Legal

Privacy Policy

Privacy policy

Sonetel AB (publ), corporate identity number 556486-5847 (“Sonetel”, ”we”, ”us” and ”our”), Mailbox 647, 114 11 Stockholm, Sweden, is the data controller for the processing of your personal data.

Purpose and lawful basis for processing your personal data

If you are a customer

For the following purposes, we process your personal data on the legal basis that it is necessary for the performance of our contract or in order to take steps at your request prior to entering into a contract:

Purchase of services and products

When you contact us as a customer, and when you are using our services and purchase our products, we will process your personal data for the purpose of providing the services and products as stipulated by the contract.

Sign up for our service

If you sign up for our service, we will ask you for your name, email address and/or phone number. If you opt to sign up using some third-party identification method, such as Facebook, LinkedIn or Google, we will receive additional information about your profile from these third-party services. The purpose of the processing is to allow you access to our services and to provide the services to you.  The purpose is additionally to reach you with important notifications and updates regarding the service.

Your identity and location

Dependent on what services you subscribe to, the patterns of your usage and your other account data; you may be asked to provide additional information for the purpose of verifying your identity or location. This may include a photo of an ID card or passport and copies of utility bills or similar as well as copies of your credit card (with most digits in the credit card number covered). The purpose of the processing of the additional information provided is to validate that you are the person you claim to be and to fulfill the requirements that local authorities and suppliers have set up for allowing access to the services and for validating that you are the legitimate owner of the credit card used for making payments in your account.

For the following purposes, we process your personal data on the legal basis that it is necessary for the compliance with a legal obligation:

Voice and video calls

For voice and video calls, we store meta data, for billing. With meta data, we mean the calling phone number or calling party and/or IP address of caller and the called number or called party and/or IP-address of called party, and the date and time of the call and the length of the call.

Book-keeping

In relevant cases where we process personal data concerning you as a customer for book-keeping purposes, e.g. invoicing or payment of our services or products, we carry out this processing on the basis of legal obligations according to the Swedish Book-keeping Act (1999:1078), (Sw; Bokföringslagen).

For the following purposes, we process your personal data on the legal basis of a balance of interest between your and our legitimate interest*:

Sign up

If you have accepted to receive promotional marketing material from us, we will from time provide you with promotional offers and information regarding our services.

 

Fraud and misuse prevention

Our automatic fraud prevention system and manual fraud prevention team may look into your account details, such as your name, identification information provided such as passport number or national ID number and associated supporting documents, physical addresses, email addresses, mobile numbers, social media accounts, IP addresses used when interacting with our service, destinations you call or to which you forward calls, counterparts that you send or receive text messages from or to via our services, payment methods used for paying for our service, types of devices used when interacting with our service as well as other information you volunteer to share with us. This data will be compared with patterns found in other Sonetel accounts blocked historically for suspected fraudulent use or misuse of our service. In case there are clear similarities between your data patterns and the patterns of accounts blocked historically for suspected fraudulent use or misuse, we may temporarily or permanently suspend your access to the service, to protect our business and other third parties and the general public from the impact from such potential fraudulent activity or misuse.

Our automatic fraud prevention systems may additionally look into the content of your text communication to identify patterns indicating that the service is used in a fraudulent or prohibited way, which may lead to automatic or manual actions by us.

For voice and video calls, we store meta data, for the purpose of fraud protection. With meta data, we mean the calling phone number or calling party and/or IP address of caller and the called number or called party and/or IP-address of called party, and the date and time of the call and the length of the call.

Data related to account settings, payments, web site visits and customer portal visits, app usage and meta-data regarding your communication may be processed as part of our manual and automatic fraud prevention processes.

Customer service

If you contact our customer service via telephone, chat, email or similar – this will provide us with your email address or phone number or social media identity and similar, as well as any other personal data that you decide to share with us as part of the dialogue with us.

This information is used for the purposes of responding to your inquiry and sending updates to you regarding the progress of your inquiry. If you contact us again later, this data also helps us understand your historical inquiries and preferences, thus allowing us to provide a better service to you and negating the need for us to repeat questions already asked.

If you are an employee of a customer

For the following purposes, we process your personal data on the legal basis of a balance of interest between your and our legitimate interest*:

Your personal data as an employee of a customer will also be processed in relevant cases in accordance with the contract with the customer.

Purchase of services and products

When you contact us as an employee of a customer, and when you are using our services and purchase our products as an employee of a customer, we will process your personal data for the purpose of providing the services and products as stipulated by the contract with our customer, your employer.

Sign up for our service

If you as an employee of our customer sign up for our service, we will ask you for your name, email address and/or phone number. If you opt to sign up using some third-party identification method, such as Facebook, LinkedIn or Google, we will receive additional information about your profile from these third-party services. The purpose of the processing is to allow you access to our services and to enable our delivery of the services to you.  The purpose is additionally to reach you with important notifications and updates regarding the service and your account status when so required, and to provide occasional promotional offers to you.

Your identity and location

Dependent on what services your employer subscribe to, the patterns of usage and other account data; you may as an employee of a customer be asked to provide additional information for the purpose of verifying your identity or location. This may include a photo of an ID card or passport and copies of utility bills or similar as well as copies of your credit card (with most digits in the credit card number covered).

Customer service

If you contact our customer service via telephone, chat, email or similar – this will provide us with your email address or phone number or social media identity and similar, as well as any other personal data that you decide to share with us as part of the dialogue with us.

This information is used for the purposes of responding to your inquiry and sending updates to you regarding the progress of your inquiry. If you contact us again later, this data also helps us understand your historical inquiries and preferences, thus allowing us to provide a better service to you and negating the need for us to repeat questions already asked.

Fraud and misuse prevention

Our automatic fraud prevention system and manual fraud prevention team may look into your account details, such as your name, identification information provided such as passport number or national ID number and associated supporting documents, physical addresses, email addresses, mobile numbers, social media accounts, IP addresses used when interacting with our service, destinations you call or to which calls are forwarded, counterparts that you send or receive text messages from via our services, payment methods used for paying for our service, types of devices used when interacting with our service as well as other information you volunteer to share with us. This data will be compared with patterns found in other Sonetel accounts blocked historically for suspected fraudulent use or misuse of our service. In case there are clear similarities between your data patterns and the patterns of suspected fraudulent or misuse accounts blocked historically, we may temporarily or permanently suspend your access to the service, to protect our business and other third parties and the general public from the impact from such potential fraudulent activity or misusage.

Our automatic fraud prevention systems may additionally look into the contents of your text communication to identify patterns indicating that the service is used in a fraudulent or prohibited way, which may lead to automatic or manual actions by us.

For voice and video calls, we store meta data, for the purpose of fraud protection. With meta data, we mean the calling phone number or calling party and/or IP address of caller and the called number or called party and/or IP-address of called party, and the date and time of the call and the length of the call.

Data related to account settings, payments, web site visits and customer portal visits, app usage and meta-data regarding your communication may be processed as part of our manual and automatic fraud prevention processes.

For the following purposes, we process your personal data on the legal basis that it is necessary for the compliance with a legal obligation:

Voice and video calls

For voice and video calls, we store meta data, for billing. With meta data, we mean the calling phone number or calling party and/or IP address of caller and the called number or called party and/or IP-address of called party, and the date and time of the call and the length of the call.

Book-keeping

In relevant cases where we process personal data concerning your employer for book-keeping purposes, e.g. invoicing or payment of our services or products, we carry out this processing on the basis of legal obligations according to the Swedish Book-keeping Act (1999:1078), (Sw; Bokföringslagen).

If you are neither a customer nor a customer employee

For the following purposes, we process your personal data on the legal basis of a balance of interest between your and our legitimate interest*:

Contact with us

We process your personal data when you contact us or when you have asked us to contact you. The purpose of our processing is to help you with questions regarding Sonetel or related to using our services or products.

*The legitimate interest of Sonetel is to help future customers and other interested parties by answering questions and provide potential material.

If you are a visitor of our website

For the following purposes, we process your personal data on the legal basis of a balance of interest between your and our legitimate interest*:

We process your personal data, i.e. the information we collect from your web browser including preferred language, operating system and other environmental data that your browser shares with us when visiting our website as well as, which pages you visit within our web site and what actions you take at these pages. Your IP address allows us to identify your approximate location in the world.

The purpose of our processing is to analyze the performance of our web site and the behavior of visitors, to improve our web site. Additionally, if you later decide to sign up for our services or contact us, this data is also processed for the purpose of providing us with a better understanding of your interests and allow us to tailor our services to your needs and provide promotional offers that match your specific areas of interest.

*The legitimate interest of Sonetel is to improve our services and our commercial interest of using your personal data for online behavioral advertising.

If you are obliged to provide your information to us

The provision of personal data is not a statutory, contractual requirement or a requirement necessary to enter into a contract. You are not obliged to provide your personal information but if you do not provide your personal information to us, we are unable to fulfill our agreement or fulfill our obligations in relation to you as our customer, an employee to our customer, a potential customer or as a customer to our customer (your service provider).

Our use of Cookies

When you are using our website, we may process your personal data in the form of your IP address when using Cookies. You can read more about our use of cookies at https://sonetel.com/cookie-policy

Who may get access to your personal data?

Your personal data will be shared with actors who process your personal data on our behalf, i.e. data processors. The data processors we use in our capacity as Controller are:

  • Sonetel Software Service pvt ltd
  • Google
  • Facebook
  • Twitter
  • Microsoft
  • Amazon web services
  • Hotjar
  • Optimizely
  • MixPanel
  • com
  • SnapEngage
  • Sendgrid
  • Bambora
  • PayPal
  • Perfect Money

 

Additional information provided for the purpose of verifying your identity and location, e.g. a photo of an ID card or passport and copies of utility bills or similar as well as copies of your credit card (with most digits in the credit card number covered), may be shared with a local carrier/provider when this is a mandatory requirement for the service you subscribe to, according to the local authorities and/or local providers. The additional information may also be shared with local law enforcement agencies and authorities in case a complaint is raised against your use of the service.

Transfers of personal data to third countries or international organizations

We and our suppliers and partners, as a general rule, only process your personal data within the EU/EEA. In cases where personal data are processed outside the EU/EEA, there is either a decision from the European Commission that the relevant third country ensures an adequate level of protection, or appropriate safeguards, e.g. standard data protection clauses, binding corporate rules, or Privacy Shield, to ensure your rights are protected. If you wish to receive a copy the safeguards taken by us or information regarding where these have been made available, you can obtain it by contacting us.

How do we protect your personal data?

We, and in relevant cases third parties, have taken several security measures to protect the personal data that is being processed. We have firewalls and anti-virus software to protect and prevent unauthorized access to our networks and systems. Our employees have strict instructions to process all personal data in accordance with applicable laws and regulations. Only a limited number of employees have access to the facilities and systems where personal data are being stored and passwords and usernames are required to access these systems.

How long do we keep your personal data?

We never process your personal data for a longer period than is allowed by applicable law, regulation, case law or authority decision. Personal data that we process in order to fulfil our agreement with you are normally processed for the period that it is necessary for us to be able to fulfil our obligations towards you. To comply with legal obligation, because you have given your consent or because we have the right to do so on the basis of a legitimate interest, we may keep your personal data for a longer period in accordance with what is stated below.

Your personal data that is processed on the basis of a consent are being processed until you withdraw your consent.

Your personal data that is processed on the basis of a legitimate interest with the purpose to perform direct marketing towards you are being processed in accordance with applicable national law and case law. If you have a customer relationship with us we process your personal data for no more than one (1) year after the cessation of the customer relationship or until you notify us that you do not wish to receive our send outs anymore. If you are not an active customer we process your personal data for no more than three (3) months or until you notify us that you do not wish to receive our send outs anymore.

The personal data we process to communicate with you regarding questions and matters will only be processed as long as the treatment is relevant to the matter or the agreement and max 30 days thereafter.

Any information concerning payments where processing is required in accordance with the Swedish Book-keeping Act are being processed as stipulated by the law for seven (7) years. We process some information regarding your purchase in accordance with applicable legislation for purchase of goods and services and consumer protection.

Your rights

In accordance with applicable data protection regulation, you have the right of access to the personal data we process regarding you, and have the right to request rectification of your personal data.

During certain circumstances, you are entitled to request the erasure or restriction of your personal data or object towards our processing of your personal data. Furthermore, during certain circumstances, you are entitled to receive the personal data concerning you in a structured, commonly used and machine-readable format and have the right to transmit the personal data to another data controller.

You have the right to fully or partially withdraw a given consent regarding the processing of personal data at any time. With effect from the time of the withdrawal. You also have the right to object against the processing of your personal data for direct marketing.

If you have any complaints regarding our processing of your personal data you have the right to lodge a complaint to the Swedish Data Protection Authority or any other competent supervisory authority that monitors enterprises’ processing of personal data.

Contact us

If you wish to exercise your rights in accordance with what is stated above or otherwise wish to contact us regarding our processing of your personal data you may contact our us by telephone +46 8 52 50 6000 or e-mail support@sonetel.com.

______________________

This privacy policy was established by Sonetel AB (publ) on May 25th, 2018