This notice will explain to you, Qoolize’s customers, and visitors to Qoolize’s website how Qoolize manages and protects your data. We want to ensure that you fully understand what personal data we need from you to serve you better, how we use and protect your data, and why we need your data when you are interacting with us.
We have implemented strict personal data protection practices that ensure your data is safe while in our care. Qoolize wants you to know that we always care about your privacy and constantly seek ways to protect and serve you better.
What is personal data?
It is essential to understand what we mean when we discuss personal data. Personal data refers to any information related to someone that can be identified through it either directly or indirectly. This means that, in some cases, a single element of information may not identify you, but several pieces together will; if they do, they are considered personal data. Examples of personal data include your name, identification number, location, and factors specific to your physical, mental, economic, or social identity, among others.
What personal data protection and privacy regulations does Qoolize comply with?
Because we serve customers globally, we comply with data protection and privacy regulations, such as the EU General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA). And because we understand we live in a fully interconnected world, we want to assure you that Qoolize commits to protecting all of our customers and visitors to our website’s data regardless of where they are located. We respect your privacy rights at all times.
Is Qoolize a data controller or a data processor?
Some data protection regulations differentiate between a data controller and a data processor. A data controller is an organization that determines how to collect and process personal data. In contrast, a data processor is an organization that collects and processes personal data on a data controller’s behalf and under the data controller’s instructions.
Qoolize is both a data controller and a data processor.
As a controller, Qoolize collects and processes personal data from visitors to Qoolize’s website and customers who sign up for our services. In this context, Qoolize determines how this personal data is collected, processed, and shared.
As a data processor, Qoolize collects and processes personal data from the end users of Qoolize’s registered customers and only does so per the customer’s requirements. Even if we are not making decisions about how personal data is being processed, we continue to protect the personal data we collect at all times.
How does Qoolize collect and process your data?
We must collect and process your data to provide an optimal web experience and excellent products and services.
The following table explains what personal data we collect from you, how we process it, how we classify your data, and, according to unique data protection regulations, the legal basis for processing it.
We classify your data as Account, Usage, and Content.
Account data is all the personal data we collect from you to manage your Qoolize account, including providing you support and charging you for our services.
Usage Data is all the personal data we collect from you when you use our services, such as when you make a call, the length of your ring, and if you are using voice or text, among others.
Content data is all the personal data we collect from you within the service, including the details of text messages, voice calls, or voice call audio.
Visitor data is all the personal data we collect from you when you visit our website and sign up for communications from Qoolize.
How does Qoolize share your data?
As part of the products and services that Qoolize offers you, we need to share your data with our employees and other third parties that help Qoolize deliver our products and services. We always ensure that we share your data when it is essential to give you the best products and services, and we provide that we do so safely and in a controlled way.
The following table explains who the parties are that we share your data with and the purposes why they need access to your data.
How does Qoolize protect your data?
Qoolize takes the protection and security of your data very seriously. We use physical, organizational, technical, and administrative measures to safeguard your data, regularly re-assess and revise our policies and practices to improve security measures to protect personal data, and seek to partner with organizations that do the same.
Please remember that no data transmission over the Internet, whether wired or wireless, is 100% secure; therefore, we cannot fully guarantee the security of information transmitted to Qoolize and cannot be responsible for the actions of any third party that may intercept any such information. Once we receive your data, we commit to making all reasonable efforts to protect it to ensure it resides securely in our systems.
If you believe your data may have been compromised by Qoolize or by using Qoolize’s website, products, or services, please get in touch with our support team immediately. We will be happy to assist you.
Where does Qoolize store your data?
The personal data that Qoolize receives from you reside in different locations around the globe. Qoolize is currently certified under the EU-US Privacy Shield framework, which means that the EU authorities allow us to transfer your data to our locations in the US.
For personal data stored in the US at any of our third-party providers, Qoolize ensures that we solely work with US third-party providers that comply with the EU-US Privacy Shield Framework.
We ensure we have the appropriate international transfer mechanism for personal data stored in other regions, such as Standard Contractual Clauses.
And keeping in line with our commitment to protect your data, Qoolize ensures that all third-party providers we work with sign a Data Processing Agreement to ensure that they will protect your data according to Qoolize’s expectations.
Rights over your data
Privacy and data protection regulations such as the GDPR and the CPRA grant you rights to exercise over the personal data that organizations like Qoolize collect and manage about you. At Qoolize, we believe in providing these rights to all our customers regardless of where they are located worldwide, and every Qoolize customer has the same rights over their data.
Unless there are apparent exceptions because of legal or regulatory requirements, we will work to ensure that your requests are addressed within 30 days. These are the requests you may contact Qoolize about:
You have the right to access the personal data that Qoolize maintains about you, including the categories of data and how Qoolize collects, processes, and shares your data.
You have the right to request deletion of your data, update or correct your data, object to the processing of your data, ask us to restrict the processing of your data, or request portability. In each particular case, we will inform you of the consequences of your request and if there are any exemptions to honoring your request based on legal, regulatory, or contractual requirements.
If Qoolize has collected and processed your data based on your explicit consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing Qoolize conducted before your withdrawal.
You have the right to be notified about a data breach that may impact your data’s integrity, availability, or confidentiality. Refer to our data breach notification section for more details.
You have the right to complain to a data protection authority about Qoolize’s collection and processing of your data. However, we would appreciate it if you let us deal with your complaint internally before contacting a data protection authority.
You can access, update or delete your data if you log into your account. Furthermore, you also can withdraw your consent to any marketing communications you have signed up for.
If you want to manage your data through the Qoolize account directly and don’t know how to do this, refer to our articles about how to manage your account or how to close your account.
To exercise your rights over your data, or if you cannot complete your request directly through your account, please email firstname.lastname@example.org. Once we receive your request, we will contact you to provide acknowledgment and request further information if required. We will never discriminate against you for exercising your data rights.
Qoolize has implemented automated decision-making rules to monitor payments and account activity to minimize the possibility of fraud. If we find a suspicious activity that we believe is fraudulent, we will suspend the price or the account and notify you. You can exercise your right to object, where we will explain the rationale we followed for our decision.
Personal data breach notification
Qoolize, as part of our security and data protection measures, has implemented processes to deal with any suspected personal data breach. We will notify you and any applicable regulator of a breach where we are legally required to do so.
Should we learn of a security breach that affects your data, we will notify you to explain how this breach may affect you and to provide you with any advice on how to protect yourself. We will contact you through the email address we have on file or by posting a notice on our website.
Qoolize’s data retention period
Due to telecommunications and other regulations, we generally retain all the data you generate as part of your relationship with Qoolize for seven (7) years after you close your account unless otherwise required by legal, security, or other requirements by the applicable law.
Qoolize’s Data Processing Addendum
In our role as a processor, we are happy to provide you with a Data Processing Addendum (or DPA) where we commit to safeguarding the personal data that we will process on your behalf, will support you on any request you may receive from individuals or Data Protection Authorities and will ensure that we process personal data according to unique data protection regulations such as the General Data Protection Regulation in the EU.
Qoolize’s Contact information
Suppose you have any further questions about how Qoolize collects, uses, discloses, or protects your data or any questions about this privacy notice, including any requests to exercise your data rights. In that case, you may contact our appointed Data Protection Officer using the details below.
Data Protection Officer
General Data Protection Regulation (GDPR) – European Representative
Under Article 27 of the General Data Protection Regulation (GDPR), Qoolize has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters about the GDPR:
by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
UK General Data Protection Regulation (GDPR) - UK Representative
Under Article 27 of the UK GDPR, Qoolize has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters about the UK GDPR:
by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
California Privacy Notice
This section of the Privacy Notice encompasses specific requirements for California residents and complies with the California Privacy Rights Act of 2020 (CPRA).
Categories of Collected Personal Information
Qoolize, for our business or your interactions with our website, collects and uses the following categories of personal information: Qoolize contains these categories of personal data from the following sources:
Directly from the individual, the information is about.
Indirectly from an individual’s interaction with our website or our products.
We use and disclose personal information according to the purposes established in the sections.
How does Qoolize collect and process your data, and How does Qoolize share your data?
Disclosures of personal information
Qoolize has shared your personal information in the last twelve months on all categories identified and for the purposes described in this Privacy Notice.
Sale of personal information
Qoolize may have collected publicly available personal information about you or obtained your data from third-party providers. This information includes the industry, size, and other general information about your company, such as URLs, to help Qoolize understand our customers better. If you want to opt out, you may email us at email@example.com.
Qoolize has implemented an automated decision-making process described in the Section Automated Decision-making above.
California Privacy Rights
The CPRA provides California residents with rights over their personal information. As a California resident, you have the following rights concerning your personal information:
You can ask about personal data collected, disclosed, or sold.
You have the right to rectify any personal information we hold about you that, in your opinion, is incorrect.
You have the right to request the deletion of personal information.
You have the right to portability, which means that you may request that we provide you with a copy of specific pieces of personal information we have collected about you in the past 12 months in an electronic format.
You have the right to request that we limit the disclosure of your sensitive personal information unless the disclosure is required to provide our services to you or any other regulatory or legal requirements.
You can opt out of selling your personal information at any time.
Once we receive your request to disclose how your personal information has been collected, used, and shared by Qoolize over the last twelve months, we will verify your identity. We will share with you the following information:
Categories of personal information Qoolize collected about you.
The sources which we obtained your personal information from
The purposes of use of your personal information
The third parties we shared your personal information with
Whether we sold or shared your data for Qoolize’s benefit
We aim to respond to your requests within the established 45 days from receipt. We will let you know if we require more time to respond within this period. We will deliver our response by mail or electronically, depending on your preference.
We will not discriminate against you for exercising your personal information rights.
You may designate an authorized agent to make requests on your behalf. We will require verification that you did authorize the agent. Unless the law requires otherwise, your authorized agent must provide your contact details. We will contact you to confirm that you authorized the agent. Once you confirm, we will promptly respond to the rights request.
Exercising your privacy rights
To exercise your rights, you may contact us at firstname.lastname@example.org. To fulfill your request, we may require additional personal information to verify your identity. If you request an authorized agent, we may need additional information to confirm your authorization of the agent.
EU-US Privacy Shield
Onward Transfers of Personal Data. Except as described herein, Qoolize discloses personal data only to third parties that contractually agree to abide by or provide the same level of protection as outlined in the Privacy Shield Principles. Qoolize may provide personal data to third parties acting as service providers, consultants, and contractors to perform tasks on and under our written instructions (“Third Party Agents”). Third, Party Agents must agree to use such personal data only for the purpose we provide it, and they must contractually agree to provide adequate protections for the personal data that are no less protective than those required by the Privacy Shield Principles. In cases of onward transfer to third parties of personal data covered under our EU-US Privacy Shield or Swiss-US Privacy Shield certifications, Qoolize may remain liable.