PROTECTING YOUR PRIVACY – OUR COMMITMENT
NUWAVE AND YOUR PRIVACY
Regardless of whether you are our customer, a visitor to one of our various NUWAVE websites, or someone we deal with in our day-to-day business, protecting your privacy is important to us and is a responsibility that we take very seriously.
This Policy applies to the different legal entities comprising the NUWAVE group, each of which may process your personal data. References to “Customer”, “You” or “Your” in this document shall include the Customer, Reseller and their end users. References to “NUWAVE”, “We”, “Our or “Us” in this Policy refer to the relevant company within the NUWAVE group that is responsible for processing your personal data, as indicated in any contract for products or services you may hold with us.
Additional information on our personal data practices may be provided in contractual agreements, supplemental privacy statements, or notices provided to you prior to or at the time of collection of your personal data. For the purposes of this Policy, any reference to “Services” is a reference to all the products and services offered by NUWAVE, whether available online or offline, and any reference to “Sites” is a reference to any of the NUWAVE websites (including any NUWAVE cloud application websites), whether operated under the banner of NUWAVE or a brand name that we own.
Our use of your personal data is governed by this Policy as it may be updated from time-to-time. The most up to date version of the Policy will always be available at https://www.nuwave.com/policies/#policies . Your use of our Sites or Services, and any dispute over privacy, is subject to this Policy and our Terms of Service (which are incorporated by reference into this Policy) and any written contract for Services between you and us or any person who provides you with access to our Services. Depending upon your interactions with NUWAVE, other terms may also be applicable to you and our use of your personal data.
PERSONAL DATA WE COLLECT ABOUT YOU AND HOW WE COLLECT IT
Account Information: Contact and related information that allows us to communicate with you. We obtain this information when you order or register to receive any of our Services or information about our Services. We collect or receive information from you when you sign up for our Services, create an online account with us, make a purchase, request details or a call back, submit a technical, customer or billing support request, participate in a contest or survey, provide us with feedback or otherwise contact us. The type of information that we collect depends on your interaction with us, but may include, your name, address, telephone number (business or personal), email address (business or personal), postal/billing address (business or residential), and any other information that you choose to provide or is necessary for us to provide Services to you.
Billing Information related to your commercial and financial relationship with us, such as the services we provide to you, the telephone numbers you call and text, your payment history, your credit history, your credit card numbers, security codes and your service history.
Technical and Usage Information related to the Services we provide to you, including information about how you use our networks, services, products or websites. Some examples include:
- Equipment Data: Information that relates to and identifies the equipment on our and your networks that you may use or with which you interface for the Services you are receiving. Information might include equipment type, device identifiers, device status, serial numbers, settings, configuration, and software type.
- Network Performance and Service Usage: Information about the operation of the equipment, Services and applications you use on our networks or platform. Examples of this might include: call records including where a call was made from and to as well as its date, time, duration and cost (but excluding the content of the calls); the number of text messages sent and received; voice minutes used; bandwidth used and similar information (though We also collect information like transmission rates and delays, data associated with remote monitoring services and security characteristics, and information about your use of our interconnected voice over internet protocol (VoIP) services (including services purchased offline).
- Location, direction and journey information: this will be collected based on any connected device you may use our Services on. It includes your ZIP/postal code and street address, as well as the whereabouts of your device. Location Information is generated when your device communicates with cell towers, Wi-Fi routers or access points and/or with other technologies. Any connected device that you own, or which is otherwise linked to you will generate such information that will then be associated with you.
We may collect the above personal data in the course of providing Services to you or to someone who has provided you with access to our Services. We may obtain this information in a number of ways, for example:
- directly from you: for example, when you make a purchase or provide your details in order to subscribe to our Services, submit a web enquiry or set up an account with us;
- automatically: when personal data is generated through your use of our Services or our Sites; and
- from third party sources: we sometimes collect personal data about you from trusted third parties, in connection with Services that we provide to you or propose to provide to you, where appropriate and to the extent we have a justified basis to do so. These include fraud-prevention agencies, business directories, credit check reference/vetting agencies and connected network providers. Anyone who provides you with access to your Services may also provide us with your personal data in that context.
We may combine the personal data that we receive from such other sources with personal data you give to us and with information we automatically collect about you, for example where we need to run a credit check, and then compile a profile of you based on the credit check data and the personal data you have provided.
HOW DO WE USE THE PERSONAL DATA WE COLLECT?
We set out below some of the ways in which we process personal data:
- to fulfil obligations under contract. This includes providing our Services to you; to communicate with you about your use of our Services; to obtain and process payment from you and to fulfil your orders for Services and any obligations on us relating to those services;
- for the purpose for which you specifically provided the information to us, including, to respond to your inquiries, to provide any information that you request, to address technical support tickets, and to provide customer service support;
- to make our Services and communications more relevant to you, including generating customer profiles, delivering customized content to you, to offer location customization, personalized help and instructions, and to otherwise tailor your experiences while using our Sites or our Services;
- to better understand how customers and other third parties access and use our Sites and Services, both on an aggregated and individualized basis;
- to administer, monitor, improve and customize our Sites and Services, for our internal operations, including troubleshooting, network management and network optimization, research and analytical purposes, so that we can provide our customers with a better customer experience;
- to investigate, prevent or take action regarding illegal activities, fraud, threats to our property or personnel and violations of our Terms of Service and/or applicable law and also to meet our legal and regulatory obligations;
- to notify you about our new product releases and service development, alerts, events, updates prices, terms, special offers and associated campaigns and promotions (including via newsletters). Therefore, we and selected third parties may use your personal data to send you marketing communications about products and services based on your preferences and interest. You have a choice and can object to our use of your personal data for marketing purposes. When we are required by law to do so, we will obtain your consent before using your personal data for marketing purposes. If you do opt out, we will stop sending you marketing communications, but we will continue sending you non-marketing communications that relate to the Services you are using (for example billing information, software/portal update communications, password resets etc);
- if you attend an event, we may process information about you gathered in relation to the event and may share information about your attendance with your company. We may also permit designated event partner or conference sponsors to send you communications related to the event if you have shared your contact information at the event. Please note that sponsors from other companies may directly request information about you at their conference booths or presentations, and their use of your personal data that you provide to them will be subject to their privacy policies;
- to assist us in advertising our products and services in various mediums including, sending promotional emails, advertising our services on third party sites and social media platforms, direct mail, and by telemarketing;
- where we ask you for specific consent to a use of your personal data, we will use it in the ways we explain at the time of obtaining that consent; and
- in any way required by law, regulation or the public interest such as in response to requests or orders by government or law enforcement authorities conducting an investigation or to respond to an emergency. This use may require us to disclose your personal data including contact details and/or information about your usage of our Services to relevant authorities or to block, intercept or otherwise interfere with your use of our Services and any personal data generated by that usage. Achieving a balance between, on the one hand ensuring protections for the privacy and other fundamental human rights that may be exercised through use of our Services and, on the other, the exercise of lawful investigatory powers for the public good on the other can be complicated. We do not accede to such requests without careful consideration of all the circumstances. Even where we are legally obliged to disclose personal data, we will give careful consideration to the extent to which doing so will infringe on the fundamental rights, including the right to privacy, of any person whose personal data is to be disclosed or intercepted and we take whatever steps are practicable to mitigate and minimize any such infringement.
WHAT IS THE JUSTIFICATION FOR THESE USES?
In the EU, our justification (sometimes referred to as “legitimate” or “lawful basis” legal basis) for processing any particular category of personal data will vary depending on the information itself, our relationship with the subject of the personal data, the Service being provided, the specific legal and regulatory requirements of the country in which the Services are being provided, the personal data processed and many other factors. Subject to modifications in specific countries, the legal bases for our processing are as follows:
In order to communicate adequately with you as a user of our Services and to respond to your requests, we need to process information about you and therefore have a legitimate interest in processing this information to ensure the efficient and effective operation of our business;
In order to engage in transactions with customers, suppliers and business partners, and to process purchases and effect installation of our products and deliver Services, we need to process information about you as necessary to enter into or perform a contract with you;
We process personal data for marketing and sales activities based on your consent, where it is required and so indicated on our sites or at the time your personal data is collected, or further to our legitimate interest to market and promote our products and services;
We rely on our legitimate interests to process personal data and other information in order to analyze, develop, improve and optimize our Sites, products and Services, and to maintain the security and integrity of our Sites, network and systems. We also have a legitimate interest in using your personal data in connection with legal claims, compliance, regulatory and investigative purposes as necessary or because applicable laws (including telecommunications laws), regulations or the public interest require us to, such as to comply with legal processes, law enforcement or regulatory authorities or to assist in the prevention, detection or prosecution of crime or to process an opt-out request.
We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests and which we have described above. You can obtain information on any of our balancing tests by contacting us using the details set out in this Policy. In all other countries (except in the EU or in jurisdictions where similar EU type requirements exist), our justification for processing your personal data will be based on your consent and/or acceptance of the Terms of Service and this Policy. In all situations, where you withhold any personal data requested by us, we may not be able to provide you with certain Services or parts of Services or functionality.
WHEN DO WE SHARE OR DISCLOSE THE PERSONAL DATA WE COLLECT?
Subject to obtaining your consent as may be required in some jurisdictions, we may share or disclose your personal data as necessary for the purposes described above and as further detailed below:
- Corporate Affiliates. We may disclose the personal data we collect from you to our corporate affiliates. Where permitted by law and with your consent where required, our affiliates may use your information for the purposes indicated in this Policy, including to market their products and services to you. In processing your personal data, our affiliates follow practices at least as protective as those described in this Policy.
- Business, Sales and Marketing Partners. We may offer some of our Services together with or through third parties who may be system integrators, resellers, solution partners, network partners and affinity organizations. If we do so, we will need to share your personal data with these third parties to assist in providing and marketing that Service to you, as well as to enable the third parties to market their own products and services to you (with your permission, if required). We may also share your personal data with companies that are system integrators, resellers, solution partners, network partners and affinity organizations, and whom we believe might offer products and services of interest to you (again with your permission, if required).
- Third-Party Service Providers. We employ other companies and individuals to perform functions that are necessary for the provision of the Services or for any of the purposes described above. Examples include: where permitted, jointly offering a product or service, sending communications, processing payments, assessing credit and compliance risks to give you access to our Services, fraud and financial crime prevention detection and prosecution, analyzing data, providing marketing and sales assistance (including advertising and event management), customer relationship management, providing training, these third parties include; system integrators, resellers, solution partners, network partners, affinity organizations, third party vendors, service providers, contractors or agents, and other carriers or providers that we may disclose personal data to where necessary to provide our Services or fulfil your requests or orders, as well as entities that provide website hosting, service/order fulfilment, customer service, and credit card processing, effecting payments, among others. These third-party service providers have access to personal data needed to perform the functions we have entrusted to them but may not use it for other purposes where they process your personal data on our behalf. Whenever we share personal data with third parties, we take steps to ensure that third party contracts contain appropriate protections for your personal data.
- Business Transfers. If we are acquired by or merge with another company, or if substantially all of our assets are transferred to another company (which may occur as part of bankruptcy proceedings), we may transfer your personal data to the other company. We may also need to disclose your personal data before any such acquisition or merger, for example to our advisers and any prospective purchaser’s adviser.
- Legal Protection and in Response to Legal Process. We may disclose the personal data we you hold about in order to comply with applicable law, in response to or to pursue judicial proceedings, court orders and in other legal processes. We may also disclose, transfer or share it when we believe in good faith that disclosure is necessary: to protect or enforce our rights; protect your safety or the safety of others; investigate or prevent fraud; to respond to government requests – including from government and national or international law enforcement authorities outside of your country of residence – or for national security, public safety and/or law enforcement purposes. Personal data shall only be disclosed when we in good faith believe that we are obliged to do so in accordance with the law or that there are compelling reasons of public interest for us to do so. This will only be after a careful evaluation of all legal requirements and other relevant considerations, including any infringement on the fundamental rights to privacy or freedom of expression that might be impacted by the disclosure.
- Sharing Aggregated and De-Identified Information. We may use your personal data to create aggregated and anonymized information which we may share with third parties. Nobody can identify you from that anonymized information. In other circumstances we may pseudonymize your personal data before sharing it with a third party so that we can re-associate you with the information once it has been processed and returned to us. Whilst the third party will not be able to identify you from the pseudonymized information, we will still be able to. We treat pseudonymized data as though it were personal data and ensure the same level of protection for it when sharing with third parties.
INTERNATIONAL TRANSFER OF PERSONAL DATA
Personal data held by NUWAVE is stored on and processed on computers situated in the United States, United Kingdom, the EEA, and in other jurisdictions. NUWAVE and/or our service providers also process data in some other countries for customer care, account management and service provisioning.
If you are an EEA resident, your personal data held by NUWAVE may be transferred to, and stored at, destinations outside the EEA that may not be subject to equivalent data protection laws, including the United States. When you sign up for service with NUWAVE or inquire about our services, we transfer your information to the United States and other countries as necessary to perform our agreement with you or to respond to an inquiry you make. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers.
Subject to obtaining your consent as required in some jurisdictions, NUWAVE may transfer personal data across national borders in running our business and delivering the Services. In doing so, your personal data may be transferred to and processed by other NUWAVE entities and/or unrelated third parties outside of the country where you are located or where the personal data was collected.
For relevant jurisdictions only (e.g. Mexico, Russia, China and Argentina): By using the Services, you expressly agree to the transfers of personal data to third countries where this requires your consent.
THIRD-PARTY AD NETWORKS
We may use third parties such as network advertisers to display advertisements about NUWAVE on third party websites. Network advertisers select and display advertisements on third-party sites, based on your visits to our Sites as well as to other websites. This enables us and these third parties to tailor advertisements by displaying ads for products and services in which we believe you might be interested.
You may opt-out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”), the Digital Advertising Alliance (“DAA”), or, in Europe, the European Interaction Digital Advertising Alliance (“EIDAA”). For more information regarding this practice by NAI, EIDAA members and DAA members, and your choices regarding the use of this information used by these companies, including how to opt-out of third-party ad networks operated by NAI, DAA, and EIDAA members, please visit their respective websites: www.networkadvertising.org/optout_nonppii.asp, www.aboutads.info/choices, and www.youronlinechoices.com. Please note that, should you opt out, you will continue to see advertising however it will not be tailored to your interests.
COMMUNICATIONS AND MARKETING
Where permitted by applicable law and, if required, with your consent, we may send periodic promotional or informational emails to you. You may opt-out of such communications by following the opt-out instructions contained in the e-mail or other communication you have received. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you non-marketing communications about your account or any Services you have requested or received from us.
USER GENERATED CONTENT
We may invite you to post content on our Sites, including your comments, pictures, and any other information that you would like to make available on our Sites. If you post content to our Sites, the information that you post will be available to other visitors to our Sites. If you post your own content on our Sites or Services, your posting may become public and we cannot prevent such information from being used in a manner that may violate this Policy, the law, or your personal privacy.
Our Sites and our online Services may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites neither do we have any control over information that is submitted to or collected by, these third parties.
Our Sites may include social media plugins such as “like” and “share” buttons. By clicking on such a plugin, the data you want to “like” or “share” will be provided to the relevant social media site. We are not responsible for the practices of such third-party social media sites once you have clicked on any such “like” or “share” button.
At NUWAVE, security is our highest priority. We design and deliver our systems and Services with your security and privacy in mind. We maintain a wide variety of compliance programs and accreditations that validate our security controls. To prevent unauthorized access, maintain data accuracy and ensure the correct use of information, we have put in place physical, electronic, and managerial procedures to safeguard and secure the personal data we collect through our Sites and in the provision of our Services. We have put in place reasonable controls (including physical, technological and administrative measures) designed to help safeguard the personal data that we collect via the sites. No security measures are perfect, however, and so we cannot assure you that personal data that we collect will never be accessed or used in an unauthorized way, which may happen due to circumstances beyond our reasonable control. We have put in place procedures to deal with a suspected personal data breach, and we shall notify you and any applicable regulator of a breach where we are legally required to do so. If you have a user name and password to access our Services, you should take steps to protect against unauthorized access to your password, phone and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen or compromised passwords, or for any activity on your account via unauthorized password activity or other security breach caused by you.
WHAT RIGHTS DO I HAVE IN RELATION TO MY PERSONAL DATA?
Under the law of many countries, you have certain rights in relation to your personal data that is held by us and we respect and observe these rights. Such rights may include the rights to: ask us to confirm that we are processing your personal data, ask us for a copy of your personal data (including information regarding who we share your personal data with); to correct, delete or restrict (stop any active) processing of your personal data; to limit the use and disclosure of your personal data; and to ask us to share (port) your personal data to another person, such as another provider of telecommunications services.
In addition, in certain countries you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing). Where applicable, you can also withdraw the consent you have given us to process your personal data and request information on the consequences of not providing such consent.
These rights may be limited, for example: if fulfilling your request would reveal personal data about another person; where it would infringe the rights of a third party (including our rights); or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.
To exercise any of these rights, to raise any concerns about our privacy practices, or to obtain other privacy related information, you can get in touch with us, see our contact details above. If you have unresolved concerns, you may have the right to complain to your relevant national data protection authority. For example, in the UK this is the Information Commissioner’s Office (ICO) – https://ico.org.uk/make-a-complaint/. Please do contact us before making such a complaint however as we would appreciate the opportunity to investigate and address your concerns first.
Special Information for Residents of California, USA
As described in this Policy, we may make your personal data available to third parties for their marketing purposes. If you do not want us to share your personal data with third parties, you may opt-out of this information sharing by emailing us at firstname.lastname@example.org .
If you are a California resident, then, subject to certain limits under California law, you may ask us to provide you with a list of certain categories of personal data we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year as well as the identity of those third parties. To make such a request, residents of the State of California may email us at email@example.com .
HOW LONG WILL YOU RETAIN MY PERSONAL DATA
We retain personal data for as long as and/or for no longer than we are permitted to do by applicable law, regulation, tax or accounting practice or the terms of any governmental telecommunications licenses or authorizations to which we may be subject. We also delete personal data in accordance with any contractual obligations that we may be subject to (for example if we are processing personal data on behalf of one of our customers rather than for our own business purposes).
Where maximum or minimum data retention periods are not otherwise stipulated, we determine appropriate retention period for the personal data by considering: the amount, nature and sensitivity of the personal data contained in the records; the potential risk of harm from unauthorized use or disclosure of personal data; the purposes for which we process the personal data and whether we may be able achieve those purposes through other means; whether the personal data can be permanently and effectively anonymized; the security measures in place in relation to that personal data and any other relevant factors.
HOW TO CONTACT US
For any questions about this Policy or our data protection practices or to exercise any rights you may have in relation to your personal data under applicable law, please contact us at firstname.lastname@example.org or write us via mail/courier to:
Attn: Legal Compliance – Data Protection and Privacy
8275 South Eastern Ave, Suite 200
Las Vegas, Nevada 89123
CHANGES TO THIS POLICY
NUWAVE regularly reviews and may make changes to this Policy from time-to-time. To ensure that you are always aware of how we use your personal data we will update the online version of this Policy from time-to-time to reflect any changes to our use of your personal data. NUWAVE may also make changes to comply with developments in applicable law or regulatory requirements. Where it is practicable, NUWAVE will notify you by other means prior to changes materially affecting you such as by posting a notice on our Sites or sending you a notification. However, we encourage you to review this Policy periodically to be informed of any changes to how we use your personal data.