Glivo
EN-US

Guide

Usage Guide for Franchises

Version:
2026.04
Effective from:
April 01, 2026

How to use Glivo safely, effectively, and in compliance with the GDPR and the labor law of the relevant EU Member State.

About Glivo: platform developed and operated by Glivo LLC (Wyoming, USA), offered globally. For users in the European Union, Glivo LLC has appointed an EU representative under Art. 27 GDPR. The data is processed in secure data centers, with international information-security standards, as detailed in the Privacy Policy.

Welcome to the Glivo network

This guide has been created to help your franchise implement Glivo securely and extract maximum value from the platform from day one. Read it carefully: it summarizes responsibilities, best practices and rules of use that protect the franchisee, the sellers and the customers.

Important: this guide forms an integral part of the Terms of Use accepted by your franchise. By using Glivo, you undertake to follow everything described herein.

1. What Glivo is

Glivo is an automated AI-based sales coaching platform. It records in-person commercial interactions, transcribes what was said, anonymizes sensitive data and generates automated analyses that help the seller develop — functioning as a personal trainer, always available.

What Glivo is

  • A professional development tool for sellers.
  • A coaching assistant that points to strengths and improvement opportunities.
  • A learning accelerator for sales technique, communication and approach.
  • A management aid, providing information for constructive conversations with the team.

What Glivo is NOT

  • It is not a monitoring, surveillance or disciplinary control system.
  • It is not an official source of performance evaluation for employment purposes.
  • It is not an appropriate tool, on its own, to support warnings, suspensions, dismissals with cause or terminations.
  • It does not replace the qualified, contextual human assessment of the manager.

Essential commitment of the network: employment decisions (warning, promotion, dismissal, improvement plan) must always be made by humans, based on multiple sources of information, observing due process and the law in force. The outputs of Glivo’s AI are only one of the possible sources and must never be used in isolation. This requirement derives from Art. 22 GDPR (right not to be subject to automated decisions) and from applicable national disciplinary procedure rules.

2. How Glivo works in practice

  1. Capture — the seller starts recording in the Glivo app at the time of the in-person interaction.
  2. Secure transmission — audio is sent in encrypted form (in transit and at rest) to Glivo’s servers.
  3. Automatic transcription — the AI converts audio into text, identifying seller and customer.
  4. Automatic PII anonymization — the platform automatically detects and masks sensitive personal data: national identification numbers, phone numbers, emails, addresses and proper names. The transcript version visible to managers does not contain these data in identifiable form.
  5. Analysis — the AI evaluates approach, communication, sales technique and suggests improvements based on metrics configured by the franchisor.
  6. Feedback — the manager and the seller receive a score, feedback and development suggestions.
  7. Controlled retention — audio and transcripts are automatically deleted after the configured retention period (default: 90 days), or immediately when requested by a legitimate party.

Summary: Glivo records, anonymizes, transcribes, analyzes and returns insights — all securely, isolated per company and with controlled retention.

3. Who is responsible for what

The relationship between Glivo, franchisor, franchisee, seller and customer is a shared responsibility. Each party has specific duties so that use is secure and lawful.

PartyMain responsibilities
Glivo (platform)Provide the technology tool, ensure technical security, encryption, per-company data isolation, PII anonymization, controlled retention and service availability. Processor under Art. 28 GDPR.
Franchisor (network)Define metrics, prompts, ground rules and use purposes in the network. Ensure that franchisees follow this guide. Train franchisees on the correct interpretation of the results. Controller.
Franchisee (unit)Implement the use in the unit, train sellers, ensure customer notice, keep the sign visible, collect signed agreements, supervise correct use and respond to data subjects. Controller.
SellerUse the tool ethically, respect the customer’s refusal, follow the use guidance, accept the seller’s agreement before first use.
End customerHas the right to be informed, to refuse recording and to request access, rectification or erasure of data at any time.

4. Implementation in your unit

Before starting to use Glivo, ensure your unit is ready:

  • Recording notice sign posted in a visible location, near the entrance and/or service counter.
  • Information and Authorization Agreement signed by all sellers before first use of the platform.
  • DPIA performed and documented (Data Protection Impact Assessment — Art. 35 GDPR), in particular due to the systematic processing of workers’ data.
  • Legitimate Interest Assessment (LIA) documented, where the basis of Art. 6(1)(f) GDPR applies.
  • Information to workers about the monitoring system and, where required, consultation with workers’ representatives in accordance with applicable national labor law.
  • Initial training carried out with the team on how to record, what to say to the customer, how to interpret the results and the limits of the AI.
  • Local point of contact defined — a person at the unit responsible for following up on the use, handling data subject requests and answering queries.
  • Data Protection Officer (DPO) designated, where applicable (Art. 37 GDPR).
  • Unit privacy policy updated and available for consultation.
  • Records reviewed — only active sellers have access to the platform. Former staff are removed immediately.

5. Best practices in customer interactions

How the customer is informed

The recording notice sign is the main instrument of communication to the customer, in compliance with Arts. 13 and 14 GDPR. It must be:

  • In a place of mandatory passage (entrance to the store and/or service counter).
  • With legible print at distance and at a visible height.
  • Clearly stating the purpose (quality and training) and reference to the GDPR.
  • Indicating the controller and the channel for exercising rights.

With the sign well placed, it is not necessary to verbally notify in every interaction — the transparency required by the GDPR is met by the visible sign.

When to reinforce verbally

Verbal reinforcement is recommended in specific situations, even with the sign visible:

  • Long interactions or in closed rooms (consulting, financing plan, contract closing).
  • When the customer may not have seen the sign (entered directly into a private room, was served outside normal hours).
  • When sensitive data is at stake (health, financial, family information).
  • Whenever the customer asks — in that case, respond naturally and to the point.

When the customer refuses recording

If the customer, on seeing the sign or being informed, expresses refusal, respect this immediately: end the recording in the app and continue with the interaction normally. Never record against the customer’s explicit will — this is also the exercise of the right to object under Art. 21 GDPR.

During the recording

  • Keep focus on the interaction — the app works in the background.
  • Avoid asking for or recording sensitive data unnecessarily (health, religion, political opinion).
  • Avoid mentioning data of third parties not involved in the interaction.
  • If the customer requests a pause in recording, respond to the request immediately.

After the interaction

  • Follow up on the AI feedback in your manager area.
  • Discuss improvement points with the seller constructively.
  • Use the insights as a development tool — never as punishment.
  • Acknowledge successes with the same frequency as you point out opportunities.

6. Correct use of results — worker protection

This is the most important section of this guide. Read carefully.

What Glivo’s AI does

The AI generates scores, indicators, comments and suggestions based on the transcript of the interaction. It is an automated, probabilistic, error-prone analysis.

Known AI limitations

  • The transcript may contain errors, especially in noisy environments or with overlapping voices.
  • The analysis is based on linguistic patterns and may interpret contexts inaccurately.
  • Non-verbal aspects (body language, expression, emotional context) are not captured.
  • Language models may reflect biases of the data on which they were trained.
  • The results are not reproducible with 100% fidelity — the same conversation, analyzed at different times, may generate small variations.

Golden rules for managers

  1. Use the data as a starting point for the conversation, never as a final verdict.
  2. Confront the AI with reality — listen to the seller before drawing conclusions.
  3. Multiple sources — a decision about a seller must never depend exclusively on Glivo. Consider history, context, commercial indicators, peer feedback and direct observation.
  4. Document humanly — any formal feedback, warning or action plan must be produced and substantiated by a human manager, in accordance with applicable labor law and other applicable rules.
  5. Mandatory review — before making any impactful decision about the seller, a qualified human must personally review the recording and analysis content (Art. 22 GDPR).
  6. Privacy in feedback — discuss results in a private setting, never in groups, in internal networks or in an exposed manner.

What NOT to do with the results

  • Do not justify dismissals with cause solely on AI outputs.
  • Do not use AI rankings as the sole basis for promotions, variable commissions or terminations.
  • Do not publicly expose the seller based on results (in groups, boards, lives, social networks).
  • Do not publicly compare sellers in a humiliating way using the results.
  • Do not use AI feedback as an instrument of workplace harassment, arbitrary punishment or retaliation.
  • Do not automate employment decisions (e.g., automatic dismissals for low scores).

Remember: employment decisions based exclusively on automated systems may be challenged in court. Art. 22 GDPR guarantees data subjects the right to human intervention. National labor law requires adequate justification for sanctions and respect for the principle of proportionality.

7. GDPR — Your practical obligations

Regulation (EU) 2016/679 (GDPR) and the national implementing laws govern how personal data is processed in the European Union. As a franchisee, you are considered a controller of the data captured at your unit.

The recording of commercial interactions for quality and training purposes is generally based on the basis of legitimate interest (Art. 6(1)(f) GDPR). You do not need formal written consent from the customer — there is no need to ask for signature or verbal confirmation in each interaction. What the law requires is transparency: the customer must be informed.

But beware: the use of the legitimate interest basis requires the performance and documentation of a Legitimate Interest Assessment (LIA) demonstrating that the controller’s interests are not overridden by the rights of the data subjects.

Transparency — how to inform the customer (Arts. 13 and 14 GDPR)

The duty to inform is met by clear, prior and accessible notice. For in-person interactions, the standard and sufficient form is the visible notice sign at points of circulation:

  • Sign at the store entrance.
  • Sign or sticker at the counter and in private rooms.
  • Privacy policy of the unit available to those who request it.

Purpose

Use Glivo only for: service quality, team training, improvement of commercial processes and internal audit. Never use for other purposes (advertising, union monitoring, persecution of employees, etc.).

Minimization (Art. 5(1)(c) GDPR)

Collect only what is necessary. Avoid inducing the customer to provide data that is not part of the sales process.

Automatic PII anonymization

The platform automatically detects and masks personally identifiable information (PII) in the transcript: national identification numbers, phone numbers, emails, addresses and proper names. The data visible to managers does not contain this information in identifiable form.

Even with automatic anonymization, we recommend not asking the customer for sensitive data during the sale, except where strictly necessary for the transaction.

Retention and deletion

  • The raw audio is retained for a standard period of 90 days (configurable per contract), after which it is automatically deleted.
  • The transcript (already anonymized) and the analysis results may be retained longer for development history purposes, in accordance with the network’s retention policy.
  • The customer, seller or manager may request early deletion of the data at any time, by formal request to the local point of contact. Deletion is processed within the GDPR’s deadlines (1 month — Art. 12(3)).

Security (Art. 32 GDPR)

Glivo handles technical security (encryption, isolation, access control). You handle operational security:

  • Define who has access to the platform at your unit.
  • Revoke access of those leaving the team immediately.
  • Never share credentials.
  • Do not export data (screenshots, audio, transcripts) outside the platform.

Data subject rights

If a customer, seller or former seller requests access, rectification, erasure or exercises another right (Arts. 15 to 22 GDPR), forward the request to the local point of contact of the unit. Glivo offers a formal flow to handle these requests within the legal time frame of one month (Art. 12(3) GDPR), extendable up to 2 months in complex cases.

Data breach notification (Arts. 33 and 34 GDPR)

In case of personal data breach (e.g., unauthorized access, loss, accidental disclosure):

  • Notify the supervisory authority within a maximum of 72 hours of becoming aware, unless the breach is unlikely to result in a risk to the rights and freedoms of data subjects (Art. 33 GDPR).
  • Communicate to affected data subjects if the breach is likely to result in a high risk (Art. 34 GDPR).
  • Glivo will notify the affected franchisee within 48 hours of confirmation of the incident.

8. What NOT to do — absolute prohibitions

  • ❌ Record without the customer being informed (sign absent, illegible or removed).
  • ❌ Share audio or transcripts outside the platform.
  • ❌ Use the content of the recordings for unauthorized purposes (advertising, public disclosure, social networks, training of external AI models).
  • ❌ Allow use of the platform by unregistered persons.
  • ❌ Use AI feedback as an instrument of harassment, arbitrary punishment or team exposure.
  • ❌ Substantiate employment decisions (warnings, dismissals, promotions) exclusively on AI outputs.
  • ❌ Record interactions outside the professional scope (private conversations, third parties).
  • ❌ Circumvent, deactivate or hide the recording signage to customers.
  • ❌ Operate without having performed the DPIA where applicable (Art. 35 GDPR).
  • ❌ Operate without informing workers and consulting their representatives where required.

9. Support and communication channel

In case of questions, technical issues, suspected security incident or data subject requests, use Glivo’s official channels. Franchisee support is prioritized and follows deadlines defined in the contract.

ChannelContact
Commercial email / data subjectshello@glivo.ai
Franchisee supportTo be defined in contract
Data Protection Officer (DPO)To be defined in contract
EU Representative (Art. 27 GDPR)To be defined in contract
Supervisory authorityMember-State authority — full list at https://edpb.europa.eu/about-edpb/about-edpb/members_en

By using Glivo, your franchise undertakes to follow the rules described in this guide and in the platform’s Terms of Use. Failure to observe these rules may result in suspension of access and full liability for inappropriate use.

Version of this guide: April 2026.