Genesys Cloud Trust Center
Comprehensive protections and controls to keep your data private
We are committed to treating your customer data responsibly and protecting its privacy with strict data practices, extensive product controls and transparent data policies.
Our artificial intelligence (AI) follows a framework of ethical principles and technical safeguards to ensure data privacy and confidentiality.
Our customers maintain full ownership over their data, including flexible controls to protect sensitive information.
Our comprehensive privacy practices and governance ensure customer data is handled responsibly by all Genesys employees.
We provide clear documentation on how customer data is handled, protected and shared to support transparency.
“Privacy is engineered into the Genesys Cloud platform by design, not bolted on afterwards. This principle extends through transparency and accountability in how customer data is collected, used and safeguarded.”
William Dummett
Chief Privacy Officer and Deputy General Counsel, Genesys
Genesys prioritizes ethical and privacy-centric practices throughout the entire AI development and deployment lifecycle, ensuring that AI systems respect individual privacy, maintain transparency and align with legal standards. Guided by our AI ethics principles, we never use customer data for any AI training or fine-tuning purposes without the explicit consent of our customer.
Privacy requirements differ based on industry, country, interpretation and approach. By design, Genesys Cloud™ data privacy controls allow you to manage customer data collection and usage to align with your unique privacy requirements.
Genesys Cloud customers retain full ownership and control of their data. We process customer data only with your consent and solely to deliver the services you choose or to meet legal obligations, as described in the Genesys Cloud Privacy Policy. Genesys never sells your data to third parties.
Customers choose the Genesys Cloud region in which their Org (tenant) resides; this region also serves as the storage location for their data. The only exception is an optional configuration that allows voice recordings to be stored in a Genesys Cloud Satellite Media Region when leveraging Global Media Fabric.
A core principle of protecting privacy is minimizing personal data that is collected and retained. Genesys Cloud de-identification tools such as digital data filters and automatic redaction help protect confidentiality while retaining data utility. Additionally, configurable data retention periods in Genesys Cloud ensure that customer data is retained only as long as necessary.
Genesys uses a limited number of third-party subprocessors to help us deliver services and potentially process data on our behalf. These subprocessors must adhere to strict compliance and contractual terms, ensuring the same level of personal data protection as those required from Genesys.
We are committed to long-term customer satisfaction. Should your organization transition away from Genesys Cloud, you can retain reporting metrics and recordings by downloading via public API prior to the data deletion date.
Genesys is deeply committed to privacy protection across the organization. Our privacy team works closely with security, compliance, product and operations teams to embed privacy into our processes and products.
The Genesys Chief Privacy Officer oversees our company-wide data privacy program, monitors its effectiveness and advises on global privacy laws and requirements. In addition, our European Data Protection Officer oversees our compliance with all requirements of European data protection law.
All Genesys employees must complete annual training to review core principles involving privacy risk management and appropriate handling of personal data. Access to customer data is limited based on business needs and job role.
At Genesys, we believe that transparency is essential to earning and maintaining customer trust. That’s why we have made key data protection and privacy resources openly available on our Genesys Cloud Resource Center.
The Genesys Cloud Privacy Policy outlines our practices for collecting, using, protecting and disclosing customer data. The Genesys Data Processing Addendum (DPA) further details how we access, process, transfer and store customer data in compliance with applicable privacy regulations.
Additionally, Genesys Cloud complies with the EU-U.S. Data Privacy Framework (DPF), including the UK and Swiss extensions. The DPF principles enable Genesys to satisfy requirements in the European Economic Area (EEA) pertaining to protecting personal data that is transferred out of those jurisdictions. To learn more about the DPF Program, and verify our certification, review the Data Privacy Framework list.
Genesys Cloud has undergone multiple independent verifications of its administrative, physical, operational and technical controls to address data privacy regulations for all our regions.
In the role of Genesys Cloud as a data processor, we have taken appropriate technical and organizational measures to meet the requirements of GDPR. Genesys Cloud provides a GDPR API as the preferred self-service solution for Genesys Cloud customers to respond to GDPR requests.
The Hébergeur de Données de Santé (HDS) is a French Law that governs the health data of French citizens. Genesys Cloud has undergone an independent third-party audit to achieve the HDS certification.
The Brazilian General Data Protection Law (“LGPD”) is Brazil’s primary regulation aimed at the protection of personal data. LGPD (Lei Geral de Proteção de Dados) was designed in accordance with the EU’s GDPR.
The California Consumers Protection Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for residents of California in the United States. The CPRA expands upon the CCPA by providing Californians with more robust privacy protections.
Many Genesys Cloud services are compliant with the Health Insurance Portability and Accountability Act (HIPAA), specifically meeting the administrative, physical and technical safeguards required by law.
If you still have questions about Genesys Cloud security, privacy and compliance practices — let’s connect.
Thank you for your interest.
A Genesys representative will be in contact with you shortly.
