Version 1.0 – 10 June 2026
This notice explains how Genesys Cloud Services, Inc. and its affiliates (“Genesys”, “we”, “us”) process personal data in connection with the Agentic Virtual Agent chatbot made available on the Genesys.com website (“AVA”).
It applies to authorized Genesys employees and contractors globally. This notice is designed to satisfy transparency requirements as per applicable data protection laws, including the GDPR (applied as the baseline standard).
The AVA is an AI-powered chatbot, developed and controlled by Genesys, made available to users of the Genesys.com website. The AVA is designed to enhance user experience by enabling users to ask questions about Genesys offerings, pricing, and other information available on the Genesys.com website. In addition, the AVA provides functionality for users to arrange product demos. Users located in the United States, United Kingdom, India, New Zealand, Germany, Austria, Switzerland, Israel or Singapore may book a demo directly through the AVA with the AVA offering the user several proposed dates and times. Users outside these countries cannot book a demo directly but may request that a Genesys representative contact them to discuss their inquiry.
To use either the demo booking or contact-request functionality of the AVA, the user is asked to provide a business email address. Upon submission, the AVA queries Genesys’ Customer Relationship Management system (“CRM”) to determine whether the provided email address is associated with an existing contact record. If a matching record is found, the AVA uses the information contained in that record to auto-populate the remaining required fields, specifically: first name, surname, company name, phone number, and country. Where the CRM does not contain some or all of the aforementioned personal data, the AVA requests this information directly from the user.
Once the demo or contact request is submitted, that request and the provided information is routed to Genesys’ account team to be assigned to a dedicated Genesys representative.
This notice applies to authorized Genesys employees and contractors, and to employees who access the personal data collected and otherwise processed by the AVA.
Name, surname, business email address, business phone number and employer organization.
We may collect IP Address, unique user and session identifiers, session referrer URLs and session timestamps.
Genesys does not intend to process any personal data (including sensitive categories of personal data such as health data, biometric data, financial account data, government identifiers, or children’s data) other than that provided in sections 4.1 and 4.2. Users must not enter these categories of data into the AVA.
Genesys processes personal data only where there is a lawful basis to do so under applicable law. For most processing activities covered by this notice, Genesys relies on its legitimate business interests. Our legitimate interests in operating the AVA, as further set out below.
Where a different basis applies, such as legal obligation or consent for non-essential cookies – this is indicated in the table below.
| Purpose | Personal data | Legal basis |
|---|---|---|
| Contact Details lookup | Name, surname, business email address, business phone number and employer organization | Legitimate interests |
| Contact submission for representative assignment | Name, surname, business email address, business phone number and employer organization | Legitimate interests |
| Scheduling of product demos/apointments | Name, surname, business email address, business phone number and employer organization | Legitimate interests |
| Provision of the AVA to the user | Name, surname, business email address, business phone number and employer organization
& Usage and technical data (see 4.2. above); |
Legitimate interests |
| Quality assurance and improvement of the AVA | Data that you provide to us via the AVA | Legitimate interests |
| Legal compliance and rights management | Any data relevant to the obligation | Legal obligation |
| Non-essential cookies and tracking | Usage data; cookie identifiers | Consent |
We do not sell personal data processed through the AVA and do not use it for cross-context behavioral advertising or profiling that produces legal or similarly significant effects.
We may share personal data with:
All recipients are subject to appropriate data protection obligations.
Personal data collected through AVA may be transferred to countries outside your home jurisdiction, including the United States where the AVA is hosted on AWS US-East-1. Where transfers are subject to legal restrictions, Genesys relies on one or more of the following mechanisms:
Subject to applicable law, you may have the right to:
To exercise any right, please contact dataprivacy@genesys.com. We will respond within one month, extendable by two months for complex requests. No fee is charged unless requests are manifestly unfounded or excessive.
Where you are a Genesys’ customer organization’s employee, rights relating to personal data processed by your employer should be directed to your employer, not to Genesys.
Genesys implements appropriate technical and organizational measures including encryption in transit and at rest, role-based access controls, authentication controls, and security monitoring. The Genesys Cloud Security Policy applies to the AVA. The CRM and the third-party software used to schedule appointments and register user inquiries (as identified in Section 2) are subject to their respective providers’ security measures, which Genesys has assessed as appropriate.
We retain your contact details as part of our ongoing customer relationship management records. Your Contact Details will remain in our systems unless you request its deletion by contacting us or exercising your data protection rights.
If collected, your usage and technical data will be deleted after 60 days.
The AVA uses cookies to enable the proper functioning of the AVA, including maintaining and restoring messaging sessions, ensuring conversation continuity, supporting co-browsing and authentication functionality, and tracking session activity. Genesys will provide consent choices where required by applicable law for non-essential cookies. For details, refer to the Genesys Cookie Policy at https://help.genesys.cloud/articles/genesys-cloud-and-cookies/
Genesys may update this notice from time to time. The version date at the top of this notice reflects the most recent update.
For questions about this notice or to exercise privacy rights,
contact: dataprivacy@genesys.com
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority. EU/EEA supervisory authority contacts are available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en
