1.0 OUR USER PRIVACY AND DATA PROTECTION
2.0 RELEVANT LEGISLATION
Eze Talk complies with the following national and international legislation with regards to data protection and user privacy:
Specifically, our website, internal business and IT systems comply to said legislation.
3.0 PERSONAL INFORMATION THAT WE COLLECT AND PROCESS
4.0 THE SOURCE OF YOUR PERSONAL INFORMATION
Personal information is collected from the following sources:
5.0 PERSONAL INFORMATION THAT THIS WEBSITE COLLECTS AND WHY WE COLLECT IT
This website collects and uses personal information for the following reasons:
5.1 Google Analytics
5.2 Contact Forms and email links
If you wish to contact us via our contact us page, your data will not be held on this website or be passed to any third party data processors. The data will be collated into an email and sent to us over the SMTP. The email content is then decrypted by our local computers and devices.
5.3 Email newsletter
If you sign up to our newsletter, the email address you provide will be forwarded to MailChimp who provide us with email marketing services. MailChimp are a third party data processor. The email address supplied will not be stored within our website’s database or on any internal computer system.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing and if this changes we will inform you. You can also specifically request removal from the list by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by emailing firstname.lastname@example.org to request removal. Please send your email to us using the email account that is subscribed to the mailing list.
If you are under 16 years of age you must obtain parental consent before joining our email newsletter. You will receive periodic newsletter emails from us, approximately twice a year.
6.0 OUR THIRD PARTY DATA PROCESSORS
This website uses third parties to process personal data on our behalf. All of them comply with the legislation. The following third parties are based in the USA and are EU-U.S Privacy Shield compliant:
7.0 WHAT DO WE USE YOUR PERSONAL DATA FOR?
9.0 WHAT ARE THE LEGAL GROUNDS FOR OUR PROCESSING OF YOUR PERSONAL INFORMATION?
If you have ordered or take a service from us, we are entitled to process your information so we can provide you with a service and bill you for this. Our lawful grounds for processing your data is that it is necessary for entering or performing a contract with you, the data subject.
Secondly, if we want to collect and use your information for other purposes, this will be with your consent:
Thirdly, it may be that contacting you falls within a legitimate interest. This may occur for example, that we have met you at an event and exchanged business cards.
10.0 WHEN DO WE SHARE YOUR PERSONAL INFORMATION WITH OTHER ORGANISATIONS?
We share information with companies mentioned above including:
11.0 CALL RECORDINGS
Call recordings are kept in a secure and encrypted file that is password protected and only accessed by the IT Manager. Should another Manager require access, a unique password is provided for that file.
Where calls are held on behalf of our business customers and we are acting as a data processor, the call recordings are downloaded onto a secure FTP site. Only the IT Manager and Tech Manager have access to these. The customer is provided with a unique password and after they have downloaded their call recordings, they are deleted immediately.
12.0 HOW AND WHEN CAN YOU WITHDRAW YOUR CONSENT?
Where we’re relying upon your consent to process personal data you can withdraw this at any time by contacting us using the following email address: email@example.com
13.0 DATA BREACHES
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen. We have a full internal data breach process which is available upon request.
14.0 KEEPING PERSONAL DATA UP TO DATE
If your personal details change, you should tell us as soon as possible, either by emailing firstname.lastname@example.org or calling 0333 200 0801 or using the contact us form on our website www.eze-talk.com. We will do our upmost to keep our personal records up to date and may contact you to ensure your details are correct.
15.0 DO YOU HAVE TO PROVIDE YOUR PERSONAL INFORMATION TO US?
It is not possible to deliver or services to you if certain information is not provided. If there are instances where providing information is optional, we will make this clear in our marketing preferences.
16.0 ACCESSING YOUR PERSONAL DATA
You have the right to access the personal data we hold on you. You can make a Subject Access Request (SAR) by emailing email@example.com or calling 0333 200 0801 or using the contact us form on our website www.eze-talk.com. We will respond to your request within 28 days however we do reserve the right to take up to two extra months for extensive requests as per the ICO website: ico.org.uk/your-data-matters/your-right-of-access/. You will be informed within 28 days if we need the extra time.
17.0 FOR HOW LONG IS YOUR PERSONAL INFORMATION RETAINED BY US?
18.0 EMAIL MARKETING
B2B email marketing is still acceptable under GDPR. The data for some email campaigns has been bought from a reputable and GDPR compliant data organisation. Consent is generally obtained on all marketing data at point of collection and is renewed by the data company periodically. However, it is important to note that consent is not the only valid ground for processing data under the GDPR. Due to the stringent consent requirements, including the need for granularity (which is difficult to achieve for the data company and its suppliers, due to the size and broadness of our customer bases), the data company is continuing to supply marketing data on “legitimate interests” grounds under GDPR and Eze Talkis legally covered by this legitimate interest.
This is specifically acknowledged in recital 47 of the GDPR as being a plausible ground for marketing (“The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest”). In our case, we rely on legitimate interests on the basis that a business has made its details available and it is for the benefit of all businesses that marketing is facilitated. For businesses which do not wish to receive marketing, there are legitimate means to prevent it, including not supplying the details for inclusion in business registers, objecting to direct marketing under the GDPR, and/or registering with the TPS/CTPS.
In the case of non-limited businesses, the Privacy of Electronic Communications Regulations apply and dictate that express must be obtained, and the data company complies with this legal requirement.
The data company remains the data controller in all instances, and is wholly responsible for all its processing activities and ensures it only shares personal data when it is lawful to do so.
All emails sent from Eze Talk give a clear, unambiguous opt out and if selected, you will be removed from all future mailings and added to a suppression list to ensure you receive no future contact.
21.0 DATA CONTROLLER
The data controller of this website is: Eze Talk Group Ltd, a UK Private Limited Company.
Whose registered and operating office is:
Ground Floor, Rear Courtyard, Dane Mill, Broadhurst Lane, Congleton, CW12 1LA
22.0 Klarna Bank AB