• Login
  • Status
  • Support
  • Partners
  • Pricing
  • Careers
  • ENLanguages
    • English
    • Deutsch
    • Français
    • 日本
    • 简体中文
    • العربية
    • 한국
    • Español
Customer Experience (CX) AI Platform
  • Customer Experience (CX) AI Platform×
  • Platform

      CXone Mpower Platform

      • Platform Overview

        Complete AI platform for customer service automation

      • Enlighten AI

        Powering smarter CX with AI-driven insights and automation.

      • Cloud Architecture

        Innovative cloud-native foundation to rapidly scale extraordinary CX

      • Voice as a Service (VaaS)

        Crystal-clear, scalable voice interactions for effortless interactions

      • Dashboards & Reporting

        Gain a full operational picture of your contact center, with enhanced visualization of real-time and historical insights

      • Integrations

        Seamlessly connect your business systems with our platform

      • Trust & Compliance

        Securing your trust with every interaction

      Discover the full value of AI in customer service

      Understand the benefits and cost savings you can achieve by embracing AI, from automation to augmentation.

      Calculate your savings

    • Products
      • Explore all Products

      • Capabilities

      • Workflow Orchestration

        Workflow Orchestration

        Evolve from interaction management to workflow orchestration across the entire organization.

        Learn more

        • Omnichannel Routing

          Reduce wait times and boost conversions with smart customer-agent matching.

        • Proactive Engagement

          Generate more revenue, minimize hang-ups, and proactively connect to reduce friction.

        • AI Orchestrator

          Unify and optimize every customer service workflow from intent to fulfillment.

        • Agent Desktop Workspace

          Connect front and back office teams with data, conversations, and workflows together in one place.

      • Workforce Augmentation

        Workforce Augmentation

        Move beyond tools to empower employees with real-time, actionable intelligence that elevates performance.

        Learn more

        • Specialized AI Copilots

          Elevate human performance with specialized AI copilots for every role.

        • Workforce Engagement Management

          Elevate employees, adapt to flexible work, and meet expectations - without compromise.

        • Automated Notetaking

          Instantly summarize interactions to accelerate resolution times and efficiency.

        • Voice of the Customer

          Unlock customer insights to enhance experiences, drive loyalty, and boost business growth.

        • Interaction Analytics

          Gain AI-powered insights from 100% of interactions to drive continuous improvement.

      • Service Automation

        Service Automation

        Go beyond answering questions to fully automate customer intent through fulfillment.

        View Products

        • Intelligent Virtual Agent

          Boost self-service satisfaction and conversion with conversational AI agents.

        • Experience Optimization (XO)

          Synthesize real customer conversations to identify your top automation opportunities.

        • AI Agents

          Instantly create no-code AI agents powered by your data—build once, deploy everywhere.

        • Proactive AI Agent

          Keep customers engaged in conversation from onboarding to installation, service, and retention.

        • Knowledge Management

          Activate AI-powered enterprise knowledge to increase self-resolution rates and loyalty.


      • Solutions

      • By Industry

        By Industry

        • BPO

          Business Process Outsourcers

        • Financial Services

          Customer experiences that count

        • Government

          Elevate citizen trust

        • Healthcare

          Healthy patient experiences

        • Insurance

          Secure policyholder experiences

        • Retail

          Delight customers where they shop

        • Telecom

          CX for Telecommunications

        • Travel & Hospitality

          Boost traveler and guest loyalty

        Discover the full value of AI in customer service

        Understand the benefits and cost savings you can achieve by embracing AI, from automation to augmentation.

        Calculate your savings

      • By Business Initiative

        By Business Initiative

        • Grow Revenue

          Boost conversions and win rates to accelerate growth

        • Engage & Empower Employees

          Create a workplace of truly engaged employees

        • Boost Customer Loyalty

          Improve customer loyalty on interactions across the journey

        • Drive Digital Transformation

          Integrate digital technology at the center of CX

        • Small and Medium Business

          Drive growth and boost revenue with smarter, cost-effective customer service built for SMBs.

        • Call Center Software

          Empower agents to provide better experiences

        • Increase Operational Efficiency

          Leverage AI and automation to increase agent retention

        • Move to the Cloud

          Elevate experiences by moving operations to the cloud

        • Improve Compliance

          Protect your consumers with pre-built compliance solutions

        • Proactive Customer Engagement

          Elevate customer satisfaction with proactive conversational AI

      • Integrations & Custom Solutions

        Integrations & Custom Solutions

        • CXexchange Marketplace

          Discover partner solutions to extend capabilities on our platform

        • Pre-Built Integrations

          Seamlessly connect your business systems with our platform

        • Developer Tools & APIs

          Endless customization options with RESTful APIs and robust SDKs

        • Partner Ecosystem

          Embark on a journey of shared success and collaboration

        91% of customers recommend NiCE as a preferred CCaaS vendor

        Gartner® named NiCE the only Customers’ Choice CCaaS vendor in its 2024 Peer Insights™ “Voice of the Customer for Contact Center as a Service” report.

        Get report


      • View All Products
    • Services
      • Explore all Services

      Professional Services

      • Professional Services

        Industry-leading expertise, tools and know-how

      • Implementation Partners

        NICE-certified implementation partners

      • Business Consulting

        Your partner for successful transformation

      Training

      • Contact Center Training

        Tailored education delivered by CX experts

      Support & Assistance

      • Customer Support

        Global support you can depend on

      Make the smartest buying decision with the latest Gartner analysis

      NiCE has been named a Gartner® Magic Quadrant™ Leader for Contact Center as a Service for the 10th consecutive year and is positioned furthest on Completeness of Vision.

      Get report

    • Resources

        Knowledge Base

        • All Resources

          Whitepapers, datasheets, demos and more

        • Analyst Perspectives

          Contact center reports from third party analysis

        • Terms Glossary

          Detailed descriptions of industry-related terms

        • FAQs

          Contact center focused frequently asked questions

        • Guides

          Expert insights for superior CX

        Learning & Insights

        • On-Demand Webinars

          Browse our extensive webinar catalog

        • Interactive Product Tours

          Explore the complete platform with our self-guided demos

        • Blog

          CX industry guidance by contact center experts

        • Why NiCE? Video Series

          Step Inside The Room Where It Happened to see CX AI in action

        • NiCE & Simple: Video Demo Series

          Brilliant, bite-sized videos from our top product pros

        Community

        • Events

          Upcoming events and webinars

        • Customer Stories

          Our customer's success is paramount. Read case studies about real CX transformation

        • NiCE Clubs

          Collaborate, learn, and share best practices for customer service excellence

        Discover the full value of AI in customer service

        Understand the benefits and cost savings you can achieve by embracing AI, from automation to augmentation.

        Calculate your savings

      • Company

          Company

          • About Us

            Powering seamless cloud experiences

          • Investors

            Investors relations, reports and filings

          • Global Offices

            Interactive map of locations worldwide

          • Careers

            View job openings and learn about our culture

          • NiCE Leadership

            Meet our global leadership and executive team

          News & Media

          • Events

            Upcoming events and webinars

          • Press Releases

            Find the latest updates from NiCE

          • Media Center

            Media contacts and resources

          Corporate Governance

          • NiCE Trust Center

            Securing your trust with every interaction

          • Market Leadership

            Discover why NiCE is the market leader

          • Corporate Responsibility

            In a world where you can be anything, be NiCE

          Make the smartest buying decision with the latest Gartner analysis

          NiCE has been named a Gartner® Magic Quadrant™ Leader for Contact Center as a Service for the 10th consecutive year and is positioned furthest on Completeness of Vision.

          Get report

          • ENLanguages
            • English
            • Deutsch
            • Français
            • 日本
            • 简体中文
            • العربية
            • 한국
            • Español
          • Get Started
            • Login
            • Status
            • Support
            • Partners
            • Pricing
            • Careers
          • Home
          • Company
          • Legal Policies and Guidelines
          • Data Processing Agreement

          Company

          • About Us
          • Careers
          • Global Leadership
          • Media Center
          • Investors
          • Awards
          • Global Office Locations
          • Contact Us
          • CCaaS
          • Customer Experience
          • NiCE Public Safety
          • NiCE Actimize
          • NiCE RPA

          Partners

          • NiCE Partners Overview
          • Developer Partners (DEVone)
          • CXone Mpower Partner Portal
          • NiCE Help Partner Portal
          • NiCE User Group

          Customer Support

          • Customer Support Overview
          • CXone Mpower Support Login
          • NiCE Customer Support
          © 2025 NiCE
          • Terms of Use
          • Site Map
          • Privacy Policy
          • Legal
          • Cookies Settings
          • Accessibility

          Stay Connected

          © 2025 NiCE

          Data Processing Agreement

          This Data Processing Addendum (“DPA”) is incorporated into the Master Relationship Agreement and all related orders between Customer and NiCE and reflects the parties’ agreement with regard to the processing of Data (as these terms are defined below). This DPA consists of the main body of the DPA and Appendix I.

          DATA PROCESSING

          1. DEFINITIONS

          "controller", "processor", "data subject", "personal data" and "processing" (and "process") shall have the meanings given in EU/UK Data Protection Law.

          “Affiliate” means an entity which is controlling, controlled by or under common control with a party. For purposes of this definition, "control" means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of voting securities, by contract or otherwise.

          "Applicable Data Protection Law" means all worldwide data protection and privacy laws and regulations applicable to the personal data in question, including, where applicable, EU/UK Data Protection Law.

          "Customer" means the party which entered into the Master Relationship Agreement, or an Affiliate thereof, and signatory to this DPA.

          "Data" has the meaning given to it in Clause 1.

          "DPA" means this Data Processing Addendum.

          "EU/UK Data Protection Law" means: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (the "EU GDPR"); (ii) the EU GDPR as saved into United Kingdom law by virtue of section 3 of the United Kingdom's European Union (Withdrawal) Act 2018 (the "UK GDPR"); (iii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iv) any and all applicable national data protection laws made under, pursuant to or that apply in conjunction with any of (i), (ii) or (iii); in each case as may be amended or superseded from time to time.

          “Master Relationship Agreement” means (i) each applicable order for the Services Customer has purchased from NiCE; and (ii) the applicable master agreement referenced in the applicable order.

          "NICE" means NiCE Ltd. or the Affiliate thereof who has entered into the Master Relationship Agreement with the Customer.

          "Restricted Transfer" means: (i) where the EU GDPR applies, a transfer of personal data from the European Economic Area to a country outside of the European Economic Area which is not subject to an adequacy determination by the European Commission; and (ii) where the UK GDPR applies, a transfer of personal data from the United Kingdom to any other country which is not subject to an adequacy determination based on adequacy regulations pursuant to Section 17A of the United Kingdom Data Protection Act 2018.

          "Security Incident" has the meaning given to it in Clause 8.

          “Self-Service Tools” means functionality which may be made available by NiCE in the software licensed or made available to Customer which permits Customer to comply with controller obligations under Applicable Data Protection Law relevant to Customer’s use of the Services.

          "Services" means the services provided by NiCE to Customer under or in connection with the Master Relationship Agreement.

          "Standard Contractual Clauses" means: (i) where the EU GDPR applies, the contractual clauses annexed to the European Commission's Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council ("EU SCCs"); and (ii) where the UK GDPR applies, standard data protection clauses adopted pursuant to or permitted under Article 46 of the UK GDPR ("UK SCCs").

          “TOMs” means the security provisions set out in the Master Relationship Agreement, and as applicable any additional technical and organizations measures mutually agreed upon by NiCE and Customer, in each case as relates to the applicable Services detailed therein if so limited.

          PROCESSING DATA

          2.1 Relationship of the parties: Customer (the controller) appoints NiCE as a processor to process the personal data that is the subject of the Master Relationship Agreement and as further described in Appendix I (the "Data").

          2.2 Prohibited data: Customer shall not disclose (and shall not permit any data subject to disclose) any sensitive data (special categories) of Data or Data that imposes specific data security or data protection obligations on NiCE in addition to or different from those specified in this DPA or the Master Relationship Agreement to NiCE for processing except where and to the extent expressly disclosed in Appendix I.

          2.3 Term and termination: The term of this DPA, including its Appendices, shall continue until all processing of Customer’s personal data by NiCE ceases.

          2.4 Purpose limitation: NiCE shall process the Data as a processor as necessary to perform its obligations under the Master Relationship Agreement, including for the purposes described in Appendix I to this DPA and strictly in accordance with the documented instructions of Customer (the "Permitted Purpose"), except where otherwise required by law(s) that are not incompatible with Applicable Data Protection Law. In no event shall NiCE process the Data for its own purposes or those of any third party. Each party is solely responsible for compliance with its respective obligations under Applicable Data Protection Law. The Customer shall comply with all necessary transparency and lawful requirements under Applicable Data Protection Law in order to disclose the Data to NiCE for the Permitted Purposes. NiCE shall immediately inform Customer if it becomes aware that Customer's processing instructions infringe Applicable Data Protection Law (but without obligation to actively monitor Customer's compliance with Applicable Data Protection Law). If a change in Applicable Data Protection Law prevents NiCE from processing the Data as intended by the Master Relationship Agreement, Customer will immediately stop transmission of the Data to NiCE and the parties will negotiate in good faith changes to the Master Relationship Agreement which may include but are not limited to additional services or solutions, if and when made available by NiCE. Notwithstanding anything to the contrary, data localization laws in Applicable Data Protection Law shall not require NiCE to change the storage location of any data centres agreed in, or permitted by, the Master Relationship Agreement; provided that NiCE will negotiate in good faith commercially-reasonable changes to the storage location.

          2.5 Restricted transfers: The parties agree that when the transfer of Data from Customer to NiCE is a Restricted Transfer it shall be subject to the appropriate Standard Contractual Clauses as follows:

          2.6 Onward transfers: NiCE shall not participate in (nor permit any subprocessor to participate in) any other Restricted Transfers of Data (whether as an exporter or an importer of the Data) unless the Restricted Transfer is made in full compliance with Applicable Data Protection Law.

          2.7 Confidentiality of processing: NiCE shall ensure that any person that it authorises to process the Data (including NiCE's staff, agents and subprocessors) (an "Authorised Person") shall be subject to a strict duty of confidentiality (whether a contractual duty or a statutory duty), and shall not permit any person to process the Data who is not under such a duty of confidentiality. NiCE shall ensure that all Authorised Persons process the Data only as necessary for the Permitted Purpose.

          2.8 Security: NiCE shall implement and maintain appropriate technical and organisational measures as set out in the TOMs to protect the Data from accidental or unlawful destruction, loss, alteration, or unauthorised disclosure or access (a "Security Incident").

          2.9 Updates to security measures: The technical and organizational measures are subject to technological progress and advancements. As such, NiCE may implement alternative, adequate measures which meet or exceed the security level of the measures described in the TOMs.

          2.10 Subprocessing: Customer consents to NiCE engaging NiCE Affiliates and third party subprocessors to process the Data for the Permitted Purpose provided that: (i) NiCE maintains an up-to-date list of its subprocessors that may process personal data. These lists are available upon request via Customer’s normal contacts for the applicable Services or may be published in the documentation portal for the applicable Service, and NiCE shall update such lists with details of any change in subprocessors at least 10 days' prior to any such change; (ii) NiCE imposes data protection terms on any subprocessor it appoints that protect the Data, in substance, to the same standard provided for by this DPA; and (iii) NiCE remains liable for any breach of this DPA that is caused by an act, error or omission of its subprocessor.

          2.11 Cooperation and data subjects' rights: Taking into account the nature of the processing and to the extent a response to a request cannot be achieved using the Service's Self-Service Tools available to the Customer, NiCE will provide commercially reasonable assistance to the Customer (at Customer's expense) to: (i) fulfil a Customer's obligation to respond to data subjects' requests under Applicable Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable); and (ii) in relation to any other correspondence, enquiry or complaint received from a data subject, regulator or other third party in connection with the processing of the Data. If any such request, correspondence, enquiry or complaint is made directly to NiCE, NiCE shall promptly inform Customer providing full details of the same.

          2.12 Data Protection Impact Assessment: NiCE shall, which may be subject to reimbursement of NiCE's then-current hourly fees, provide Customer with all such reasonable and timely assistance as Customer may require in order to conduct a data protection impact assessment in accordance with Applicable Data Protection Law.

          2.13 Deletion or return of Data: Upon termination or expiry of the Master Relationship Agreement, NiCE shall destroy all Data (including all copies of the Data) in its possession or control, except as otherwise stated in the Master Relationship Agreement. This requirement shall not apply to the extent that NiCE is required by any applicable law to retain some or all of the Data, or to Data it has archived on back-up systems, in which event NiCE shall isolate and protect the Data from any further processing except to the extent required by such law until deletion is possible.

          2.14 Data records: Documentation materials that serve as evidence that Data was processed in a proper manner consistent with the stipulations of this DPA may be stored by NiCE after termination of this DPA in accordance with the applicable retention periods.

          2.15 Audit

          • Customer may audit NiCE’s compliance of its obligations under this DPA, at its own expenses by itself or by a certified auditor. Customer shall provide at least 60 days, prior written notice of its intention of doing so and NiCE shall make available all information reasonably necessary to demonstrate such compliance, and shall allow for and contribute to audits, including inspections, by Customer. Such audits shall be conducted during regular business hours and Customer shall ensure that it does not disrupt the regular operations of NiCE. Customer will not exercise its audit rights more than once in any twelve (12) month period (in aggregate with any information rights in the Master Relationship Agreement), except (i) if and when required by instruction of a competent data protection authority; (or) if Customer believes a further audit is necessary due to a Security Incident suffered by NiCE. For any audit or right of access exercised under this section, the SCCs or any similar right granted by law, NiCE will not be required to: (x) provide information, evidence or access of any kind that includes other customers’ information, and to preserve the rights, confidentiality, security, and data integrity of other customers; or (y) provide any access to or inspections of any of its premises, networks, systems, equipment or other infrastructure of NiCE or its subprocessors.
          • Alternatively at NiCE's discretion and if available for the applicable Service, NiCE may satisfy its obligations under this Clause (Audit) (and any similar obligations under the Standard Contractual Clauses) by presenting a summary copy of its SOC 2 Type II, PCI-DSS, ISO 27001, SOC 2+HITRUST, FedRAMP or IRAP audit or certification report(s) to Customer, which reports shall be subject to the confidentiality provisions of the Master Relationship Agreement.
          • Customer shall be responsible for all costs and fees, including all reasonable costs and fees for any and all time NiCE expends for any such audit.
          • All information disclosed or developed as a result of an audit and inspection constitutes Confidential Information of NiCE.

          2.16 Governing law: This DPA shall be governed by the laws of same jurisdiction as agreed in the Master Relationship Agreement.

          This Appendix I forms part of the DPA and describes the processing that the processor will perform on behalf of the controller.

          A. LIST OF PARTIES

          Controller(s) / Data exporter(s): [Identity and contact details of the controller(s) /data exporter(s) and, where applicable, of its/their data protection officer and/or representative in the European Union]

          Processor(s) / Data importer(s): [Identity and contact details of the processor(s) /data importer(s), including any contact person with responsibility for data protection]

          В. DESCRIPTION OF TRANSFER

          C. COMPETENT SUPERVISORY AUTHORITY

        • in relation to data that is protected by the EU GDPR, the EU SCCs will apply completed as follows:
          • Module Two will apply;
          • in Clause 7, the optional docking clause will apply;
          • in Clause 9, Option 2 will apply, and the time period for prior notice of subprocessor changes shall be as set out in Clause 10 of this DPA;
          • in Clause 11, the optional language will not apply;
          • in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law;
          • in Clause 18(b), disputes shall be resolved before the courts of Ireland;
          • Annex I of the EU SCCs shall be deemed completed with the information set out in Appendix I to this DPA; and
          • Annex II of the EU SCCs shall be deemed completed with the TOMs.
        • in relation to data that is protected by the UK GDPR, the UK SCCs will apply and the "International Data Transfer Addendum to the EU Commission Standard Contractual Clauses" issued by the Information Commissioner's Office under s.119A(1) of the Data Protection Act 2018 ("UK Addendum") shall be deemed executed between Customer and NiCE and completed as follows:
          • The EU SCCs, completed as set out above in clause 2.5(a), shall apply to transfers of such Data, and the EU SCCs shall be deemed amended as specified by Part 2 of the UK Addendum in respect of the transfer of such Data.
          • In addition, tables 1 to 3 in Part 1 of the UK Addendum shall be deemed completed with the information set out above at clause 2.5(a) (as applicable), the TOMs and in Appendix 1 of this DPA, and table 4 in Part 1 of the UK Addendum shall be deemed completed by selecting "neither party".
        • in the event that any provision of this DPA contradicts, directly or indirectly, the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.