8×8, Inc. and its group companies and affiliates (each an “8×8 Group Entity” and collectively “8×8“, “we“, “our“, “us“) respect your right to privacy. This Privacy Notice applies to 8×8 Inc.; 8×8 UK Limited; 8×8 International SRL (Romania); 8×8 International, Inc. (Canada); 8×8 International Pty Limited (Australia); 8×8 International Pte. Ltd. (Singapore); PT Eight Solutions Indonesia (Indonesia); 8×8 Philippines, Inc. (Philippines); 8×8 (Thailand) Limited (Thailand); 8×8 International Solutions Company Limited (Vietnam); Fuze, Inc. (USA); Fuze Europe B.V. (Netherlands); and Fuze Europe (UK) Limited, and explains who we are, how we collect, share and use personal information about you, and how you can exercise your privacy rights. This Privacy Notice applies to personal information that we process about:
- visitors to our websites at https://www.8×8.com and https://www.wavecell.com (“Websites”) which are directed to our business contacts;
- our suppliers, vendors and business advisors;
- our existing, prospective and past customers;
- visitors to our offices; and
- authors of publicly available research material.
If you have any questions or concerns about our use of your personal information, then please contact us using the contact details provided at the bottom of this Privacy Notice.
What does 8×8 do?
8×8 offers voice, video, mobile, and unified communications solutions for businesses of all sizes. More specifically, 8×8 offers a portfolio of SaaS, IaaS and/or CPaaS solutions encompassing hosted communications services, contact centers, unified communications, video web conferencing, managed dedicated hosting, virtual private servers and more. 8×8 has been delivering cloud services since 2002 and our customers include small to medium-sized businesses, distributed enterprise organizations and government agencies. We are headquartered in the United States with further offices in the UK, Romania, Australia and Singapore.
For more information about 8×8, please see the About Us section of our Website.
What personal information does 8×8 collect and why?
Note that in general, we will use the personal information we collect from you only for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect your personal information. However, we may also use your personal information for other purposes that are compatible with the purposes we have disclosed to you if and where this is permitted by applicable data protection laws.
During the course of our relationship with you we may collect other information than that detailed in this Privacy Notice. If we ask you to provide information voluntarily then the personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information. If we obtain the information from other sources then we will only do so where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us.
Website Visitors
If you are a visitor to our Websites, we may collect certain information automatically from your device. In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws. Specifically, the information we collect automatically may include information like your IP address, associated device type, unique device identification numbers, browser-type, operating system, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked, when those pages were accessed, how long they were viewed.
Collecting this information enables us to better understand the visitors who come to our Websites, where they come from, and what content on our Websites is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Websites to our visitors.
Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading Cookies and similar tracking technology.
Prospective Customers
If you are a prospective customer (who may also use our Websites), the personal information that we may collect about you falls broadly into the following categories:
Information that you provide voluntarily. Certain parts of our Websites may ask you to provide personal information voluntarily: for example, to submit an enquiry about our products and services, or to request a quote; to subscribe to marketing communications from us and/or to submit enquiries to us. We will use this information to communicate with your organization about our Websites, products and services, to send you offers, for our other legitimate interests or those of a third party, or to comply with a legal obligation to which we are subject, for example to investigate and help prevent unlawful or potentially unlawful activity. We may also gather information from our prospective customers through offline communications, such as in-person meetings and phone calls, or corporate/industry events.
Calls with 8×8’s sales, customer service and other 8×8 departments may be recorded to gather information to improve our customer service. However, if you would prefer that your call was not recorded, you can opt out by stating this, or by hanging up.
In general, the personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point that we ask you to provide your personal information; however, it may include: your full name, company, work email address, work phone number, country; and in relation to your employer your industry, revenue, number of employees and purchasing time frame.
Information that we collect automatically. If you use our Websites to enquire about our products and services, or otherwise interact with us via a digital device, we may collect that information described more clearly in the “Website Visitors” section, above. We use this information to help us analyze how you use our Website and services and to better match your experience with our Websites and services to your organization’s interests.
In addition, we may also collect information about your viewing of our emails (for example, information about whether or not you have opened the email), so we can understand the success of our email campaigns and improve our marketing.
Information that we obtain from third party sources. From time to time, we may receive personal information about you from third party sources (including third party websites, data brokers or credit reference agencies), but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us.
The types of information we collect from third parties include biographical information about you and your job role or marketing information; and we use the information we receive from these third parties to help us market our products and services to you, or otherwise develop and improve our products and services.
Current Customers
If your organization is a current customer (who may also use our Websites), we may already have collected information about you when your organization was a prospective customer and we will continue to use this information in accordance with our data retention policies.
In addition, where your organization is a current customer, the further types of personal information that we may collect about you falls broadly into the following categories:
Information that you provide voluntarily.
Once your organization has entered into an agreement with 8×8, we will collect and maintain information about that agreement, including your organizations’ payment information and information about its transactions. We also collect information to enable us to manage and deliver our online services, support and training, for example:
- we will collect your username and password for your organization’s account when you register to use our services (including via our online portal);
- we may also collect additional personal information relating to you or your organization, including your name, address, email address, telephone number and/or payment card details during the registration/payment process, or for emergency services registration;
- we will collect information relating to your (and your organization’s) use of our services, including the phone numbers you dial or provide to our services, service set-up information, service configurations and settings, recorded calls, messages, meetings, voicemails, incoming and outgoing faxes, user-saved or stored content shared among users, email and text communications, Call Records Data, and contact center customer information you provide to us;
- Other information you choose to provide to us, for example the purpose of your visit if you visit one of our site locations or any feedback you provide to us in relation to your use of our Websites or services.
- If you register as a third party reseller or distributor, we may also collect personal data relating to you in the context of our reseller/distribution program including your name, address, email address and telephone number.
We will use this information to process your organization’s payments and to provide your organization with the information, products or services that it has requested from us (including controlling access to those services, for example enabling your organization to join meetings or to log into our portal); to respond to your enquiries and requests; to enable your organization to register on our Websites; to administer records about your organization’s account; quality control of and to improve our Websites and services; to provide you and your organization with marketing and other communications about our products and services (where permitted by law); and for the purpose of general business or contract relationship management within 8×8, including auditing the use of our services and establishing, exercising or defending any legal claims against us.
We may also use your personal information for our other legitimate business interests, including providing training and support; to manage any queries, complaints or claims relating to the services that 8×8 provides to your organization; for entertainment purposes (e.g. to invite you to events) and to facilitate ongoing relationships; and for investigating and helping to prevent unlawful or potentially unlawful activity that threatens either 8×8, any company affiliated with 8×8, or any of our respective customers.
Calls with 8×8’s sales, customer service and other 8×8 departments may be recorded to gather information to improve our customer service. However, we will let you know if your call is being recorded before we do so if you would prefer that your call was not recorded, you can opt out by stating this, or by hanging up.
Information that we obtain from third party sources
From time to time, to protect your credit card, debit card or charge card from use without your consent, we may validate your name, address and other personal information supplied by you during the order process against appropriate third party databases, such as Credit Reference Agency databases. We may also use your personal information in combination with information we receive about other individuals for the purposes set out in this Privacy Notice.
Data obtained from Google Gmail APIs: The 8×8 – Contact Center use and transfer of information received from Gmail APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Suppliers and Business Advisors
If you are an employee of a supplier or business advisor, we may process the following personal information about you.
- Identification data – such as your name, date of birth.
- Contact details – such as business address, telephone/business email address;
- Professional details – such as job title/position, affiliated organization, office location;
- Financial characteristics – such as your or your organization’s account number and bank details.
- National identifiers – such as tax ID and VAT number of your organization.
- Information relating to your transactional history with us.
- Other information you choose to provide to us, for example the purpose of your visit if you visit one of our site locations.
We may collect and use personal information about you for the following purposes:
- For the purpose of general business relationship management within 8×8;
- To manage our daily business activities, such as executing payments and obtaining the goods, advice or services that we have purchased from your organization;
- For entertainment purposes (e.g. to invite you to events) and to facilitate ongoing relationships with your organization;
- To manage any queries, complaints or claims relating to the services your organization provides to 8×8;
- For product development purposes, to allow us to improve our products and services or develop new products and services;
- Where necessary to comply with laws and regulations, under judicial authorization, or to exercise or defend the legal rights of 8×8;
- To help us conduct our business more effectively and efficiently or check and improve the quality of our products and/or services;
- To carry out research and development with various 8×8 Group Entities;
- To investigate violations of law or breaches of other 8×8 policies.
- We may also collect personal information from you when you use our Websites. For further information about how we use personal information that we collect when you visit our Websites, please click on following link to see the Website Visitors
Visitors to our offices
When you visit one of our offices, you will be asked to provide your name and company to us. We collect this information for our legitimate business interests, including administrative, notification and housekeeping purposes.
Authors of publicly available research material
8×8 carries out research for our legitimate business interests, more specifically to improve our business and technology. In order to do this we sometimes use publicly available research material. If you are the author of this material then we will collect and process information about you related to your research material such as your name, title, organization and relevant qualifications.
Who does 8×8 share my personal information with?
We may disclose your personal information to the following categories of recipients:
- to our group companies, third party services providers and partners who provide data processing services to us, for example (i) to support the delivery of, provide functionality on, or help to enhance the security of our Websites or services, (ii) for quality control and assurance, or (iii) improving our services and developing new services. We may also share personal information with such third parties where we consider that such disclosure is necessary to protect the safety or legitimate business interests of those third parties, including to investigate suspected fraud or to trace debtors.
- to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
- to an actual or potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Notice;
- to any other person with your consent to the disclosure.
Legal basis for processing personal information
This section applies to UK and European Economic Area visitors to our website only. If you are a visitor from the UK or European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only (i) where the processing is in our legitimate interests and not overridden by your rights, (ii) where the processing is a contractual necessity, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement or to enter into a contact with your organization, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate our Websites or services and to communicate with you as necessary to provide our services to your organization; as well as for our legitimate commercial interests, for instance, when responding to your queries, improving our Website or services, undertaking marketing, or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided below in the How to contact us section of website.
Cookies and similar tracking technology
We use cookies and similar tracking technology (collectively, “Cookies”) to collect and use personal information about you. For further information about the types of Cookies we use, why, and how you can control Cookies, please see our Cookie Notice.
How does 8×8 keep my personal information secure?
We use appropriate technical and organizational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. Specific measures we use include SSL encryption technology for protection of sensitive information such as payments when in transit. We have industry-standard administrative, technical and physical safeguards in place to protect the confidentiality, integrity and availability of your personal information. 8×8’s global security posture has been validated by independent 3rd party auditors to include: SOC 2, ISO 27001, ISO 9001, ISO 14001, Cyber Trust Mark, and Cyber Essentials Plus.
International data transfers
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).
Specifically, our Websites servers are located in various locations, including the UK, the US and Singapore, and our group companies and third party service providers and partners operate around the world. This means that when we collect your personal information, we may process it in any of these countries.
However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice. These include implementing an intra-group agreement based on the European Commission’s Standard Contractual Clauses for transfer of personal information between our group companies.
8×8 also requires such third parties to protect personal information they process from the European Economic Area (“EEA”) in accordance with European Union data protection law. Further details can be provided upon request.
Data Privacy Framework
8×8, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. 8×8, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. 8×8, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Scope:
8×8 Inc. and Fuze, Inc. (wholly owned subsidiary) adhere to the EU-U.S. DPF Principles with respect to personal data of individuals in the European Economic Area member states, the United Kingdom (and Gibraltar) and to the Swiss-U.S. DPF Principles with respect to the personal data of individuals in Switzerland (“Covered Individuals”) processed by 8×8, Inc. or Fuze, Inc. as part of providing our cloud communications services (“Personal Data”).
Data processed:
8×8 Inc. provides cloud communications services, including Unified Communications as Service, Contact Center as a Service, and Communications Platform as a Service, to business customers. In providing these services, 8×8 Inc. may process the following Personal Data of Covered Individuals in the United States:
- Communications metadata (e.g. information on originating telephone number or other identifier, terminating telephone number or other identifier, date and time communication originated, date and time communication terminated);
- Communications content our customers transmit, receive, or store through our services (8×8 Inc.’s customers decide what, if any, Personal Data to include in such communications, it typically includes information about 8×8 Inc. customers’ users, their current, prospective, or former customers, or any other person or entity communicating with 8×8 Inc. customers); and
- Contact information for our customer’s employees; and
- Service support ticketing information (contact detail for individuals initiating the support request and any other personal data shared as part of the support request).
Purposes for which data is used:
8×8 Inc. may use Personal Data for providing, managing, supporting, deploying, enhancing, or improving our services, as otherwise instructed by the 8×8 Inc. customer or other data controller who transmitted, received, or stored the data, or in accordance with contractual requirements. 8×8 Inc. may also use Personal Data for other purposes for which the customer or other data controller has obtained the relevant Covered Individual’s consent.
Inquiries and complaints:
If you are a Covered Individual and believe that 8×8 Inc. maintains your Personal Data within the scope of our EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or Swiss-U.S. DPF certifications, you may submit any privacy or data use concerns concerning such data by email dpo@8×8.com or by mail to:
8×8, Inc. 675 Creekside Way, Campbell, CA 95008, USA Attention: Privacy
8×8 Inc. will respond within 45 days of receiving the communication. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
If neither 8×8 Inc. nor our U.S.-based third party dispute resolution provider resolves your complaint, you may have the possibility to engage in binding arbitration as provided under the Data Privacy Framework Program (See Data Privacy Framework website).
Third parties who may receive Personal Data:
8×8 Inc. may disclose Personal Data to its affiliates, as well as to a limited number of third-party business partners, service providers, vendors, suppliers and other contractors (collectively, “Service Providers”) for the purpose of assisting us in providing, managing, deploying, enhancing, or improving our services. 8×8 Inc. maintains contracts with these 8×8 Inc. affiliates and Service Providers restricting their access, use and disclosure of Personal Data in compliance with our Data Privacy Framework obligations, and 8×8 Inc. may be liable if such parties fail to meet those obligations and we are responsible for the event giving rise to the damage. We also may share or disclose Personal Data to the extent that the customer or other data controller has obtained the relevant Covered Individual’s consent.
Your rights to access, to limit use, and to limit disclosure:
Covered Individuals have rights to access their stored Personal Data and to limit its use and disclosure. With our Data Privacy Framework certification, 8×8 has committed to respect those rights. If you are an Covered Individual and you wish to request access to or to limit use or disclosure of your Personal Data, please contact us by email dpo@8×8.com or by mail to: 8×8, Inc. 675 Creekside Way, Campbell, CA 95008, USA Attention: Privacy.
U.S. Federal Trade Commission enforcement:
8×8 Inc.’s commitments under the Data Privacy Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission or the applicable United States authorized statutory body.
Compelled disclosure:
8×8 Inc. may be required to disclose Personal Data in response to lawful requests by public authorities, or administrative or judicial process, including to meet national security or law enforcement requirements.
Children
Children are not eligible to use 8×8’s website and services, and we ask that minors (under age eighteen) not submit personal information to us. If we become aware that we have inadvertently received personal information from an individual under the age of eighteen, we will delete this information from our records.
Information about others
If you provide us with information about another person, you confirm that you have obtained their consent to the processing of their personal data by us (or are otherwise legally entitled to provide us with that information) and that you have informed them of our identity, the purposes for which their personal data will be processed and their rights (as set out in this Privacy Notice), as well as where they can obtain a copy of this Privacy Notice.
Data retention
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Data subject rights
- If you are a resident of the EEA, UK, Switzerland or California and wish to access, correct, update, request deletion of your personal information or request portability of your personal information, you can do so at any time by contacting us using the contact details provided below. You may also be able to access and update certain information via your online account.
- In addition, if you are a resident of the EEA, UK, or Switzerland, you can object to processing of your personal information or ask us to restrict processing of your personal information. Again, you can exercise these rights by contacting us using the contact details provided below.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided below.
- For residents of the EEA, UK, Switzerland, or California, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the EEA and UK are available here.)
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
California specific privacy rights
As noted above, this Privacy Notice applies to personal information that we process about visitors to our Websites, which are directed to our business contacts; our suppliers, vendors and business advisors; our existing, prospective and past customers; visitors to our offices; and authors of publicly available research material.
This section contains disclosures required by the California Privacy Rights Act (“CPRA”) and applies only to “personal information” that is subject to the CPRA. We do not, and will not, sell or share your personal information in any manner that requires an opt-out opportunity under the CPRA.
Accessibility
Consumers with disabilities may access this notice through the use of standard screen readers or by emailing dpo@8×8.com to obtain a copy in an alternative format.
Updates to this Privacy Notice
We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws.
You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.
How to contact us
If you have any questions or concerns about our use of your personal information, please contact our data protection officer using the following details: dpo@8×8.com
8×8 Inc. and Fuze, Inc.: 675 Creekside Way Campbell, CA 95008 United States
8×8 UK Limited, Fuze (UK) Limited, and Fuze Europe B.V.: Oxford House Bell Business Park Aylesbury HP19 8JR United Kingdom
8×8 Research and Innovation SARL Bulevardul 21 Decembrie 1989 77, Cluj-Napoca 400124, Romania
8×8 Australia Pty Limited Level 13 135 King Street, Sydney, NSW 2000
8×8 International Pte. Ltd., PT Eight Solutions Indonesia, 8×8 Philippines, Inc., 8×8 (Thailand) Limited, 8×8 International Solutions Company Limited (Vietnam): 1 George Street, #22-03/04 One George Street, Singapore
Depending on which of our Websites and services you use, the data controller of your personal information will be the 8×8 Group Entity that your organization has contracted with, or otherwise the Website operator.