Related links
At Gorgias we are committed to keeping YOUR data safe and secure while we provide the best service we can for you.
This page describes everything we do with your data. How we use it and for what purpose. How long we keep it and how can you take control of it.
First, we have a few services that we offer to our customers, and we collect information about their activity on these services:
- - This current website (gorgias.io)
- - Gorgias Templates for Chrome
- - Gorgias Helpdesk
- - Gorgias Blog
- - Gorgias Helpdocs
- - Google Chrome Store page
- - Shopify Store page
What information do we collect?
There are also two ways we collect and store data about your activity:
- Using tracking scripts (aka pixels) in the browser, that makes use of cookies to persist the data between your website visits or between pages. These tracking scripts are usually made by a 3rd party processor (Google Analytics for example).
- Using our HTTP based backend (for example when you login/register). On the backend, we usually store them in our own database and/or send them to 3rd party processors similar to tracking scripts described above.
Why do we need to collect information on our customers in the first place?
We are a data-driven company meaning that we try to make rational decisions based on what we measure. This hopefully puts us on a good path to implement our customers needs (what feature to build, what bug to fix first, etc..) and ultimately provides them with more value. This is why we're using tools like Google Analytics to collect and analyze this data.
3rd party processors
Below you can find the tables of the services we use, what data we collect, its purpose and for how long.
This website (gorgias.io)
| Processor | Data collected | Purpose of data collection | How long the data is stored |
|---|---|---|---|
| Google Analytics | Data collected | Number of visits, browser languages, general geographical location. | Data retention policy |
| VWO | Page views | A/B testing | Data retention policy GDPR compliance |
| Clearbit | Page views, IP address | Enrich customer profiles | N/A |
| Segment | Custom events on our website. Clicks, input field values. | Event tracking aggregator used to distribute the event data to other sources. | Data retention policy |
| Adroll | Cookies | Re-targeting advertising | Privacy policy (contains data retention policy) |
| Data policy | Advertising | Data policy | |
| Zapier | Email addresses | Analysis of our onboarding process | GDPR compliance |
| Hubspot | Cookies | Track visits from prospects on the website | Privacy policy containing data retention policy , GDPR compliance |
| Customer.io | Email addresses & custom events | Drip campaigns, onboarding emails | Privacy policy containing data retentions policy , GDPR compliance |
Gorgias Templates for Chrome
| Processor | Data collected | Purpose of data collection | How long the data is stored |
|---|---|---|---|
| Google Analytics | Data collected | Number of visits, browser languages, general geographical location. | Data retention policy |
| Amplitude | Usage events, clicks, length of the template, how many times templates are used. | We use it to observe the usage of the chrome extension. How many templates are created on average, their length. No identifiable information is collected. | Privacy policy (contains data retention policy) |
Gorgias Helpdesk
| Processor | Data collected | Purpose of data collection | How long the data is stored |
|---|---|---|---|
| Data policy | Advertising | Data policy | |
| Segment | Custom events on our website. Clicks, input field values. | Event tracking aggregator used to distribute the event data to other sources. | Data retention policy |
| Sentry | Javascript and Python errors | In order to catch and debug errors in our production environment | Data retention |
| Hotjar | Mouse clicks and navigation events | Observe user sessions when they encounter errors. Use heatmaps to understand our user’s behavior and improve the product accordingly. | Data retention |
| Smooch | Chat data, including chat messages, and email address (if provided) | This chat system is used to communicate with our customers | 24h |
| Adwords | Cookies | Advertising | Data retention |
| Hubspot | Events sent when something happens in our backend | Track customer activity (if they purchase, if they upgrade their plan) on the website | Privacy policy containing data retention policy , GDPR compliance |
| Zapier | Email addresses | Analysis of our onboarding process | GDPR compliance |
| Customer.io | Email addresses & custom events | Drip campaigns, onboarding emails | Privacy policy containing data retentions policy , GDPR compliance |
| Adroll | Cookies | Re-targeting advertising | Privacy policy (contains data retention policy) |
Gorgias Helpdocs
| Processor | Data collected | Purpose of data collection | How long the data is stored |
|---|---|---|---|
| Google Analytics | Data collected | Number of visits, browser languages, general geographical location. | Data retention policy |
| Smooch | Chat data, including chat messages, and email address (if provided) | This chat system is used to communicate with our customers | 24h |
| Helpdocs | Visits, likes and dislikes | Analytics - how effective are our helpcenter articles. | Privacy policy including data retention policy |
Chrome Web Store Page
| Processor | Data collected | Purpose of data collection | How long the data is stored |
|---|---|---|---|
| Google Analytics | Data collected | Number of visits, browser languages, general geographical location. | Data retention policy |
Shopify Store Page
| Processor | Data collected | Purpose of data collection | How long the data is stored |
|---|---|---|---|
| Google Analytics | Data collected | Number of visits, browser languages, general geographical location. | Data retention policy |
How & where we store your data
Below you can find the list of cloud service that we’re using to store and serve your data.
| Data type | Processor | Purpose of data collection | Location |
|---|---|---|---|
| Helpdesk ticketing data. Customer messages, email addresses, phone numbers, and other personal information. | Google Cloud Platform | We store emails/facebook messages & comments and end-user data (the customers of our customers) so that we can provide the core of our service. We do however automatically obfuscate (or remove) Credit Card numbers, IBAN, SSN and other sensitive private information. | US East |
| Helpdesk attachments - our customers' and end-users' file attachments. | Google Cloud Platform | When you send an email we store the attachment in Google Cloud's object storage so we can serve it to the end-user and vice-versa for the our own customers. | US East |
| Gorgias Templates for Chrome: Only data for paying customers such as Users/Templates/Tags/Teams | Google Cloud Platform | All Gorgias Templates for Chrome data is stored in our main database | US East |
| Backups for Gorgias Templates for Chrome and Gorgias Helpdesk | Amazon Web Services | If experience a catastrophic data loss we can recover our main database from continuous backups. The data is stored in the S3 object storage | US East |
Data retention policy or How long do we store your data and why
We try to store data for our paying customers only (with a few exceptions).
For paying customers, if they stop paying for a given period of time, or ask us to delete their account and their data we do it no questions asked. In fact we have a money saving incentive to get rid of their data: storing Terabytes of data costs us a lot of money and since we’re not in the business of selling your data - and will never be - we’ll just simply delete it to reduce our hosting bills.
The exceptions of keeping the personal data includes law enforcement cases, billing/accounting information, etc..
So what exactly is our policy for data removal in our products?
Gorgias Helpdesk
IF customer in free trial THEN
IF customer free trial expires THEN
start data deletion process
ELSE IF paying customers asks us to delete their account or stops paying THEN
start data deletion process
Gorgias Templates
IF free user THEN
do nothing as we don't store anything
ELSE IF paying customers asks us to delete their account or stops paying THEN
start data deletion process
Data deletion process
The deletion process starts when an account (associated with a company usually) is marked as deactivated. 30 days after the deactivation we’re marking the data with “soft” delete flag. 10 days after the “soft” delete we’re permanently deleting the data from our database and other storages. 7 days after the permanently deleted database and storage records we delete our backups as well.
The reason it takes 47 days to completely remove the data from our storage is to protect our customers from accidental account deactivation/deletion.
The above deletion process is the default behavior, but on our customer’s request we can accelerate their data removal for up to a few hours + 7 days for the backups to be removed. If you need an accelerated deletion process please contact us using the address at the bottom of this page.
Security
We've created a dedicated page specificly to answer what is our security policy and how we keep your data secure. Read more here.
GDPR
Even though we think that this page should answer most of the issues raised by GDPR we've created a dedicated page it here.
EU-U.S. Privacy Shield
We've applied for self-certification and are awaiting their approval. More details to come soon.
Feedback
If there are any questions regarding this page, please contact us: support@gorgias.io
