Privacy Policy & Data Protection

Scope and Commitment

At Connected, we assume the role of Data Processor for the information your company entrusts to us. We are committed to implementing all necessary technical, administrative, and physical measures to ensure that your clients’ information is handled with the highest level of integrity and confidentiality.

_________________________________________________________________________________________________________________________________________________________________________________

Operational and Workplace Security

Our operational infrastructure is designed to prevent any information leaks through strict controls at the point of contact:

• Secure Workplace: We implement “Clean Desk” policies. Call management areas are restricted from the entry of mobile devices, cameras, or any physical and digital storage media.

• Role-Based Access: Personnel have access only to the minimum information necessary to perform their specific duties. Permissions are reviewed and updated monthly.

• Robust Authentication: All our systems require multi-factor authentication to ensure that only authorized personnel interact with the databases.

_________________________________________________________________________________________________________________________________________________________________________________

_________________________________________________________________________________________________________________________________________________________________________________

Technical Data Protection and Encryption

To safeguard information both in transit and at rest:

• End-to-End Encryption: All voice and data communications are transmitted through encrypted channels (TLS 1.3 or higher).

• Network Security: We operate within infrastructures protected by next-generation firewalls and intrusion prevention systems, monitored 24/7.

• Secure Connections: In external management models, access is granted exclusively through corporate Virtual Private Networks (VPNs) with dedicated encryption tunnels.

_________________________________________________________________________________________________________________________________________________________________________________

Data Lifecycle Management

We align with your company’s retention policies to ensure that data is not kept longer than necessary:

• Scheduled Retention: Interaction recordings and data logs are stored for the exact period requested by the Client, in compliance with applicable legal regulations.

• Secure Destruction: Once the retention period has expired or the contractual relationship has ended, Connected ensures the logical and physical deletion of information using methods that prevent any attempt at recovery.

• Right to Erasure and Rectification: We prioritize all end-user requests to delete or correct personal data, reporting the completion of such actions to the Client in real time.

_________________________________________________________________________________________________________________________________________________________________________________

Personnel Confidentiality

All personnel at Connected are subject to a strict internal legal framework:

• Confidentiality Agreements: Every employee signs a legally binding confidentiality agreement before gaining access to any system.

• Continuous Training: We conduct training programs on best practices for privacy and sensitive information management for all our staff.

_________________________________________________________________________________________________________________________________________________________________________________

Audit and Transparency

Connected maintains an “Open Books” policy for its corporate clients:

• Right to Audit: We provide your company with the ability to conduct periodic security audits at our facilities (physical or virtual).

• Incident Notification: In the event of any anomaly or attempted security breach, Connected will notify the Client immediately, providing a detailed technical report within no more than 24 hours.

_________________________________________________________________________________________________________________________________________________________________________________

Regulatory Compliance

Connected adheres to the most stringent international and local data protection frameworks.