Privacy & GDPR Policy

Last updated: 11 August 2023

  1. Introduction
  2. What personal data do we process?
  3. For what purpose do we process your personal data?
  4. On what legal ground do we process your personal data?
  5. For how long will we process and store your personal data?
  6. Security
  7. Who has access to your personal data
  8. Transfer of personal data to third countries
  9. Your rights
  10. Changes in this policy
  11. Our contact details
  12. GDPR
1. Introduction

Why do we have a privacy policy? Telavox AB (“Telavox” or “we”) cares about your privacy. Therefore, we always strive to protect your personal data in the best possible way and to comply with all applicable laws and regulations for the protection of personal data. In this policy, we want to inform you about how we collect and process your personal data in accordance with the EU regulation 2016/679 (the “GDPR”) to guarantee an open and transparent processing of your personal data. Who is responsible for your personal data? Telavox AB, Reg. No. 556600-7786, is responsible for the processing of your personal data. The following is Telavox’s contact information: Telephone number: +46 (0)40-622 00 00 Address: Stora Varvsgatan 6, SE-211 19 Malmö, Sweden This privacy policy applies to services provided by Telavox, including services under the brand name Telavox and Flow UC.

2. What personal data do we process?

Telavox provides communication services in relation to business customers. In this connection we may process personal data about you as a representative of such a customer, or otherwise a supplier or other actual or potential business partner of Telavox. The personal data that we may process about you are your name, function, company name, company address, telephone number, your contact details and your profile picture (if uploaded by you).

We may, if you approve access to your device address book, use and display the names and the phone numbers of your local contacts stored in your device address book to allow you to search through the contacts list, to display caller id for incoming or outgoing calls, to store your local contacts in the application. Your personal contacts data that we process are stored ephemerally unless you explicitly choose to create a contact from within the application. A contact created by you, inside the application, will be stored on our servers but not shared with third parties, for cross-platform purposes, until you delete it.

We usually collect your personal data directly from you, e.g. via e-mail, but sometimes we may collect your personal data from other employees at your company. Telavox uses your personal data to facilitate and to render a more effective communication with business customers, suppliers and other actual or possible partners. In connection with support contacts with you, we may also record our telephone call with you. You are not obliged to provide your personal data to Telavox. If you do not provide your personal data, Telavox may need to cease the processing of your personal data, or alternatively request another contact person at your company. If you are an employee of a Telavox customer, we may also process your data for the purposes of providing the agreed telecommunication service. However, in this connection Telavox is not the data controller, hence this privacy policy does not describe such processing further. For more information regarding such processing of your data, please ask your employer.

3. For what purpose do we process your personal data?

We process your personal data to be able to communicate with you as a contact at a company that we cooperate with or potentially will cooperate with and/or has an agreement with Telavox, as business customer and/or supplier. Telephone calls in connection with support matters may be recorded for the purpose of follow up on existing commercial agreements. If you have signed up for Telavox’s newsletter, we will also process your personal data by adding you as a recipient. Your name and contact details may also appear on invoices, accounting records and agreements if such information has been provided to us for such purposes of administration concerning our services to your employer as well as invoicing. Telavox informs its business partners, among other things, concerning Telavox’s business and sends newsletters to the contact persons at the business customers.

4. On what legal ground do we process your personal data?

Legitimate interest The legal ground for Telavox’s processing of your personal data as a contact person and/or reference at Telavox’s business partner or potential business partner, recording our support calls, subscriber of our newsletter is Telavox’s legitimate interest, under article 6.1 (f) GDPR, to process your personal data in order to facilitate an effective and appropriate communication between Telavox and you as a contact person/representative of a customer or other business partner. Telavox’s conclusion after having considered all relevant circumstances, is that Telavox’s legitimate interest to perform the processing outweighs the data subjects’ interest and fundamental right not to have their personal data processed.

5. For how long will we process and store your personal data?

Your personal data will be sorted out/erased in accordance with the following retention plan:

  1. When you leave the position as a contact person/representative of the business company of Telavox, the processing of your personal data as a contact will cease as soon as we have been notified thereof. Thereafter, processing of your personal data for other purposes may however continue, for example as described in paragraphs 4–5 below.
  2. When the co-operation with the business collaborate or potential business collaborate that you represent terminates, the processing of your personal data as a contact will cease. Thereafter, processing of your personal data for other purposes may however continue, for example as described in paragraphs 4–5 below.
  3. When you unsubscribe from newsletters (by the link provided in every newsletter), your processing of your personal data for such purpose ceases and your personal data will be erased/deleted unless processed further for other purposes, for example as described in paragraphs 4–5 below.
  4. Invoices and other accounting records containing your personal data will be stored, according to applicable accounting legislation, seven years from the calendar year when the verification was entered into the books.
  5. Inactive agreements containing your personal data will be stored for ten years due to the period of limitation according to the Swedish statute of limitation.

When we delete your information there might occur a certain level of delay of removal of information from our servers and security backups.

6. Security

The security of your personal data is important to us and we use standard encryption when transferring information to secure it. However, remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

7. Who has access to your personal data

As a general rule, your personal data will only be processed by Telavox. However, we may employ authorized third party companies and individuals to facilitate our services, to provide the services on our behalf. These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

8. Transfer of personal data to third countries

Telavox strives to process your personal data only within the EU/EEA in order to secure the integrity of your personal data. If your personal data would processed outside the EU/EEA, then we will make sure that such processing is either based on a decision from the Commission establishing that the country in question ensures an adequate level of protection or by using other appropriate safeguards to ensure the integrity of your personal data and ensuring the protection of your rights in accordance with the GDPR.

9. Your rights

Right to access to your personal data You are entitled to request information about which personal data we process about you and how the personal data is being processed. You also have the right to request a copy of the personal data we process about you. Right to rectification If you consider your personal data that Telavox processes to be inaccurate, e.g. information concerning your name or address, you have the right to get the inaccurate information corrected and to get the incomplete information completed by providing us with the correct information. Right to erasure You have the right to request that your personal data is erased, e.g. if the processing is no longer relevant in relation to the purpose the information was collected for or if you recall your consent to the processing and there are no other legal grounds for the process. Right to limitation of processing You have the right to request limitation of the processing of your personal data, with the exception for storage. Limitation of processing can be requested for example if you object to the accuracy of the personal data or if you consider the processing of your personal data to be unlawful. Right to objection You have the right to object at any time concerning the processing of your personal data in accordance with GDPR article 6.1 (e) or (f) (legitimate interest), including profiling based on those provisions. Where personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning such marketing, which includes profiling to the extent that it is related to such direct marketing. Right to data portability You have the right to obtain the personal data you have provided us with in a structured, commonly used and machine-readable format and have these transmitted to another controller, provided that the process is automatized and that the process is based on a consent or an agreement.

10. Changes in this policy

Telavox is entitled to amend this policy at any time if it is necessary to fulfill the requirements according to applicable laws and regulations or if it is necessary due to changes in Telavox’ operations. In such a situation, Telavox will provide information concerning the changes according to applicable law. Applicable information will be available in this privacy policy, on the Telavox website and/or provided in other appropriate ways.

11. Our contact details

If you would like to contact us concerning our processing of your personal data or if you have questions concerning this privacy policy, you are welcome to contact us at DPO@telavox.com

GDPR

This is the place where you as a Telavox customer can find information regarding how your personal data is cared for by Telavox and how Telavox works to be compliant with GDPR. Please note that this page will be updated with new information continuously.

Information about Telavox’s sub-processors is available here.

What is GDPR?

The General Data Protection Regulation (GDPR) is an EU regulation designed to strengthen the protection of EU residents’ personal data and unify regulation across the member countries. Much is similar from precursor laws, such as PuL (Personuppgiftslagen) in Sweden, but GDPR takes a firmer grip on the rights of the individuals of which data is being processed and provide greater transparency regarding regulation compliance.

Why does Telavox process your personal data?

We process personal data on behalf of our customers in order to deliver, support and fulfil our responsibilities as your communications provider, as defined by our service agreement, and nothing else.

What is the relation between you as a customer and Telavox?

Telavox is your Data Processor which means that we process your personal data on our customers’ behalf only for the purposes of providing Telavox’s services. The customers are therefore considered the Data Controller, and GDPR dictates that each Data Controller must have a signed Data Processing Agreement (DPA) in place with its Data Processors. To make things a bit easier for our customers, we have developed a DPA that you can use directly with us.

Telavox responsibilities regarding GDPR

At Telavox, we have always been committed to protecting the personal data that we process. You can read more on how we work and how we take care of your personal data using the headlines to the left.