Skip to content
  • There are no suggestions because the search field is empty.

Privacy Policy

Effective Date: June 1, 2026

Provider:

Live Engage sp. z o.o.

ul. Święty Marcin 29/8

61-806 Poznań, Poland

Email: legal@trueengage.com

1. INTRODUCTION

This Privacy Policy explains how Live Engage sp. z o.o. ("TrueEngage", "Company", "we", "our", or "us") collects, uses, discloses, transfers, and protects Personal Data in connection with the TrueEngage Service.

TrueEngage is committed to protecting privacy and processing Personal Data in accordance with applicable privacy and data protection laws, including:

  • Regulation (EU) 2016/679 ("GDPR");
  • UK GDPR;
  • California Consumer Privacy Act, as amended ("CCPA/CPRA");
  • Other applicable privacy and data protection laws.

This Privacy Policy forms part of the TrueEngage legal framework and should be read together with:

  • Terms of Service
  • Data Processing Addendum (DPA)
  • Service Level Agreement (SLA)
  • Technical and Organizational Measures (TOMs)
  • Trust Center

This Privacy Policy applies to:

  • Customers purchasing or using the Service;
  • Authorized Users accessing the Service on behalf of Customers;
  • Prospective customers and business contacts;
  • Visitors to TrueEngage websites;
  • Individuals communicating with TrueEngage regarding the Service.

Where TrueEngage processes Personal Data on behalf of Customers, TrueEngage acts as a Processor and the applicable Customer acts as the Controller. Such processing is governed by the applicable Data Processing Addendum.

2. ABOUT TRUEENGAGE

TrueEngage is a software-as-a-service (SaaS) platform and customer contact and collaboration layer for Genesys Cloud that enables organizations to deploy customer engagement, messaging, voice, video, screen sharing, feedback collection, and related communication and collaboration capabilities across multiple touchpoints.

Customers may deploy TrueEngage across websites, mobile applications, digital kiosks, communication channels, customer journeys, and other customer-facing touchpoints.

3. DEFINITIONS

For purposes of this Privacy Policy:

Authorized User means an employee, contractor, agent, or representative authorized by a Customer to access, administer, configure, or use the Service on the Customer's behalf.

Controller means the entity that determines the purposes and means of Processing Personal Data.

Customer means an organization that purchases, subscribes to, or uses the Service.

Customer Data means any data, content, communications, messages, recordings, transcripts, files, Personal Data, metadata, configuration information, analytics data, or other information submitted to, transmitted through, generated by, processed by, or stored within the Service by or on behalf of a Customer, Authorized Users, or End Users.

Data Protection Laws means all applicable privacy and data protection laws and regulations.

End User means an individual who communicates or interacts with a Customer through the Service.

Personal Data means any information relating to an identified or identifiable natural person.

Processing means any operation or set of operations performed on Personal Data.

Processor means an entity that Processes Personal Data on behalf of a Controller.

Service means the TrueEngage platform, software, applications, integrations, APIs, documentation, support services, and related offerings.

4. ROLES AND RESPONSIBILITIES

4.1 Customer Data

For Customer Data processed through the Service, Customers generally act as Controllers and TrueEngage acts as a Processor.

Customers are responsible for:

  • Determining the legal basis for processing;
  • Providing privacy notices;
  • Obtaining required consents where applicable;
  • Responding to Data Subject requests;
  • Defining retention periods;
  • Ensuring compliance with applicable Data Protection Laws.

TrueEngage processes Customer Data solely on behalf of and in accordance with:

  • Customer instructions;
  • Contractual commitments;
  • Applicable law;
  • The applicable Data Processing Addendum.

4.2 TrueEngage Business Data

TrueEngage acts as Controller with respect to Personal Data relating to:

  • Customer account administration;
  • Billing and subscription management;
  • Customer support activities;
  • Prospective customers and business contacts;
  • Suppliers and partners;
  • Website visitors;
  • Individuals communicating with TrueEngage;
  • Marketing and business development activities.

5. INFORMATION WE COLLECT

5.1 Information We Collect as Controller

We may collect and process the following categories of Personal Data:

Personal Identification Information

  • First name;
  • Last name;
  • Professional title;
  • Employer or organization name.

Business Information

  • Account information;
  • Subscription information;
  • Contract information;
  • Billing information;
  • Purchase history.

Contact Information

  • Business email address;
  • Business telephone number;
  • Business address;
  • Correspondence information.

Technical Information

  • IP address;
  • Device identifiers;
  • Browser information;
  • Authentication information;
  • Security logs.

Communications

  • Support requests;
  • Service inquiries;
  • Correspondence;
  • Meeting records;
  • Feedback;
  • Survey responses.

5.2 Information Processed Through the Service

Depending on Customer configuration, Personal Data processed through the Service may include:

Contact Information

  • Names;
  • Email addresses;
  • Telephone numbers;
  • Customer identifiers.

Communications Data

  • Messages;
  • Chat transcripts;
  • Call metadata;
  • Video session metadata;
  • Feedback submissions.

Usage and Engagement Data

  • Page visits;
  • Widget interactions;
  • Navigation flows;
  • Session information;
  • Customer journey events.

Technical Data

  • IP addresses;
  • Device information;
  • Browser information;
  • Language settings;
  • Operating system information.

Customer-Provided Data

Any information submitted by Customers, Authorized Users, or End Users through the Service.

Customers determine what information is collected and processed through their use of the Service.

6. PURPOSES OF PROCESSING

6.1 Providing the Service

We process Personal Data to:

  • Provide and maintain the Service;
  • Create and manage accounts;
  • Authenticate users;
  • Deliver support services;
  • Process transactions;
  • Manage subscriptions;
  • Provide onboarding and implementation assistance;
  • Deliver Professional Services.

Legal Basis:

  • Performance of a contract;
  • Legitimate interests.

6.2 Security and Fraud Prevention

We process Personal Data to:

  • Protect the Service;
  • Detect security threats;
  • Prevent fraud and abuse;
  • Investigate Security Incidents;
  • Maintain platform integrity;
  • Enforce contractual rights.

Legal Basis:

  • Legitimate interests;
  • Legal obligations.

6.3 Communications

We process Personal Data to:

  • Respond to inquiries;
  • Deliver service notifications;
  • Provide support;
  • Communicate regarding contractual matters;
  • Manage customer relationships.

Legal Basis:

  • Contract performance;
  • Legitimate interests.

6.4 Compliance and Legal Obligations

We process Personal Data to:

  • Comply with legal obligations;
  • Meet regulatory requirements;
  • Respond to lawful requests;
  • Protect legal rights;
  • Defend legal claims.

Legal Basis:

  • Legal obligations;
  • Legitimate interests.

6.5 Product Improvement

We may process Personal Data to:

  • Improve Service functionality;
  • Develop new features;
  • Analyze Service performance;
  • Produce operational reporting;
  • Improve user experience.

Where appropriate, we use aggregated, anonymized, de-identified, pseudonymized, or otherwise privacy-enhanced information.

Legal Basis:

  • Legitimate interests.

6.6 Artificial Intelligence and Service Improvement

TrueEngage may use aggregated, anonymized, de-identified, or pseudonymized information to improve, secure, maintain, and develop the Service.

TrueEngage does not use Customer Data to train publicly available artificial intelligence models unless expressly authorized by the applicable Customer.

Any use of Customer Data for artificial intelligence, machine learning, analytics, or product improvement purposes shall be conducted in accordance with applicable law, contractual commitments, and Customer instructions.

7. LEGAL BASES FOR PROCESSING

Where GDPR, UK GDPR, or similar laws apply, TrueEngage relies upon one or more of the following legal bases:

Purpose Legal Basis
Service Delivery Contract Performance
Account Administration Contract Performance
Customer Support Contract Performance and Legitimate Interests
Security and Fraud Prevention Legitimate Interests and Legal Obligations
Compliance Activities Legal Obligations
Communications Contract Performance and Legitimate Interests
Product Improvement Legitimate Interests
Marketing Communications Consent or Legitimate Interests, as applicable

The specific legal basis applicable to a particular processing activity may vary depending on the circumstances and applicable law.

8. COOKIES AND SIMILAR TECHNOLOGIES

TrueEngage deployments may use cookies, local storage, session storage, pixels, tags, and similar technologies.

Where the Service is deployed on a Customer's website, application, kiosk, or other digital property:

  • The Customer is responsible for determining which technologies are deployed;
  • The Customer is responsible for providing required privacy notices;
  • The Customer is responsible for obtaining any required consent;
  • The Customer is responsible for managing End User preferences;
  • The Customer is responsible for compliance with applicable cookie and tracking technology requirements.

TrueEngage may provide configuration assistance but does not control Customer consent mechanisms.

Users should review the applicable Customer privacy notices for information regarding cookies and tracking technologies used in a specific deployment.

For TrueEngage-operated websites, cookies and similar technologies may be used to:

  • Maintain website functionality;
  • Improve user experience;
  • Analyze website performance;
  • Protect website security;
  • Remember user preferences.

Where required by law, consent will be obtained before placing non-essential cookies.

9. DISCLOSURE OF PERSONAL DATA

TrueEngage may disclose Personal Data only where necessary to provide the Service, comply with legal obligations, protect legitimate interests, or otherwise as permitted by applicable law.

9.1 Service Providers

We may disclose Personal Data to carefully selected service providers supporting:

  • Cloud hosting;
  • Infrastructure services;
  • Security services;
  • Communications services;
  • Monitoring services;
  • Analytics services;
  • Customer support;
  • Professional services;
  • Identity and authentication services.

Such providers are contractually required to protect Personal Data and process it only for authorized purposes.

9.2 Professional Advisors

We may disclose Personal Data to:

  • Legal advisors;
  • Auditors;
  • Accountants;
  • Consultants;
  • Insurance providers;

where necessary for legitimate business, legal, compliance, or operational purposes.

9.3 Authorities and Legal Requests

We may disclose Personal Data where required by:

  • Applicable law;
  • Court order;
  • Regulatory authority;
  • Governmental request;
  • Law enforcement request;
  • Legal process.

Where legally permitted, TrueEngage will use commercially reasonable efforts to notify affected Customers before disclosing Customer Data.

9.4 Corporate Transactions

We may disclose Personal Data in connection with:

  • Mergers;
  • Acquisitions;
  • Corporate reorganizations;
  • Financing transactions;
  • Asset sales;
  • Bankruptcy proceedings;
  • Similar corporate transactions.

Any successor entity shall be required to protect Personal Data in a manner substantially consistent with this Privacy Policy.

10. SUBPROCESSORS

TrueEngage uses carefully selected subprocessors to support delivery of the Service.

Subprocessors may provide:

  • Infrastructure services;
  • Cloud hosting;
  • Communications services;
  • Monitoring services;
  • Security services;
  • Customer support services;
  • Identity and authentication services;
  • Analytics services.

Subprocessors are subject to contractual obligations designed to protect Customer Data and Personal Data in accordance with applicable law.

A current list of approved subprocessors is available through the Trust Center.

Changes to subprocessors are managed in accordance with the applicable Data Processing Addendum.

TrueEngage performs appropriate due diligence when selecting subprocessors and periodically reviews their security and compliance posture.

11. INTERNATIONAL DATA TRANSFERS

TrueEngage supports Customers globally.

Customer Data is generally processed in the region selected for the applicable Customer deployment.

Available regions may include:

  • European Union;
  • United States;
  • Other supported regions.

Additional information regarding hosting locations and regional deployment options may be available through the Trust Center.

Where Personal Data is transferred internationally, TrueEngage implements appropriate safeguards, including where applicable:

  • European Commission adequacy decisions;
  • Standard Contractual Clauses (SCCs);
  • UK International Data Transfer Addendum;
  • Binding contractual safeguards;
  • Other lawful transfer mechanisms.

Customers may request additional information regarding applicable transfer safeguards where permitted by law.

12. DATA RETENTION

TrueEngage retains Personal Data only for as long as necessary to:

  • Provide the Service;
  • Fulfill contractual obligations;
  • Comply with legal requirements;
  • Resolve disputes;
  • Enforce legal rights;
  • Comply with Customer instructions;
  • Maintain security and operational integrity.

Retention periods vary depending on:

  • The nature of the data;
  • Contractual requirements;
  • Legal obligations;
  • Regulatory requirements;
  • Customer instructions;
  • Legitimate business needs.

Upon expiration of applicable retention periods, Personal Data may be:

  • Deleted;
  • Anonymized;
  • De-identified;
  • Aggregated.

Customer Data is retained and deleted in accordance with:

  • Customer instructions;
  • The Terms of Service;
  • The Data Processing Addendum;
  • Applicable legal requirements.

Where deletion is not immediately possible, Personal Data may remain securely isolated until deletion can be completed through normal operational processes.

13. SECURITY

TrueEngage maintains a comprehensive information security program designed to protect Personal Data and Customer Data against unauthorized access, disclosure, alteration, loss, destruction, or misuse.

Security controls include:

  • ISO/IEC 27001:2022 certified Information Security Management System (ISMS);
  • SOC 2 Type II attestation;
  • Encryption in transit using TLS;
  • Encryption at rest where appropriate;
  • Role-based access controls;
  • Multi-factor authentication;
  • Security monitoring and logging;
  • Vulnerability management processes;
  • Secure development practices;
  • Incident response procedures;
  • Business continuity and disaster recovery controls;
  • Employee security awareness training.

Access to Personal Data is limited to authorized personnel with a legitimate business need and appropriate access permissions.

TrueEngage regularly reviews and improves its security controls based on:

  • Risk assessments;
  • Security testing;
  • Audit findings;
  • Industry best practices;
  • Regulatory requirements.

Additional information regarding:

  • Security controls;
  • Certifications;
  • Compliance documentation;
  • Penetration testing;
  • Business continuity;
  • Disaster recovery;
  • Security practices;

may be made available through the Trust Center.

14. SECURITY INCIDENTS

TrueEngage maintains documented incident detection, response, escalation, containment, remediation, and recovery procedures.

If TrueEngage becomes aware of a confirmed Security Incident affecting Customer Data, TrueEngage will provide notification without undue delay and in accordance with:

  • Applicable law;
  • Contractual commitments;
  • The applicable Data Processing Addendum.

Such notification may include, where reasonably available:

  • The nature of the Security Incident;
  • Categories of affected data;
  • Remediation actions;
  • Mitigation measures;
  • Contact information for follow-up.

TrueEngage maintains documented incident response, business continuity, and disaster recovery procedures designed to support timely recovery from security and operational incidents.

Additional information regarding security practices may be available through the Trust Center.

15. DATA SUBJECT RIGHTS

Depending on applicable law, individuals may have one or more of the following rights regarding their Personal Data:

  • Right of access;
  • Right to rectification;
  • Right to erasure;
  • Right to restriction of processing;
  • Right to data portability;
  • Right to object to processing;
  • Right to withdraw consent;
  • Right to lodge a complaint with a supervisory authority.

The availability of these rights may depend on:

  • Applicable law;
  • The nature of the processing activity;
  • The role of TrueEngage in relation to the Personal Data.

Requests relating to Personal Data processed by TrueEngage as Controller may be submitted using the contact information provided below.

Where TrueEngage acts solely as a Processor on behalf of a Customer, requests should generally be directed to the applicable Customer acting as Controller.

Where legally required, TrueEngage will provide reasonable assistance to Customers in responding to Data Subject requests in accordance with the applicable Data Processing Addendum.

TrueEngage may request additional information necessary to verify the identity of an individual before responding to a request.

16. CALIFORNIA PRIVACY RIGHTS

For California residents, TrueEngage provides rights consistent with the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), including:

  • Right to know;
  • Right to access;
  • Right to delete;
  • Right to correct;
  • Right to data portability;
  • Right to limit the use of sensitive personal information where applicable;
  • Right to opt out of sale or sharing where applicable;
  • Right to non-discrimination for exercising privacy rights.

TrueEngage does not sell Personal Data and has not sold Personal Data during the preceding twelve (12) months.

TrueEngage does not knowingly process Personal Data in a manner that would constitute a sale under applicable California law.

Where TrueEngage processes Personal Data solely on behalf of a Customer, the Customer is generally responsible for responding to applicable California privacy rights requests.

California residents may submit privacy-related requests using the contact information provided in this Privacy Policy.

17. CHILDREN'S PRIVACY

The Service is not designed for, directed to, or intentionally marketed toward children.

TrueEngage does not knowingly collect Personal Data directly from children except where such information is submitted by or on behalf of a Customer through the Service.

Customers remain responsible for ensuring that their use of the Service complies with:

  • Applicable laws relating to minors;
  • Children's privacy laws;
  • Applicable consent requirements.

If TrueEngage becomes aware that Personal Data has been collected in violation of applicable children's privacy laws, TrueEngage will take reasonable steps to delete such information or otherwise address the matter as required by law.

18. TRUST CENTER

The TrueEngage Trust Center serves as the primary source of information regarding:

  • Security controls;
  • Compliance certifications;
  • Subprocessors;
  • Business continuity and disaster recovery;
  • Security practices;
  • Audit documentation availability;
  • Security assessments;
  • Service status information;
  • Compliance documentation;
  • Hosting and regional deployment information.

The Trust Center may provide additional information regarding:

  • ISO/IEC 27001:2022 certification;
  • SOC 2 Type II attestation;
  • Security controls;
  • Incident response;
  • Business continuity;
  • Disaster recovery;
  • Privacy and compliance practices.

Trust Center:

https://trust.trueengage.com/

Additional resources may include:

  • Security Overview
  • Subprocessors
  • Compliance Documentation
  • Business Continuity and Disaster Recovery

Information made available through the Trust Center may be updated from time to time.

19. CHANGES TO THIS PRIVACY POLICY

TrueEngage may update this Privacy Policy periodically to reflect:

  • Changes to the Service;
  • Changes to applicable law;
  • Changes to security or operational practices;
  • Regulatory requirements;
  • Business developments.

Material changes will be communicated through appropriate means, which may include:

  • Publication on the TrueEngage website;
  • Customer notifications;
  • Trust Center updates;
  • Service communications.

The Effective Date at the beginning of this Privacy Policy indicates when this Privacy Policy was last updated.

Changes will not apply retroactively unless required by law.

20. CONTACT INFORMATION

Live Engage sp. z o.o.

ul. Święty Marcin 29/8

61-806 Poznań, Poland

General Legal Inquiries

legal@trueengage.com

Data Protection Contact

dataprotection@trueengage.com

Security Contact

security@trueengage.com

Trust Center

https://trust.trueengage.com/

Individuals may use the above contact information to:

  • Exercise privacy rights;
  • Submit privacy-related inquiries;
  • Report privacy concerns;
  • Request additional information regarding privacy practices;
  • Request information regarding international transfers, subprocessors, or applicable safeguards.

© 2026 Live Engage sp. z o.o. All rights reserved.