Data Privacy Statement (DPS) for Circuit
Version 2.0 as of August 2016Click here to download PDF.
Unify is committed to protect the privacy of everyone who uses Circuit. This privacy statement (“Data Privacy Statement” or “DPS”) applies to the Personal Data collected by Unify through your use of Circuit. It does not apply to any other of Unify online- or offline-provided products, sites, or services.
If applicable to your jurisdiction, you may also have entered into the separate “Data Processing Agreement” or “DPA” as part of the agreement under which Unify provides Circuit to your organization (the “Agreement”). That DPA is complemented by this DPS. In the event of any conflicts, the DPA will take precedence over this DPS.
If you have questions concerning the DPS, the DPA, the terms of the Agreement or any other contractual or legal aspect of your use of Circuit, please first contact the person(s) within your organization who is/are responsible for Circuit or your organizations data protection officer, if any. You can always contact Unify data protection officer, too. You will find the contact details on www.unify.com.
2. In addition to the terms defined in this document, capitalized terms used herein follow the terminology stated in the “Definitions” annex of the Agreement. If you are unable to access the definitions, please ask the person(s) within your organization who is/are responsible for Circuit.Separation of data by Circuit Tenancies
Circuit is organized into so-called “Circuit Tenancies” which are logically separated segments within the infrastructure that provides Circuit. Your organization’s Circuit Tenancy will be defined during the signup process. All users from your organization are part of your organization’s Circuit Tenancy. Some users, the Circuit Enterprise Users, may invite Guest Users to join the Circuit Tenancy. The Guest Users will then temporarily become part of, and have access to, some of the material inside your Circuit Tenancy, as controlled by you or your fellow Circuit Enterprise Users.
Your organization has administrative control of its Circuit Tenancy through the Circuit Tenancy Administrator, a special account which has extended privileges and may be used to block or access the data and the related activities of all Circuit Users assigned to the relevant Circuit Tenancy. Unify strongly recommends that your organization implements additional organisational measures in addition to those described in this DPS to internally limit access to the Circuit Tenancy Administrator’s account to authorized persons only.
3. Data handled by us through Circuit
3.1 Personal Data
The term “Personal Data” as used herein refers to individual elements of information that are related to, or relatable, to a person, such as you. When you use Circuit, different kinds of Personal Data are submitted to, collected by and stored inside our systems that provide Circuit to you. Unify wants you to better understand what kinds of Personal Data Unify collects, stores and processes, and for which purposes. Typically, Personal Data is included with Circuit User Data, Circuit User Contact Data, Circuit Usage Data, and Circuit Support Data.
3.2 Personal Data in Circuit User Data
“Circuit User Data” is all information that you, as the Circuit User, submit to Circuit, receive through Circuit or generate through your use of Circuit or the Circuit Portal. Personal Data in such Circuit User Data may be part of your messages, documents, spreadsheets or other content of your Conversations or your submissions to the Circuit Support Forum. Unify assumes that all such Circuit User Data is submitted to Circuit with your consent. Unify makes no claim of ownership to any of your Circuit User Data, but all Circuit User Data must comply with the Acceptable Use Policy (AUP).
3.3 Personal Data in Circuit User Contact Data
“Circuit User Contact Data” is contact information about a particular Circuit User, including name, address, phone number, profile information, email address, title, time zone and other information that such Circuit User enters into its profile or which Unify may collect through that Circuit User’s use of Circuit. In some cases, Circuit User Contact Data may also be submitted to Circuit through your organization’s use of Circuit’s administrative facilities, e.g. during setup phase. Unify assumes that all such Circuit User Contact Data is submitted to Circuit with your consent.
3.4 Unify may use Circuit User Contact Data for the purpose of fulfilling the Agreement, to complete the transactions requested by you or your organization, and to detect and prevent fraud or abuse, e.g. to contact you to determine if there is a violation of the Acceptable Use Policy (AUP).
3.5 Personal Data in Circuit Usage Data
“Circuit Usage Data” is information about your and your fellow Circuit User’s use of Circuit, and about the infrastructure providing Circuit in general. It includes, for example, information about the number of active Circuit Users, IP-addresses from where the Circuit Users log in, activity of the Circuit Users, used bandwidth, used storage space or CPU capacity, timestamps, and the like, and the data derived therefrom by means of analytics, e.g. trends in the usage of Circuit. Circuit Usage Data may comprise of Personal Data.
Foremost, Circuit Usage Data helps us to better operate and constantly improve Circuit and to optimize the underlying infrastructure. Unify may also use Circuit Usage Data to detect and prevent fraud, abuse and incidents or patterns or trends that may be relevant for Circuit’s stability and security, e.g. attempts to penetrate the security of Circuit or a denial-of-service attack against Circuit. Unify may also provide Circuit Usage Data to your organization.
In some cases, Unify may compile Circuit Usage Data into an aggregated form or perform analytics of such Circuit Usage Data resulting in a very summarized and abstract form, so that it can no longer be related to a natural person. Unify may make such data available to other customers, suppliers, or third parties, e.g. to determine availability, system load, correct sizing, or for marketing purposes. This data is neither used to identify you or other Circuit Users, nor to create any directly person-related or pseudonymised user profiles.
3.6 Personal Data in Circuit Support Data
“Circuit Support Data” is Circuit Usage Data that Unify may collect when you submit a service request. Circuit Support Data may include information about your hardware/software environment when the Incident occurred, time/date, username or other authentication information, content of the Conversation, data resulting from diagnostics, system and registry data, error-tracking log files, screenshots and other details related to the Incident.
Unify will use Circuit Support Data solely to provide support as per the Circuit Support Plan that is applicable to you or your organization, e.g. via online chat/conversation, phone, email, or other. With your permission, Unify may remotely access to temporarily control your client system. With your permission, online chat sessions or conversations, phone conversations, or remote access sessions with Unify’s support may be then recorded and/or monitored.
4. Personal Data about the Customer Contact and the Circuit Tenancy Administrator
Your organisation appointed a “Customer Contact” to act as a single point of contact for Unify, and a “Circuit Tenancy Administrator” who has access to the administrative functions of your Circuit Tenancy.
Unify will occasionally contact the Customer Contact and the Circuit Tenant Administrator to provide information about new subscriptions, billing and important operational information about Circuit, e.g. planned downtimes or security incidents, or to resolve violations of the Acceptable Use Policy (AUP). Usually, this will be done through email, but if the case at hand requires immediate action, Unify may use other channels of information, e.g. instant messages, telephone or texting.
6. Web Local Storage
Circuit uses “Web Local Storage” which is a technology supported by most modern web browsers that allows web applications to store data on your computer, similar to cookies, but more structured. This data is subject to the same security measures as cookies are, e.g. data stored by one web-site is not accessible to other web-sites.
Circuit uses your browser’s Web Local Storage functionality to provide a local cache for frequently accessed data, like contact’ information and recent Conversations, in order to improve the speed of use and to reduce network traffic. This local data is strongly encrypted and it will never be transmitted back to the servers providing Circuit. If you do not want Circuit to use Web Local Storage, simply uncheck the box labelled “This is a private computer” before you log on. In that case, Web Local Storage will not be used, and any previously data stored by Circuit will be removed.
7. Disclosure of your Personal Data
Unify will not disclose Circuit User Data, Circuit User Contact Data, Circuit Usage Data, Circuit Support Data (collectively “User Data”) outside of Unify or Unify affiliates engaged in the provision of Circuit to you, unless permitted by law or except as you direct, or as described in the Agreement, the DPA or this DPS. Unify will use User Data only to the extent necessary for the performance of Unify contractual duties.
Unify occasionally contracts with third parties to supply Unify with services and products such as customer support, data management, and technical infrastructure services. Unify may provide these third parties with access to User Data, or store it with them or let them process it to the extent necessary for them to render their services or deliver their products. These third parties are required to maintain the confidentiality of the User Data and are prohibited from using it for any purpose other than that for which they are engaged by Unify. To the extent Personal Data is affected, Unify makes any necessary arrangements that are required by Applicable Laws for a legally compliant collection, storing or processing or transfer of Personal Data by or to these third parties.
In order to fulfil the Agreement, Unify may share the contact data given to Unify during the signup-process with third parties for purposes of fraud prevention, export control clearance or other legally required checks, or in order to process payment transactions.
Unify does not share any of your User Data with advertisers.
Unify will not disclose User Data to a third party (including law enforcement, other government entity, or civil litigant and excluding Unify subcontractors, see above) except as you or your organization direct Unify or unless Unify is required to do so by Applicable Laws. In the event a third party requires Unify to hand over your User Data, and if permitted by Applicable Laws, Unify will first inform the third party to request the User Data directly from you or your organization. As part of that process, Unify may provide the contact information of the Customer Contact to the third party. If Unify should be forced by Applicable Laws to hand over your User Data to the third party or grant access to it, Unify will use commercially reasonable efforts to notify you in advance, provided this is not prohibited by Applicable Laws.
8. Accessing, Correcting and Deleting Your Information
Between Unify and you, you are responsible for all Circuit Users you sign up to Circuit and all User Content they generate. The management of the Personal Data of these Circuit Users is a task that is handled by you, e.g. by making use of the administrative facilities of Circuit available to the Circuit Tenancy Administrator. Unify will generally forward requests from individual Circuit Users to your organization and obtain consent before responding to such requests, unless Applicable Law requires immediate action by Unify.
You may access, correct or delete Personal Data stored within Circuit by using the tools provided within Circuit (for example, editing your profile information) or through the administration console with the help of your organizations’ Circuit Tenancy Administrator, or, if part of your Circuit Support Plan subscription, by contacting Unify’s service desk. Changes you make to your information take immediate effect on your Circuit Tenancy. All Circuit User Contact Data and Circuit User Data will be kept in secure storage and are included in Unify’sstandard data backup process.
Unify has implemented and will maintain appropriate technical and organizational measures, internal controls, and information security routines intended to protect your information against accidental loss, destruction, or alteration; unauthorized disclosure or access; or unlawful destruction.
If applicable to your jurisdiction, the specific arrangements about the security measures are part of the DPA in place between you and Unify.
10. Data Location
Your User Data, including your Personal Data, may be transferred to, stored and processed in countries in the EU, the United States or in any other country where Unify or an Affiliate or one of Unify, Unify Affiliates or their service providers maintain facilities. Unify will make any necessary arrangements as required by Applicable Laws for a legally compliant transfer, or processing, of Personal Data.
11. Changes to this Privacy Statement
Unify may occasionally update this DPS to reflect customer feedback, changes in Circuit, and updates to Applicable Laws. Prior to making such changes effective, Unify will notify you and your organization in advance through the Customer Contact and the Circuit Tenancy Administrator by posting a notice on the Circuit login page. Unify will provide a link under which you can review the updated statement. Depending on your or your organization’s settings, Unify may instead, or in addition, send a notification email, and/or post a message inside Circuit. These notification(s) will be made independent of, and do not intend to limit, any notification procedure agreed with your organization in the Agreement.
The new version of the DPS will become effective on the date it is posted, which will be reflected at the top of the page as the DPS’ new effective date.
Unify encourages you to periodically review this privacy statement to learn how Unify is protecting your User Data. Unless required or permitted by Applicable Law, such changes only apply to Personal Data collected from the date the change becomes effective.
12. How to Contact Us
Unify welcomes your comments. If you have questions about Circuit, Unify privacy and security commitments, please contact Unify at www.unify.com or through the Circuit Support Portal.
13. Data Protection Officer
You may address any concern about our use of your Personal Data to Unify’s Data Protection Officer (DPO) You may also send any inquiries about information on our use of your Personal Data, as well as requests for the blocking or deletion or correction of your Personal Data, to the DPO. The Unify DPO can be contacted here at www.unify.com.