Protecting your privacy is extremely important to us. The following information will help you understand the purposes for which we collect, store and use your information. We will keep your information confidential and will only share it if we are legally required to do so, if we must do so in order to fulfill our agreement with you or if you have given your consent.
We have tried to make this notice as clear as possible, but if there is something we have not explained well, please contact us at email@example.com.
Before we begin, here is the short version for those of you who, like us, are not really interested in all the legal mumbo-jumbo, no matter how plain the language: Generally, we use all the information collected about you, your users and customers to provide our services to you, to enable you to use our services, to deliver your messages to their destination, to analyze your use of our services, to detect fraud or other illegal activity and to improve our services.
The last time this notice was changed? May 2018.
1 What is this notice about
We want you to understand who we are, what kind of personal information (PI) we collect, and what we do with it. This notice is part of our contract with you and it may change from time to time.
1.1 In your day-to-day dealings with us we obtain personal information (PI) about you. We want you to understand who you are sharing your PI with, what kind we are collecting and how we use it.
1.2 PI does not include any anonymous, de-identified, or statistical information – provided that it cannot be linked back to you.
1.3 This privacy notice forms part of our contract with you. You should read it along with the terms applicable to services you use.
1.4 From time to time we may have to amend this notice to accommodate changes in our services, or if legal requirements change.
1.5 You agree to our information practices, including the collection, use, processing, and sharing of your information as described in this Privacy notice, as well as the transfer and processing of your information to the United States and other countries globally where we have or use facilities, service providers, or partners, regardless of where you use our services. You acknowledge that the laws, regulations, and standards of the country in which your information is stored or processed may be different from those of your own country.
2 Who are you sharing your information with?
You are sharing your information with the Clickatell Group. Sometimes we may need to share your PI with others in order to provide our services to you or if we are legally required to.
2.1 Clickatell is a group of companies, so things can get a little complicated. You are sharing your information with Clickatell Limited (a company incorporated in England and Wales), Clickatell (Pty) Ltd (a South African company) and Clickatell, Inc. (a US company). Our parent company is Clickatell Corporation (also in the US).
2.2 We do not sell or otherwise share your information with third parties aside from the sharing described in this section. In particular, we do not share information with third parties for their direct marketing purposes, unless you have given us consent.
2.3 In order to deliver our services we will have to share information with other communications service providers to enable them to transmit your communications. We only do so on your instruction and we will only share the information which they need. How they deal with the information is subject to their own policies.
2.4 We also make use of third party service providers or consultants who need access to information in order to do their jobs. An example of this is when we share information with service providers so they can store the data. These service providers are not entitled to use the information for any other purposes, must keep it confidential and have given us reasonable assurances that the information is safe.
2.5 Sometimes we may need disclose your information to a third party if:
2.5.1 we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or a government request;
2.5.2 to enforce our contracts and policies;
2.5.3 to protect the security and integrity of our services;
2.5.4 to protect ourselves, our other customers and the public from illegal activities; or
2.5.5 to respond to an emergency which we believe in good faith requires us to disclose information.
2.6 When you are sharing your information with us, you are sharing it with the Clickatell group of companies who will share data between them.
2.7 If we go through a corporate sale, merger, reorganisation, dissolution or similar event, your information may be part of the assets transferred or shared in connection with the due diligence for any such transaction. Any acquirer or successor of the Clickatell companies may continue to use the information as explained in this notice.
2.8 We will require anyone that we share your PI with to honour this policy whenever possible in terms of applicable law.
3 Where is the information going?
Information breaks down barriers. Your information is going around the world.
3.1 When you make use of our services, your information may be sent to the United States, South-Africa and possibly other countries with varying levels of data protection.
3.2 This may be necessary because:
3.2.1 some of the companies in the Clickatell group are situated overseas;
3.2.2 we may store the information on servers and equipment in the US or other countries;
3.2.3 you may be using our services in such a way that necessitates the transmission of some information to, for instance, communication service providers in other countries.
3.3 We employ appropriate mechanisms for cross-border transfers of PI, as required by applicable local legislation.
3.4 You consent to us processing your personal information in a foreign country with less stringent data protection laws than the country in which it was collected, to the extent allowed by applicable law.
4 What information we collect and why
4.1 When you set up your account with us, we collect the following information directly from you:
4.1.1 your company names and names of your affiliates* employees, account users and contact persons;
4.1.2 identifiers such as registration numbers, identity numbers and VAT registration numbers;
4.1.3 contact details such as e-mail addresses, telephone numbers and fax numbers;
4.1.4 location information such as your country of incorporation and physical address;
4.1.5 financial information such as information held by credit bureaus, credit references, banking details, date of fiscal year end, the name of your auditor, date of last audit, payment method; and
4.1.6 your username and password.
4.2 We collect this information for all the obvious reasons:
4.2.1 we want to provide our services to you;
4.2.2 bill you (and get paid);
4.2.3 communicate with you about your account;
4.2.4 recognise you when you communicate with us or want access to your account;
4.2.5 make sure that you actually exist (that you are not a fraudster);
4.2.6 comply with any legislation or regulation which requires us to collect the information; and to
4.2.7 check your references.
*When we say ‘affiliate’ we mean an entity or person that controls you, is controlled by you, or under common control with you, such as a subsidiary, parent company, employee, etc.
4.3 For some of our services we will require additional information. For instance, when you want to make use of short code in the US or Canada we need additional information about your company and what you intend to use the product for. Another example is when you apply for credit.
4.4 When you interact with our support, sales and account management teams, we pick up personal information in order to effectively assist you. Here are some examples:
4.4.1 Our support team will gather account data and information about your question or problem so they can help you.
4.4.2 The sales and account management team will gather information about your use of our services and business requirements so they can give you appropriate advice on what the best service is for you. This type of information will also be used to improve our services and to train our employees.
4.5 When you use our services, ‘customer data’ is generated and collected. This includes your, and your account users’, personal information (name, contact details, billing address etc.), billing records, call or messaging logs, traffic routing information and the content of communications sent through or integrated with our services (e.g. the content of your SMSs, e-mails or chats).
4.6 There are many reasons why we have to collect ‘customer data’:
4.6.1 You are able to view some of the information on your account.
4.6.2 We need some of the information (for instance the content of your messages) to provide our services.
4.6.3 We need to collect it so we can bill you.
4.6.4 We use the data to manage and route traffic, to analyse and improve our services and to identify and solve problems.
4.6.5 Sometimes we are required by law to have this information to assess and report on whether you are complying with all regulatory requirements.
4.7 From time to time, we gather publicly-available information about companies that are our customers, such as where they are located, their website URL, their industry, and their size. Sometimes this type of Customer Account Data is obtained through third-party service providers that specialize in pulling together publicly-available information about companies.
4.8 We do this to understand our customer base better and to tailor the information which we send to you.
4.9 We may also verify the information which you provided about your company for purposes of fraud prevention and to ensure the accuracy of the information you provided to us.
4.11 You can manage your communication preferences on your account.
4.12 We will get your consent to collect and use your PI (if required by applicable law) when you provide us with it.
4.13 We may process your PI that you provide to us for the purposes that you indicated when you agreed to provide it to us. Processing includes gathering your personal information, disclosing it, and combining it with other personal information.
4.14 You may only send us your own PI or someone else's PI if you have their permission to do so.
5 Your rights and preferences
You have the right to know what PI we have about you, to correct it and to opt in or out of any marketing (as the case may be).
5.1 You have various rights in terms of applicable law, including the right to:
5.1.1 ask what PI we hold about you;
5.1.2 ask what information was sent to our suppliers, service providers or any other third party;
5.1.3 ask us to update, correct or delete any out-of-date or incorrect PI we hold about you;
5.1.4 unsubscribe from any direct marketing communications we may send you;
5.1.5 object to the processing of your personal information.
5.2 It can take us up to 21 days to respond to your request.
5.3 You can request access to the information we hold about you or correct your PI by contacting firstname.lastname@example.org or by doing it yourself via your account.
5.4 In certain cases we may require proof of your identity. Changes to some of your information may be subject to additional requirements such as valid proof of residence.
5.5 We will do our best to keep your PI that we collect accurate, complete and up to date and may ask you to update it yourself from time to time.
6 How we secure information
We take your privacy and the security of your PI seriously, but no system is 100% secure. We are not in the data storage business and will delete some data every once in a while. Also, we cannot guarantee that your customer data will not be intercepted during transmission.
6.1 We have implemented reasonable security safeguards to protect the PI that you provide. For example we regularly monitor our systems for possible vulnerabilities and attacks. These measures vary based on the sensitivity of the information that we collect, process and store and the current state of technology.
6.2 But no system is perfect and no service is 100% secure. So while we will do everything reasonably necessary to secure the information we cannot rule out unauthorised access, hacking, loss of information or a data breach.
6.3 We do not undertake to store your customer data. In fact, periodically we delete some customer data. We will only keep your PI for as long as is necessary to fulfil our obligations to you. For instance, we only keep the content of the messages you send via our service for 90 days.
6.4 This means that we don’t undertake to store any of your customer data and that we are not liable for any loss or harm which flows from the loss or deletion of your customer data.
6.5 Customer data is transmitted in an unencrypted format, unless you use our encryption API*. Even then, we cannot guarantee that it cannot be intercepted by others.
*G(r)eek for Application Programme Interface.
6.6 To protect the confidentiality of your information and your customer data, you must keep your password confidential and not disclose it to any other person.
6.7 Please let us know right away if you think that your account has been compromised or misused. For instructions on changing your password click here.