General Data Protection Regulation (GDPR)

Meya.ai is fully GDPR compliant

On May 25th, 2018, the EU General Data Protection Regulation (GDPR) will go into effect. These new regulations will harmonize data privacy laws across Europe and bring data protection rights for all members of the European Union.

Here at Meya.ai we completely support the privacy rights of our customers and our customer's users. Under GDPR guidelines, Meya.ai acts as a Data Processor. Listed below is how we are adhering to the GDPR specification.

  • Updated Privacy Policy and Terms and Conditions to reflect new GDPR compliance
  • DPAs available for signatures
  • Right of access
  • Right to erasure ("right to be forgotten")
  • Sub-processors

We have a dedicated privacy team that can be reached at privacy@meya.ai should you have any questions.

Data Protection Agreement (DPA)

If you are using Meya.ai as a customer and have agreed to our Terms and Conditions, you may also request to sign an additional DPA. As of May 25th, 2018, our Terms and Conditions includes a provision adhering to GDPR compliance. An example of our DPA can be found here.

If you are a customer who needs a signed DPA, please send an email to privacy@meya.ai and include your Account ID (found here). The email must be sent from the same email as the account owner.

The DPA will be sent for digital signature within 2 business days.

Right of access

A Meya.ai customer can request access to their user's data by sending an email to privacy@meya.ai. The email must be sent from the same email as the account owner.

In the email body include:

  1. Account ID (found here)
  2. Meya.ai User ID (Uxxxxxx) for the user requesting access

Right of erasure

A Meya.ai customer can request complete deletion of their user's data by sending an email to privacy@meya.ai. The email must be sent from the same email as the account owner.

In the email body include:

  1. Account ID (found here)
  2. Meya.ai User ID (Uxxxxxx) for the user requesting erasure

Meya.ai Sub-Processors

Each of our sub-processors have an executed DPA to ensure GDPR compliance.

  • AWS - The majority of user data is hosted and stored on AWS
  • Smooch - Some integrations are powered by Smooch such as Line, WeChat, Viber and iOS and Android SDK
  • Sentry - Error tracking software to help debug issues
  • PubNub - Service for publishing & subscribing to messages. Only applicable to certain integrations including Meya Web
  • Google Geocoding - Some built-in bot components relating to end-user location use the Geocoding API
  • Google Translate - Some built-in triggers and/or components use the Translate API for language detection and internationalization
  • Wit.ai - Some built-in triggers and/or components uses a natural language model running on Wit.ai

Integrations

For all integrations, including analytics integrations, messaging channel integrations and customer service integrations, we recommend Meya.ai customers get a separate DPA between your company and the integration's company.

Changelog

  • May 24, 2018 - First version published