We value your privacy and we want you to understand how we collect data through the Electronic Communications Network (Pty) Ltd (“ECN”) Softphone application, how we use that data, and how we disclose it. This notice is about what kind of personal information or data we collect, how we use and store it, how we protect it, and what rights you have in terms of your personal information or data.
If you have any questions, please contact POPIA@ecn.co.za.
WHAT THIS PRIVACY POLICY IS ABOUT
Who does this privacy policy apply to?
This policy applies to every user that uses the Softphone application. In terms of the Protection of Personal Information Act (‘POPIA’), you are the data subject.
Who are you sharing your information with?
You are sharing your information with ECN.
Our registered address is:
Reunert – Nashua Building, Woodmead North Office
Park, 54 Maxwell Drive, Woodmead, 2191, South Africa
In terms of POPIA, we are the responsible party
What personal information or data is. Personal information is:
- all information relating to a specific individual. This includes contact information, information relating to your race, gender, sex, pregnancy status, marital status, ethnic or national origin, sexual orientation, physical or mental health, disability, religion, belief, culture, language, education background, financial information, criminal behaviour, employment history, personal opinions, views or preferences, and private or confidential correspondence.
Personal information also includes: - Trunk/Line Information – This is required for the ECN Cloud PBX to route incoming and outgoing calls as per the user’s requirements.
- Call Detail Records (CDR’s) – This is a record of all call activity from and to the user of the ECN Softphone application and related services. This record will typically represent all details including but not limited to, date and time of the call, duration of the call, source and destination details and telephone numbers as well as the type of call – inbound, outbound, internal, toll and toll free.
- ECN Cloud PBX Contacts – This information will include the Extension of the user using the services as well as all other users on the ECN Cloud PBX platform. This includes name, surname, email address, contact numbers and extension status information. This information is used to locate the user of the services in order to route calls to and from users of this service as well as display users availability status.
- Device Contacts – This information includes the name, phone number, email address and your organisation details. This information will only be used when the ECN Softphone application is required to contact these device contacts or display status information. This information is used to populate the contacts data in the ECN Softphone application contact list in order for it to be conveniently available to you.
- Call Recordings – The ECN Cloud PBX offer a Call Recording function to all users and can be turned off should the users of this service opt not to use this feature. Stored information when this feature is used will be collected and include the recorded conversation, telephone numbers of all parties as well as other call information like date, time, and duration of the call.
- Video Calling – This data includes transmitting and recording pictures and video’s during the use of the video call feature.
- Voicemail – This data includes the called party’s name, phone number, and all data left in the called party’s voicemail service.
- Push Notification – for Push Notifications to work, we must register your account remotely when the ECN Softphone application is in the background or closed on your iOS or Android device. To accomplish this, we transmit your SIP account details over a https – secure connection. This information is shared with no one and is erased immediately when the push instance expires (usually within 3-6 days, depending on SIP account configuration).
- Trouble shooting – For the purpose of trouble shooting ECN might ask users to provide debug logs from the application. The debug logs contain full network traffic information for application provisioning, calls, messaging, and other network in-app events generated by user activity. This information will be used for debugging purposes and in some cases be shared with ECN Softphone application developers and/or software providers of these services.
It does not matter whether the information is held on paper or in an electronic or other format – it is still personal information or data and must be protected.
We may update this notice from time to time.
From time to time, we may have to change this privacy notice to accommodate changes in our business or changes to the law.
HOW WE COLLECT AND USE YOUR INFORMATION
When you subscribe to the ECN Cloud PBX solution, as well as related services including installation.
When you download the ECN Softphone application
The type of personal information or data we collect and share depends on whether you submit questions, request information, inquire about our products or services, subscribe for services, or give us feedback. When you contact us, subscribe for products or services, we collect the information included in your message, and subscriber documentation such as your contact details (e.g., name, address, telephone numbers, email addresses). We use this information to communicate with you.
HOW WE SHARE YOUR INFORMATION
We may share your personal information or data internally or with service providers to run our Softphone application.
We may have to share your personal information or data:
- in some instances with other companies in the Reunert group for everyday business purposes;
- to comply with legislation, the government, or a court;
- if, from time-to-time, parts of the business are sold which could include a transfer of your information;
- when we share our Softphone application user statistics with third party providers, where necessary for data analytics purposes, related to the Softphone application service; and
- with companies who provide services on our behalf and with our instructions (e.g., our Softphone application service providers and developers).
We only share the minimum amount of your personal information or data.
We only share the minimum amount of your personal information or data that our service providers require.
We only share your personal information or data with service providers we trust.
We require that our service providers agree to keep your personal information or data secure and confidential and only use it for the purposes for which we shared it with them.
Some of the service providers that we use may be in other countries.
When we share personal information or data with our service providers in other countries that may not have the same levels of protection of personal information or data as South Africa, they must undertake to protect your personal information or data to the same level that we do.
We provide for appropriate safeguards before we share your personal information or data.
We have appropriate safeguards in place in contracts between our local and foreign service providers and us.
HOW WE STORE YOUR INFORMATION
We retain your personal information or data for as long as it is reasonably necessary.
We retain your personal information or data for as long as we have a legitimate reason to keep it. These periods vary depending on the type of personal information or data, the reason why we originally collected it, and if there is a specific retention period required by law.
HOW WE KEEP YOUR INFORMATION SECURE
We have reasonable security measures in place to protect your personal information or data and to minimise the impact of a breach.
We base our security measures on the sensitivity of the personal information or data that we hold. Our security measures are in place to protect your personal information or data from:
- loss
- misuse
- unauthorised access
- being altered
- being destroyed
We regularly monitor our systems for possible vulnerabilities and attacks.
No system is perfect, and we cannot guarantee that we will never experience a breach of any of our physical, technical, or managerial safeguards, but we regularly monitor our systems for vulnerabilities.
We will let you know of any breaches that may affect your personal information or data.
If something should happen, we have taken steps to minimise the threat to your privacy, and we will let you know if your personal information or data has been compromised.
We will also let you know how you can help minimise the impact of the breach.
YOUR PERSONAL INFORMATION RIGHTS
You may ask us about your personal information or data.
You have the right to know when we collect and use your personal information or data, and to ask us what we know about you and what we do with that information
You may access your personal information or data
You may ask to access your personal information or data by contacting POPIA@ecn.co.za.
We may take up to one month to respond to your request and may charge a fee in some circumstances. We will let you know if this is the case.
You have control over your personal information or data.
You may:
- ask that we update incorrect personal information or data, or complete personal information or data that may be incomplete;
- ask that we delete your personal information or data;
- ask to receive your personal information or data in a structured, commonly used and machine readable format;
- ask that we reuse your personal information or data for your own purposes across different services;
- object to the processing of your personal information or data under certain circumstances;
- object to automated decision-making and profiling;
- ask that a human review any automated decisions that we make about you, express your point of view about it, obtain an explanation of the decision, and challenge any automated decision made about you; and
- ask that we restrict our use of your personal
- information.
You have the right to unsubscribe.
You have the right to unsubscribe from any direct marketing we send you. You have the right to lodge a complaint with the Information Regulator. You can contact the Information Regulator at inforeg@justice.gov.za.