NTT Cloud Communications Privacy Policy

Respect is one of values, respecting your privacy comes naturally to us

Author: NTT Cloud Communications’ Compliance Department
 
Last updated : February 2021
 
 
 
NTT Cloud Communications and its affiliates (collectively “NTT Cloud Communications” “we”, “our” or “us”) understand and value the importance of ensuring that we collect, use, store, share and dispose of (collectively “Use”) information about you (“Personal Data”) in a fair, ethical, transparent, secure and lawful way.
This Privacy Policy describes why and how we Use your Personal Data and your choices and rights in relation to your Personal Data. It applies when you are using the solutions and services that we provide, when we are interacting with you via our websites or social media sites or when we collect or receive your Personal Data from you or from third parties.  When we provide you with our Cloud Communications services, as our client, you are the Data Controller and we are the Data Processor. 
 
Additional privacy notices that may apply in certain jurisdictions or locations across the world are made available in such locations and are deemed to be incorporated into this Privacy Policy.
 
1- For which purpose do we collect personal data?
We Use your Personal Data to operate, provide and improve our services. The purpose for our Use of your Personal Data include, with respect to:
 
  • Provision of our services: we process your Personal Data to deliver our services and process transactions related to our services, including registrations, subscriptions, procurement, billing and payments. Your use of our services implies the Use of your Personal Data as a pre-requisite without which we are unable to provide you our services. 
  • Support and improve our services: we process your Personal Data to provide support and to develop and improve our services. We also use your Personal Data to measure use of and analyze performance of our services and solutions.
  • Business to Business contact with prospects: we process your Personal Data to communicate with you in relation to our services via different channels (by phone and email) and to respond to your requests. If you attend an event or participate to a trade exhibition where we are exhibitor or sponsor, we may, with your further consent, scan your attendee badge and collect your Personal Data.
  • Marketing: we process your Personal Data to promote and market our services. If you navigate on our website, we may collect navigation data through the use of tracking tools such as cookies. 
  • Internal governance: we process Personal Data of our internal employees and external business partners to ensure the internal functioning of the Cloud Communications division of NTT Ltd. and its affiliates. 
  • Recruitment: If you apply for one of our job offers, we will require that you provide to us your Personal Data according to our Recruitment privacy statement. 
  • Visitors management: we process Personal Data about visitors in order to monitor access to our premises. 
  • Compliance with legal obligations: we process your Personal Data when a law or regulation requires such processing. 
 
 
2 - What Personal Data do we collect?
Depending on how you interact with our solutions or services, Personal Data may include:
 
  • Information commonly used to identify you such as your name, email address, phone number and other similar identifiers; 
  • Professional information such as your professional email and job title;
  • Information about your usage of our solutions and services; 
  • Information about your interaction with our solutions and services such as log-in and CDR (Call Detail Records); 
  • Social media account information;
  • Marketing and other preference information. 
 
We do not collect sensitive personal data about you, e.g. information relating to your religion, health, biometric or genetic information, sexual orientation or race, and ask that you do not provide this kind of data to us. 
With respect to the Health Information Portability and Accountability Act of 1996 (“HIPAA”), we do not collect data corresponding to Personal Health Information (“PHI”), and as such do not qualify as business associates under HIPAA. 
Our services and solutions are not developed for or directed to children and our website is not designed to attract children under the age of eighteen (18). We do not knowingly solicit or collect Personal data from any person that is under the age of eighteen. Visitors under eighteen years of age are not eligible to do business with us. 
 
As a consequence, we are not concerned by the requirements of the Children’s Online Privacy Protection Act of 1998 (“COPAA”). 
 
3 - How do we collect your Personal Data?
We may collect your Personal Data in a variety of ways, including:
  • Directly from you;
  • From cookies and other tracking technologies: we will use cookies and other tracking technologies when you use our website in order to optimize your experience of this;
  • From third party sources: we validly collect Personal Data from third parties, including public databases, social media sites, business partners and clients.
 
4 - On which legal basis do we process personal data?
We process your Personal Data when we have an adequate legal basis for doing so. We collect and use your Personal Data for instance when:
 
You have consented to such processing; or
  • The processing is required to perform our contract; or
  • It satisfies our legitimate interests for the purpose of managing, operating or promoting our business, including direct marketing, and intra-group transfers of personal data for business and administrative purposes, except where such interests are overridden by your interests or fundamental rights or freedoms which require protection of personal data.
  • The processing is necessary to comply with a legal obligation.
 
 
5 - How long do we retain personal data?
We will retain your Personal Data for the period necessary to fulfil the purposes for which these data were collected unless a longer retention period is required by law (including tax and litigation laws), resolve disputes, protects your assets, or enforce our rights. How long we retain your Personal Data depends on the category of data, the purpose for which we process the data or the written instructions of our clients.
 
6 - How do we share your Personal Data? 
Your Personal Data remain your property. We do not share, sell or rent your Personal Data to unrelated third parties nor transfer them within our group without proper and lawful purpose.
With respect to the California Consumer Privacy Act of 2018 (CCPA), we do not intend to sell Personal Information of Californian Consumers as those terms are defined under the CCPA and, in the preceding twelve months, we have not sold any Personal Information of Californian Consumers. We reserve the right to make such sales in the future. In this case, we will update our Privacy Policy adding the list of Personal Information sold. If you would like to record your preference that we do not sell your Personal Information in the future, please click here https://connect.arkadin.com/preference-centre.
We may share your Personal Data to :
 
  • Our Affiliates for client support, marketing and account management purposes. “Affiliate” refers to, now or in the future, any other entity that (i) directly controls; (ii) is under common control with; or (iii) is controlled by Cloud Communications division of NTT Ltd. An entity shall be considered as controlling another entity if it owns, or controls, at least fifty (50) percent of the voting stock or other ownership interest of the other entity.
  • Our business partners,  who provide operational services or facilitate transactions on our behalf, including but not limited to processing of orders, assisting with sales-related activities or post-sales support, client support, email delivery, data analytics, survey distribution and insights, and auditing, and who offer co-branded services or engage in joint marketing activities, as permitted by applicable law. 
  • Our sub-processors, as listed here https://www.arkadin.com/en-gb/data-subprocessors., who process Personal Data on our behalf. 
  • The competent authorities, in order to respond to a request for information in accordance with, or required by any applicable law, regulation or legal process; or where necessary to comply with judicial proceedings, court orders or government orders. Should we receive a disclosing or cooperation request or order emanating from a surveillance authority of a country in which we operate, we would exhaust appropriate legal remedies before complying.  
 
We have implemented appropriate safeguards for transfers of Personal Data originating from the European Economic Area (“EEA”) to our affiliates and unaffiliated third parties located outside the EEA. These safeguards include the assessment of the GDPR maturity of our future suppliers, the signature of a Data Processing Agreement and of Standard Contractual Clauses, in their current version or any successor version that may be adopted pursuant to a decision of the European Union Commission. 
 
7- What are your rights? 
We adhere to applicable data protection laws within and outside the EEA, which provide you with certain rights relating to your Personal Data. Your rights include: 
 
  • The right to be informed about the collection and use of your Personal Data;
  • The right of access to your Personal Data;  
  • The right to rectify inaccurate or incomplete Personal Data rectified;
  • The right to have your personal data erased, destroyed or deleted. This is also known as the ‘right to be forgotten’;
  • The right to restrict processing of your Personal Data;
  • The right to receive your Personal Data from us in a structured, commonly used and machine-readable format and to transmit your Personal Data to a third party without obstruction (right to data portability) in certain circumstances;
  • The right to lodge a complaint with your local supervisory authority. You can find a full list of these supervisory authorities on the European Commission website by clicking here or by going there:   https://ec.europa.eu/justice/article-29/structure/data-protection-author... When we process Personal Data based on your consent, you have the right to withdraw your consent at any time for future processing;
  • When we process your Personal Data based upon our legitimate interests or those of a third party, you have the right to object to the processing of your Personal Data at any time (including to any profiling); 
  • All rights in relation to automated decision making and profiling, though  our activities do not include automated decision making or profiling;
  • If you are subject to the CCPA, the right to opt-out of the sale of your business information and the right to not be discriminated against for your business information.
 
You can send your request directly to your usual client account representative or to your usual Clients Relations team. You can also directly contact our Data Protection Officer at nttcc.privacy@global.ntt.
 
If you are a visitor or a participant, your request shall be sent to the communications preference center available by clicking here or by going there https://connect.arkadin.com/preference-centre. This tool allows you to opt out of marketing and non-transactional communications.  If you are subject to the CCPA, you can contact us via the following toll-free number: 1-866-921-5486. 
 
Any request will be addressed with care within a reasonable timeframe.
 
8 - How do we use cookies and similar technologies? 
We use cookies and similar technologies for the following purposes:
  • To compile statistical data on the use and performance of our website, so that we may monitor and improve it;
  • To facilitate your ability to navigate through our website and to allow you to access secure parts of our website;
  • And to share our web pages via social media platforms.
  • A full list of the cookies located on our website is available in our cookies preference center, available here : https://www.arkadin.com/en-gb/about-cookies . We enable you through this cookies privacy preference center, to opt-in and opt-out of various categories of cookies. 
 
9 - How do we use widget-type tools and interactive mini-programs?
We use widgets tools which are interactive mini programs that run on our website and link to other websites. As such, you may find an “apply to a job” button or Facebook, Twitter, Google +, LinkedIn, YouTube widgets. These widgets are subject to the terms of use, privacy and cookies policies of the respective social network. Please ensure that you are familiar with these.  
 
10- Links to third party websites and applications
Our websites may provide links to the websites of our business partners or sub-processors. 
We are not responsible for and make no representations or warranties in relation to the security, privacy practices and content of these websites. Please ensure that you read the applicable privacy and cookies policies of these third-party websites before sharing Personal Data on these third-party websites. Your use of such third-party websites is at your own risk.
 
11 - Confidentiality statement
Our services include certain access or identification details such as an access number and a pin code. Such details are granted to you and are confidential to you. You are responsible for maintaining the confidentiality of your login name, password and/or pin code and for restricting access to your account. You are responsible for the use of your Personal Data or for the access to your account by any individual with whom you may share your login name, password and/or pin code, or who you may authorize to use your account. You are also responsible for any unauthorized use or access that results in whole or in part from your failure to protect the confidentiality of your login name, password and/or pin code.
 
12 - Privacy Policy updates
We may update this Privacy Policy from time to time. If we modify our Privacy Policy, we will post the revised version here, with an updated revision date.
Your continued use of, or interaction, with our services after any changes or revisions to this Privacy Policy implies that you have acknowledged and agreed to the terms of such revised Privacy Policy.
 
13 - How to contact us? 
Any enquiries about this Privacy Policy may be sent to our Data Protection Officer at nttcc.privacy@global.ntt.
Our lead authority is the CNIL (https://www.cnil.fr.). 
Our Data Protection Officer may also be contacted at the following address: NTT Cloud Communications SAS – Data Protection Officer – 32 rue Guersant, 75017 Paris, France.