At Truphone we are committed to the privacy and securing of the data we hold about you. Throughout the data collection process, all necessary steps are taken to ensure that data is used only for the purposes we clearly state. The data that we collect will depend on the service we provide to you.
This policy applies also in respect of the following Truphone entities: TP Global Operations Limited, a company incorporated in England and Wales with company number 14109189 and whose registered address is 25 CABOT SQUARE, CANARY WHARF, LONDON, UNITED KINGDOM E14 4QZ, VAT No. GB 418425009, and the following subsidiaries: TP Germany Operations GmbH, TP Netherlands Operations B.V., TP France Operations SARL, TP Operations Poland, TP Portugal Operations SA, TP Spain Operations S.L.
"Truphone" when used in this document shall be taken to refer to the Truphone entity which is relevant to the provision of the services which you are using or the country in which you reside.
1. Purposes for which information is collected and lawful basis of processing
1.1 All data collected by Truphone for and through the use of the Service adhere to the General Data Protection Regulation 2016/679, the Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended) and all other applicable laws and regulations relating to processing of personal data and privacy (“Applicable Data Protection Legislation”).
1.2. Data is collected and may be used for three purposes. Truphone collects and processes, or has third party service providers who collect and process on Truphone's behalf, personal data relating to You, as permitted in order to (1) provide the Truphone Service, in particular to convey the communications you make by means of the Truphone Software and/or the Truphone Service and Truphone network, (2) invoice you for your use of the Truphone Service and (3) carry out Truphone marketing activities.
1.3. We process your personal data in accordance with Article 6 of the GDPR Article 6 (b) – the processing is necessary for a contract you have with Truphone; and Article 6 (f) - the processing is necessary for our legitimate interests. In relation to your use of our website and associated cookies we process your personal data in accordance with Article 6 (a) – you have given us your consent to process your personal data.
2. What is personal data?
2.1. In order to provide you with a service, we need to have certain information about you. Personal data means the facts we collect about you when you sign up to the Service, when you access Services from the website or your mobile phone, and when you use these Services.
2.2 Truphone’s mobile call recording service is principally used to facilitate compliance by financial institutions with the obligations to record calls between customers and certain of staff, results in Truphone storing those call recordings in cloud-based infrastructure on behalf of our customers. Truphone’s processing of those recordings is limited solely to storage and neither Truphone nor the cloud-based infrastructure provider has access to the content of those recordings.
3. What information do we hold about you?
3.1. When you sign up to the Service we will ask you (where appropriate) for your name, address, payment method and details, mobile phone number and email address. We also hold data about which of our services you have used, and when. This will include call times, routing and durations which are known as "traffic data". Finally, we also hold data about how you found out about our services, and how you interact with us through our marketing activities, campaigns we run, calls we make, and emails we send. We use this data to improve our marketing activities.
3.2. Under certain circumstances for regulatory purposes in some countries in order to provide the Truphone Services we may require copies of personal documentation (Passport, ID document, etc) from you which will be held by us and made available to national regulators if they so request.
4. What do we use it for?
We need this information so that we can confirm your identity and process your order when you first sign up for our Service. We may also use Your personal data for the following:
4.1 Regulatory Compliance
We may use your personal data for the purposes of meeting our regulatory obligations, and in some cases, we will need to share this data with regulators: for example, in the event of you making a complaint.
4.2 Credit Referencing
We may use your personal data for the purposes of undertaking credit reference searches and analysing credit worthiness during the term of this Agreement.
4.3 Marketing activities
If you have requested information regarding our product and services we will attempt to contact you via phone and email regarding the specific product that you have enquired about. Should we receive no further contact from you we will delete your data after a period of 12 months.
If you have consented to the use of personal data for marketing purposes then we may use your personal data to send you information about additional services that we provide.
4.4 Collecting traffic data
We may hold Data about the numbers and lengths of calls, SMS sent, and network usage made in order to bill you for your services. We will also, for a short period of time, hold data in relation to the websites, and IP addresses that your devices have used.
5. What are cookies and how do we use them?
Cookies are pieces of information that Truphone will transfer to your computer's hard drive through your browser to enable Truphone's systems to recognise your browser. Cookies also enable Truphone to gather information about the use of its website and to enhance the website accordingly to the preferences of the users. The Help option on the toolbar of most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Truphone's cookies do not contain any identifying information. Please bear in mind that some personalised services may not be available if you choose to disable cookies.
6. Who else will see my information?
6.1 Third Party Processors
We use third party providers to store customer support records, to provide physical security for storage of data, to provide access to data stored, for billing purposes and to provide access to data for the purposes of customer support and billing. Third party network operators may also need access to your Data for regulatory compliance purposes. We will ensure that such agencies conform to the same or similar guidelines as we do.
6.2 Compliance with Laws
Sometimes we may have to provide your personal data to third parties to comply with legal obligations. These include, but are not limited to, national regulators, for reasons such as resolving a billing dispute, for use in legal proceedings or even national security. In these cases, we will comply with whatever laws are in force at the time and provide such information as is required.
6.3 Emergency Services
If we provide you with Access to Emergency Services then we will provide all the necessary information to the Emergency Services that they require.
6.4 Providing a directory enquires service
Unless you and/or your company have asked us not to enter your details into a directory service, we may enter your Truphone number into Truphone and third party directories, and our network will allow the display of your number on receiving devices. You have the option to opt out of these services.
Note that where Truphone provides You with Access to Emergencies Services, your number and location of your device will always be sent if you are calling the emergency services.
6.5 Information Storage
Information collected on the Website or by using the Service may be stored and processed in any country in which Truphone maintains facilities. In this regard, or for purposes of sharing or disclosing data in accordance with this policy, Truphone reserves the right to transfer information outside of your designated home country. The table below outlines how we transfer your data between our subsidiaries and partners.
|Transfers of Data
|Within UK and EU
|Provision of the Service(s), Call & SMS Usage, Data Usage, Invoices and Billing Records, Customer Support Records, and Storage
|From Australia, Hong Kong, and United States of America to the UK and EU
|Provision of the Service(s), Call & SMS Usage, and Data Usage from our operations outside the EU
|From the UK and EU to Manila, Hong Kong, and United States of America
|Access to data stored in the EU for the purpose of Customer Support & Billing for our subsidiary
By using the Truphone Service you consent to any such transfer of information outside of your designated home country.
If we send this information to a country that is not in the UK, we will make sure that your information is properly protected. We will always ensure that there is a proper legal agreement that covers the data transfer. In addition, if the country is not considered to have laws that are equivalent to UK data protection standards, then we will ask the third party to enter into a legal agreement that provides protections that are equivalent to those standards.
Truphone may sell or buy subsidiary companies or business units. In such transactions as well as in the even the event that Truphone or substantially all of its assets are acquired by a third party, personal information of Truphone users will be one of the business assets transferred. We reserve the right to include your personal information, collected as an asset, in any such transfer to a third party.
7. How long will we hold your data?
There are strict obligations which define for how long we may hold personal data about you. These obligations are included in data protection and data retention legislation. We will hold your personal data as outlined in the table below:
|Provision of the Service(s)
|Call & SMS Usage
|12 Months or As Required by Legislation
|30 Days or As Required by Legislation
|Invoices and Billing Records
|Customer Support Records
8. Can I see the data you hold about me, have it changed or removed?
Yes. You may ask to for a copy the personal data we hold on you, have it changed or have all personal data removed by emailing your request to firstname.lastname@example.org. Please outline your request and we will respond initially within 5 days to confirm we can process your request, and then complete the request within 30 days.
9. Your rights as a data subject
9.1 You have the right to ask us for copies of your personal information.
9.2 You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
9.3 You have the right to ask us to erase your personal information which is subject to our requirement to maintain records for specified periods to comply with FCA regulations
9.4 You have the right to ask us to restrict the processing of your information.
9.5 You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you. Please contact us at email@example.com. If you wish to make a request in relation to any of these data rights.
9.4 Your right to lodge a complaint.
If you want to contact us about any of your rights or complain about how we use your information, please contact us at firstname.lastname@example.org – we’ll do our best to help but if you’re still unhappy, you can contact the Information Commissioner’s Office (ICO). Their website www.ico.org.uk has details on how to contact them.
10. How does Truphone protect your personal information?
10.1 Truphone takes appropriate organisational and technical measures to protect the personal data and traffic data provided to it or collected by it, and does not retain it any longer than permitted in order to perform its services or as required under relevant legislation. Your personal data and traffic data can only be accessed by authorised employees of Truphone who need to access to these data in order to be able to fulfil their given duties.
10.2 Truphone takes appropriate technical measures to manage its Information Security policy and processes and is accredited with ISO:27001 covering its operations in the UK, Portugal and the Philippines.
10.3 Truphone takes appropriate technical measures to protect the confidentiality of the communications content via its Truphone services, and observes applicable obligations and exceptions under the relevant legislation.
11. Will this policy change?
12. Contact Information
TP Global: 25 CABOT SQUARE, CANARY WHARF, LONDON, UNITED KINGDOM E14 4QZ