8x8 products provide various functionalities to enable Customers, as controllers, to self-serve should they receive data subject requests from End Users. These include functionalities that enable Customers to export raw data files and delete data records and data files where and when necessary. Should you require specific assistance which cannot be supported by these functionalities, a case needs to be raised via your Support Community Portal whereby Support can view your request and assist further. Where deletion is required a Customer Data Deletion Request form must also be downloaded, completed, and signed to be sent back to the Support team, via your raised case, in order for this process to be completed.
Contact our Support team if you have any questions regarding this process or would like to speak to a representative about an existing case raised.
As in most service relationships, 8x8 is primarily the processor of the personal information it processes for its Customers in relation to the provision of 8x8's services. However, 8x8 is also a controller of certain End User personal information and, as a controller, 8x8 is directly responsible for ensuring compliance with data protection laws in relation to such processing.
To explain, while 8x8 primarily acts as a processor and has no control over the types of personal information that Customers may provide to 8x8 during the provision of 8x8's services (such as content of voice recordings, or CRM records), 8x8 does use certain personal information that is provided to it by its Customers for its own internal purposes and requirements, such as retaining for legal reporting requirements, billing and invoicing, quality control and assurance, service improvement and development and analytics. This data includes CDR data, which 8x8 is required to retain for reporting requirements, billing requirements and—in some cases—for legal investigatory purposes pursuant to regulations such as the PECR rules, RIPA, etc. that are not affected by the GDPR.