Introduction
Welcome to InfinityDesk. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our customer management platform, including our ticketing system, 3CX call integration, WhatsApp Business integration, and related services.
By using InfinityDesk, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.
Information We Collect
We collect several types of information to provide and improve our services:
Personal Information
- Account Information: Name, email address, phone number, company name, job title
- Billing Information: Payment details, billing address, tax information
- Profile Information: Profile picture, preferences, notification settings
- Communication Data: Email addresses, phone numbers of your customers and contacts
Usage Data
- IP address and browser type
- Pages visited, time spent on pages, links clicked
- Device information and operating system
- Access times and referring website addresses
Communication Content
- Tickets: Support ticket content, attachments, conversation history
- Calls: Call logs, recordings (with consent), call duration, metadata
- WhatsApp Messages: Message content, media files, conversation threads
- Emails: Email content, attachments, sender/recipient information
Important: We process this communication data on your behalf as a data processor. You remain the data controller responsible for complying with applicable privacy laws regarding your customers' data.
How We Use Your Information
We use the collected information for various purposes:
- Service Delivery: To provide, maintain, and improve InfinityDesk services
- Account Management: To manage your account, process payments, and provide customer support
- Communication: To send service updates, security alerts, and support messages
- Analytics: To analyze usage patterns and improve our platform
- Security: To detect, prevent, and address technical issues and fraudulent activity
- Compliance: To comply with legal obligations and enforce our terms
- Marketing: To send promotional communications (with your consent)
Data Sharing and Disclosure
We may share your information in the following circumstances:
- Service Providers: With third-party vendors who perform services on our behalf (hosting, payment processing, analytics)
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- Legal Requirements: When required by law, subpoena, or legal process
- Protection of Rights: To protect our rights, property, or safety and that of our users
- With Your Consent: When you explicitly authorize us to share information
We never sell your personal information to third parties.
Data Security
We implement industry-standard security measures to protect your data:
- Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
- Access Controls: Role-based access control (RBAC) and multi-factor authentication
- Infrastructure: Secure, redundant cloud infrastructure with regular backups
- Monitoring: 24/7 security monitoring and intrusion detection
- Compliance: SOC 2 Type II certified, GDPR and CCPA compliant
- Regular Audits: Periodic security assessments and penetration testing
- Employee Training: Regular security awareness training for all staff
While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
Data Retention
We retain your information for as long as necessary to provide services and comply with legal obligations:
- Account Data: Retained while your account is active and for 90 days after deletion
- Communication Records: Retained according to your configured retention policies
- Billing Information: Retained for 7 years for tax and accounting purposes
- Usage Logs: Typically retained for 12 months
- Call Recordings: Retained according to your settings (default: 90 days)
You can request deletion of your data at any time by contacting our support team. Some information may be retained as required by law.
Your Privacy Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data (right to be forgotten)
- Portability: Receive your data in a structured, machine-readable format
- Restriction: Request restriction of processing your data
- Objection: Object to processing of your data for certain purposes
- Withdraw Consent: Withdraw consent for data processing at any time
- Lodge Complaint: File a complaint with your local data protection authority
To exercise these rights, please contact us at
[email protected] or through your account settings.
Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience:
Types of Cookies We Use
- Essential Cookies: Required for basic functionality (authentication, security)
- Performance Cookies: Help us understand how visitors interact with our platform
- Functional Cookies: Enable enhanced features and personalization
- Marketing Cookies: Track effectiveness of advertising campaigns (with consent)
You can control cookies through your browser settings. Note that disabling certain cookies may limit functionality.
Third-Party Services
InfinityDesk integrates with various third-party services:
- 3CX: VoIP phone system integration for call management
- WhatsApp Business API: For WhatsApp messaging functionality
- Payment Processors: Stripe and other payment gateways
- Cloud Providers: AWS, Google Cloud, or similar hosting services
- Analytics Tools: For usage analysis and service improvement
These third parties have their own privacy policies. We encourage you to review them before using integrated services.
International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.
When we transfer data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Data Processing Agreements with all service providers
- Adherence to Privacy Shield principles where applicable
- Ensuring recipient countries have adequate data protection levels
Children's Privacy
InfinityDesk is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.
If you believe we have collected information from a child, please contact us immediately at [email protected].
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.
When we make significant changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you via email or prominent notice on our platform
- Provide at least 30 days notice before material changes take effect
- Request renewed consent where required by law
Your continued use of InfinityDesk after changes become effective constitutes acceptance of the updated policy.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: [email protected]
Data Protection Officer: [email protected]
Address: InfinityDesk Inc., 123 Tech Street, San Francisco, CA 94105, USA
Support Portal: support.infinitydesk.com
Phone: +1 (555) 123-4567
We aim to respond to all privacy-related inquiries within 30 days.