How does Helpshift handle personally identifiable information (PII)?

Such as first or last name

• (SDK — optional) May be passed by the app developer to the SDK via custom issue fields, which Helpshift does not control. Customer service agents can redact these details after resolving the end-user’s service request.
• (SDK — optional) May be provided voluntarily by the end-user who requested in-app support. Customer service agents can redact these details after resolving the end-user’s service request.

Including but not limited to a hashed email address

• (SDK — optional) May be passed by the app developer to the SDK programmatically via custom issue fields, which Helpshift does not control. Customer service agents can redact these details after resolving the end-user’s service request.
• (SDK — optional) May be provided voluntarily by the end-user who requested in-app support. Customer service agents can redact these details after resolving the end-user’s service request.
• (Email — optional) Only after an also-optional third-party service integration, and only when provided voluntarily by the end-user who requested in-app support. Customer service agents can redact these details after resolving the end-user’s service request.

Including but not limited to a hashed phone number

(See Appendix A.)

NOTE: However, we may collect an end-user’s telephone number in the unlikely event that both of the following statements are true simultaneously.

• A brand-customer’s hosted Helpshift instance is fully integrated with an optional third-party telephone service.
• The end-user has requested phone-based support explicitly and provided their telephone number voluntarily.

Such as home address, physical address, or mailing address

(See Appendix A.)

Any other information that can be used to contact the user outside the app

(See Appendix A.)

Health and medical data, including but not limited to data from the Apple Clinical Health Records API, Apple HealthKit API, Apple MovementDisorderAPIs, or health-related human subject research or any other user provided health or medical data

(See Appendix A.)

Fitness and exercise data, including but not limited to the Apple Motion and Fitness API

(See Appendix A.)

Such as form of payment, payment card number, or bank account number. In an app that uses a payment service, the payment information is entered outside your app, and you as the developer never have access to the payment information, it is not collected and does not need to be disclosed.

See Appendix A.)

NOTE: In the event that such information is transmitted through the Helpshift platform, it is linked not to a user, but to a service request. These details could describe the payment method and/or the payment state

Such as credit score

(See Appendix A.)

Such as salary, income, assets, debts, or any other financial information

(See Appendix A.)

Information that describes the location of a user or device with the same or greater resolution as a latitude and longitude with three or more decimal places

(See Appendix A.)

Information that describes the location of a user or device with lower resolution than a latitude and longitude with three or more decimal places, such as Approximate Location Services

NOTE: Helpshift collects an ISO 3166 country code, identifying the country from which an end-user submitted their service request. In the event that an end-user submits service requests from multiple countries, the stored country code differs per case.

Such as racial or ethnic data, sexual orientation, pregnancy or childbirth information, disability, religious or philosophical beliefs, trade union membership, political opinion, genetic information, or biometric data

(See Appendix A.)

Such as a list of contacts in the user’s phone, address book, or social graph

(See Appendix A.)

Including subject line, sender, recipients, and contents of the email or message

(See Appendix A.)

The user’s photos or videos

(See Appendix A.)

The user’s voice or sound recordings

(See Appendix A.)

Such as user-generated content in-game

(See Appendix A.)

Data generated by the user during a customer support request

Any other user-generated content

(See Appendix A.)

Information about content the user has viewed that is not part of the app, such as websites

(See Appendix A.)

Information about searches performed in the app

Such as screen name, handle, account ID, assigned user ID, customer number, or other user- or account-level ID that can be used to identify a particular user or account

(See Appendix A.)

Such as the device’s advertising identifier, or other device-level ID

(See Appendix A.)

An account’s or individual’s purchases or purchase tendencies

(See Appendix A.)

Such as app launches, taps, clicks, scrolling information, music listening data, video views, saved place in a game, video, or song, or other information about how the user interacts with the app

Brands may, optionally, choose to pass additional usage details through the Helpshift service.

Such as information about the advertisements the user has seen

(See Appendix A.)

Any other data about user activity in the app

(See Appendix A.)

NOTE: Most brands prefer to store usage details of this type in a dedicated CRM. However, we do not prevent brands from collecting or updating such details via custom issue fields. In the event that they do so, such details is linked to their associated customer service request.

Such as crash logs

• Analyzing product stability
• Improving product stability

Such as launch time, hang rate, or energy use

Any other data collected for the purposes of measuring technical diagnostics related to the app

• Logging internal errors
• Analyzing product stability
• Improving product stability

Any other data types not mentioned

NOTE: The distinction between a Device ID and an IDFV matters because, for example, in the event that there were five SDK-integrated apps installed on a single device, we lack any way to determine that the comingled apps share their one device in common. It is just as likely, from our limited vantage point, that each such app runs in isolation on a device of its own.

• For troubleshooting purposes after an end-user requests customer service, we identify their device model, operating system, and installed browser. In addition, we identify the type of network their mobile device is connected to, and we identify their network carrier.

NOTE: We neither access nor collect an end-user’s browser history beyond what may happen directly within an SDK-integrated app where (A.) the end-user exchanges messages with a customer service agent regarding a customer service request, and (B.) one of these messages includes a web link, which the end-user clicks. In this case exclusively, Helpshift analytics does capture and store the record of that single click.

• For troubleshooting purposes after an end-user requests customer service, we collect language data from their mobile device, which helps us to communicate with them in their preferred language.
• App developers can configure their Helpshift SDK implementation to collect custom data. When this custom data includes any personally identifiable information, we ask them to apply a special flag — enableFullPrivacy — to the data and thereby prevent Helpshift from ever receiving it. Our iOS and Android developer documentationdescribes in full the process to accomplish this data suppression.
• Although Helpshift engages with certain third-party data processors, we impose data protection terms on each of them to maintain high security and enforce data privacy.
  • See the Helpshift sub-processor list to understand their potential access to Helpshift service data, which may contain personal data.
  • See also our EU personal data processing addendum.

Appendix A — Unsolicited PII

It is technically possible for a Helpshift brand-customer to pass unsolicited values to Helpshift through the customer’s integration of a Helpshift SDK, alongside the customer’s implementation of custom issue fields within an SDK-integrated app.

It is also possible for a brand-customer’s end-user to transmit file attachments through the Helpshift platform while exchanging messages with customer service agents either (A.) within an SDK-integrated app or (B.) through a brand-customer’s implementation of a Helpshift web chat widget.

• File attachment types may possibly include photographs, screenshots, screencasts, audio recordings, compressed file archives, portable documents, or other file types as supporting material for a customer service request.
• File attachments may contain personally identifiable information.

Any file attachments that an end-user may pass through the Helpshift platform are sent voluntarily and at the end-user’s sole discretion.

It is further possible that a Helpshift brand-customer’s end-user may compose and send ordinary text messages through the Helpshift platform voluntarily and for whatever purpose, into which they have entered personally identifiable information in plaintext, also at their sole discretion.

In many cases, customer service agents can redact personally identifiable details after resolving an issue whose conversational history may incidentally contain them.