Chat with us!
Chat
CLICK HERE TO START CHAT

Data Privacy and Security Policy

Introduction

eGain is committed to the responsible use of information and protecting individual privacy rights on www.egain.com and our platform services. eGain strives to provide services to businesses, customers, non-profit organizations and government agencies that help facilitate more informed decisions, and make society safer, in ways that protect customer privacy. We aspire to protect customer privacy through the design of our products, by credentialing, monitoring, and auditing our Hosting Infrastructure as appropriate, and through other information security safeguards. We also strive to promote transparency through customer education initiatives, privacy principles and policies, and appropriate opportunities for customer choice, access, and correction with respect to personal information stored within our Infrastructure.

eGain has been awarded TRUSTe’s Privacy Seal signifying that this privacy policy and practices have been reviewed by TRUSTe for compliance with TRUSTe’s program requirements and TRUSTed Cloud Program Requirements including transparency, accountability and choice regarding the collection and use of your personal information. The TRUSTe program covers only information that is collected through the English version of the site www.egain.com and covers information that may be collected through our platform services.

If you have questions or complaints regarding our privacy policy or practices, please contact us at publications@egain.com. If you are not satisfied with our response you can contact TRUSTe here.

Safe Harbor certification

We self-certify compliance with

eGain complies with the U.S.–E.U. Safe Harbor framework and the U.S.–Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland.  eGain has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view eGain’s certification, please visit http://www.export.gov/safeharbor/

Responsibilty

It is the responsibility of CISO to ensure the implementation of controls specified in this policy.

It is the responsibility of all third party organization and staff to adhere to this policy.

Policy Statement and Objectives

eGain seeks to limit the distribution of personally identifiable information consistent with the nature and sensitivity of the information. In its services, eGain also strives to make available personally identifiable information from sources other than public records or publicly available information only to its authorized users or customers. Similarly, where applicable, eGain restrict access to information in accordance with privacy laws such as the FCRA, the GLB, and the DPPA and comparable state statutes.

If, upon investigation, eGain finds that personally identifiable information has been used or accessed inappropriately or unlawfully, Management strives to take reasonable steps to stop the misuse or access, educate the user concerning the appropriate use of the information, and prevent similar future misuses. Such steps may include measures up to and including discontinuation of the user’s access to eGain information products, infrastructure and services, pursuit of other legal remedies, and the referral of misuse to the appropriate authorities.

eGain collects personally identifiable information when users register on the site including but not limited to your name, email address, and phone number. These personally identifiable information is used respond to your customer service requests, send you newsletters, and to administer your account. Out of respect for your privacy, we allow you to opt out of these newsletters by following the unsubscribe directions in them.

Information Related to Data Collected through Platform
eGain collects information under the direction of its clients, and has no direct relationship with the individuals whose personal data it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the client that you interact with directly.

Service Provider, Sub-Processors/Onward Transfer
eGain may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the provisions in this policy regarding notice and choice and the service agreements with our clients.

Access to Data Controlled by our Clients
eGain has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the eGains’ client (the data controller). If the client requests eGain to remove the data, we will respond to their request within 30 business days.

Information Sharing

We will share your personal information with third parties only in the ways that are described in this privacy policy. We do not sell your personal information to third parties.

We may provide your personal information to companies that provide services to help us with our business activities such as a hosting provider or analytics provider. These companies are authorized to use your personal information only as necessary to provide these services to us.

We may also disclose your personal information as required by law, such as to comply with a subpoena, or similar legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, and to any other third party with your prior consent to do so.

If eGain is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

User Access and Choice

If your personal information changes, or if you no longer desire our service, you may correct, update, amend, delete/remove, or deactivate it by making the change on our member information page or by emailing our Customer Support at publications@egain.com. We will respond to your request to access within 30 days.

eGain will retain personal data we process on behalf of our clients for as long as needed to provide services to our client or your information for as long as your account is active or as needed to provide you services.  We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Online Privacy

Provision shall be there to ensure confidentiality, non-disclosure and acceptable use of the information processed over the internet through evolving standards to the online environment.

Identity theft

Adequate controls will be put in place to prevent the acquisition of information from its products and services for improper purposes, specifically identity theft. In those states where notification laws do not exist, eGain shall follow its Information Security Breach Response and Notification, which provides that affected customers will be notified when sensitive personally identifiable information owned or managed by eGain is acquired by an unauthorized individual and whenever management has a reasonable basis to believe the breach has resulted in, or there is a significant risk that it will result in, identity theft to the customers to whom the information relates.

Physical, Technical, and Organizational Security Measures

1. The Company shall adopt physical, technical, and organizational measures to ensure the security of Personal Data, including the prevention of their alteration, loss, damage, unauthorized processing or access, having regard to the state of the art, the nature of the data, and the risks to which they are exposed by virtue of human action or the physical or natural environment. The security of your personal information and our clients’ information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it.  No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.

2. Adequate security measures should include all of the following:

  • Entry Control: Prevention of unauthorized persons from gaining access to data processing systems in which Personal Data are processed.
  • Admission Control: Prevention of data processing systems from being used by unauthorized persons.
  • Access Control: Preventing persons entitled to use a data processing system from accessing data beyond their needs and authorizations. This includes preventing unauthorized reading, copying, modifying or removal during processing and use, or after storage.
  • Disclosure Control: Ensuring that Personal Data in the course of electronic transmission during transport or during storage on a data carrier cannot be read, copied, modified or removed without authorization, and providing a mechanism for checking to establish who is authorized to receive, and who has received, the information.
  • Input Control: Ensuring that it can be subsequently checked and established whether and by whom Personal Data have been entered into, modified on or removed from data processing systems.
  • Job Control: Ensuring that in the case of commissioned processing of Personal Data, the data can be processed only in accordance with the instructions of the Data Controller.
  • Availability Control: Ensuring that Personal Data are protected against undesired destruction or loss.
  • Use Control: Ensuring that data collected for different purposes can and will be processed separately.
  • Longevity Control: Ensuring that data are not kept longer than necessary, including by requiring that data transferred to third persons be returned or destroyed.

Training

Each Business Unit will provide training to teach, or re-emphasize privacy and security related procedures. These procedures should be set forth in written guidelines to employees and shall include at least the following:

  • Each employee’s duty to use and permit the use of Clients Customer’s Personal Data only by authorized persons and for authorized purposes.
  • The Data Protection Principles set forth in Section 21.3.
  • The contents of this Policy.
  • The relationship between this Policy and other eGain policies, including without limitation to those identified in CISP.
  • The need for and proper use of the forms and procedures adopted to implement this Policy.
  • The correct use of passwords, security tokens and other access mechanisms.
  • The importance of limiting access to Personal Identifiable Data, such as by using password protected screen savers, logging out when the information is not being used and attended by an authorized person.
  • Securely storing manual files, print outs and electronic storage media.
  • A general prohibition on the transfer of Personal Data outside of the internal network and physical office premises.
  • Proper disposal of confidential data by shredding.
  • Special risks associated with particular activities.

Tracking Technologies

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We use cookies on this site. We do link the information stored in cookies to personally identifiable information you submit while on our site. We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser.

We use session cookies for our valuable partner’s access with idle time of 20 minutes to ensure that you are recognized when you move from page to page within one site and that any information you have entered is remembered. A persistent cookie remains on your hard drive for an extended period of time. Persistent cookie enables us to remember you on subsequent visits, speeding up and enhancing your experience of services offered. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory.

If you reject cookies, you may still use our site, but your ability to use some areas of our site, such as contests or surveys, will be limited.

The use of cookies by our tracking utility company is not covered by our privacy policy. We do not have access to control over these cookies. Our tracking utility company use session ID and persistent cookies while you navigate our site.

Our third party partners employ clear gifs (a.k.a. Web Beacons/Web Bugs), images, and scripts that help them better manage content on our site. We do [not] tie the information gathered to our Customers’ or Users’ personally identifiable information.

As is true of most web sites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We do [do not] link this automatically-collected data to personally identifiable information.

Behavioral Targeting/ Re-Targeting

We partner with a third party ad network to either display advertising on our Web site or to manage our advertising on other sites.  Our ad network partner uses cookies and Web beacons to collect non-personally identifiable information about your activities on this and other Web sites to provide you targeted advertising based upon your interests.  If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by clicking Here.  Please note this does not opt you out of being served advertising.  You will continue to receive generic ads.

(Google AdSense/Adwords) We use Google AdSense to publish ads on this site.  When you view or click on an ad a cookie will be set to help better provide advertisements that may be of interest to you on this and other Web sites.   You may opt-out of the use of this cookie by visiting Google’s Advertising and Privacy page: http://www.google.com/privacy_ads.html.

Forward to Colleague

If you choose to use our forward to colleague service to tell a friend about our site, we will ask you for your colleague’s name and email address. We will automatically send your colleague a one-time email inviting him or her to visit the site. eGain stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program. Your colleague may contact us to request that we remove this information from our database.

Links to 3rd Party Sites

Our site includes links to other web sites whose privacy practices may differ from those of eGain. If you submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any web site you visit.

Changes to this Policy

We may update this privacy policy to reflect changes to our information practices. If we make any material changes we will notify you by email or by means of a notice on this site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Policy effective date

Wednesday, November 20,  2013.

Contact Us

If you have any questions regarding our Privacy Policy, please contact us on the information below.

eGain
1252 Borregas Avenue
Sunnyvale, CA 94089 USA
Phone: +1 408-636-4500
publications@egain.com