PRIVACY POLICY – OUR SOLUTIONS

Your privacy is very important to us at iBASIS. iBASIS is committed to respecting your privacy and the confidentiality of your Personal Information and the content of your communications. This Privacy Policy is meant to assist End Users and Account Managers in understanding how We use and safeguard the information that We process when providing our Solutions.

Please read this Privacy Policy carefully. This document governs iBASIS’ collection, use and disclosure of your Personal Information as well as Non-Personally Identifiable Information in relation to the Solutions.

DEFINITIONS

To help You better understand this Privacy Policy, We provide some basic definitions to use when reading and interpreting this document. The bold type terms used in this Privacy Policy shall have the meaning set forth below.

Account Managers means individuals who act on behalf of an Operator Customer in regard to the ordering, receipt, and administration of Solutions.
End Users means individuals who are lawfully provided access to Our Solutions by an Operator Customer.
You means Account Managers and End Users.
iBASIS or Us/We/Our means iBASIS, Inc. and its affiliates.
Non-Personally Identifiable Information means aggregated, de-identified or other information that we cannot reasonably associate with an individual person.
Operator Customer means the telecom operator, service provider, mobile network operator or other entity which has contracted for one or more of the iBASIS Solutions and provided End Users with access to such services.
Personal Information means information about an identifiable individual that is recorded in any form and that We have about You. Personal Information does not include information that is aggregated or otherwise does not identify an individual or does not permit Us to associate such information with an individual.
Privacy Policy refers to this Privacy Policy – Our Solutions as updated from time and time and available on the iBASIS website.
Solutions refers to the managed voice, roaming enablement, mobile data, cloud numbering, IOT connectivity, fraud prevention, business intelligence and related services described on the iBASIS website, https://iBASIS.com/solutions/.

WHY WE COLLECT INFORMATION FROM YOU

Operator Customers provide us with information about You. We collect and use Your Personal Information for the following purposes:

  • to conduct business transactions with current and prospective Operator Customers;
  • to provide, maintain and improve the Solutions to Our Operator Customers;
  • to monitor and analyze trends, usage and activities in connection with the Solutions;
  • to identify the needs and preferences of End Users;
  • to detect and prevent fraud;
  • to meet applicable legal and regulatory requirements and obligations;
  • to administer and manage Our business operations and Operator Customer accounts;
  • to resolve disputes and troubleshoot problems; and
  • to prevent improper or illegal use of the Solutions.

These purposes listed above are our legitimate interests which we pursue. These legitimate interests form the legal basis to collect and use Your information.

WHAT INFORMATION WE COLLECT

We only collect information that we believe is necessary and appropriate for the purposes identified in this Privacy Policy.  This information includes the:

  • contact information of, and other information disclosed to Us by, Account Managers;
  • originating and terminating number of a phone call;
  • content of a phone call, as described below;
  • content of a data session;
  • duration of a phone call;
  • End User device identifier and services capabilities; and
  • the location of the cell tower which is used when you make a call or initiate a data session.

We do not actively record the content of phone calls, except (i) where required to provide the Solutions; (ii) where obliged or permitted by applicable law; and (iii) at the request of an Operator Customer for the purposes of the Operator Customer, such as the monitoring of their End Users.  It is the responsibility of the Operator Customer to ensure that their purposes are lawful in the jurisdiction in which they operate.

We may also randomly record phone calls for maintenance and troubleshooting purposes.  Such communications content is used only for those purposes and is retained for a minimal amount of time and thereafter promptly deleted.

We have no access to End User names, email addresses, billing information, or other similar information.

USE OF DATA ANALYSIS TECHNIQUES FOR NETWORK PLANNING AND MANAGEMENT, AND SECURITY

The iBASIS network supports our Solutions. We maintain, plan and improve our network and perform management tasks like the routing of traffic, clearance of faults, and monitoring of peak loads and overloads. Analyzing the use made of our network gives us essential network usage and load information. Based on this information, we can expand and enhance our network in a targeted way. iBASIS processes traffic data for these technical and statistical analyses. This includes (i) telephony data like your telephone number, date and starting and ending times of a call, the type of service concerned, International Mobile Subscriber Identity (IMSI), International Mobile Equipment Identity (IMEI) and (ii) data such as OperatorCustomer identification.

PROTECTION OF YOUR INFORMATION

We have invested in and deployed technological and organizational security measures to protect information that we process. For instance we maintain firewalls, network segmentation, periodic security scans, patch updates and other technical security measures for our servers and internal networks, and the servers on which Personal Information is stored are located in secure facilities that are available only to authorized personnel. We use restrictive access methods to keep information secure.  Our employees are dedicated to maintaining and upholding your privacy and security and are educated regarding this Privacy Policy. Only those employees who require Personal Information to perform a specific function related to the iBASIS service are granted access to that information. Our employees are required to use the utmost discretion when accessing Personal Information, and they are prohibited from using Personal Information for purposes unrelated to their job functions. As appropriate, our employees are notified when this Privacy Policy is revised or other privacy or security measures are implemented by iBASIS.

We require that our third party service providers agree to keep all information We share with them and to use the information only to perform their obligations in the agreements We have in place with them. These third party service providers are expected to maintain privacy and security protections that are consistent with applicable law.  While We provide these third parties with no more information than is necessary to perform the function for which We engaged them, any information that You provide to these third parties independently is subject to their respective privacy policies and practices.

DISCLOSURE OF PERSONAL INFORMATION

We do not sell your Personal Information to anyone other than your Operator Customer in connection with the Solutions provided to them.  We only disclose Your Personal Information to third parties where necessary to fulfill the purposes identified in this Privacy Policy or where requested by You.

We may, however, use or disclose your Personal Information for legal or regulatory reasons as necessary or as required to investigate fraud, to protect iBASIS, Operator Customers, and End Users, to otherwise protect against the unlawful use of the Solutions, or as otherwise described above in the section titled, “Why We Collect Information from You.”

You acknowledge that it is iBASIS’ policy and prerogative to respond to all governmental inquiries regarding its Solutions. In the event a competent governmental authority asks iBASIS to retain and provide Personal Information about You, iBASIS reserves the right to provide any and all assistance and information necessary in its opinion to fulfill the request.

We also may disclose Personal Information in connection with a merger, acquisition or bankruptcy if We should ever file for bankruptcy or merge with another company, or if We should decide to buy another business, or sell or reorganize part or all of our business. We may disclose Your Personal Information to prospective or actual purchasers and other parties. By using the Solutions, You acknowledge that any such transfer of Your Personal Information may occur. It is iBASIS’ practice to obtain appropriate protections for Personal Information disclosed in these types of transactions. iBASIS cannot, however, guarantee that the Privacy Policy applicable to the Solutions will remain unchanged if iBASIS is sold or merges with or is acquired by another company.

RETENTION OF PERSONAL INFORMATION

Personal Information will be retained only as long as necessary for the fulfillment of the purposes identified in this Privacy Policy or as otherwise required or permitted by applicable law.

ACCURACY OF PERSONAL INFORMATION AND YOUR RIGHTS RELATED TO PERSONAL INFORMATION

iBASIS takes reasonable steps to make sure that the Personal Information We process is accurate, complete and up-to-date for the purposes for which it is collected and processed.  You should ensure that any information you provide to Us or the relevant Operator Customer (your employer) is accurate, complete and up-to-date, and You should contact Us or the relevant Operator Customer (your employer), as appropriate, should you need to update or review that information.

You may have a right to data portability under applicable law.  You may also have a right to access a copy of Your Personal Information, request rectification or erasure of Your Personal Information, object to processing of Your Personal Information, request the restriction of the processing of Your Personal Information, or otherwise exercise your rights afforded under applicable law by contacting us at the address provided below and by providing evidence of your identity.  If the information requested does not identify you without us obtaining additional information, we may not be able to honor your request.  Finally, you may also also have the right to lodge a complaint with a supervisory authority.

TRANSFER OF INFORMATION

The Personal Information that We collect may be stored and processed on servers located in various countries, including servers located outside of your home country. This is necessary to ensure that your calls reach their intended destination.

iBASIS is based in the United States, and the information We collect is governed by U.S. law.  The laws of other countries may not provide the same degree of protection for your Personal Information as your home country.  By accessing our using iBASIS services or otherwise providing information to us, you expressly acknowledge and consent to the processing and transfer of Personal Information in and to countries outside your home country, including to the U.S. If you do not agree to the transfer of Your Personal Information as provided in this Privacy Policy, We may not be able to provide services to You.  Please direct any inquiries or complaints regarding our compliance with the Privacy Principles set forth in this Privacy Policy to a point of contact listed in the “Contact Us; Our Data Protection Officer” section below.  We will investigate all such inquiries or complaints and will respond as appropriate. If We determine that a complaint is justified, We will take appropriate remedial measures, in Our sole discretion, including modifying Our policies and practices.

CONTACT US; OUR DATA PROTECTION OFFICER

We have designated one or more individuals who monitor Our compliance with this Privacy Policy. The individual responsible for Our compliance has been designated as iBASIS’ Data Protection Officer. Please direct any questions or correspondence regarding this Privacy Policy to the Data Protection Officer at:

iBASIS, Inc.
ATTN: Kyle Hofmann, Data Protection Officer
10 Maguire Road, Building 3
Lexington, MA 02421, USA
info@iBASIS.net

Other individuals may handle the day-to-day collection and processing of Personal Information. The Data Protection Officer or iBASIS’ management may designate other individuals within iBASIS to perform the Data Protection Officer’s responsibilities.

CHANGES TO THIS PRIVACY STATEMENT

We reserve the right to change this Privacy Policy at any time. The revised Privacy Policy will be effective immediately upon its posting on the website with the new effective date displayed. Any revisions will apply on a prospective basis only, except as described below. You should periodically check this Privacy Policy for any such changes, and you acknowledge that any use of the Solutions after such changes signifies your consent to those changes.

If we intend to use Personal Information we have collected from you in a manner that is materially different from that described in this Privacy Policy, we will seek our Operator Customer’s explicit consent.

Last Updated: March 5, 2019