Start 1-Month Free Trial

Personal Data Processing Policy

Personal Data Processing Policy – DatSOR – DYN Educational Support Services Inc
Effective from: July 14th, 2025

DatSOR, a brand of DYN Educational Support Services Inc., a Canadian company, is committed to protecting the personal information of our website visitors, clients, partners, and collaborators, as well as the personal data processed on behalf of our clients, in accordance with applicable data protection laws in Canada and the countries where we operate and serve.

This global policy aligns with the principles of robust data protection frameworks such as Canada’s PIPEDA, the European Union’s General Data Protection Regulation (GDPR), and relevant data protection laws in Latin America, including but not limited to:

  • Ley 1581 de 2012 (Colombia)
  • Ley Federal de Protección de Datos Personales en Posesión de Particulares (LFPDPPP) (Mexico)
  • Lei Geral de Proteção de Dados (LGPD) (Brazil)
  • Ley N° 29733 – Ley de Protección de Datos Personales (Peru)
  • Ley N° 25.326 – Protección de los Datos Personales (Argentina)

1. Scope of This Policy

This policy applies to all personal data collected and processed by DatSOR through:
a) Our website: https://datsor.com/ (including contact forms, newsletter and waiting list sign-ups).
b) Our AI-powered sales automation platform (“the Service”) when used by our business clients.

2. Data Controller and Data Processor

  • For data collected about you (as a website visitor or our direct business client): DatSOR (DYN Educational Support Services Inc.) is the Data Controller. We determine the purposes and means of processing your personal information (like your contact details, company info provided during registration).
  • For data processed on your behalf (End-Customer chat data within the Service): You, our business client, are the Data Controller. You determine why and how your End-Customers’ personal data (their chat conversations) is processed. DatSOR is the Data Processor, processing this Customer Data strictly on your behalf to provide the Service according to our agreement. (See Section 10 below for details).

3. Information We Collect

We collect information in the following categories:

a) Information You Provide Directly to Us (Website Visitors & Clients):
Website Interactions: When you use our contact form or join our waiting list: your name, email address, phone number, company name, and any message content you provide.
Account Registration: When you become a Client: your company’s legal name and structure, business address, contact person(s) name and contact details, billing information (address, payment method details).
AI Training Data (Provided by Clients): Information about your company, details of your products/services, pricing, and content for Frequently Asked Questions (Q&A) that you upload or provide for AI configuration and training. You are responsible for ensuring you have the right to share this content with us.

b) Customer Data Processed on Your Behalf (End-Customer Chat Data via the Service):
* When your End-Customers interact with our AI agents via your WhatsApp Business account using the Service: We collect the full content of these chat conversations (text, images, audio, video, etc.) and related metadata (timestamps, participant identifiers, etc.) as transmitted via the WhatsApp Business API.
* This data is collected and processed by us as your Data Processor to deliver the Service to you.

c) Information Collected Automatically (Website Visitors):
* When you visit our Website, we automatically collect technical information like IP address, browser type, operating system, referring URLs, pages visited, and visit timestamps. This is collected using cookies and similar technologies (see our Cookie Policy – DatSor).

4. Legal Basis for Processing (For Data We Control About You)

We process your personal information (as a website visitor or our client) based on the following legal grounds:

  • Consent: Where you have given clear consent for specific processing purposes (e.g., joining a mailing list).
  • Contractual Necessity: Where processing is necessary for the performance of a contract with you (e.g., providing the Service you subscribed to) or to take steps at your request before entering a contract (e.g., responding to your demo request).
  • Legal Obligation: Where processing is necessary to comply with a legal obligation (e.g., tax laws).
  • Legitimate Interests: Where processing is necessary for our legitimate interests (e.g., improving our Service, preventing fraud, direct marketing) and these interests do not override your fundamental rights and freedoms.

5. Purposes for Using Information

We use the information we collect for the following purposes:

a) To Provide and Improve the Service (Using Client Info & End-Customer Data):
* To operate, maintain, and provide access to your DatSOR account and platform interface.
* To process End-Customer chat conversations via AI agents on your behalf.
* To use User Content to configure and train the AI agents specifically for your business.
* To analyze anonymized and aggregated data (that cannot identify individuals) to improve our AI models and Service performance generally.

b) To Communicate with You (Clients & Website Visitors):
* To respond to your inquiries and manage waiting list requests.
* To send you service updates, technical alerts, security notifications, billing information, and support messages.

c) To Manage and Operate Our Website:
* To analyze website usage, improve functionality, and ensure security.

d) For Legal, Compliance, and Business Purposes:
* To comply with Canadian law and other applicable laws in jurisdictions where we operate.
* To enforce our Terms and Conditions and other agreements.
* For internal business purposes, such as data analysis and audits.

6. How We Share Information

We do not sell your personal information or End-Customer Data. We may share information in these circumstances:

a) With You (Our Client): Customer Data processed by our AI agents is shared with you via your DatSOR platform interface, as this is your data as the Controller.
b) With Third-Party Service Providers (Our Sub-processors): We share information with third-party vendors (like AWS for hosting/storage and Google Gemini for AI processing) and other service providers who perform functions on our behalf. These providers are contractually required to protect the information and process it only for the purposes for which we provide it to them, in compliance with privacy laws and our agreements.
c) With Third-Party Platforms (Directly): The Service requires transmitting data to Third-Party Services like the WhatsApp Business API to function. Their use of data is governed by their own policies, which you and your End-Customers should review.
d) Legal Compliance & Protection: We may disclose information if required by law (Canadian or other applicable jurisdiction), legal process, or valid governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
e) Business Transfers: If DatSOR (DYN Educational Support Services Inc.) is involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction, subject to confidentiality obligations.

7. Data Storage and Security

  • Information collected through our Service, including Customer Data, is stored on secure servers provided by Amazon Web Services (AWS).
  • We implement reasonable technical, administrative, and organizational security measures designed to protect information against unauthorized access, disclosure, alteration, or destruction, consistent with industry standards and our obligations as a Data Processor. However, no security system is completely impenetrable.
  • You are responsible for maintaining the security of your DatSOR account credentials.

8. International Data Transfers

As a Canadian company serving clients globally, and utilizing cloud providers that operate globally, information we collect or process may be stored and processed in Canada, the United States (via AWS, Google), and other jurisdictions outside of your or your End-Customers’ country of residence, including outside of Latin America.

By using our Website or Service, you understand and agree that your information may be transferred to countries outside of your country of residence, which may have different data protection laws than your country. When transferring data across borders, we implement safeguards such as relying on standard contractual clauses (SCCs) or other legally approved mechanisms to help ensure your data is protected to a level required by applicable law.

9. Data Retention

We retain your personal information (as a client) for as long as necessary to provide the Service, comply with our legal obligations under Canadian and other applicable laws, resolve disputes, and enforce our agreements.

We retain Customer Data (processed on your behalf) according to the terms of our Service Agreement with you. You are responsible for exporting any Customer Data you wish to retain upon termination of the Service.

10. Data Processing on Behalf of Clients (Our Role as Data Processor)

This section is critical for Clients using our Service:

  • Your Role (Data Controller): You, the business client, determine why and how End-Customer data is collected and processed via WhatsApp using our Service. Therefore, you are the Data Controller for this data. You are responsible for overall compliance with the data protection laws applicable to your business and your End-Customers.
  • Your Responsibilities as Data Controller:
    • You must have a valid legal basis (e.g., obtaining necessary informed consent from your End-Customers or relying on legitimate interests if permissible under local law) to collect their data via WhatsApp and to share it with DatSOR for processing by AI agents.
    • You are responsible for providing your End-Customers with accurate and sufficient privacy notices explaining that you use AI agents for sales conversations via WhatsApp and that their data is processed by third parties like DatSOR on your behalf.
    • You are responsible for responding to requests from your End-Customers regarding their data rights (e.g., access, rectification, erasure, objection, portability) in accordance with applicable data protection laws.
  • DatSOR’s Role (Data Processor): DatSOR will process Customer Data strictly on your documented instructions to provide the Service. We will not use Customer Data for our own independent purposes.
  • Our Responsibilities as Data Processor: We will implement security measures, assist you reasonably in responding to End-Customer data rights requests (as per our Service Agreement), notify you of data breaches impacting Customer Data (as required), and process data in accordance with our contractual obligations to you, which will include terms (potentially in a separate Data Processing Addendum – DPA) that comply with applicable Processor requirements under laws like LGPD, LFPDPPP, and others.

11. Your Rights (As a Data Subject)

Subject to applicable data protection laws (which vary by location, including Canadian and LATAM laws), you may have certain rights regarding your personal information (the data we control about you as a website visitor or client). These rights may include:

  • The right to access your personal information.
  • The right to request correction or update of your information.
  • The right to request deletion or erasure of your information.
  • The right to object to or restrict certain processing activities.
  • The right to withdraw your consent at any time (where processing is based on consent).
  • The right to data portability.
  • The right to lodge a complaint with a supervisory authority (e.g., the relevant data protection authority in your jurisdiction).

To exercise these rights, please contact us using the details in the “Contact Us” section below. We will respond to your request in accordance with applicable law.

12. Third-Party Links

Our Website may contain links to other websites or services not operated by DatSOR. This Privacy Policy does not apply to third-party sites. We encourage you to review the privacy policies of any third-party site you visit.

13. Children’s Privacy

Our Website and Service are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post any updated policy on our Website and revise the “Effective Date.” For significant changes, we may provide more prominent notice. Your continued use of the Website or Service after the effective date constitutes your acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, or if you wish to exercise your data subject rights, please contact us:

DatSOR (DYN Educational Support Services Inc.)
Email: marcela@datsor.com
Phone: +1 (289) 783-1543
Website: https://datsor.com