Interactions GDPR API simplifies GDPR compliance for enterprise clients


FRANKLIN, MA – (May 16, 2017) – Interactions, LLC, a leading provider of Intelligent Virtual Assistants (IVAs) for enterprise customer engagement, today announced the release of the company’s GDPR API. The API gives Interactions clients the means to process requests from customers who reside in the European Economic Area (EEA), as outlined by the General Data Protection Regulation (GDPR), an EU data protection and privacy law.


The GDPR, which rolls out in full force on May 25, 2018, holds businesses accountable for the protection of individuals’ personal data. The set of regulations apply to any business collecting and/or processing data within the EEA and businesses outside the EEA that collect and/or process the personal data of EEA citizens, or that monitor customer behavior in the EEA.


As a data processor for some of the world’s largest brands, Interactions handles massive amounts of personal information for its clients. This first-of-its kind API enables Interactions clients to easily and efficiently meet the requirements, as outlined by the GDPR, and ensure the integrity of the data collected and processed from customers residing in or from the EEA. Moreover, the U.S. Department of Commerce recently approved Interactions’ Privacy Shield certification which will facilitate compliance with GDPR requirements regarding the transfer of personal data from the EEA to the US.


Interactions’ GDPR API supports both the “Right to Access” (receive a report on all stored personal data in electronic format), and the “Right to be Forgotten” (erasure of all personal data), as specified in the GDPR. The API automatically provides a confirmation of the erasure with the date and timestamp so clients have a record of the fulfillment of the request, or an electronic personal data report.


As a data processor, responsible for processing personal data on behalf of a controller, Interactions must ensure its customers are in line with the data privacy regulations, and making certain that Interactions’ products and service can be used by clients to maintain compliance.


“Ensuring the integrity of personal data is a top priority for Interactions and our customers,” said John Milton, General Counsel at Interactions. “While the GDPR’s foundational principles have been a part of Interactions’ business since day one, we want to make it as easy as possible for our customers to comply with all of the requirements as outlined in the GDPR.”


Interactions clients include Fortune 500 consumer brands and handles over one billion customer interactions annually on its conversational engagement platform. Security for clients and its clients’ customers is a top priority. In addition to the GDPR API, Interactions maintains PCI-DSS Level 1 certification, Privacy Shield Certification, HIPAA compliance, and more. For details go to If you are an Interactions customer and have any further questions about GDPR or the Interactions GDPR API, please contact your account manager.