CCAIA
Legal

Privacy Policy

Contact Center AI Association (CCAIA)

Introduction

This Privacy Policy describes how Contact Center AI Association (CCAIA) collects, uses, and discloses information when you visit ccaia.org and use the CCAIA MCP App within ChatGPT. The App connects ChatGPT to the CCAIA Knowledge Base and Ticketing System. CCAIA is committed to transparency, data minimization, and protecting privacy per OpenAI's Apps SDK requirements.

Information We Collect

A. Personal Data You Provide

  • Search Queries: Questions or keywords entered to search company documentation
  • Ticket Information: Name, email, physical address, and support case details
  • Conversation Context: Specific snippets (3–5 messages) authorized for support agents

B. Automated Technical Information (App)

  • Session Metadata: mcp-session-id collected for request tracing, debugging, and MCP connection stability

C. Cookies and Tracking Technologies (Website)

  • Website Cookies: Used to analyze trends, administer the site, and track user movements; controllable at browser level

Data We Do NOT Collect

CCAIA explicitly excludes:

  • • Full Chat History (only authorized snippets processed)
  • • Payment Card Information, Social Security Numbers, Protected Health Information, passwords
  • • GPS data
  • • Biometric data or persistent device identifiers

How We Use Your Information

  • Search Queries: Query CCAIA Knowledge Base for relevant documentation
  • Ticket Fields: Populate and submit support tickets
  • Conversation Context: Assist support agents in understanding request backgrounds
  • Session Metadata: Technical debugging and connection reliability

Data Sharing and Recipients

CCAIA does not sell personal data. Sharing occurs only with:

  • Service Providers: OpenAI (platform host), cloud/database providers, support agents
  • Web Search Providers: Optional fallback if internal Knowledge Base cannot answer queries; users notified if used

User Rights and Controls

  • Confirmation of Actions: Explicit confirmation required before "write" actions
  • Right to Delete: Request deletion of support tickets via contact
  • Right to Access: Request copy of held data
  • Disconnect: Stop using App or disconnect via ChatGPT settings anytime

Data Retention

  • Search Queries: Retained 30 days for logging/improvement, then anonymized/deleted
  • Support Tickets: Retained per standard policies until deletion requested
  • Session Metadata: Retained 7 days for troubleshooting, then auto-purged

Security Measures

  • Encryption: All data transmitted over HTTPS/TLS
  • Authentication: OAuth and Bearer tokens ensure authorized access only
  • Access Control: Restricted to authorized personnel with need-to-know

Children's Privacy

Services not directed to individuals under 16. CCAIA does not knowingly collect data from children under 16 and will delete such information if discovered.

International Data Transfers

Personal data may transfer to computers outside your jurisdiction, particularly the United States where primary service providers operate. Use indicates consent to this transfer.

Updates to This Policy

CCAIA may update this policy for service changes or regulatory requirements. Significant changes trigger user notification via App or website.

Contact Us

Questions regarding this Privacy Policy should be directed to john@ccaia.org.

Related: Member Terms · Code of Conduct