Privacy Policy

For Videsk SpA, the protection and security of the data and information provided by each user is fundamental and constitutes an essential part of our services. We aim to achieve global development based on solid privacy principles, which are set forth in this “Privacy Policy” document, and which applies to the products and services provided by Videsk SpA, including: the Videsk SpA website http://videsk.io, mobile applications, software, and features. This Privacy Policy is of general and global application across the products and services provided by Videsk SpA.

This Privacy Policy seeks to explain the processing carried out on information that comes, directly or indirectly, from the products or services, such as its collection and management, as well as the security measures we implement to maintain the privacy of each user. It also explains the different ways in which each user can access their information, and the means and conditions for modifying or updating it.

In our services we may find different types of users, whether at the administrator level, service agent level, or simply end user. For purposes of privacy and data processing, the safeguards and privacy principles established herein shall apply to all users with the same level of care. For practical purposes, where reference is made to “users” or “user”, it shall be understood that the Privacy Policy refers to them generically, except where expressly stated otherwise. In those cases where the development of a particular provision does not directly relate to the type of user, it shall be understood that such provisions are not applicable to that particular type.

These Policies may be updated, in which case notice will be given on the corresponding website or via email. We ask each user to also carefully read the Terms and Conditions, which describe the terms governing our products and services.

It should be noted that nothing in this Privacy Policy shall prevent Videsk SpA from fully complying with applicable legislation.

Information Collected

Videsk SpA receives and collects information from users in order to operate, provide, understand, and improve its services, which may even occur during installation, if the product or service requires installation, access, or use of our services.

The type of information that Videsk SpA receives and collects will vary depending on how each user uses Videsk SpA’s products or services. Fundamentally, this depends on the type of user, whether administrator, agent or executive, or end user.

The information collected may be personal information, which for purposes of this Privacy Policy is information that can be used to identify an individual, and may include, but is not limited to: name, email address, postal or other physical address, information generated from the use of the products or services, and other information required to provide or deliver a service or carry out a communication transaction that the user has requested.

Security

At Videsk SpA we use encryption technologies to protect information both in transit (TLS 1.2 or higher) and at rest (AES-256), in addition to organizational measures to help protect your personal information. We may verify accounts and activities to prevent security breaches or violations of applicable legislation, both internal and external to our products and services.

Prevention is carried out through the investigation of suspicious activity or breaches of the terms set forth in Videsk SpA’s Terms and Conditions.

Authorization to Transfer, Process, and Store

The user authorizes Videsk SpA to transfer or assign their information, outside the national territory, to any affiliate or partner of Videsk SpA or to third parties acting, in accordance with the law, on behalf of Videsk SpA or on their own behalf, for the purpose of processing and storing information. For example, in order to have the right to store your information on servers outside of your national territory.

Our Operations

The user accepts our information practices, which include the collection, use, processing, and sharing of their information, as described in this Privacy Policy, as well as the transfer and processing of their information in Chile, Mexico, the United States, Hong Kong, and other countries internationally where we have or use facilities, service providers, or partners, regardless of where our products or services are used. The user acknowledges that the laws, provisions, and rules of the country in which their information is stored or processed may differ from those that govern in their own country.

In no case is the user exposed to leaks of sensitive information processed during video sessions, since Videsk SpA does not access such information, as it concerns end-to-end encrypted communications, nor does it keep copies or backups of the video sessions, documents, or information delivered through the video session, the chat, or the shared documents. In general, the data and information processed is of a general and non-sensitive nature.

The information processed relates to: the fields to be completed in the personalized contact forms that institutions using Videsk may or may not implement; IP address of the digital device through which users make the video calls; type of digital device; operating system; selected segment; website from which the video call is made; language in which their browser is configured; information entered in the text field of the agent console; waiting times in the virtual queue; abandonments of the virtual queue; call duration; actions to start and end the video session.

Use of Information

The user understands that they grant Videsk SpA a license to receive and collect their user information, for the purpose of operating, providing, promoting, improving, personalizing, optimizing, marketing, and supporting our services, and to develop new ones.

The information provided will be used to operate, evaluate, and improve the products and services delivered, always seeking the constant evolution and improvement of our technology and Videsk SpA’s products and services. For this reason, researching, developing, and testing new services and new developments with the collected information is of vital importance to us and our clients.

The information provided by users is also used as a backup to respond in the best possible way when the user contacts the help desk.

We always safeguard each user’s privacy and hold the privacy of information as a cornerstone principle.

It is important to note that Videsk SpA does not have access to all the data or information transmitted through its platforms, since our technology, by default, works with encrypted data. For this reason it should be noted that not all information is backed up, in consideration of the privacy and encryption that our products and services provide.

We use cookies to operate, provide, improve, personalize, and optimize the responses and the service delivered. The foregoing should be understood as part of the service provided by Videsk SpA.

Notwithstanding the foregoing, Videsk SpA’s use of any information received from Google APIs, and the transfer of such information to any other app, will adhere exclusively to the Google API Services User Data Policy, including the Limited Use requirements. The broader license, commercialization, and transfer provisions described elsewhere in this Privacy Policy do not apply to information obtained through Google APIs and are superseded by the section “Google API Services User Data” below.

Information Management

If a user wishes to manage, change, limit, or delete information from their accounts, they may do so through the administrator user that will exist in each company or institutional account. The administrator user may also change the settings of our services and modify the management of certain information, may access certain information, correct it, update it, delete it, or request its deletion by sending a request via email to [email protected]. Videsk SpA reserves the right to respond within a reasonable time frame.

The administrator user may modify and delete user accounts linked to their administration, and may also make all types of modifications permitted by each administrator account.

In some cases, users may delete their accounts, which will be recorded as an action carried out with due confirmation by the user.

Please note that, when you delete an account, this does not necessarily affect information that other users have related to you. If the administrator user requests it, Videsk SpA may provide personal information of the accounts under their administration.

The information will be available while the accounts remain active. Once deleted, you authorize us to retain it for the purposes mentioned at the beginning of this provision or clause, and as a legal safeguard. For data economy and logistical reasons, this may occur randomly, without uniform action in all cases; that is, it is a variable action.

In the case of end users, it is the companies that contract Videsk SpA’s services that decide whether to enable or program the use of contact forms. In such cases, this is not recognized as a user account, so it is not correct to state that end users have user accounts.

End user information may be backed up or collected by each institution that decides to activate such contact forms, and they may also obtain information through direct communication between users, of any type, and back up their communications, such as written minutes or recordings of the communications as a backup. Videsk SpA facilitates the products and services, but this does not necessarily mean that we will back up the aforementioned information. In case of backing up, collecting, or receiving end user information, this will be for the purposes already mentioned in this document.

The purposes and reasons applied to data collection and to the type of data or information apply to all types of users who use Videsk SpA’s products and services.

Information Provided by the User

The user will provide, through their data entry, the following: the information registered in their account or contact forms, messages, video sessions, connections, and the information processed in the respective communications or backups thereof, if any. The same shall apply in cases where user support or customer service is requested, or in inquiries regarding privacy or any other type of contact made with Videsk SpA. This also includes information processed with third parties through the various integrations of Videsk SpA’s products and services.

The foregoing is of general application, and of variable action subject to factors of storage capacity, data processing, information security, logistics and data economy, and general capacity, which means that it will not necessarily be a uniform action, so it is not correct to assume that the collection of information and its storage will occur.

If in doubt, we recommend submitting the relevant inquiries on data processing to [email protected].

Passive Collection

As is the case with most software, mobile applications, and websites, at Videsk SpA we automatically collect certain information, which we list below:

1. We collect information related to performance, diagnostics, and service. This includes information about your activity; files and log data such as JavaScript, HTML and CSS mutations; as well as performance, website, crash, and diagnostic reports and logs.

2. In the event that the user pays for the products or services, we may receive information and confirmations, including from third parties that process the payments.

3. Information about connection and devices/hardware:

   1. The information we collect may include hardware information, including model and version, operating system information, browser, internet protocol “IP” address, internet service provider “ISP”.
   2. Sensors: geolocation (with prior authorization), device orientation, and/or screen touches. In the case of mobile devices, this may include the phone number and device identifiers.
   3. Connections: locations associated with the “IP”, connection times, and connection states.
   4. In the case of browsers, this may include: model, version, Web API logs, and user.
   5. We use local storage, which may vary in the use of different applications such as localStorage, sessionStorage, Cookies, Web SQL, IndexedDB, Cache Storage, Application Cache. The use of local storage is to operate and provide our services, which includes providing our web-based services, to understand how our products and services are used, and thus continually improve the user experience. We may also use local storage to remember your language preferences, and also to personalize our products and services for the user.

Third-Party Information

We may receive information that other people provide to us, which could also include information about users in certain circumstances. At Videsk SpA we work with external providers who help us operate, provide, improve, understand, personalize, and market our products and services, as well as offer support services for our products and services. We allow the user to use our services in connection with other third-party services. Users who use our products or services together with third-party products or services allow Videsk SpA to receive information about the user, either through third-party services or directly through Videsk SpA’s products and services.

At the moment the user accesses or uses third-party services, they shall be governed by the third party’s own terms and conditions and/or privacy policies governing such services.

At Videsk SpA we are not responsible for the terms and conditions and privacy policies of third parties, nor for their activities. Videsk SpA is limited to merely allowing the interaction, leaving the final decision to integrate and use third-party services exclusively to each type of user.

Tracking Technology

In our services we may use cookies or similar technologies to analyze trends, administer websites, track user movements through the services, and collect demographic information about our user base. Users may control, at their own discretion, the use of cookies through their browser.

Shared Information

Through the use of our services, each user shares their information with us, and in turn, we share part of that information in order to operate, improve, support, and personalize our products and services. The information referred to may include:

1. The external providers we work with. They help us operate, provide, improve, understand, personalize, and market our products and services. The providers who work with us comply with strict use of the user information to which they may have access;

2. The user’s account information;

3. The contacts with whom the user communicates. They may store or re-share the content or information that the user shares, both within and outside of our products and services. The information and content is the responsibility of whoever discloses it;

4. Third-party services and websites linked outside our control. In the event that the user uses any third-party service or web links that are integrated with our products or services, there is a possibility that such third party or web link may receive information that the user shares with them. The user should bear in mind that when using a third-party service, Videsk SpA’s policies will not apply, since it exceeds the scope of our knowledge and control. Therefore, these other services unrelated to Videsk SpA will be governed by their own terms and conditions and privacy policies.

Google API Services User Data

This section applies exclusively to information obtained by Videsk SpA when a user authorizes Videsk to access their Google account through OAuth, and prevails over any other provision of this Privacy Policy with respect to such information.

Application identity

The application requesting access to Google user data is Videsk (operated by Videsk SpA, Santiago, Chile). The name, logo, domain (videsk.io), and URL of this Privacy Policy displayed on the Google OAuth consent screen uniquely identify Videsk SpA as the entity requesting access.

Data we access and why

Videsk requests access to the minimum permission (scope) necessary to deliver features that are visible and prominent in the agent console:

Scope requested	Data accessed	Purpose in the application
https://www.googleapis.com/auth/calendar	Read and write access to the agent’s calendar, including creation and deletion of calendars and events.	(1) Create a dedicated calendar per agent (named “Videsk · Scheduled Sessions” or equivalent) where Videsk records scheduled video sessions, separate from the agent’s personal calendar. (2) Create, modify, and delete events on that calendar when the agent or system schedules, reschedules, or cancels video sessions from the agent console. (3) Delete the dedicated calendar when the agent disconnects the integration.

Videsk does not request access to Gmail, Drive, Contacts, or any other Google service. If Videsk expands the requested permissions in the future, this Privacy Policy will be updated and the user will be prompted to consent again before such data is accessed.

Limited Use

Videsk SpA’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, Videsk SpA:

1. Limits use of Google data to providing and improving the calendar management feature described above.
2. Does not transfer Google data to third parties, except in the following cases permitted by Google:
   • To provide or improve the feature described above, with the user’s consent;
   • For security purposes (for example, investigating abuse);
   • To comply with applicable law;
   • As part of a merger, acquisition, or sale of assets, after obtaining explicit prior consent from the user.
3. Does not allow humans to read Google data, unless:
   • The user provides affirmative consent to view specific events or calendars;
   • It is necessary for security purposes (investigating bugs or abuse);
   • It is required by applicable law;
   • The data has been aggregated and anonymized for internal operations in accordance with applicable privacy and legal requirements.
4. Does not use or transfer Google data for:
   • Serving advertisements, including retargeting, personalized, or interest-based advertising;
   • Determining credit-worthiness or for lending purposes;
   • Selling or transferring to third parties such as advertising platforms, data brokers, or information resellers.
5. Does not use Google data to train generalized artificial intelligence or machine learning models.
6. Ensures compliance with this policy by its employees, agents, contractors, and successors.

Storage and retention

OAuth tokens (access token and refresh token) are stored encrypted at rest (AES-256) and transmitted exclusively over TLS 1.2 or higher.

Videsk persists the identifier of the dedicated calendar created in the agent’s account (calendarId) and the identifiers of created events (eventId) to maintain synchronization with the agent console. The content of events from the agent’s personal calendar is not persisted.

When the user revokes access from their Google account or disconnects the integration from Videsk, tokens and associated identifiers are deleted within 30 days, except where retention is required by applicable law. Deleting tokens in Videsk does not automatically delete the dedicated calendar in Google: the user may keep it or delete it manually from Google Calendar.

How to revoke access

The user may revoke Videsk’s access to their Google account at any time:

• At https://myaccount.google.com/permissions; or
• From the integration settings in their Videsk account.

Revocation is immediate and does not require contacting Videsk SpA.

Contact

Inquiries regarding the handling of data obtained via Google APIs: [email protected].

Legislation and Protection

Videsk SpA may collect, use, retain, and possibly share personal information and any other information we have available, if we believe in good faith that it is reasonably necessary to:

1. Respond in accordance with applicable laws or rules, legal processes, or governmental requests;

2. Enforce and ensure compliance with our Terms and Conditions and applicable policy, including for investigations of potential infringements;

3. Detect, investigate, prevent, deter, and take action against fraud, illegal activities, or technical or security issues; or

4. Protect the rights, property, and safety of our users, Videsk SpA, or others.

It should be noted that nothing in this Privacy Policy shall prevent Videsk SpA from fully complying with applicable legislation.

Children

Videsk SpA’s products and services are directed at businesses and institutions (B2B) and their service agents and adult customers. Videsk is not directed to children under 13, does not knowingly collect personal information from children under 13, and does not require or allow children under 13 to sign in with a Google account through Videsk.

If a parent or guardian believes that a child under 13 has provided personal information to Videsk, they may contact [email protected] to request its deletion.

Updates

Videsk SpA may update its Privacy Policy. We will give notice of modifications to the Privacy Policy, as appropriate, and we will update the “Last Modified” date on the web page where the current copy of the Privacy Policy is located. By continuing to use our products or services, you confirm your acceptance of our Privacy Policy, with any modifications. If you do not agree with our Privacy Policy or its modifications, you must stop using our products and services. In any case, you may submit the relevant inquiries through the channels already indicated.

Contact us:

If you have questions about our Privacy Policy, you may contact us at the following address.

Videsk SpA. Santiago, Chile

[email protected]