored and logged, with regular audits conducted to identify and address any unauthorized activity.

Client Transparency

We believe in fostering transparency with our clients. Workforce Wave provides clients with access to interaction logs, summaries, and performance reports. This enables clients to evaluate the compliance and efficacy of AI systems independently.

Customizable Data Handling

Workforce Wave offers customization of data handling processes to align with the specific regulatory, operational, and privacy requirements of each client. This flexibility ensures that our AI agents operate seamlessly within diverse compliance frameworks.

Integration of Privacy by Design

Privacy and security considerations are integrated into the design and development of Workforce Wave AI agents. By embedding these principles into every stage of our processes, we ensure that privacy is not an afterthought but a fundamental feature of our services.

Contact Us

For any questions or to exercise your rights under this policy, contact: