Jump to content

Community

Maxxius

IPS Support ticket system. Something's wrong!

Recommended Posts

5 hours ago, DesignzShop said:

Zendesk does not need our real name. I don't like this at all. Why do they need our real name??

We need your real name - you are a customer. Zendesk is now how we communicate with you and we communicate with people, not usernames. 🙂 

Addresses, billing information and other personal details are not pulled through Zendesk. 

There are far larger corporations than IPS that use and trust Zendesk - including Expedia, Slack, Fox, Vodafone and others. We take the privacy of our customers seriously and over 17 years with no major incidents is a testament to that. That commitment to privacy will not change and while we truly appreciate your business, it is unfortunately not a reasonable expectation to dictate how we run ours or what tools we use to do so. Zendesk is a reputable Helpdesk product, not a marketing or data mining company. As mentioned, we have a DPA with them. 

If you would like to forego your data being processed by Zendesk, you may contact us one final time stating so and we will remove your profile from Zendesk. As ALL communication with us now flows through Zendesk, however, you will no longer be able to communicate with us without ending back up in Zendesk. There is no "opt-out" that would still allow communication and support.

Share this post


Link to post
Share on other sites
11 hours ago, Lindy said:

it is unfortunately not a reasonable expectation to dictate how we run ours or what tools we use to do so.

I can't see anywhere in my post of me demanding or dictating what you use, Where do you see that??? I simply asked a question! Read below... Besides this, you should inform your customers when you're sharing information third party as a courtesy especially in today's world where security is of utmost importance. If you don't want to, that's of course your decision.

 

16 hours ago, DesignzShop said:

Why do they need our real name??

 

Edited by DesignzShop

Share this post


Link to post
Share on other sites

@DesignzShop, they (zendesk) do not need. The name is displayed there because IPS has given them the information. IPS could also omit it or replace it by Display name in this forum. They (IPS) would like to see a real customer name while communicating with us. 

@bfarber, I have looked in IPS client area and have not found any place where I have entered my real name. Where did you get it? From PayPal? I am indeed very very paranoid. I scan the web approximately once a month to see if my name can be found somewhere where I do not want it to be found. I am a client here, so it is absolutely normal for me that you have my real name saved in IPS system. Hence I also give my real name while online shopping. However I am afraid if someone somewhere can see my name in zendesk. I am not a customer of zendesk, but yours. Are you sure the name and my personal data safe there and there is no leak?

Share this post


Link to post
Share on other sites
12 minutes ago, Sonya* said:

Are you sure the name and my personal data safe there and there is no leak?

No one is sure, nothing is ever safe as one would like/pretend to assume.. Look at the recent Yahoo settlement for example.. When it comes to personal safety one is required to ask now days and hopefully, they are not threatened with services being cut when doing so.

Share this post


Link to post
Share on other sites

After some consideration, yes, data leak can happen everywhere. It could happen also here in IPS, while I strongly believe in @newbie LAC so that it would not ever happen here. I am trying to figure out for myself, why I do not like to see my real name on zendesk... If I know why, I'll come back to the thread. :rolleyes:

 

Share this post


Link to post
Share on other sites
1 hour ago, Lucas James said:

Before anyone has the chance to say "Yes but that then and this is now" Hackers are getting smarter everyday. So it would be quite ignorant for somebody to say it can't or won't happen again. It is not a matter of if it will happen again but only when.

Funny a few years ago a doctor at the Milwaukee VA told me that she could not treat me anymore unless I used the Kiosk system rather than the appointment desk . Well lady it was nice knowing you. The situation stemmed from where I could see on an angle the information other vets were typing in. If I could see their information then they can see mine.

 

Share this post


Link to post
Share on other sites
On 11/1/2019 at 2:01 PM, Lindy said:

Marketplace developer by day, privacy attorney by night? I feel there should be some cape twirling. 🙂 

Our privacy policy and the GDPR permits use of processors to fulfill the requirements of providing your purchased products and services. We adhere to both our own promise to data protection as well as the inherent legal requirements by ensuring any processors used also employ the same stringent data protection standards. We have a DPA in place with Zendesk and you are welcome to review their privacy information: https://www.zendesk.com/company/customers-partners/privacy-and-data-protection/

If you would like to "opt out" of Zendesk processing your information, you are of course not required to utilize the support desk. 

Marketplace developer by day, privacy attorney by night? I feel there should be some cape twirling. 🙂 

Quote

Marketplace developer by day, privacy attorney by night? I feel there should be some cape twirling. 🙂 

Comments like this I bit my tongue and moved on in the past but now with a probable security concern Wow!

As for the Privacy and data protection you pointed out... 

As of late we have been reading on the (So called) New and Improved Zendesk Support System that IPS has migrated to for their own lazy reasons.

But as Lindy keeps trying to get us to believe IPS's own support system takes a back seat to Zendesk support integration and out weighs any security concerns we may have.

Well lets take Zendesk's Privacy and Data Protection Policy smokescreen that Lindy thinks we should follow Yep I brought it up again that word follow you know the word they use when sending sheep to slaughter? We can get back on that another day.

Back to the Privacy and Data Protection Policy.

What is Service Data?

Quote

Service Data is any information, including personal data, which is stored in or transmitted via the Zendesk services, by, or on behalf of, our customers and their end-users.

Key phrases: any information, including personal data, which is stored in or transmitted via the Zendesk services, by, or on behalf of, our customers.

Sorry but the phrase "and their end-users" can't possibly apply here being we as IPS customers / Clients were never notified or given advanced warning that our personal information and data was going to be given out to a 3rd party organization. 

Who owns and controls Service Data?

Quote

From a privacy perspective, the customer is the controller of Service Data, and Zendesk is a processor. This means that throughout the time that a customer subscribes to services with Zendesk, the customer retains ownership of and control over Service Data in its account.

What kind of BS is this? Sure while Invision otherwise known a the customer has control of such data...
OK lets dig into this a bit more.

Quote

This means that throughout the time that a customer subscribes to services with Zendesk, the customer retains ownership of and control over Service Data in its account.

Now here is where followers start to become sheep. As we all know in the Invision Community as in our own forum sites just because a member quits a forum site does not necessarily means his content is automatically and magically go with him or her. It along with other information and will remain and be retained per local and federal laws IE sales and commissions. Also being I live here in the US the EU's GDPR does not apply here.

Who are Zendesk’s sub-processors?

Quote

Zendesk maintains an up-to-date list of the names and locations of all sub-processors (including members of the Zendesk Group and third parties) used for hosting or other processing of Service Data, which can be found here. The list includes the ability for our customers to sign up for notifications of changes. The list also may be obtained by contacting privacy@zendesk.com.

Quote

Zendesk maintains an up-to-date list of the names and locations of all sub-processors (including members of the Zendesk Group and third parties) used for hosting or other processing of Service Data,

I find this rather interesting ad disturbing at the same time... The short meaning to this statement is Zendesk is a data farm.

Quote

The list includes the ability for our customers to sign up for notifications of changes.

This applies to Invision Community Services only, being they are the subscribed customer. We as IPS Clients are the sheep with no to very little control or say in the matter.

Quote

The list also may be obtained by contacting privacy@zendesk.com.

Customers Only can obtain this list. So being IPS is the customer and we are not... Tough luck Charlie go ask Invision for this information.....

How does Zendesk use Service Data?

Quote

We use Service Data to operate and improve our services, help customers access and use the services, respond to customer inquiries, and send communication related to the services.

Lets begin, this one is interesting.

Quote

We use Service Data to operate and improve our services

What improvements can be made using personal data?

Quote

help customers access and use the services

If IPS the customer is a subscribed customer, they already know us as a client and should already have this information.

Quote

respond to customer inquiries, and send communication related to the services.

And Invision needs to inquire information from Zendesk for what reason again? What related services are collecting our personal information?

What steps does Zendesk take to secure Service Data?

 
Quote

 

Zendesk prioritizes data security and combines enterprise-class security features with comprehensive audits of our applications, systems, and networks to ensure customer and business data is always protected.

For example, Zendesk servers are hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001 compliant facilities. Additionally, we engage third-party security experts to perform detailed penetration tests on a periodic basis, and our Support team is on call 24/7 to respond to security alerts and events.

 

Go up to Lucas James post https://www.zendesk.com/blog/security-update-2019/  to see how the data is really secured. Word for word.

Where will Service Data be stored?

Quote

Zendesk has data centers in three main regions — United States, Asia Pacific, and the European Union. Service Data may be stored in any region. Customers can select the region in which data centers that host certain of their Service Data are located by purchasing the Data Center Locality Add-On. Please see the Regional Data Hosting Policy for additional information.


Hey Hold on Partner... Neither Lindy or anyone else from IPS staff asked for my permission to have my personal data transferred or copied to another server supposedly secure or otherwise.

How does Zendesk Respond to Information Requests

 
Quote

 

Zendesk recognizes that privacy and data security issues are top priorities for customers.
  • Zendesk does not disclose Service Data except as necessary to provide its services to its customers and comply with the law as detailed in our Privacy Policy found here.

  • Zendesk has achieved a number of internationally-recognized certifications and accreditations demonstrating compliance with third-party assurance frameworks as described on our Security site.

  • Where we need to act publicly to protect customers, we do. Zendesk has voiced its support for the USA Liberty Act that seeks to reform the surveillance program under Section 702 of the Foreign Intelligence Surveillance Act (“FISA”).

 

  • Oh! Really!

Quote

Zendesk does not disclose Service Data except as necessary to provide its services to its customers and comply with the law as detailed in our Privacy Policy found here.

Again, data obtained behind my back and without my knowledge or approval.

Quote

Zendesk has achieved a number of internationally-recognized certifications and accreditations demonstrating compliance with third-party assurance frameworks as described on our Security site.

Sure, by getting customers like IPS to knowingly or unknowingly gather information of their clients.

Quote

Where we need to act publicly to protect customers, we do. Zendesk has voiced its support for the USA Liberty Act that seeks to reform the surveillance program under Section 702 of the Foreign Intelligence Surveillance Act (“FISA”).

Protect customers from what? As of this time in my 62 years 63 in a few days on this planet I have only 2 entities to answer to... My God Almighty and my country of the USA of where I reside and trust in its laws. As a Natural born US citizen and a US Army Vet I do not recognize such Criminal acts as FISA.

How does Zendesk respond to legal requests for Service Data?

Quote

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal data to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information with relevant law enforcement agencies or public authorities if we believe same to be necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Master Subscription Agreement, or as otherwise required by law.

Quote

violations of our Master Subscription Agreement

BTW I have read this in reality it is a Zendesk’s TOS and has nothing to actually do with law or personal liberties and rights.

 

 

Master Subscription Agreement

Quote

THIS AGREEMENT CONSTITUTES A BINDING CONTRACT ON YOU AND GOVERNS THE USE OF AND ACCESS TO THE SERVICES BY YOU, AGENTS AND END-USERS WHETHER IN CONNECTION WITH A PAID OR FREE TRIAL SUBSCRIPTION TO THE SERVICES.

As an end-user I have to disagree being I was not informed by IPS of this undertaking nor IPS obtaining my permission to use my personal data in this manner

Quote

By accepting this Agreement, either by accessing or using a Service, or authorizing or permitting any Agent or End-User to access or use a Service, You agree to be bound by this Agreement. If You are entering into this Agreement on behalf of a company, organization or another legal entity (an “Entity”), You are agreeing to this Agreement for that Entity and representing to Zendesk that You have the authority to bind such Entity and its Affiliates to this Agreement, in which case the terms “Subscriber,” “You,” “Your” or a related capitalized term herein shall refer to such Entity and its Affiliates. If You do not have such authority, or if You do not agree with this Agreement, You must not use or authorize any use of the Services.

Quote

If You do not have such authority, or if You do not agree with this Agreement, You must not use or authorize any use of the Services.

Did you see this? "You must not use or authorize any use of the Services."

Just one question for Zendesk then. How do I permanently remove my data from their server?

But then again I bit my tongue over the years and saw many good things come then go. Read all the excuses for change and why it had to be, how this is what the majority wants along with all the BS I grew to be tired of. This is just one more sad day in the life and times of Invision Power Services.

Lindy just one question for you. If an organization as large a the VA can't get me to give up my personal information what in Gods Creation makes you think you can?

 

Share this post


Link to post
Share on other sites

The few of you responding have been here a long time and you should know by now that we take your trust seriously and to the best of my knowledge, we have never given any reason, in 18 years, to question that commitment to privacy and security. We anticipated a few hiccups with the transition and we've made adjustments based on bugs and feedback, as we always do. 

That said, @Woodsman the unfounded spreading of FUD simply cannot continue. I appreciate your past business, incredible loyalty and above all - your service, but the "sheep to slaughtering" metaphors and rhetoric are irrationally over the top and an indication this has fully run its course with no positive result to be had from here. 

The reality is, virtually any Internet based company will use at least one data processor. Hopefully you're not under the impression that everything you provide IPS is housed on a computer under the desk in my office. Our infrastructure is in fact housed within Amazon Web Services (AWS) - so AWS is considered a processor. If you pay by credit card, Stripe is a processor - they will have your information. PayPal as well. Google is a processor, as is Sendgrid and yes, Zendesk. While any of those companies could be breached, the overall risk is low and all have comprehensive security protocols and teams in place to minimize the risk. All of these organizations are leaders in their respective industries and have the trust of individuals, private companies, public companies and government institutions. It's very regretful if they do not have your trust as well.

Woodsman, I've taken the liberty of saving you further stress and I have removed you from Zendesk. Unless you click into support again, they will have no record of your existence. 

As a final point of clarification: Zendesk is how we have chosen to communicate with our customers. To associate such communication, your name and email address are stored in a profile in that system upon first contact (this also occurs if you just send an email.) No billing details, addresses, etc. are collected or stored by Zendesk. We utilize a real-time widget that displays basic license data from Commerce for our agents to view (it is not stored on Zendesk servers) - everything else, we click the name and are taken directly to your Commerce profile on our systems. Zendesk is a highly regarded helpdesk system with the trust of thousands and if we felt there were any measurable risk to our customers, we wouldn't have even considered them.

A notification that you will be taken to an "external" site for support is a fair and reasonable request - I'll get on looking into that.

I feel we have adequately addressed the privacy concerns as it relates to our use of Zendesk. If there's any other product or support feedback not related to this, please definitely feel free to open a new topic. 

Thank you! 

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...