Effective Date: June 26, 2023
Welcome, and thank you for your interest in Voximplant Inc., a Delaware corporation
This Policy is incorporated into, and is subject to, the Voximplant Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in the Voximplant Terms of Service.
Data Processing Addendum available via link shall be agreed and signed by Client if required to enter into a data processing agreement on behalf of itself. If and to the extent Voximplant processes Personal Data for which Client’s authorized affiliates qualify as the Controller, Data Processing Addendum shall be executed in the name and on behalf of Client’s authorized affiliates.
Explanation of Service
We provide a SaaS-based telecommunications platform which enables you to (i) create, and (ii) allow your End Users to utilize, voice and video calls through an internet browser (including related services). Through our Service, you and your End Users can communicate with others through voice, video and/or other forms of communication.
Privacy Shield Commitment
As described in the Privacy Shield Principles, Voximplant is accountable for Personal Data that it receives and subsequently transfers to third parties. If third parties that process Personal Data on our behalf do so in a manner that does not comply with the Privacy Shield Principles, we are accountable, unless we prove that we are not responsible for the event giving rise to the damage.
“Client” means a customer of Voximplant.
“Client Data” means personal data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the Service.
“End User” means a Client’s customers and end users (including, without limitation, those authorized by Client) of the Service.
“Personal Data” means any information relating to an identified or identifiable natural
“Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to log in.
“Restricted Area” means the area of the Site that can be accessed only by Users, and
where access requires logging in.
“User” means an employee, agent, or representative of a Client, who primarily uses the
Restricted Areas of the Site for the purpose of accessing the Service in such capacity.
“Visitor” means an individual other than a User, who uses the Public Area, but has no
access to the restricted areas of the Site or Service.
What Information Do We Process and How Do We Use it?
Voximplant collects personal data about individuals in several contexts:
- When visiting our website (see below, Passive Collection of Information);
- When interacting with us as a business customer;
- Or, if you communicate via one of our customers’ platforms.
We use collected information only for the purpose for which you provide it, including client services, email marketing and corporate communications, customer service and feedback or to provide requested information and services.
Depending on the context we may process the following categories of Personal Data -- not all categories will be collected about every individual:
- Organization name,
- Email address,
- Phone number,
- Billing address
- Mailing address,
- Credit card and payment details
- SIP and Skype information (see below for more information)
- Number of calls to and from a provided number
- Call length to and from a provided number
- Numbers calling or called by a provided number
- Call content and usage information
- Contact information associated with a corporate Client account
- Usage data (see below for more information).
Personal Data includes information collected, received, accessed, used and disclosed (both online and offline) that allows us to identify you. Examples of this kind of information include, as applicable, your name, organization name, email address, login and password, phone number, billing address, mailing address, credit card and payment details, data required for registration, and other similar kinds of information that may be used for the same purpose. We may also request photo identification and/or proof of address information for account verification, telephone number verification, and legal compliance purposes.
Usage Information, under some circumstances may be a type of Personal Data, and consists of information provided passively or generated automatically during your use of Voximplant’s Service including the number of calls, call length, called numbers and call content. Usage Information may include Call Detail Record information (“CDR”) and other call records of Clients and End Users. CDR records may include Personal Data including (i) the identity of an End User who initiates a voice or video call, and (ii) the identity of the person which receives such voice or video call. Unless required under applicable law, we don’t provide information on calls, call length, called numbers or call content to any third party.
SIP & Skype Account Information
SIP account information consists of SIP requisites you enter in order to redirect calls using the Voximplant Services. Skype account information consists of Skype ID that you enter in order to redirect calls using the Voximplant Services. Unless required by applicable law, this information is not provided to any third party.
Tracking of Website Visitors
As is true of most web sites, we gather certain information automatically and store it in log files. This information may include, for example, internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, or clickstream data. We may combine this automatically collected log information with other information we collect about you. We do this to improve marketing, analytics, and site functionality. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
When you interact with Voximplant.com, we use technologies such as cookies, beacons, tags, and scripts to collect information about you. We use these technologies in analyzing trends, administering the site, tracking users’ movements around the site, and gathering demographic information about you and our user base as a whole. We may receive reports based on the use of these technologies on an individual as well as an aggregated basis.
When you interact with us on social media websites, such as Facebook and Instagram, we may collect information relating to your interactions with us (such as items you have “liked”) and profile information you have chosen to make public. If you wish to restrict access to your social media profiles, you may change your settings on the social media provider’s website.
Personal Data & Non-Personal Data
Voximplant will not rent or sell your Personal Data to others. We may store Personal Data in locations outside the direct control of Voximplant (for instance, on servers or databases co-located with hosting providers including, without limitation, Amazon Web Services, Servers.com, Google Cloud and Liquid Web (“Hosting Providers”). Voximplant’s Hosting Providers may physically have servers located anywhere in the world (i.e. including outside the European Union). Any Personal Data you elect to make publicly available on our Site or through the Service, such as posting comments on a blog page, will be available to others. If you remove information that you have made public on our Site or through the Service, copies may remain viewable in cached and archived pages of our Site or the Voximplant Service, or if other users have copied or saved that information. If you wish to post a comment on our blog, registration may be required.
We may gather and share non-Personal Data (such as anonymous usage data, referring/exit pages and URLs, IP address, browser and platform types, referring/exit pages, operating system number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain Voximplant Services and those of our partners.
Use of Information
We use information that we collect in a variety of ways in providing the Service and
operating our business, including, with respect to operations, improvements and
communications. Such uses include facilitating the functioning of our business and Site,
complying with applicable law, providing you with products and services, or as otherwise
as appropriate in connection with a legitimate business need, including, without limitation:
(1) enabling, providing and enhancing the efficacy of Voximplant’s Site, products, or services (including the Service and for any other purposes as may be further set forth in agreements between Voximplant and its Clients, including acting as a data processor on behalf of its Clients which act as data controllers);
(2) customer service activities (including via email and telephone), including administering an account, processing / fulfilling / confirming orders, billing, providing technical support, responding to your requests, providing updates, and customizing, enhancing, upgrading and improving Site and offerings;
(3) sales, marketing and promotional activities (including sales tracking and administering contests), and customer relationship management (including newsletters, notices and sending you requested product or service information); and
(4) internal business processes and management, analysis (including usage trends and preferences), crime/fraud detection and prevention, security, protecting Voximplant’s legal rights, and compliance with governmental, legislative, and regulatory requirements.
You have the ability to opt-out of receiving any promotional communications as described below under “Your Choices.”
Voximplant may disclose Personal Data to business partners and subcontractors, as necessary, for the purpose of providing Voximplant’s Services, including a performance of mandatory processes of identification and verification of client's identity, or as otherwise appropriate in connection with a legitimate business need. Such companies are authorized to use Personal Data only as necessary to provide such services to Voximplant.
Credit Card details will be handled securely to ensure confidentiality and 128-bit SSL encryption is used to ensure sensitive data is protected during transmission over the internet.
The Site also contain a blog where your feedback is accessible by the public as well as by the Voximplant team.
Your feedback sent via Voximplant e-mail is accessible by the Voximplant team only.
We reserve the right to utilize Personal Data and Non-Personal Data for marketing purposes (for instance by displaying selected comments on our website or in other communications), and in order to comply with applicable law (including, without limitation, providing data to our telecommunications providers including Voxbone which is headquartered in Belgium).
From time to time, we may send you surveys or solicit your feedback. We use surveys to gauge user interest in new products and premiums we may offer. We may ask for your feedback on site features. We will use the information we gather to improve our Site and provide a more meaningful experience to Clients and End Users. We may also use the information to alert you about offers and products in which you have expressed an interest in.
In the event that we (and/or our business lines, subsidiaries or affiliates) are ever sold, acquired, merged, liquidated, reorganized, or otherwise transferred, we reserve the right to transfer our user databases (together with any Personal Data or Non-Persona Data contained therein), to a third-party acquiring our assets. In the event we do so, we will place a prominent notice of the sale on the homepage of our corporate website, with links to information as to how you can change your privacy preferences.
Storage and Processing
As set forth in more detail above, but subject to appropriate safeguards: (i) your information collected through the Voximplant Service may be stored and processed anywhere in the world (including, without limitation, in the United States, Europe, or any other country in which Voximplant or its subsidiaries, affiliates or service providers maintain facilities), and (ii) Voximplant may transfer information that we collect about you, including Personal Data, to affiliated entities, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world.
In case you choose to store and process Personal Data within a certain territory made available to you by Voximplant (e.g. the European Union, USA, etc.), we endeavour then to process Personal Data only on servers located within such a territory. However, our customers may access Personal Data from locations outside such a territory and our customer support may be able as well to access Personal data from outside of a territory of choice.
How we Protect Your Information
Voximplant is concerned with protecting your privacy and data, but we cannot ensure or warrant the security of any information you transmit to Voximplant or guarantee that your information on the Voximplant Service may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards. When you enter confidential information (such as login credentials) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL). No method of transmission over the Internet or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.
If you have any questions about security on our Site, you can contact us at email@example.com. We may use an outside help platform, and a credit card processing company to bill you if you purchase Services. Such companies do not retain, share, store or use Personal Data for any other purposes. You shouldn’t install any specific software to use Voximplant Services, and our Site pages don’t install any software to your system.
Federal Trade Commission
We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC). We may be required to disclose Personal Data that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Data Rights for those in the European Economic Area (EEA), United Kingdom (UK), and Switzerland
If you reside in the EEA, the United Kingdom, or Switzerland, our use of your personal information is governed by the European Union’s General Data Protection Regulation, or “GDPR” or applicable EEA, UK or Swiss national laws. These laws grant you particular rights in your personal information, including the right to alter, correct, receive, or delete personal information stored by Voximplant at any time, subject to our business interests and any legal requirements.
Those in the EEA, UK, or Switzerland have the right to complain to a data protection authority about our processing of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here: https://edpb.europa.eu/about-edpb/board/members_en. We respond to all requests received from individuals wishing to exercise their data protection rights under applicable data protection laws. To protect your privacy and security, we may need to take reasonable steps to verify your identity before responding to your request.
To exercise any of these rights, you may contact us at firstname.lastname@example.org. If we are unable to resolve your complaint, you may contact your country’s data protection authority.
Individuals whose data Voximplant processes who are located in the EEA, UK or Switzerland and customers of Voximplant no matter where located, who process personal data of EEA, UK or Swiss residents should note the following:
You may have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. We have appointed a representative in the EU and the UK under Article 27 of the GDPR. You may send any inquiries or access requests to the Article 27 rep at email@example.com.
If you need further assistance regarding your rights, please contact us at firstname.lastname@example.org and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Voximplant is based in the United States. Your personal data may be processed and stored in the U.S., either by us or by one of our vendors or customers.
Depending on where our vendors or customers are located your information may be transferred to other jurisdictions, including the U.S., that may not provide equivalent data protection as your home jurisdiction provides.
We endeavour to only process EU personal data on servers located in the EU; however, our customers may access personal data from locations outside of the EU and our customer support may be able to access your personal data from outside of the EU.
Whenever we transfer your personal data to countries outside of the EEA, UK or Switzerland we will ensure that at least one of the following safeguards is in place:
- We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data;
- Ensure the transfer is subject to a specific derogation in the GDPR or national laws; or
- Use the standard contractual clauses as the transfer mechanism when a case-by-case analysis has been performed.
Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data protection as it has in the EU, EEA or UK. We use supplementary measures, TLS1.2 encryption or IPsec tunnels with AES-128 ciphers, to reduce the risk of mass surveillance in transit of Personal Data.
How you can access, update or delete your data
It is very important that the information we hold about you is accurate and up to date. You can also email us at any time if your personal information changes, or you want to opt-out of email communication, please see the Opt-Out section above or email us at: email@example.com.
If you make a request to delete your personal data and that data is necessary for the Services you have purchased, the request will be honored only to the extent it is no longer necessary for any Services purchased or required for our legitimate business purposes or legal or contractual record keeping requirements.
Your California Data Rights
If you reside in California, our use of your information is governed by California law, including the California Privacy Protection Act (CCPA). This section applies only to California residents.
Personal Information Collected and Purposes of Use
We collect and use information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, to you or your devices when you visit our Websites, provide us your personal information, or have a contractual or business relationship with us or any of our customers (“Personal Information”).
We collect Personal Information for the purposes identified in the section above called: “What Information Do You Provide to us and How Do We Use it?”. We may have shared your Personal Information with the categories of third parties identified in the section above called: “Use of This Information”.
Unless specifically stated, we do not share, disclose, or sell personal information to third parties for their use, but we do share your personal information with our trusted partners to support our business. In these arrangements, the use of the information we share islimited by policies, contracts, or similar restrictions.
Your Privacy Rights under California Law
Californians have the following rights regarding our collection and use of your personal information. We may ask you to provide additional information to verify your request. Californians have the right to request the information regarding the personal information we have collected, sold, or disclosed about you. This policy explains the:
- Categories of personal information collected about you, and sources from which collected;
- Our purpose for collecting personal information;
- Categories of third parties with which the personal information was shared; and
- Specific pieces of personal information collected about consumers.
- Categories of your personal information sold in the preceding 12 months;
- Categories of third parties to whom your personal information has been disclosed;
- Categories of personal information that we disclosed about consumers for a business purpose.
If this Policy does not answer your questions, then you have the right to contact us and request further information on each of these topics.
Right to Opt-out
Californians have the right to opt-out of sharing, disclosure, or sale of your Personal Information. To exercise this right, you or your authorized representative may submit a request by email to firstname.lastname@example.org with a subject: DO NOT SELL MY PERSONAL INFORMATION
Right to Request Deletion
Californians have the right to request that we delete the personal information we have about you. However, we are not required to delete information if it is necessary to retain your information to:
- Complete the transaction for which the personal information was collected, provide a good or service requested by you, or a transaction reasonably anticipated within the context of our or one of our affiliate’s ongoing business relationship with you, or to otherwise perform a contract we have with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity or prosecute those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Facilitate solely internal uses that are reasonably aligned with your expectations based on your relationship with us or one of our affiliates.
- Comply with a legal obligation.
- Otherwise use the personal information, internally, in a lawful manner that is compatible with the context in which it was provided.
You can contact us with questions about this Privacy Notice for California Residents or to exercise your rights as described in this Notice.
Telephone number: +1 628 280 6510.
Email: email@example.com with “Request for California Privacy Information” in the body and subject line of the email.
Weblinks: CCPA Request and DO NOT SELL MY PERSONAL INFORMATION.
Your Nevada Data Rights
If you reside in Nevada, our use of your information is governed by Nevada law. This section applies only to Nevada residents.
Personal Information Collection and Purposes of Use
- We collect certain personal information of Nevada consumers as identified in the section above called: “What Information Do You Provide to us and How Do We Use it?”.
- We collect this personal information for the purposes identified in the section above called “What Information Do You Provide to us and How Do We Use it?”.
Your Privacy Rights
You have the right to access and correct your personal information or opt-out of the sale of personal information. If you would like to review, correct, or update your personal information, you or your authorized representative may submit your request to firstname.lastname@example.org. We will respond to your verified request as soon as reasonably practicable, but no later than sixty (60) days after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response.
We generally do not disclose or share personal information for profit. Under Nevada law, you have the right to direct us to not sell or license your personal information to third parties. To exercise this right, if applicable, you or your authorized representative may submit a request to email@example.com. We will respond to your verified request as soon as reasonably practicable, but no later than sixty (60) days after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response.
How Do We Protect Your Data, Information, and Resources?
We use security technology as supplementary measures to protect any information you provide us. Passive data and data in transit is protected by either TLS1.2 encryption or IPsec tunnels with AES-128 ciphers.
Your Choices – Access, Correction & Deletion
We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the “Contact Us” section. At your request, we will have any reference to you deleted or blocked in our database.
You may update, correct, or delete your account information and preferences at any time by accessing your Profile page within our site. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service.
At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact Voximplant’s Data Protection Officer at firstname.lastname@example.org. You also have a right to lodge a complaint with data protection authorities.
We only retain the Personal Data collected from you for as long as your account is active or otherwise for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:
• the contents of closed accounts are deleted within twelve (12) months of the date of closure;
• backups are kept for twelve (12) months;
• billing information is retained for a period of seven (7) years as of their provision to Voximplant in accordance with applicable accounting and taxation laws;
• information on legal transactions between Client and Voximplant is retained for a period of seven (7) years as of their provision to Voximplant in accordance with the general limitation period set for civil claims in applicable law.
If you remove information that you have made public on the Voximplant Service or Site, copies may remain viewable in cached and archived pages of the Voximplant Service or Site, or if other users have copied or saved that information. Non-Personal Data may be stored indefinitely.
Data Controller and Data Processor
Voximplant does not own, control or direct the use of any of the Client Data stored or processed by a Client, User or End User within the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. Voximplant is largely unaware of what Client Data is actually being stored or made available by a Client or End User to or through the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client, Users and End Users.
The Client or End User is the data controller under the Regulation for any Client Data containing Personal Data, meaning that such party controls the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of Personal Data contained within any Personal Data.
Voximplant is not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Client, Users or End Users, nor is Voximplant responsible for the manner in which the Client, Users or End Users collect, handle disclosure, distribute or otherwise process such information.
Under certain conditions, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
You can contact us by writing or email us at the address below:
Attn: Data Protection Officer
150 West 25th Street, RM 403 New York City,
NY 10001, United States of America
Contact email: email@example.com
Or, contact our EU and UK GDPR Article 27 representative at firstname.lastname@example.org.