The term “European Economic Area” (or “EEA”) shall mean the then-current member states and member countries of the European Union and European Economic Area, respectively, Switzerland, and the United Kingdom.
Processor Disclosure: We are a data processor of personal data of our customers (including customers’ customers to who we may transmit data) and other third parties. When serving as a processor, we have certain obligations under GDPR including only processing personal data pursuant to our customers’ instructions reflected in the applicable agreement, providing assistance with fulfilment of rights requests, and implementing appropriate security for personal data. We will forward any inquiries, complaints, or requests received from data subjects with respect to the personal data to the appropriate customer and await instructions before taking any action.
Controller Disclosure & Details: In some circumstances, we are a data controller of personal data regarding the following categories of EEA Individuals: prospective/current customers and vendors, as applicable (collectively, “Business Contacts”), and our Site Visitors for the purposes and under the legal bases described in the table below. Please note that, in some cases, the categories of data subjects above may overlap (e.g., Business Contacts using the Site are also Site Visitors).
Data Subject Category
Purpose & Legal Basis of Processing
General (applies to all data subjects below)
Information Security: Our web servers will log your IP address and other information (e.g., browser information, operating system, request date/time, user agent string, referral and exiting URL) in order to maintain an audit log of activities performed. We use this information pursuant to our legitimate interests in tracking Site and platform usage, combating DDOS or other attacks, and removing or defending against malicious individuals or programs on the Site and platform.
Direct Marketing; Platform Demonstrations; Executing Contracts and other Legal Documents; and General Business Development: We use this information for our legitimate interest in
Audience Measurement and Retargeting: We use this information for our legitimate interest to understand how Site Visitors interact with the Site and where such Site Visitors are located (up to city-level only) in order to optimize the Site experience. Note that the last octets of Site Visitors’ IP Addresses have been anonymized.
Usage and analytics information regarding Site Visitors is used to maintain audit logs of activity on our Sites, track usage of the Sites, improve, maintain and operate our Sites, and for security purposes.
EU Representative: Our representative in the European Union is one of our subsidiaries, Telcordia Operations Ltd. For contact details, please see under the heading “How to Contact Us”.
Recipients: We receive and process your personal data for the purposes described herein. Such personal data is also disclosed to effectuate the purposes described herein to the following recipients, which recipients may change from time to time:
- AWS (US): Cloud-based storage provider
- MailChimp (US): Cloud-based marketing automation platform
- Dropbox (US): Enterprise solution for secure file share
- Google Analytics (US): Site audience measurement
- AdRoll (US): Retargeting solution
- Pardot(US): Email Marketing System
- Zoom Info(US): Business Analytics
- Service Desk (US): Support ticket system
We use various service providers to manage our Sites and provide services such as event registration or managing e-mail communications. Our service providers change from time to time. Our service providers have entered into contracts with us that restrict what they can do with your personal data and require compliance with GDPR and other applicable laws. If you would like specific information about our service providers who have received your information, please contact us at email@example.com and we will provide that information to you.
Retention: Please see below for our general retention periods. Please note that the below retention periods may be extended or shortened, as appropriate, based on the context of our relationship with an EEA Individual, and for compliance with legal obligations (e.g., accounting, finances, tax).
We will retain the personal data of prospective customers for seven (7) years, as, historically, we have seen that prospective customers convert into paying customers within such time period. At that point, the prospective customer will have to sign up for marketing or affirmatively demonstrate interest in our products and services. This retention period may be extended for prospective customers that are in current negotiations with iconectiv near the end of such retention period.
Current customers’ personal data will be retained until the relationship terminates, at which point their personal data will be retained by us for six (6) years from the last transaction involving this customer, and any other related legal documentation will be retained permanently, or pursuant to our record retention policies. At that point, the former customer will have to sign up for marketing or affirmatively demonstrate interest in any applicable Service. Other personal data will be retained by us in accordance with our record retention policies.
Your GDPR Rights: As a natural person, you have a right to: (i) request access to, correction and/or erasure of your personal data; (ii) object to processing of your personal data; (iii) restrict processing of your personal data; and (iv) request a copy of your personal data, or have a copy thereof sent to another controller, in a structured, commonly used and machine readable format under the right of data portability. You may exercise these rights and submit a GDPR complaint by contacting: firstname.lastname@example.org with the subject line “GDPR Notice.”
You also have the right to lodge a complaint about the processing of your personal data with an appropriate data protection authority. As applicable, you may also have a right to exercise third-party beneficiary rights under Standard Contractual Clauses that you may have entered into with us.
Objecting to Legitimate Interest/Direct Marketing: You may object to personal data processed by us. In such case, we will no longer process your personal data unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your personal data for direct marketing purposes by clicking “Unsubscribe” within an automated marketing email or by submitting your request to email@example.com with the subject line “GDPR Notice” (the latter for instances where, for example, you would not like to receive follow-ups from our sales team). In such case, your personal data will no longer be used for that purpose.
Transfer of Personal Data outside the EEA: We rely on Standard Contractual Clauses and other approved data transfer mechanisms to ensure adequate protection for your personal data.
Disclosure to Public Authorities: iconectiv may be required to disclose personal data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Corporate Restructuring: In the event of a merger, reorganization, dissolution or similar corporate event, or the sale of all or substantially all of our assets, we expect that the information that we have collected, including personal data, would be transferred to the surviving entity in a merger or the acquiring entity. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such personal data as set forth in this GDPR Notice.
Updates to this GDPR Notice: If, in the future, we intend to process your personal data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this GDPR Notice, and the “Effective Date” at the top of this page will be updated accordingly.
How to Contact Us: iconectiv is located at 100 Somerset Corporate Blvd., Bridgewater, NJ 08807 USA. Please use this address or, preferably, contact firstname.lastname@example.org with any questions, complaints, or requests regarding this GDPR Notice; please include the subject line “GDPR Notice.”