Cloud Service Security and Privacy

Through a customer’s use of ComputerTalk’s cloud services, data is introduced, generated, and stored to fulfill customer business requirements and manage contact center operations, including user configuration, activity monitoring, archival contact review, and reporting functions.  The secure processing and care of customer data are of the highest priority to ComputerTalk, supporting our commitment to protecting the confidentiality and privacy of our customers, their employees, and end-users.  Customers should expect nothing less.

Data Security

ComputerTalk maintains the same industry-standard cybersecurity control framework across our Canadian and United States data centers and our Azure cloud service that brings ice to international customers regionally across the globe.  Our customers use our cloud services knowing that we deploy and are vigilant in maintaining industry-standard security measures and technologies to ensure protection against all cybersecurity threats.

• Canada and the United States:  ComputerTalk operates wholly-owned data centers in Tier 3 or Tier 4 colocation facilities in Toronto, Markham (Canada), and Chicago (United States).  ComputerTalk maintains PCI DSS and SOC 2 Type 2 (annual third-party) compliance for these cloud service locations.  Detail on ComputerTalk’s colocation data center security control program is provided here.

• Azure ice platforms:  The ability for ComputerTalk to offer ice to international customers on a regional and affordable basis incorporates the Microsoft Azure shared accountability security model with complementary ice platform controls that include operational security practices and carefully selected security technologies.  ComputerTalk’s ice in Azure service security control program is detailed here.

Data Privacy

The protection of personally identifiable information (PII), beyond the protection offered through data security measures, is a critical undertaking that is policy driven and operationally enforced.  ComputerTalk supports our customers in meeting applicable privacy legislation (including but not limited to PHIPA, FIPAA, HIPAA, PIPEDA, and GDPR) through vital privacy policy initiatives and ensuring that all employees are trained in and committed to protecting the privacy of customer data.  ComputerTalk’s Privacy Policy is provided here.

Privacy Notice

ComputerTalk’s Privacy Notice is provided here as part of our data privacy mission.

Data Subject Access Request Policy

All data subjects – those persons who believe that ComputerTalk may hold some of their personally identifiable information (PII) as a function of a customer’s use of ComputerTalk services – have the right to request that all their PII residing on our servers and data storage infrastructure be identified to them and, if applicable through their instruction destroyed.  The Data Subject Access Request Process is provided here.  

Data Subject Access Request forms are available here -

• Direct Data Subject Access Request: To be used by our customers and their employees concerning personal information entered into the ice software when the customer grants access to the services.  
  
  
• Third-Party Data Subject Access Request:  To be used by authorized customer representatives on behalf of one or more of the customer’s end-users.  
  
  

GDPR Compliance

The following documentation is provided to reflect ComputerTalk’s commitment to compliance with GDPR requirements:

• Data Processing Addendum
  
• Data Processing Description
  
• Standard Contractual Clauses
• Sub-processor List