Sytel Limited treats your information as confidential. This Data Processing Notice describes how we collect personal information, what we do with that information, and also what controls you as the Data Subject have over that information in relation to your use of our Services.
Your information will be held and managed by Sytel Limited, acting as either the data controller, or, if you are a client or interested party of Sytel Limited, as the data processor.
In this Notice, we will use ‘plain English’ guidance to clearly explain what each section details.
This data processing notice applies specifically to subscribers to the Softdial Cloud™ CCaaS service.
What information do we collect and when?
When using our Services, we may collect and use the following data about you:
Information provided directly by you:
- Information that you provide in order to enable us to configure and deliver the Service as set out in the Privacy Notice.
- Information relating to transactions made by you through the service including but not limited to Agent names, telephone numbers and other media addresses.
- Information contained in communications you send to us, for instance, to report a problem, submit a query, concern or other comment regarding our Service.
Data about you collected from other sources:
- Location information – We may collect information about your location when you access our Service through a mobile device. If you do not want to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device; provided your devices allows you to do so.
- Information collected from third parties and contractors/ suppliers – We may obtain information about you from third parties, such as partners, clients, researchers, associates, and others.
- Aggregate or pseudonymise data – We may aggregate and/or pseudonymise information collected by the Services so that the data is not intended to identify you. This Data Processing Notice does not restrict our use or disclosure of aggregated and/or de-identified information.
How do we use your personal data?
We will collect and use your information as described in this Data Processing Notice and as permitted by applicable laws, including in circumstances where it is necessary:
- To provide or fulfil Services requested by or for you;
- For compliance with a legal obligation to which we are a subject;
- To pursue our legitimate interests;
- Where you have given us your express consent.
We collect and use your information for the following purposes:
To perform the Services requested by you
for instance, if you fill out a provisioning questionnaire, we will use the data provided to configure, commission and test the integrity of the Services. This data processing is necessary to provide and fulfil a service requested by or for you.
For marketing purposes
We may use your information to further discuss your interest in the Services and to send you information regarding Sytel Limited such as information updates about our service with your prior consent. You can withdraw your consent at any time. Data processing for marketing purposes is a legitimate business interest.
You may manage your receipt of marketing and non-transactional communications by sending a request to: firstname.lastname@example.org.
You have the right to contact us (email@example.com) at any time to object to the further processing of your data for the purposes of direct marketing to you, including any profiling related to such marketing.
For financial and payment purposes
For checking financial qualifications and collect payment from you, where applicable. This data processing is necessary to provide or fulfil a service requested by or for you.
For operating and improving the Service, and your customer experience
We may collect and analyse data with the purpose of improving our customer experience. Data collected could include data about your device, such as unique device identifiers, information about your mobile phone or other mobile device(s), browser types, browser language, operating system, and the state or country from which you accessed the Site. Data collected could also include information related to the ways in which you interact with the Service, such as referring and exit pages and URLs, platform type, the number of clicks and domain names.
This data allows us to understand our customers, their interactions with our Service and improve them to better serve the customers. Data processing for analytical and operational improvement purposes is a legitimate business interest.
For Security purposes
We may use your data to protect Sytel Limited and its suppliers against security breaches and to prevent fraud and violation of your agreed terms of service. Data processing for security purposes is a legitimate business interest.
Protection of Sytel Limited and others
We may disclose your information to:
- Comply with legal obligations;
- Enforce any agreements that you entered into with us;
- Respond to claims that any content violates the rights of third parties;
- Respond to your requests for customer service.
We may also disclose information to law enforcement agencies in emergency circumstances, where the disclosure of such information is consistent with the types of emergency disclosures permitted or required by law. This is data processing for compliance with legal obligation.
We reserve the right to disclose and transfer all of your data to a successor (or potential successor) company in connection with a merger, acquisition, or sale of all, or components, of our business, or in connection with due diligence associated with any such transaction. Data processing for this purpose is a legitimate business interest.
Sharing your data
We may share your data with any of our suppliers who assist us in providing the Services we offer. The assistance provided by our suppliers may be related to our marketing activities such as: updating marketing lists, advertising, market research and sending and receiving communications.
Transactional assistance may also be provided by our suppliers: processing transactions, fulfilling requests for information, billing, sales, execution, and the fulfilment of orders. Other support services provided may include: data storage, transfer, analysis and processing, providing software services and in other tasks as may requested from time to time.
Our suppliers will only use your information to the extent necessary to perform their functions and are subject to contractual restrictions prohibiting them from using your information for any other purpose.
To receive a list of suppliers assisting us in the processing of your data please send your request to firstname.lastname@example.org. This list may change and will be updated from time to time.
Sytel Limited may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Sytel Limited, Sytel Limited may share information about you collected in connection with your purchase or expression of interest with our joint promotion partner(s). If you do not want your information to be shared in this manner, you may email email@example.com.
However, we do not control our business partners’ use of the information that we share with them about you that we collect, and their use of the information will be in accordance with their own privacy policies.
Transfer of information overseas
The personal data about you that we collect is sent to and stored on secure servers located in one specific country (the Sovereign Data Country) as agreed when you subscribe for the Services. Such storage is necessary in order to process the information.
Information will not be transferred outside of the Sovereign Data Country except in cases where you have contracted for backup services for geographic redundancy.
Standard contractual clauses
We will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards, such as relying on a recognised legal adequacy mechanism which, if the Sovereign Data Country is inside the EU, may include by entering into EC approved standard contractual clauses relevant to transfers of personal information (see https://ec.europa.eu/info/policies/justice-and-fundamental-rights_en) and that it is treated securely and in accordance with this Data Processing Notice.
We have appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorised access and maintain data security of, and to use correctly, the information we collect online. These safeguards vary based on the sensitivity of the information that we collect and store. We have implemented procedures designed to limit the dissemination of your information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to make reasonable efforts to prevent unauthorised access.
We will only keep your personal data as long as it remains necessary for the identified purpose(s) for which it was originally collected and for up to six plus one years afterwards or otherwise permitted by local laws, or as required for our business operations or by applicable laws.
We may need to retain certain personal information even once a customer account has been closed or deleted to enforce our terms, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping purposes. We may also retain a record of any stated objection by you to receiving our updates for the purpose of ensuring we can continue to the respect your wishes and not contact your further. If you request to stop receiving emails from us, we will retain your email address for use on an email “suppression list” to ensure you do not receive further emails, as requested.
All retained information will remain subject to the terms of this Data Processing Notice. If you request that your name be removed from our databases, it may not be possible to completely delete all your information due to technological and legal constraints.
You have the right to ask us to:
- Access all personal data held by us on you. On request, we will provide you with a copy of this information. We reserve the right to charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested. You can exercise your right of access to your personal data:
- by emailing us at firstname.lastname@example.org
- by writing to us at the address below.
Please note that we may be required to ask for further information in order to confirm your identity before we provide the information requested.
- Correct or erase your personal data where appropriate.
- Restrict the processing of your personal information whilst we investigate your concern.
Where your processing is based on your consent, you have a right to:
- Receive your information in a commonly used electronic format or ask that we move the data in that format to another provider where your request relates to the data that you gave us direct and where technically possible (data portability)
- Withdraw your consent at any time.
If you remain dissatisfied with the response you receive you can also refer the matter to the data protection supervisory authority.
As the terms of your Subscriber Agreement are governed by UK law, the relevant UK body is the Information Commission Office (ICO).
The ICO head office contact details are:
Information Commissioner’s Office
Cheshire SK9 5AF
Telephone: 0303 123 1112
Contact portal: https://ico.org.uk/global/contact-us/
This document was last updated: 22 July 2022