Where used in this policy, the term “personal information” means any information identifying or describing an identifiable individual, including, but not limited to information relating to their name, age, gender, reproductive status, marital status, national, ethnic or social origin, sexual orientation, physical or mental health, disability, conscience, belief, culture, language and birth of the individual; educational, criminal or employment history of the individual, financial status or information relating to financial transactions in which they have been involved and any identifying number, address or contact information of the individual.
2. Commitment to Privacy
2.1 Data Privacy Principles
We are committed to maintaining the confidentiality, integrity and security of personal information and we will take all appropriate technical and organizational security measures to ensure that where any personal information is provided to us it will be protected against loss, destruction and damage, and against unauthorized or accidental access, processing, erasure, transfer, use, modification, disclosure or other misuse.
We shall not disclose to any person any personal data of a data subject that is processed or hosted by us where any such disclosure would not comply in all respects with the provisions of any applicable data protection legislation or regulations relating to the data subject concerned.
We will ensure that personal data shall be:
- a) processed lawfully, fairly and in a transparent manner in relation to individuals;
- b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes, with further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes not considered to be incompatible with the initial purposes;
- c) adequate, relevant and limited to what is necessary in relation to the purposes for which the personal data is processed;
- d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by Applicable Law in order to safeguard the rights and freedoms of individuals; and
- f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
2.2 Application of the Principles
Within the context of the Services that we provide, our commitment to the above principles means that we recognize that a User’s phonebook, message content and MSISDNs indicating to whom messages were sent to or received from belong exclusively to that User and will not be disclosed by us to any third parties without the user’s written permission or unless compelled to do so by a court of law.
We also recognize that any recipient of any message has the right to know the identity of the sender, and this will be disclosed on request to the recipient where known to us.
Where the personal data of any EU member state subject is transferred to P2P Tech in a non-EU member state for processing, or where the personal data of a subject of any state or union of states whose laws prohibit the transfer of personal data for processing outside of such state or union of states unless minimum protection measures are in place as determined by the provisions of the relevant laws, is transferred to P2P Tech for processing outside of such state or union of states P2P Tech shall ensure that adequate technical and organizational security measures are in place so as to comply with such laws and so as to provide a level of protection appropriate to the risks represented by the processing of such data and in order to protect such data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access or any other unlawful form of processing.
2.3 Personal Data we may Collect and Process
Our Users may be required to submit limited personal information when accessing the Services including a username, email address and password for the purposes of protecting User accounts against unauthorized access. In addition, messages, files or other data contained in the Services may contain the personal information of third parties.
We may automatically record certain information about the use of our Services such as account activity (e.g. usage, log-ins, actions taken), data displayed or clicked on (e.g. GUI elements, links), and other log information (e.g. browser type, IP address, date and time of access).
We may use this information to provide authorized persons with usage reports and internally to deliver the best possible service to our clients and Users, such as improving software user interfaces and maintaining a consistent, reliable and secure user experience.
We may also detect and log a User’s location and IP address in order to identify the User’s geographic region or time zone for routing traffic to geographically based servers or for managing time-sensitive tasks like the sending of notifications.
Like many reputable online companies, our Services, including our website, other online services, applications, email messages and advertisements, if any, may use “cookies” and other technologies such as pixel tags and web beacons to collect information. A cookie is a small data file stored on the web browser on your computer’s hard drive. Cookies and other technologies allow us to count how many Users visited certain web pages within our web site, their personal preferences and to measure the effectiveness of our website and electronic advertisements for different computing devices and regions.
We use this information to understand and analyze trends, to administer our websites and to learn about user behavior’s on our websites. If a User blocks cookies from being stored on a computer, the functionality of our Services may be negatively affected.
We may carry out and perform functional, statistical, textual, semantic and other forms of analysis of non-personally identifiable data that is hosted or processed by us in relation to our Services. We do this to improve the performance of our Services, to understand the way in which our Services are being utilized, to identify usage patterns, market trends, to gain insights and to formulate new products and service offerings. We may also process, aggregate and anonymize personal data such that it does not reveal any confidential, personal or sensitive data or any features from which confidential, personal or sensitive data may be ascertained. We will never disclose confidential, personal or sensitive data without the direct or indirect consent of the party to whom we owe the duty of confidentiality and/or the data subject concerned. We may process and transfer anonymized data in our reasonable discretion including within the P2P Tech group of companies.
3. API’s and Third Party Processing
Where, for the purpose of providing the Services to you, any P2P Tech Service acts as an Application Programming Interface (“API”) for the purpose of specifying how different software systems should interact with each other, or where for that same purpose any P2P Tech Service interacts with other API’s, including third party API’s, we may pass and retrieve data, including personal information, between the different software systems and third parties that interact via those API’s.
Where we make use of third party service providers to help us provide the Services to you, including for the purposes of retrieving or delivering information, records, notifications or other messages to you or any User’s or for hosting or providing any component of our Services, we require such third parties to maintain the confidentiality of any personal information we provide to them for these purposes. Some of these third parties may be situated outside of your country and you consent to your personal data and that of any data subjects you provide to us being transferred cross-border so that we can provide the Services to you. In this regard, we engage only with reputed third-party service providers who have security and privacy policies and procedures providing at least the same level of protection as we do ourselves. You warrant that you have all necessary permissions to give us the above consent.
We may share data, including Personal Data, collected from Users of our Services with third-party service providers or consultants who require access to that data to perform their work on our behalf for the purpose of helping us deliver our Services. These third-party service providers or consultants are limited to only accessing or using this data to provide the services to us and must provide reasonable assurances that they will appropriately safeguard the data. We may also share non-personal or non-identifiable information, including website visitor information and account usage data with third party analytics service providers.
4. Communications with You
We may communicate with User’s, resellers and other persons by email and other messaging applications. You may opt out from promotional communications from us that are not strictly related to the provision of the Services to you.
5. Personal Information of Minors
We do not intentionally collect personal identifiable information from anyone who is a minor. If it is discovered that we have unintentionally collected personally identifiable information from a minor other than for a legitimate purpose associated with the Services, we will delete that information immediately.
6. Revisions and Termination
If the P2P Tech merges with, or is acquired by, any other business, you acknowledge that your personal information may fall under the control of another person.
If you terminate your relationship with P2P Tech, portions of your personal information may be retained in back-ups and archives for as long as is reasonably necessary to assist us in meeting our legal compliance obligations.
7. Questions and Comments