We Will Build a Smart Engaging Chatbot For You

Terms of Service

Chatbot Malaysia is a product of Narrative Consulting PLT.

The following terms of service provide throughout information of the dynamic of work between Narrative Consulting PLT (“YesHello”, “Chatbot Malaysia”, “we”, “us”, or “our”) and the client (“you” or the “Client”). The terms indicated herein shall be legally binding for both parties. The specifics of the Services, such as number of conversation steps, price and delivery time are the ones detailed in the confirmation sent to you via email upon completion of the purchase process (the “Purchase Confirmation”).‍
 
1- Scope of Services

For the provision of our Services our team will work with a finished, editable Conversation Flow provided by you, which shall be in English and on either Draw.io, Diagrams.net, or Google Docs formats.
‍
The deliverable is an chatbot version of the procedural flow of dialogue you provided, in accordance with your objectives, instructions, style preferences, branding requirements and any project assets you submit to our team.

Our Services do not include:

Modification, abbreviation, edition or proof reading of the content. The information on each dialogue bubble will remain the same on the chatbot version.
Production of videos.
Design of infographics or custom images.
Creation of logos or any other corporate identity material.
Production or purchase of photographic assets (stock photos or any other photos for specific industries). We work with open image libraries and use them to provide imagery that represents the look and feel designed for each bot, these photos are for illustrative purposes only. You can keep our suggested images or update them later to include your own photos. Alternatively, you can share your photos with our team along with the rest of the project’s assets, before the delivery of the first draft (Stage 5 Revisions) and our team will use them for the design process. Requests for specific photos are not part of our services.
 
2- Process

Once you agree to these terms of service and complete the purchase process you will receive a Purchase Confirmation detailing the Services to be provided by us and a copy of this terms of service for future reference. During the purchase process you will be required to upload a finished and editable Conversation Flow for our team to build the chatbot as well as the corresponding Project Assets (as defined in section III). Once you have completed the purchase process, our Services will be provided as follows:

Step 1. Briefing call: You will hold a briefing call with our team, to tell us about your objectives and style preferences. In the briefing call our team will show you how to design a Conversation Flow indicate if any additional Project Assets are required for the chatbot building process.
Step 2. Uploading of additional Project Assets: You will upload any Project Assets not included during the purchase process and required for our team to build the chatbot in accordance with your needs.
Step 3. Follow-up call: If deemed necessary, at the sole discretion of the developer in charge of your chatbot, he/she will be in touch for a follow-up call to clarify any doubts the tech team may have related to the chatbot needs or project assets.
Step 4. Chatbot Building process: Your chatbot gets built and a first draft will be delivered to you in video format.
Step 5. Revisions: You can provide your feedback on the first draft and our team will send you a final version with the required tweaks.
Step 6. Testing: In this phase, we rerun conversational flows and business scenarios through various test cases to achieve desired bot performance.
Step 7. Deployment: The bot is deployed on the company’s WhatsApp and Messenger channels and is ready to interact with customers in the real world.
Step 8. Monitor and Optimize: Once published, for the following 7 days, the bot performance is monitored by by our team to fix breakage points.

The steps indicated above will be subject to the terms and conditions established herein.
 
3- Project Assets

In addition to the finished and editable Conversation Flow, you shall provide our team with any information, specifications, images, logos, corporate identity material and any other project assets that you want to be taken into consideration for the chatbot building process (the “Project Assets”). Our team will build your chatbot based on the uploaded material and any details given by you on our briefing call. All Project Assets not uploaded during the purchase process must be submitted during the following twenty-four (24) hours to the briefing call and our design team will not consider any materials provided afterwards. Any additional assets required by our design team will be requested after we start working on the chatbot, upon the team’s discretional criteria.

If you have any specific instructions on your chatbot's design, please include such instructions as detailed as possible at the time the Project Assets are uploaded so our team can build your chatbot in accordance to your needs. Any specifications not indicated at the time the Project Assets are uploaded or during our briefing call, as well as any ambiguous instructions will not be taken into consideration by our tech team.

You will be the sole responsible for providing our team with all the information, documentation, materials or assets required for building your chatbot. Our team will not make any changes to your chatbot (either the first draft or the final version) to adjust or include any information, documentation, materials or assets you failed to provide in due time.

4- Proprietary Rights

You hereby warrant that: (i) you own all rights, titles, and interest in, or have full right and authority to permit the use of the project assets submitted for the provision of our Services; (ii) the use of this Project Assets does not infringe the rights of any third party; and (iii) you are in compliance and will remain in compliance with any licensing agreement in relation to any of the Project Assets.

You shall indemnify and hold harmless Chatbot Malaysia from any and all damages, liabilities, costs, losses or expenses arising out of any claim, demand or action by a third party alleging intellectual property rights infringement on the Project Assets provided by you and included in the presentation.

For the sole purpose of providing the Services, you hereby grant Chatbot Malaysia a non-exclusive, non-transferable license to use the Project Assets solely in connection with the chatbot.
 
5- Fees

The Purchase Confirmation indicates the number of conversation steps you have purchased and the corresponding price. Our team will only work on the amount of conversation steps stated on the Purchase Confirmation. If more conversation steps are uploaded the team will pause the chatbot building process and reach out to you on the following two (2) business days to confirm if you wish the additional conversation steps to be built and sent a quotation for said conversation steps. If our team does not receive confirmation on the purchase of additional conversation steps, during the following two (2) business days of reaching out for confirmation, the team will continue to work on the chatbot and ignore the conversation steps that go pass the purchased number. If you wish to have more conversation steps built after the purchase has been made, you can also contact our Customer Support team and they will instruct you on how to purchase additional credit. The uploading or purchasing of additional conversation steps will cause delays to the delivery times established in the following section.
 
6- Revisions and Deliverables

The delivery time will depend on the purchased Services detailed in the Purchase Confirmation and you will be allowed one (1) revision after the initial draft has been sent. Our delivery times go as follows:

Chatbot Building – Standard: six (6) business days delivery for the first draft. One (1) revision with up to three (3) days delivery. Monday to Friday, 9:00 a.m. to 5:00 p.m. Malaysia Time.
If all Project Assets are submitted during the purchase process, the delivery time for the first draft starts running after the briefing call held with our team. If additional Project Assets are uploaded during the twenty-four (24) hours following the briefing call, the delivery time starts running at the time you receive the upload confirmation of your files containing the additional Project Assets. Any failure by the Client to provide such additional Project Assets during the indicated period will cause delays in the delivery time. The revision time delivery begins after you share the complete feedback with our team. The complexity and extent of the requested changes could affect the delivery time of the revisions, our team will inform you if that is the case.

The chatbot needs are defined by the details filled in the upload form after purchase, the Project Assets you have provided and our briefing call. Once you receive the first version we can work on dialogue changes, minor flow adjustments, image selection and other related tweaks. Revisions do not include the incorporation of any new ideas or major flow adjustments. The Client’s point of contact (as established in section XII.) will be in charge of requesting any changes and approving the project deliverables. If the point of contact is changed by the Client during the Project, the new contact point will only be allowed to request the changes detailed above. Chatbot Malaysia shall not be responsible for any creative differences between the Client’s team and therefore will have no obligation to adjust or make changes to the project deliverables due to the Client changing its point of contact.

After the first chatbot version is sent, you will have up to 2 weeks to respond with feedback, once that time has passed the project will be placed on hold, will no longer be available for any future revisions and will be considered as accepted by you.

As part of the Services, the team will create in the YesHello platform Custom Fields in the 'Settings' module, surveys in the 'Surveys' module, upload files into the 'Files' module, create automations in the 'Automations' module, send team member invitation emails, connect the agreed upon channels (ie. WhatsApp, Messenger, Web chat, Telegram, etc.), connect WhatsApp API to one WhatsApp number. Once the final draft is delivered the project is labeled as completed and no new edits are available under that request.

Chatbot purchases will only be delivered on a valid YesHello account as YesHello chatbots.

Our team will identify the deadlines indicated by you at the time of purchase and work to ensure that the deliverables are submitted on time. Any failure by you to provide all the necessary Project Assets will affect the date by which any potential files will be delivered.
 
7- Our Team's Schedule

Our working hours are Monday to Friday, 9:00 a.m. to 5:00 p.m. Malaysia Time. If the purchase is made outside of our office hours the time starts running the next business day at 9:00am Malaysia Time. However, our team needs to have all the chatbot assets in order to begin, if after filling the upload form you still need to share extra files with us the delivery time will start once our tech team receive said files. This delivery time is for the first draft of the chatbot build, not for the final version. The delivery of the final version will be as detailed in the previous section.

Our Services include email and messaging communications only, no design calls are scheduled as part of the Services, except for the briefing call and the follow-up call (the follow-up call will be schedule only if our team considers it necessary to clarify any doubts).

If at a later point any other means of communication are deemed necessary by our team, booking them will depend on the team’s availability and will be scheduled on a case by case basis.
 
8- Non-Disclosure of Information

All information, documentation and other Project Assets provided by the Client to Chatbot Malaysia shall be considered as confidential information, included but not limited to: concepts, diagrams, drawings, data base, spreadsheets, contracts, know-how, investment plans, marketing plans, sales plans, business plans, marketing strategies, trade secrets, and any other technical, accounting, legal and/or commercial information. Therefore, Chatbot Malaysia commits to maintain under strict confidentiality and in consequence not reveal, trade or disclose, in whole or in part, the confidential information provided by the Client.
 
9- Service Cancellation, Issuing of Refunds and Indemnification

The Services can be cancelled at any time prior to the moment our team starts working on your chatbot. That means you can request the cancellation of the Services after first receiving the Purchase Confirmation via email and before submitting this document. If the cancellation of Services happens at this moment, we can issue a partial refund of your purchase, the amount of the partial refund will be determined at our sole discretion based on the time incurred by our team in your project.

If the cancellation of the Services happens at any time after the indicated moment and our team has started to work on your chatbot, no refunds will be issued under any circumstances. Furthermore, you acknowledge that our Services are provided in accordance to your objectives, instructions, style preferences, branding requirements and any Project Assets you have provided in due time and that you rely on our team’s expertise for building your chatbot, therefore, no refunds will be issued due to creative differences that may arise between the Client and Chatbot Malaysia.

Furthermore, Chatbot Malaysia will have no obligation to indemnify the Client if the deliverable does not meet the Client’s expectations.
 
10- Relationship between the Client and YesHello and No Exclusivity

The provision of Services pursuant to these terms of service does not create any agency, partnership, employment or joint venture relationship between you and us. Furthermore, the provision of our Services does not create an exclusive relationship between you and us. Therefore, we are entitled to offer and provide our Services to other clients, without limitation.
 
11- Force Majeure

We will not be liable for any delay in our delivery times due to causes beyond our reasonable control, including but not limited to acts of war, acts of God, earthquake, flood, embargo, riot, sabotage, labor shortage or dispute, governmental acts or acts of third parties.
 
12- Point of Contact

During the purchase process you will be required to appoint a point of contact for the project. All communications between Chatbot Malaysia and the Client will be managed directly with the contact point through the email address provided by you during the purchase process. If, for any reason, the Client requires to change its point of contact, it should notify Chatbot Malaysia indicating who will be the new point of contact and his/her email address.
 
13- Governing Law

All matters relating to these terms of service and the provision of our Services and any dispute or claim arising therefrom or related thereto (in each case, including non-contractual disputes or claims), shall be governed by and construed in accordance with the internal laws of Malaysia without giving effect to any choice or conflict of law provision or rule.


Any legal suit, action or proceeding arising out of, or related to, these terms of service or our Services shall be instituted exclusively in the federal courts of Malaysia or the courts of the State of Wilayah Persekutuan, Kuala Lumpur. By accepting the terms and conditions detailed in this document, you waive any and all objections to the exercise of jurisdiction over you by such courts and to venue in such courts.

Privacy Policy
 
Last Updated July 23rd, 2020

Chatbot Malaysia is a product of Narrative Consulting PLT.

1. Introduction
This Privacy Policy is designed to help you understand what information we collect at YesHello (a product of Narrative Consulting PLT), how we use it, and what choices you have.

Some key terms are defined as follows, and throughout this document:

Narrative Consulting PLT (“YesHello”, “Chatbot Malaysia”, “we”, “us”, or “our”) is the company that collects and processes Personal Data for the purposes described in this Policy
Personal Data is any information relating to an identified or identifiable natural person (“Data Subject”)
Customer is a legal entity with whom YesHello has an agreement to provide the Services
2. About YesHello
YesHello provides a “Conversation Cloud” that allows our Customers to store, manipulate, analyze and transfer messages between their business systems and their customers on a variety of YesHello-provided and third party messaging channels (the “Service”).

YesHello is committed to the protection of Personal Data, including data that we use for our own purposes, and that we maintain on behalf of our Customers.

3. Collection and Use of Personal Data
YesHello collects information, including Personal Data, for the following purposes:

Providing and managing the Service
Internal business purposes
Communicating with you and marketing
Recruiting and managing personnel
Collecting payment for the Service
To understand and improve our Service and Website

This Policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable individual (Data Subject) or Customer of the Services.

YesHello Services are not directed to children under 16. If you learn that a child under 16 has provided us with Personal Data without consent, please contact us.

Providing and managing the Service
In the course of providing the Service, YesHello may receive, access, analyze, process and maintain Personal Data on behalf of our Customers.

Our Customers determine the types of Personal Data that will be collected and used within the Service, how it will be used and disclosed, and how long it will be stored. For any questions related to how your Personal Data is used by our Customers, please contact them directly.

Service Data is the information that is processed on behalf of our Customers during provision of the Service.
YesHello’s privacy practices related to Service Data are not covered by this Privacy Policy. They are detailed in the YesHello Service Data Privacy Statement, or the applicable agreement relating to your access to and use of the Service.
Account Information, including contact information, user profile information, and information about your payment method, is collected from you when you register or authenticate into our Service and is used to manage payment for the Service, enable us to provide support, and facilitate communication.
YesHello’s privacy practices related to Account Information are detailed below and throughout this Privacy Policy.
Service Usage Information Is collected, including information about how you are accessing and using the Service. We use this information to understand and improve our Services, and to investigate and prevent security issues, abuse, fraud.
YesHello’s privacy practices related to Service Usage Information are detailed below and throughout this Privacy Policy.
Internal Business Purposes
YesHello collects the following information from you through our Website, social media, and other channels for the following purposes:

Communicating with you and marketing
Responding to your request for a product demo: When you request a free demo, we may collect your first and last name, job title, business email address, and information about your company. We use this information to contact you and otherwise facilitate your free demo.
Responding to your inquiries: When you contact us with a comment, question or complaint, you may be asked for information that identifies you, such as your name, address and a telephone number, along with additional information we need to help us promptly answer your question or respond to your comment. We may retain this information to assist you in the future and to improve our customer service and service offerings (including the Service and Website).
Informing you about products and services. We may use your contact information for our own marketing or advertising purposes. We do not sell or rent your Personal Data to third parties. You can opt out of these at any time by following the steps outlined below.
Recruiting and managing personnel
Processing your job application. If you apply for a job at YesHello, you may provide us with certain Personal Data about yourself, such as information contained in a resume, cover letter, or similar employment-related materials. We use this information for the purpose of processing and responding to your application for current and future career opportunities.
Managing employees and contractors. If you join the YesHello team as an employee or contractor, we will use the information you provided, as well as information we create about you, for human resources purposes including verifying your eligibility and qualifications, performance management, to provide compensation and benefits, investigate incidents, and otherwise facilitate the relationship.
Collecting payment for the Service
Collecting payment. For Customers that purchase a paid version of our Service, we collect and process information about how you use the Service, and your Account Information (including contact information, user profile information, and information about your payment method) for the purpose of billing you.
To Understand and Improve our Services and Website
Understanding how you use the Service. Service Usage Information is collected, including information about how you are accessing and using the Service. We use this information to understand and improve our Services, and to investigate and prevent security issues, abuse, fraud.
Visiting our Website. We collect the IP (Internet protocol) addresses of all visitors to our Website and other related information such as page requests, browser type, operating system and average time spent on our Website. We use this information to help us understand our Website activity, and to monitor and improve our Website. In addition to the information described above, our Website uses Cookies. Please refer to the Cookie Policy below for additional details.
Third Party Links.Our Website may contain links to other websites that YesHello does not own or operate. We provide links to third party websites as a convenience to the user. These links are not intended as an endorsement of or referral to the linked websites. The linked websites have separate and independent privacy policies, notices and terms of use. We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat Personal Data. We encourage you to read the privacy policy of every website you visit.
4. Disclosure of your Personal Data
As a matter of practice, YesHello does not disclose, trade, rent, sell or otherwise transfer Personal Data, except as set out in this policy.

We may transfer or disclose Personal Data as follows:

Service Provider Arrangements. We may transfer (or otherwise make available) Personal Data to third parties who process it on our behalf for the purposes noted above. These third parties may access, process or store personal data in the course of providing these services, but based on our instructions only.
As of the date hereof, these third party providers include technical operations such as database monitoring, data storage and hosting services and customer support software tools.
Changes to our Business Structure. YesHello may share or disclose data if we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of YesHello’s assets, financing, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence).
Compliance with Laws. YesHello and our Malaysian, US, and other Service Providers may share or disclose Personal Data to comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
Enforcing Our Rights, Preventing Fraud, and Safety. YesHello may share or disclose data to protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigation and preventing fraud.
5. Your Rights
Access and Correction of Personal Data
If we receive a request from an individual to access or update Personal Data we have collected on behalf of a particular Customer, we will direct that individual to the relevant Customer. We will assist our Customers wherever possible in responding to individual access requests.

If you submit Personal Data via our Website or otherwise provide us with your Personal Data, you may request access, updating or correction of your Personal Data by submitting a written request to us. We may request certain Personal Data for the purposes of verifying your identity.

6. How We Protect Personal Data
YesHello takes security seriously. We take various steps to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store, and the current state of technology.

To learn more about current practices and policies regarding security and confidentiality of Personal Data and other information, please see our Security Practices; we keep that document updated as these practices evolve over time.

7. Cookie Policy
YesHello uses cookies and similar technologies like single-pixel gifs and web beacons, to record log data. We use both session-based and persistent cookies.

Cookies are small text files sent by us to your computer and from your computer or mobile device to us each time you visit our website or use our desktop application. They are unique to your account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.

Some cookies are associated with your account and Personal Data in order to remember that you are logged in and which parts of the Service or Website you are logged into. Other cookies are not tied to your account but are unique and allow us to carry out site analytics and customization, among other similar things. If you access the Services through your browser, you can manage your cookie settings there but if you disable some or all cookies you may not be able to use the Services.

YesHello sets and accesses our own cookies on the domains operated by YesHello and its affiliates. In addition, we use third parties like Google Analytics for website analytics. You may opt-out of third party cookies from Google Analytics on its website. We do not currently recognize or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance.

8. Changes to this Privacy Policy
This Privacy Policy may be updated periodically to reflect changes to our Personal Data handling practices. The revised Privacy Policy will be posted on the Website. If you continue to use the Service or the Website after the changes are in effect, you agree to the revised Notice.

We strongly encourage you to please refer to this Privacy Policy often for the latest information about our Personal Data handling practices.

9. Contact Us
Please contact YesHello if:

you have any questions or comments about this Privacy Policy;
you wish to access, update, and/or correct inaccuracies in your Personal Data; or
you otherwise have a question or complaint about the manner in which we or our service providers treat your Personal Data.

You can reach the Chief Privacy Officer by emailing support@yeshello.chat or at our mailing address below:

Narrative Consulting PLT
Common Ground, Level 16 & 17, Nucleus Tower, No.10, Jalan PJU 7/6, Mutiara Damansara, 47800 Petaling Jaya, Selangor

If after contacting us you do not feel that we have adequately addressed your concerns, European individuals may exercise their rights as described in the following section.

10. European Union / Swiss Individuals
YesHello and its subsidiaries complies with the international framework regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. If there is any conflict between the terms in this privacy policy and the international legal framework, the international legal framework shall govern.

Complaints
In compliance with the International legal framework, YesHello commits to resolve complaints about our collection or use of your Personal Data.

European Union / Swiss individuals with inquiries or complaints regarding our International legal framework policy should first contact YesHello at support@yeshello.chat or at our mailing address below:

Narrative Consulting PLT
Common Ground, Level 16 & 17, Nucleus Tower, No.10, Jalan PJU 7/6, Mutiara Damansara, 47800 Petaling Jaya, Selangor

YesHello has further committed to refer unresolved International legal framework complaints to, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit JAMS for more information or to file a complaint. The services of JAMS are provided at no cost to you.

Third Parties
We use a limited number of third party providers to assist us in providing the Services to our Customers. As of the date hereof, these third party providers perform technical operations such as database monitoring, data storage and hosting services and customer support software tools. These third parties may access, process or store personal data in the course of providing these services, but based on our instructions only.

Liabilities in cases of onward transfer
If we receive personal data subject to our certification under the International legal framework  and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the International legal framework  if both (i) the agent processes the personal data in a manner inconsistent with the International legal framework  and (ii) we are responsible for the event giving rise to the damage.

Arbitration
You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of Switzerland or a European country participating in the International legal framework  must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority or the Swiss Federal Data Protection and Information Commissioner) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the International legal framework , the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the International legal framework  Principles with respect to the resident.

 

Service Data Privacy Statement
 

Last Updated July 23rd, 2020

1. Introduction
Narrative Consulting PLT (“YesHello”, “Chatbot Malaysia”, “we”, “us”, or “our”) provides a Software as a Service (SaaS) based “Conversation Cloud” that allows our customers to store, manipulate, analyze and transfer messages between their business systems and their customers on a variety of YesHello-provided and third party messaging channels (the “Service“).

This document is intended to supplement and clarify the YesHello Privacy Policy with regard to Personal Data processed on behalf of our Customers during provision of the Service (“Service Data“). This Privacy Statement for Service Data represents an Agreement between YesHello and the Customer and governs the use of Service Data. If there is any inconsistency between this Agreement and any negotiated Agreement between YesHello and the Customer, the terms of the negotiated agreement will prevail.

2. Definitions
Agent: an individual who communicates within the Conversation Cloud on behalf of the Customer
For example, a member of the Customer’s web support team, or a representative of a third party to whom support has been outsourced
Chat Participants: Agents and Users who communicate within the Conversation Cloud
Customer: a legal entity with whom YesHello has an agreement to provide the Services
For clarity, a Customer may be a Controller or a Processor of Personal Data. Where a Customer is a Processor of Personal Data, YesHello shall process Personal Data as sub-processor on behalf of the Controller. Instructions from the Controller regarding the processing Personal Data shall be given through the Processor.
User: an individual who communicates with a Customer or Agent within the Conversation Cloud
For example, a member of the public on Facebook Messenger, a visitor to the Customer’s Website, the holder of an SMS number, or the user of a mobile app

The following terms are used as defined in the EU General Data Protection Regulation (GDPR):

Controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data
Personal Data: any information relating to an identified or identifiable natural person (“Data Subject“)
Processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller
Third Party: a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data
3. Data We Process
This document is intended to supplement and clarify the YesHello Privacy Policy with regard to Personal Data processed on behalf of our Customers during provision of the Service (“Data Subject“)

YesHello may collect and process Personal Data about individuals for the purposes of account creation, billing, usage tracking, recruiting, and marketing. These data types and processing activities are governed instead by the YesHello Privacy Policy. Data that is not related to an identified or identifiable natural person, including aggregated or de-identified data, is not Personal Data and is not addressed by this document.

YesHello Services are not directed to children under 16. If you learn that a child under 16 has provided us with Personal Data without consent, please contact us.

4. Types of Service Data
YesHello may process the following types of Service Data on behalf of Customers:

User Profile Information
The YesHello API enables Agents to communicate with Users via multiple platforms such as social media (e.g., Facebook Messenger), email, SMS, and web apps (“Messaging Channels“). Each Channel transmits certain data about the User. Some examples include: First Name, Last Name, Email Address, Phone Number, IP Address, Location, Avatar/Image, Username/Handle, Linked IDs, and others.

The types of Personal Data transmitted in the User profile depend on the data collected by the Controller, and the User’s privacy settings and preferences. The Controller may be the Messaging Channel (e.g. Facebook, WeChat); or the Customer, when messages are received via [technology platform] (e.g. SMS, email), or web apps created using YesHello’s Software Development Kit.

Agent Profile Information
Customers may enable the configuration of profiles for their Agents, including details such as Name and Image.

Message Content
Message content may be structured or unstructured, and may or may not contain Personal Data. YesHello handles all messages in the Conversation Cloud as Personal Data.

Metadata
YesHello servers automatically record some information when Services are used, including information sent by browsers or mobile apps.

YesHello may collect information about the devices Services are being used on, including what type of device it is, operating system, device settings, application IDs, unique device identifiers, and crash data.

5. Purposes for Processing
YesHello processes the Personal Data types outlined above for the following purposes:

To provide and enhance our product and service offerings
To provide insights and statistics on an aggregated basis to help our Customers measure their performance, better understand their customers and improve their product and service offerings
To respond to Customer requests for support or assistance

This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified. It is no longer associated with an identifiable user or Customer of the Services and is therefore not Personal Data.

6. How We Protect Data
With regard to the Service and Service Data, YesHello acts as a Processor on behalf of Customers. Customers have primary responsibility for interacting with Data Subjects, and the role of YesHello is generally limited to assisting Customers as needed. YesHello processes Service Data only upon a Customer’s instruction and shall have a duty to respect the security and confidentiality of Personal Data, pursuant to the measures outlined in agreements with Customers and as required by applicable law.

Privacy Program
YesHello maintains a managed privacy program to identify risks and implement preventative measures. Our Chief Privacy Officer, supported by a network of senior professionals throughout the business and development teams, is responsible for managing the privacy program. The privacy program is and will be reviewed on a regular basis to provide for continued effectiveness.

Personal Data collected and processed by YesHello is governed by the YesHello Data Privacy Policy. Employees with access to Personal Data are trained on the Policy and their responsibility to protect the data, and they are bound by confidentiality agreements. YesHello has implemented a Privacy by Design (PbD) approach, and our development team receives specific training related to their job responsibilities.

Information Security
YesHello takes security seriously. We take various steps to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store, and the current state of technology.

To learn more about current practices and policies regarding security and confidentiality of Customer Data and other information, please see our Security Notice, we keep that document updated as these practices evolve over time.

7. Transparency and Cooperation with Customers
YesHello undertakes to be transparent regarding its Personal Data processing activities and to provide Customers with reasonable cooperation to help facilitate their respective data protection obligations regarding Personal Data.

Data Breach Notification
In the event that YesHello becomes aware of any unauthorized access to or disclosure of Personal Data, YesHello will promptly notify affected Customers to the extent such notification is permitted by applicable law.

Customer Audits
Upon a Customer’s request, and subject to appropriate confidentiality obligations, YesHello shall make available to the Customer (or such Customer’s independent, third-party auditor) information regarding YesHello and third-party sub-processors’ compliance with the data protection requirements set forth in our agreements.

Certifications
If you require a particular certification for your business, please let us know your specific needs so we can include it in our certification prioritization and roadmap.

Obligations Upon Termination
Upon termination of the Services, YesHello shall, at the request of the Customer, delete, render un-identifiable, or return all Personal Data to the Customer. YesHello will certify that it has done so, unless legislation prevents it from returning or destroying the data. In that case, YesHello will protect the data in accordance with its commitments and will not actively process the personal data transferred anymore.

8. Sharing and Disclosure
There are times when information described in this privacy statement may be shared by YesHello. This section discusses how YesHello may share such information. Customers determine their own policies for the sharing and disclosure.

YesHello reserves the right to disclose or use aggregate or de-identified information for any purpose. For example, we may share aggregated or de-identified information with our partners or others for business or research purposes like telling a prospective YesHello Customer the average number of messages sent within a day.

Sub-processing by Third Parties
YesHello may retain third party sub-processors, and depending on the location of the third-party sub-processor, processing of Personal Data by such sub-processors may involve transfers of Personal Data. Such third-party sub-processors shall process Personal Data only in accordance with the Customer’s instructions.

As of the date hereof, these third party providers include technical operations such as database monitoring, data storage and hosting services and customer support software tools.

Such third-party sub-processors have entered into written agreements with YesHello in accordance with the applicable requirements.

Compliance with Laws
YesHello may share or disclosed data to comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.

Enforcing Our Rights, Preventing Fraud, and Safety
YesHello may share or disclose data to protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigation and preventing fraud.

Changes to our Business Structure
YesHello may share or disclose data if we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of YesHello’s assets, financing, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence).

9. Data Subject Rights
YesHello acts as a data Processor on behalf of Customers. Customers have primary responsibility for interacting with Data Subjects, and the role of YesHello is generally limited to assisting Customers as needed.

Access, Correction, Amendment or Deletion Requests
YesHello shall promptly notify a Customer if YesHello receives a request from a Data Subject for access to, correction, amendment or deletion of that person’s Personal Data. YesHello shall not respond to any such Data Subject request without the Customer’s prior written consent except to confirm that the request relates to that Customer.

YesHello shall provide Customers with cooperation and assistance in a reasonable period of time and to the extent reasonably possible in relation to any request regarding Personal Data to the extent Customers do not have access to such Personal Data through their respective uses of the Services.

Handling of Complaints
Data Subjects may lodge a complaint about processing of their respective Personal Data by contacting the relevant Customer or the YesHello Privacy department at the email address support@yeshello.chat. YesHello shall promptly communicate the complaint to the Customer to whom the Personal Data relates.

Customers shall be responsible for responding to all Data Subject complaints forwarded by YesHello, except in cases where a Customer has disappeared factually or has ceased to exist in law or become insolvent. Where YesHello is aware of such a case, it undertakes to respond directly to Data Subjects’ complaints within thirty (30) days, including the consequences of the complaint and further actions Data Subjects may take if they are unsatisfied by the reply.

Regulatory Inquiries and Complaints
YesHello shall, to the extent legally permitted, promptly notify a Customer if it receives an inquiry or complaint from a data protection authority in which that Customer is specifically named. Upon a Customer’s request, YesHello shall provide the Customer with cooperation and assistance in relation to any regulatory inquiry or complaint involving YesHello’s processing of Personal Data.

10. Changes to this Statement
We may change this statement from time to time, and if we do we will post any changes on this page. If you continue to use the Services after those changes are in effect, you agree to the revised policy.

This document was last updated on July 23rd 2020.

11. Contacting YesHello
Please feel free to contact us if you have any questions about YesHello’s Privacy commitments or practices. You may contact us at support@yeshello.chat or at our mailing address below:

Narrative Consulting PLT
Common Ground, Level 16 & 17, Nucleus Tower, No.10, Jalan PJU 7/6, Mutiara Damansara, 47800 Petaling Jaya, Selangor

The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The regulation became effective and enforceable on the 25th May 2018.
YesHello’s commitment to data protection and the GDPR
As a provider of messaging services, data privacy is vital to YesHello, which is why we built our platform to the highest standards of privacy and security.

We’ve designed our platform, as well as our internal Privacy Program, to meet the requirements of European, Canadian and US privacy laws. Our customers are located around the world, so we design for a global standard.

We also recognize that protecting your data requires an enterprise-grade security program. Whether it’s granular access restriction or encrypting data in motion and at rest, you can have full confidence in how your company data, as well as the personal data of your users, is being processed, transferred and stored.

YesHello began to dedicate internal resources to the GDPR in July 2019 right after we launched our first public version of our software. We did this because we value our customers (and their customers) rights to privacy. Compliance with and to international law and regulations are very important to us.

Here’s a condensed version of the GDPR requirements and where we are on our journey:
– Conduct an information audit to determine what information you process and who has access to it. COMPLETED
– Have a legal justification for your data processing activities. COMPLETED
– Appoint a Data Protection Officer. COMPLETED
– Rewrite our Data Protection Addendum (DPA). COMPLETED
– Perform the necessary changes/improvements to our product based on the requirements:
Suppression Controls. COMPLETED
Contact Lookup. COMPLETED
– Provide clear information about your data processing and legal justification in your privacy policy. COMPLETED
– Take data protection into account at all times, from the moment you begin developing a product to each time you process data. COMPLETED
– Encrypt, pseudonymize, or anonymize personal data wherever possible. COMPLETED
– Create an internal security policy for your team members, and build awareness about data protection. COMPLETED
– Have a process in place to notify the authorities and your data subjects in the event of a data breach. COMPLETED
– Implement the required changes to our internal processes and procedures to maintain the latest privacy and security requirements. COMPLETED
Your Responsibility as a Data Controller
People who communicate using the platform have rights under the GDPR. It is your responsibility to communicate these rights to them and be prepared for their requests to exercise those rights. We have built features that make it simple and fast to do so.

The first thing you need to do when a user submits a request is to identify the data you have about them. The YesHello platform makes that easy by using unified customer profiles where channel identities, channel supplied metadata, application, and other custom metadata, and conversation history is stored.

You can respond to the request to access, correct, or delete personal data through our Contacts Module. User message content can be extracted and provided to the individual, or you can Delete Messages and Profile Information.

Make sure your Terms of Service or Privacy Policy properly communicate to your users how you are using YesHello (and any other similar services) on your website or app. We recommend you ensure your policies are up to date and clear to your readers.

If you are in the European Union you’ll likely want to sign a Data Processing Addendum (DPA) with YesHello. We’re happy to do so. Working with outside counsels, we’ve updated this document to be in compliance with the GDPR and other generally acceptable privacy laws. You can request this document at support@yeshello.chat.

Some of YesHello’s services (like the website chat widget) use cookies to authenticate and store the conversation with your contacts, your visitors should accept your cookies and privacy policy to make use of these services.

It’s your responsibility to comply with terms of use of the channels and third-parties you decide to integrate with YesHello.

Data Processing Addendum
In the course of providing our service, YesHello may process personal data on your behalf. In order to outline specifics of how we will perform this processing and what our obligations are as well as the obligations of our users/customers, we’ve developed a Data Processing Addendum (DPA) that we enter into free of charge with anyone that uses our service and requests it. This document forms part of a contract of service with YesHello (as the Data Processor) and our users/customers (as the Controllers). The DPA reflects the parties’ agreement with regard to the processing of personal data performed using our service.

As a Controller, in order to sign this agreement, you must review and digitally sign a copy of the Data Processing Addendum. Once you sign the agreement, you need to email to our Data Compliance Department at support@chatbots.my. Our team will review and sign your submission within 7 working days and send you back digital copy.  With the receipt of the validly completed and digitally signed Agreement, this Agreement shall be in full force and effect.

You can request this document at support@chatbots.my

…

We understand your concerns about the Data Privacy — we’ve been there! Keeping your data safe and secure is our top priority, and we’re committed to maintaining the highest standards.

Please feel free to contact us if you have any questions about our Privacy and Security commitments or practices. You may contact us at support@chatbots.my