Privacy and cookie policy

Our UCaaS products have SIP account settings preconfigured for many popular VoIP providers. This preconfiguration is done for ease of use; Bicom Inc. is in no way responsible for information you have shared with or is collected by the providers. If you wish to obtain information about the providers’ privacy policies, you should contact them directly.

This privacy policy contains the full list of features built into “gloCOM” and “Communicator” that in any way process users’ private information. Whether a feature is enabled or not, and therefore whether the private information required for the feature to work is accessed, depends solely on the SIP account configuration.

This privacy policy applies to Bicom Inc. (hereinafter referred to as “We”, “Us”, “Our”) services, products and solutions provided through Our products suite (hereinafter referred to as “The Software”). This policy explains the personal data Bicom Inc. processes from You, Your principals, officers, directors, employees, assignees, agents and/or successors (hereinafter referred to as “You”, “Partner”, “Customer”, “Your”), how We process that data, and for what purpose. Your privacy is important to Us and with that in mind We have developed this policy. We want You to feel confident about the privacy and security of Your personal information and to confirm Our strong commitment to privacy and security by complying with all relevant Data Protection Laws and Regulations including and in particular the EU General Data Protection Regulation (GDPR).

Bicom Inc. will comply with the GDPR in the delivery of Our service to Our Customers and offer tools and solutions as part of Our products suite in order to help Our customers maintain their own GDPR compliance and to process private data in a secure and lawful manner.

We will continually update and enhance Our products, services, contracts, and documentation to increase data security and protect data privacy which will ensure compliance with the GDPR.

For any additional inquiries regarding GDPR and Our compliance please send Us an email to:

gdpr@bicomsystems.com

We reserve the right, at Our sole discretion, to change, modify or otherwise alter this policy at any time without prior notice in order to comply with any relevant Data Protection Laws and Regulations. All modifications shall become effective immediately upon the posting of Our Privacy Policy at:
https://www.bicomsystems.com/privacy-and-cookie-policy/

You agree that We can post any changes in this Policy on the website and to any email address You may have provided to Us for notification purposes in order to inform You of any changes to this Policy in a timely manner. Your continued use of The Software after changes have been posted means that You accept this Privacy policy.

Personal data – means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Controller – means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

Processor – means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Our data center and public cloud vendors maintain certifications that cover data security. We have chosen the Sub-processors that will ensure the security and privacy and We do not grant them access to Your private data. Sub-processors are used by Us for hosting and archiving purposes.

Our Point of Presence data centers are located in Europe and the USA. We will not transfer data between data centers in different countries without express permission from Our Customers and Partners which will, in turn, provide the necessary consent from their End users.

Archiving support is offered for Amazon S3, Google Drive and Dropbox. It is up to You to choose the one best suited for Your purposes and make the necessary configurations and adjustments to ensure security and privacy of data within these third-party services.

Bicom Inc. operates through different entities across many different legal and trading jurisdictions with varying levels of laws and practices. As such and notwithstanding Bicom Inc. and all associated companies will not trade, sell, or disclose to any third-party any form of identifiable information without the consent of the data subject except as required by law, search warrant or other legal processes. This includes information derived from registration, subscription, and use of Bicom Inc.’s service and products. We use technical security measures to prevent loss, misuse and alteration of information under Our control and all information is maintained in a secure environment.

When You register details with us, make an order or access account details, We use a secure server. Any data You give Us is encrypted using a ‘Secure Socket Layer’ (SSL) session. SSL is an industry standard and is one of the best methods to ensure Internet messages are not intercepted. However, You should be aware that older browsers cannot use SSL.

Over and above what Bicom Inc. does to safeguard Your privacy and security, there are a number of things You can do to protect yourself from Internet fraud:

Choose a password You can remember but others will not guess, one that uses alphanumeric upper/lower case combination with special characters, change it regularly, and if You do write it down, keep it somewhere safe and secure.

When You have finished Your session on a Bicom Inc. website, make sure that You prevent Your details being seen by anyone that You do not wish to see them. So, if You have registered and logged in, remember to log off. Clear any ‘cache’ so there is no record of any transactions left on screen – all modern browsers provide you with this option. We also recommend closing Your browser so any history of the session is cleared. As an extra precaution, Your session in many areas of the www.bicomsystems.com will terminate if You have not used the site for 20 minutes.

As part of Our operations, as well as service and product functionality We may process different types of personal and non-personal information based on Your use of Our products, services and Our business relationship with You. Information may be collected when You give it to Us with the intent to purchase or interact with Us about a product or service We offer or provide; when We collect it automatically when You visit Our websites or use Our products and services; or when We obtain it from other sources, such as credit agencies. Our products’ feature central phonebook doesn’t collect user data in any case scenario. The only thing the central phonebook does is download the contact list from the server. Our applications will never send any contacts from the devices to the server. gloCOM uploads users’ avatars directly on the server. Avatars are only used internally for visual representation in the client.

Bicom Inc. does not want You to, and You should not send any non-personal confidential information or proprietary information to Bicom Inc. via Our websites and services. Any submission by You becomes the property of Bicom Inc. and You grant Bicom Inc. the authority and right to use that information subject to the Bicom Inc. Privacy Statement set forth here. By sending Bicom Inc. materials or information, You grant Bicom Inc. an unrestricted, irrevocable license to use, reproduce, display, perform, modify, transmit and distribute such material or information and You further agree that Bicom Inc. is free to use any ideas, concepts, know-how or techniques that You provide for any purposes.

We gather anonymous data within Our products and services in order to provide You with summary statistics and to help Us with support, planning as well as with enhancement and development of new products and services. Anonymous data includes information on equipment, performance, usage of Our websites, viewing and other technical information about Your use of Our network, services, products or websites. This information does not contain personally identifiable information.

In order for Push Notifications to work, we must register your device token remotely when gloCOM or Communicator is in the background or closed on your iOS or Android device. To accomplish this, we transmit your device push notification token over a https – secure connection. This information is shared with no one and is erased immediately when the push instance expires (usually within 2-5 days in case there is no activity for that device) or when the user disables Push Notifications in the Application.

Personally identifiable data that is processed within Our products and services include:

Account details

Email addresses and other contact information

Billing information

IP addresses

CDRs, Call Recordings, Faxes and Voicemails

Data gathered with Google Analytics

Contacts Usage

Mobile App Media Files and Documents usage

In addition to the above data, Diagnostic data that We gather may contain personally identifiable data.

How We Use Personal Data

Account Details

Account and profile information is primarily used for authentication and authorization purposes. In order to be granted any level of access to The Software You must register or subscribe by submitting information to Us that will uniquely identify You as a company or an individual. You as the subscriber are responsible for ensuring that the information on file with Bicom Inc. is current and accurate. Bicom Inc. will collect and use subscriber identifiable information for billing, provisioning of service, resolution of problems associated with service, directory services, and to inform subscribers of new products or services that will enhance the Bicom Inc.’s ability to provide service to subscribers. We will use subscriber identifiable information to market products and services to the subscriber, but will not disclose or make available any subscriber identifiable information to any third parties seeking to market products. If a subscriber chooses in writing not to participate in direct marketing of new products and services from the Bicom Inc., then the subscriber’s information will not be used for the purpose of marketing new products. Additionally, the subscriber may request to have identifiable information deleted from the Bicom Inc.’s directory.

If You are accessing Bicom Inc. products and services with Your Company account that includes company name, company’s physical address, company’s email addresses and other contact details, that information is not considered personally identifiable data and thus is not within the scope of Our GDPR compliance.

Email Addresses and Other Contact Information

Bicom Inc. people and those working for agents or contractors of Bicom Inc. have a responsibility to keep Your information confidential and will only use it to offer products and services on behalf of Bicom Inc. The personal details that We use to provide or promote Our products and services (for example Your name, telephone number, or details of the services You use), as well as any information provided by You, will NOT be passed to ANY organization beyond Bicom Inc. to be used for marketing purposes. Your details may sometimes be shared with Bicom Inc. contractors or agents in order to provide You with Bicom Inc. products and services You have requested, but We will make this clear to You in the relevant terms and conditions We give You when You order.

At Bicom Inc. We respect the privacy of personal email accounts and We store Your email addresses just as securely as other personal information on www.bicomsystems.com. We will not send You unwanted email messages or junk mail, and Your details will not be passed to ANY organization beyond Bicom Inc. without Your explicit permission. However, We will use email to send You messages about outstanding orders, faults and service issues. We may also use email to keep You up to date with news about Your current services, as well as anything You show an interest in, either online or through other contacts with Bicom Inc. If You do not want to be kept informed this way by email, please let Us know. You can do this by ticking the relevant box where Your email address is stored in the www.bicomsystems.com personal profile.

Billing Information

When Bicom Inc. bills for services rendered, a third-party processing company may be used to charge a customer credit cards and collect payment. A third-party is used only to process credit card charges and does not store or distribute customers’ credit card or billing information. Our billing is Payment Card Industry Data Security Standard (PCI-DSS) compliant, based on the standard administered by the Payment Card Industry Security Standards Council.

IP Addresses

When using The Software We may collect IP addresses of devices containing client software connecting to Our products and services in order to maintain the security of the connection and to prevent unauthorized access to Your data. These IP addresses are processed only during the active connection to Our products and services.

CDRs, Call Recordings, Faxes and Voicemails

The Software provides functionality to record calls, leave voicemail and send faxes. Access to these files is given only to those that have explicit permissions to do so. Call recording can be controlled before or during the call itself in order to ensure a lawful basis for data processing and to easily avoid recording of private information. Call Detail Records are processed in order to provide support for accounting, billing, call quality analysis and detect unlawful activity. Depending on Our Data retention policy and relevant Laws We will keep CDRs for a limited time after which they will be deleted. Before CDRs get deleted You will have an option to Archive anonymized CDRs in a remote long-term secure storage of Your choosing (ie. Dropbox, Google Drive, AWS).

Contact Usage

When you grant Bicom Inc. permission to access your contacts in the ‘’gloCOM’’ and ‘‘Communicator’’ applications, you give us access to the following personal information from your address book:

• Contacts’ names
• Contacts’ email addresses
• Contacts’ phone numbers

Bicom Inc. uses this information to:

• Populate your Contacts data in the app
• Enable the Share Contact feature in case you wish to share contact details with another participant of chat conversation

Mobile App Media Files and Documents usage

Bicom Inc. has access to media files and documents shared with the “gloCOM” and “Communicator” applications. We process these files (which may include photos, videos and documents) only if the SIP account is configured to do so and only if you select the option to share a media or file attachment via a multimedia message.

Depending on your operating system, you may need to grant separate access-related permissions to the application in order for the application to access files.

Bicom Inc. only accesses those files that have been shared with the Application. They are securely uploaded to a server so the message recipient can download them later.

Diagnostic Data

You are advised that The Software may contain diagnostic capabilities that allow Bicom Inc., authorized Bicom Inc. Partners, and authorized customer administrators to capture packets, run diagnostics, capture anonymous usage information from endpoints. You are responsible for enabling these diagnostic capabilities, for ensuring Your users are aware of activities or potential activities and for compliance with any legal requirements with respect to use of The Software and diagnostic capabilities on its network, including, without limitation, compliance with laws regarding notifications regarding capture of personal data, call recording and wiretapping.

Mobile App Analytics Usage

Bicom Inc. may collect aggregate data that does not personally identify you. The data collected will generally be used to monitor usage and provide patterns for quality and performance improvements. The type of information collected includes screen view counts and crash information.

Data Gathered with Google Analytics

Bicom Inc. uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google). Google Analytics employs various techniques, including ‘cookies’, which are stored on Your computer and facilitate an analysis of how users utilize a website. The information Google Analytics obtains regarding the use of a website is transmitted to Google servers, which may be operated in states outside the Member States of the European Union and may also be outside the Contracting Member States of the European Economic Community. On behalf of a website’s operator, Google will use the information for the purpose of evaluating Your visit to Our web pages, compiling reports on website activity for website operators and providing other services related to website activity and usage to Us. The IP address transmitted by the user’s browser for Google Analytics will not be merged with other Google data. Users can hinder Google cookies from being saved via a corresponding setting in the browser software. However, users should note this may mean that not all website functions can be used in full. Furthermore, users can prevent Google’s data collection and usage generated by cookies (including Your IP address) associated with their use of the site as well as Google’s processing of that data by downloading and installing the browser plug-in under the following link: https://tools.google.com/dlpage/gaoptout.

Alternatively to the browser add-on, and in browsers on mobile devices, please click on this link to stop future data collection via Google Analytics on Our website. An opt-out cookie will be stored on Your device. This click will have to be used again if You delete Your cookies.

Bicom Inc. websites create a ‘cookie’ when You first register online. A ‘cookie’ is a piece of information, like a tag, which some websites create against Your PC. Our ‘cookie’ stores some basic information which help Us identify if You have visited the site before and if We have provided You with some personalized content such as welcoming You by name and whether You have supplied this during Your previous visit. However, as it is based on Your PC, We will not find the ‘cookie’ if You visit www.bicomsystems.com from a different PC than the one You registered on.

Bicom Inc.’s use of ‘cookies’ includes the following assurances: No information regarding Your telephone number, account or payment details is included in the cookie or can be accessed using it.

They do not collect any personal information regarding the use of Your PC or Internet browsing in any way. If You do not want a cookie to be created on Your PC, web browsers provide the option to disable them. Please bear in mind that some personalized services on www.bicomsystems.com may not be available if You choose to disable cookies.

Bicom Inc. also uses third parties to track its advertising across the web. The information these third parties collect does not include any personal information but is merely for the purpose of identifying the general effectiveness of such online advertising.

Personal data will be removed automatically or by an administrator as soon as the data is no longer necessary for processing and there is no legal obligation to keep the data. Removal of data can be requested at any time by the data subject after which the data in question will be removed immediately or as soon as there is no other requirement to keep the data defined by a Contractual obligation or by Law. Upon Your request We will archive Your anonymized data to a third-party long-term secure storage solution that is GDPR compliant. This includes CDRs, Call recordings, voicemail, fax and other data that may contain personally identifiable information.

GDPR defines several data subject rights that controllers and processors must ensure within their duties and responsibilities. Data subject rights include:

• The right of access by the data subject
• The right to rectification The right to erasure (right to be forgotten)
• The right to the restriction of processing
• The Right to withdraw consent
• The right to be informed and the right to be notified
• The right to data portability

When We act as a data processor on behalf of Our Customers We will help You comply with legitimate data subject rights requests. Please be advised that during processing of Your Data subject rights requests We may request additional means of confirming Your identity in order to avoid unauthorized disclosures. Please direct any such requests to: gdpr@bicomsystems.com

When You visit www.bicomsystems.com You have direct personal control over information in Your personal profile. You can access and change this information at any time by using the ‘update Your profile’ link.

If You want to know exactly what personal information Bicom Inc. holds on You, You can obtain it. If it transpires that the information held is inaccurate, We will make the necessary amendments and confirm to You that these have been made. Please write to the following address gdpr@bicomsystems.com stating Your Bicom Inc. account number in the subject.

If Your personally identifiable information changes, or if You no longer desire to use Our service, You may correct, update, delete or deactivate it by making the change in the service or product containing the data in question or by emailing Us at gdpr@bicomsystems.com.

We will retain Your information for as long as Your account is active, as needed to provide You with the services or as required of Us by Law or a contractual obligation. We will retain and use Your information as necessary to comply with Our legal obligations, resolve disputes, and enforce Our agreements.

We communicate with users who subscribe to Our services on a regular basis via email as well as via phone and text message. For example, We may use Your email address to confirm Your request, to send You notice of payments, to send You information about changes to Our products and services, and to send notices and other disclosures as required by law. We may call You or send text messages to provide You with reminders in accordance with Our service to You. You can opt-out of some but not all of these communications, however, they will be primarily informational in nature rather than promotional.

However, We provide You the opportunity to exercise an opt-out choice to withdraw consent if You do not want to receive other types of communication from us, such as emails or updates regarding new services and products. The opt-out choice may be exercised by ticking or un-ticking the appropriate box if such checkbox is available at the points where personally identifiable information is collected or by contacting Us at gdpr@bicomsystems.com. You also may opt-out of receiving certain emails by clicking on the “unsubscribe” link within the text of the email. We will process Your unsubscribe as soon as possible, but please be aware that in some circumstances You may receive a few more messages until the unsubscribe is processed.

In the case of any changes that might affect Your personal data, We will notify You and the Regulatory Authorities. When a data breach occurs We will notify the impacted Customers with an accurate, actionable, and timely notice.

After the detection of a Security Incident, the notification process takes place as expeditiously as possible while still considering the security risks. Notices are delivered without undue delay to all affected parties.

Upon request, We will provide You with all the personal data that we keep on You. Please direct any such requests to:

gdpr@bicomsystems.com

Bicom Inc. may or may not be obliged to comply with or register under the data protection laws of Canada, China, Japan, The European Union, the United States or others. However, We do take all reasonable care to prevent any unauthorized access to Your personal data.

Bicom Inc. does not sell products or services for purchase or use by children. Bicom Inc. does not knowingly solicit or collect subscriber identifiable information from children or teenagers under the age of eighteen. In addition, Bicom Inc. will not knowingly link to any third-party website that solicits or collects subscriber identifiable information from minors. If You believe that a minor has disclosed personally identifiable information to Bicom Inc., please contact Bicom Inc. at children@bicomsystems.com so that the information can be removed.

Spam is email or voicemail that is sent against the wishes of the recipient. There are two kinds. The first kind of spam concerns individuals who email people that they don’t know personally. The second type of spam is sent by organizations to individuals who have not expressed a desire to receive such communications. Bicom Inc. regards both kinds of spam as inappropriate.

Bicom Inc. has zero tolerance for spam. Spam complaints will be dealt with seriously and can result in losing Bicom Inc. privileges such as loss of referral credits and even loss of a customer’s account. Please don’t send spam on behalf of Bicom Inc.

If You receive spam and want to report it to Bicom Inc., please forward the email You have received to spam-police@bicomsystems.com

Upon receipt We will:

Remove the email address provided from Our own sales-related communications and;

Follow up with the party who sent the message for further disciplinary actions.

For questions about Our spam policy or any spam-related issues, please email Us at: spam-police@bicomsystems.com.

Bicom Inc. may use subscriber identifiable information to investigate and help prevent potentially unlawful activity or activities that threaten the integrity of service, the network integrity, that otherwise violate Bicom Inc.’s Service Agreements or activities that are or may be illegal. Bicom Inc. shall be the sole determinant of what is legal and what is not. However, this will expressly not include normal political or commercial activities. To offer assistance to relevant authorities Bicom Inc. seeks sufficient evidence of the possibility of illegal activities before disclosing private information. This may come in the form of a request from a relevant Court.

Bicom Inc. also expects all relevant authorities to comply to a minimum of standards similar but not exclusively with those set out by The Hague Convention or the Council of Europe. These standards include but not exclusively the renouncement of terrorism, a fair trial through the right of representation, commitment to inform detainees of the right to be represented as well as freedom of expression, freedom of religion and other standards as the Company sees fit from time to time.

If You have any questions or complaints about this Privacy Policy or Our privacy practices, You can send a question or request at gdpr@bicomsystems.com.