Important Notice: These guidelines are for guidance only. As the Controller, you must have your implementation reviewed by your legal counsel. itellico assumes no liability for the legal validity of your specific implementation.
1. Basics
Role Division: - You are the Controller for your end-users' data processing - itellico is your Processor and acts on your instructions
Transparency Obligation: Your end-users must be informed before the first data collection about:
- Use of AI technology
- What data is processed (voice, text, etc.)
- Purpose of processing
- itellico as processor
- Retention periods
- Data subject rights
2. Website Implementation
Required: - Clear notice directly at the chat/voice interface - Example: "This chat is powered by AI. Details in our [Privacy Policy]."
If consent is required: - Non-pre-checked checkbox - Example: "[ ] I consent to AI data processing"
3. Phone Implementation
Required: - Notice at the beginning of the call - Example: "Welcome to [Company]. This call is supported by AI. Details at [website]/privacy."
4. Privacy Policy
Your privacy policy must include:
- AI use by itellico
- Types of data processed
- Purposes of processing
- Retention periods
- International transfers (if applicable)
- Data subject rights and contact options
5. Data Subject Rights
Ensure you can:
- Receive and process requests
- Coordinate with itellico when needed
- Respond within legal timeframes
6. Checklist
- [ ] Legal review by your attorney
- [ ] Legal basis established for each processing activity
- [ ] Privacy policy updated
- [ ] Transparency notices implemented
- [ ] Consent mechanisms (if required)
- [ ] Data subject rights procedures established
- [ ] Retention periods defined
- [ ] Staff training conducted
