Updated effective January 1, 2020
At Telnyx, we are committed to honoring the privacy of our customers and visitors to our website. We recognize the importance to you, our website customer or visitor (“you”), of maintaining an appropriate level of privacy and security for the personal information we collect from you through this website. We store your data safely and handle it with the utmost care and in accordance with applicable law.
Telnyx complies with all data privacy laws and directives, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
Since our customers integrate our products in their software applications, we don’t interact with their end users directly. When customers do share end user information with us, we always handle the data in accordance with data protection regulations, including the GDPR. We don’t use that data for any purposes other than specifically issued by the customer who provides the data, or to the extent required under law.
You’ll encounter the terms “controller” and “processor” in this policy. By “controller”, we mean the company that an individual (“data subject”) provides their personal data to. The controller determines the purpose for the personal data and is responsible for the correct handling of the data subject’s data. By “processor”, we mean the company that provides part of the services to the controller, and needs specific personal data in control of the controller in order to do so.
Depending on your relationship with Telnyx, we may both be a controller and a processor. When Telnyx processes the contents of communications provided by a customer, as between Telnyx and the customer, generally Telnyx is a processor. When Telnyx processes communications metadata, Telnyx is a processor in many respects, but may act as a controller in others. When Telnyx processes your personal data that you have provided to us through our portal or otherwise, Telnyx is acting as a controller. When Telnyx is acting as a controller or a processor, it always ensures that the parties we work with adhere to GDPR. Additionally, we ensure that another party will not use the data you have entrusted to us for any other purpose than delivering the services you have purchased.
GDPR Data Protection Rights
Telnyx would like to make sure you are fully aware of all of your data protection rights. Under GDPR, every applicable user is entitled to the following:
- The right to be informed – you have the right to request that we inform you of what data is being collected, how it’s used, how long it’s kept and whether it will be shared with third parties.
- The right to access – you have the right to request copies of your personal data. We may charge you a small fee for this service.
- The right to rectification – you have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
- The right to erasure – you have the right to request that we erase your personal data, under certain conditions.
- The right to restrict processing – you have the right to request that we restrict the processing of your personal data, under certain conditions.
- The right to object to processing – you have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability – you have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
- The rights in relation to automated decision making and profiling – you have the right not to be subject to a decision based solely on automated processing.
If you make a request to exercise any of your applicable GDPR rights, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: firstname.lastname@example.org
CCPA Data Protection Rights
The California Consumer Privacy Act (“CCPA”) provides California residents with specific rights regarding their personal information. This section describes CCPA rights and explains how to exercise those rights.
- The right to access
- The right to opt out of the sale of personal information
- The right to deletion of a consumer’s personal information
- The right of data portability
- The right not to be discriminated against for exercising rights under the CCPA
If you would like to exercise any of these rights, please contact us at our email: email@example.com
Only you, or someone legally authorized to act on your behalf (this includes an authorized agent), may make a verifiable consumer request (“request”) related to your personal information. You may only make a request for access or data portability twice within a 12-month period. An authorized agent making a request on your behalf must provide us with written authorization providing the agent with the ability to make a CCPA request signed by you. Additionally, you will need to verify your identity directly with us. Please note that this authorized agent requirement is not applicable when the authorized agent has a power of attorney. The request must: (1) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and (2) describes your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Any disclosures we provide will cover the 12-month period preceding receipt of the request. We will provide a response to a request within forty-five (45) days of its receipt. If we reasonably require an extension of time, we will notify you within the first forty-five (45) day period and such extension will not exceed an additional forty-five (45) days. We will not discriminate against you for exercising any of your CCPA rights. Any personal information provided to us for verification and fraud-prevention purposes will only be used for that purpose and such information will be deleted as soon as practical after processing of your request. We will not sell (as defined under the CCPA) California resident personal information we collect.
What Kinds of Information Does Telnyx Collect and Use?
Visiting Our Website
Except as otherwise provided in this policy or in other written documentation or policies that may be provided to you regarding the services or website, the only personal data that we collect about visitors to our website is that which is provided to us voluntarily by you. “Personal data” is information that tells us specifically who you are, such as your name, street address, email address, billing address, social security number, credit card number, other service account information, and certain other financial information. In general, you can visit our website without telling us who you are or revealing any personal data about yourself. Our Web servers may use “Cookies” (described below) to collect information about visitors such as your domain name, host from which you access the Internet, the IP address of your computer, and your browser software and operating system. This information may be aggregated to measure such things as the number of visits, average time spent on the site, number of pages viewed, and methods by which our site was found. Telnyx may use such information to evaluate the use of our site and to continuously improve the content and services being provided.
Using Our Web Site Services
Customer Proprietary Network Information (“CPNI”)
We also want you to be aware that certain information related to your telecommunications services account with us such as to whom, where and when you make calls is CPNI. CPNI is protected by specific federal laws and regulations and as such we are fully committed to comply with such laws and regulations, both through our website and in all other respects. Without your consent, we will only share or disclose your CPNI (i) to market to you services or products among the categories of services or products you currently subscribe, (ii) to initiate, render, bill and collect our telecommunications services, (ii) to protect you or other carriers from illegal or fraudulent use of, or subscription to, our services or to protect our rights or property, (iii) to provide your call location information in certain specified emergency situations, and (iv) for other legally permissible purposes.
Telnyx operates a telephone system which is capable of recording conversations for the achievement of various proper and lawful purposes, including (i) quality monitoring, (ii) training, (iii) compliance and (iv) safeguarding purposes. Calls, incoming or outgoing, may be recorded, retained and/or collected.
All calls, incoming and/or outgoing to and/or from Telnyx, can be recorded. Under normal circumstances, a call will not be retrieved or monitored unless:
- It is necessary to investigate a complaint;
- It is part of a management quality check that our standards are being met;
- It provides assurance of Telnyx quality standards and policies.
- There is a threat to the health and safety of staff and/or visitors and/or customers and/or vendors and/or for the prevention and/or detection of a crime;
- It is necessary to check compliance with regulatory procedures;
- It will aid Telnyx employees in call handling through use in training and coaching our staff;
- It is for safeguarding purposes; or
- It is for helping to protect employees from abusive or nuisance calls.
Personal data collected in the course of recording activities will be processed fairly and lawfully in accordance with the relevant legislation, including GDPR. Data collected shall be:
- Adequate, relevant and not excessive;
- Used for the purpose(s) stated in this policy only and not used for any other purposes;
- Accessible only to managerial and/or senior staff such as our CEO, COO, legal department, accountants and specifically authorized IT representatives.
- Handled and managed confidentially;
- Kept and/or stored securely; and
- Not kept for longer than necessary and will be securely destroyed once the issue(s) in question have been resolved and/or there is no further legal obligation.
Where possible, we will inform the caller and/or the receiver of the call that the call will be monitored/recorded for quality/training purposes so that they have the opportunity to consent by continuing with the call or hanging up.
By continuing a call and/or accepting the current policy you freely and unconditionally consent that when receiving a call from Telnyx and/or when you are calling Telnyx, the call may be monitored or recorded for the purpose(s) stated in this policy.
Who Has Access to This Information?
Except as set forth in this policy or unless we specifically disclose it to you at the time of collection or subsequently obtain your approval, we will not make any personal data that is gathered on our site available to unaffiliated organizations for commercial purposes unrelated to the business of Telnyx. Certain federal, state and local laws or government regulations may require us to disclose personal data about you. In these circumstances, we will use reasonable efforts to disclose only the information required by law, subpoena or court order to be disclosed.
For example, here’s why and with whom we may share your personal data:
- Telecom operators and other communications and communications-related services providers for proper routing and connectivity.
- Third party service and technology providers who perform necessary actions on our behalf, such as payment processor and hosting service providers.
- Where we are legally obligated to do so.
- To protect the confidentiality or security of your personal data or other records.
- To our attorneys, accountants and regulators.
We may also share aggregate anonymized data relating to the transactions on the site and use of our services for marketing, research and other purposes.
Telnyx maintains physical, electronic and procedural safeguards designed to protect the confidentiality of personal data provided by you on and through our website. For example, unique passwords or user identifications are required to access a number of our website services. In addition to requiring the use of a unique password or user identification, all payments processed through our website require certain personal data provided by you to be sent in a “Secure Session” using Secure Socket Layer encryption technology. This technology is designed to encrypt—or scramble—your financial or credit card account information to help prevent unauthorized parties from reading it. We seek to regularly test and update our technology to help protect your personal data. However, such precautions do not guarantee that our website is invulnerable to all security breaches. Telnyx makes no warranty, guarantee, or representation that use of our website is protected from all viruses, security threats or other vulnerabilities and that your information will always be secure. When doing business with others, such as advertisers to whom you can link from our site, you should consider the separate security and privacy policies of those other sites.
Your Use of Passwords or User Identifications
This site may provide discussion areas so that customers and visitors can communicate freely and share ideas. Please remember that any information that is disclosed in these areas becomes public information and you should exercise caution when disclosing such information. These discussion areas may be monitored by us or law enforcement officials as appropriate occasionally in order to enhance the safety and respect for all of our customers and visitors, and off-topic, unlawful or otherwise inappropriate content of materials of which we become aware may or may not be removed from the site during the course of such monitoring. However, Telnyx is not responsible for any information posted or remaining on these discussion areas.
Links to Other Sites
For the convenience of our visitors and customers, this website may contain links to other sites. While we generally try to link only to sites that share similar high standards and respect for privacy, we have no responsibility or liability for the content, products or services offered, independent actions, or the privacy and security practices employed by these other independent sites. We encourage you to ask questions and review the applicable privacy policies before disclosing information to third parties on these independent sites.
Updates or Revisions to Personally Identifiable Information
Your use of certain of our online services may permit you to update personal data from our database by accessing our website. If you remove certain information from your account, we will only retain copies of such information as are necessary for us to comply with governmental orders, resolve disputes, troubleshoot problems, enforce any agreement you have entered into with us and as otherwise reasonably necessary.
If You Do Not Wish to Disclose Your Information
Even though we collect your data to conduct business, your data stays your own. You stay in control of your personal data and can at any time choose what you want us do with it. You can at any time:
Change your cookie settings.
When you visit our website for the first time, you can decide to accept all cookies or accept specific cookies using your browser tools or deny all our cookies. You can always change your preferences in your browser settings.
Withdraw consent to our processing of your data.
If for whatever reason you no longer want us to use your personal data, you’re free to change your mind. We will always comply with your request, unless we're legally required to keep your data. Which basically means that if there is any legal dispute, about for example outstanding invoices, we can keep your information until it’s resolved.
Control and review your data.
You can always view, amend, delete, and transfer your personal data. If you want to edit your information, you can do so on our portal where you can find an overview of your personal data. When you choose to delete your personal data, we hold the right to hold onto anonymised and aggregated data. If we do so, nothing will be able to identify you as a person in any way. If we’re required to retain your information for legal reasons, we will let you know in response to your request.
Object to and restrict the processing of data.
When your personal data is being processed to fulfill a legitimate interest to us, such as marketing, you’re able to object and unsubscribe by sending an email to firstname.lastname@example.org. You can always exercise your right to restrict processing, and we’ll make sure to process your data in the way you specify. We will assess each request on a case-by-case basis according to the rules set out by the GDPR. If we override your request, we need to demonstrate that we have compelling grounds to do so, or that there’s a legal claim which allows us to retain personal data. If you don’t agree with how we’ve handled your request, you can file a complaint with the authority related to the member state you live or work in, or the country in which the suspected infringement has taken place.
We do not intend for this site to be used by children under the age of 13, nor do we seek to collect information about children under the age of 13. If you are under the age of 13, please do not provide us with information and promptly exit this site. We encourage parents or legal guardians to talk with their children about the potential risks of providing information over the Internet.