fbpx
Give us a call

Phonely Privacy Policy

Overview

This Privacy Policy (“Privacy Policy”) describes how we at Phonely, Inc. (“Phonely”, “we”, “our”, or “us”) collect, protect, and use the Personal Data (as defined below) you (“User”, “you”, or “your”) may provide via the Phonely.com website (“Website”) or by utilizing any of our software products (“Products”) or services, including through your mobile device, Phonely’s desktop applications, browser and/or extensions (“Software”), or your desk phone (“Services”). Our Privacy Policy is available at phonely.ai/legal/ (and as amended from time to time and effective as of the date posted). Phonely uses a single Privacy Policy that addresses our treatment of Personal Data when you use our public-facing website or any of these Services, including through your mobile device, Phonely’s desktop applications, browser and/or extensions, or your desk phone. We commit ourselves to the highest standard for data protection and privacy. Due to our global footprint, we are subject to several data protection regulations and as a guiding principle, we apply the strictest regulation to protect your data and privacy globally. This results in a broad set of rights and choices made available to you.

Phonely is made up of various legal entities which we use as infrastructure to provide our Services and to comply with various local laws. However, the parent entity responsible for data protection across the organization is Phonely, Inc., a U.S. company with a registered address of  105 N 1st St #1710 SMB#62824 San Jose, CA 95113 US.

To exercise your data protection rights or for more information about Phonely’s data protection practices, please contact us at [email protected].

This Privacy Policy covers the following topics:

Your use of Phonely’s Services is also subject to the Terms of Service or the General Terms and Conditions associated with the Master Services Agreement that governs your account, each of which may be amended from time to time and are effective as of the date posted. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Service or the Applicable Data Protection Laws.

“Applicable Data Protection Laws” means all laws and regulations that are applicable to the processing of Personal Data under the Agreement, including European Data Protection Laws and the CCPA, as well as any future amending acts of the above-mentioned data protection laws any other applicable international, federal, national and state privacy and data protection laws, rules, and regulations pertaining to privacy, data processing and use, data protection, data security, encryption, or confidentiality.

“Personal Data” means all data which is defined as ‘Personal Data’, ‘personal information’, or ‘personally identifiable information’ (or analogous terms) under the Applicable Data Protection Laws.

Types of Data We Collect

 

CategoryDescription
Contact
Information that facilitates communication between you and Phonely, such as name, email and physical address, telephone number, and password
Billing
Payment information
Location
Information about a specific location, such as physical address or IP address
Identifiers
Information that may tend to identify a specific individual, such as name, profile picture, birthdate.
Device and Session
Information about your browser or device, which may include your IP address, device IDs, or other unique identifiers, cookie information, the type of browser and/or device you’re using to access our Services, and the page or feature you requested
Telephony
Information concerning customer call records such as time, duration, the number of the called party
Session audio, video and messaging
The audio, video, and messaging (including SMS, in-app chat, and other messaging channels) that you send through Phonely, and the information contained therein, should you opt-in to recording or otherwise storing that information
Integrations
Information regarding the integration of third-party services such as Google, Salesforce, Zendesk, HubSpot, and others, including credentialing information.

When and How Phonely Collects Data?

Phonely may collect Personal Data through our communications with you or through your use of the Services. Consequently, Personal Data can be directly provided by you or indirectly collected by us from, for example, user interactions and use of the Services. You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features within the Services.

 

Data You ProvideData Phonely CollectsWhen is this data collectedExamples of Types of Data Collected
X When you create an account with PhonelyContact; Billing
XXWhen you integrate with a third-party serviceIntegrations
 XWhen you use our ServicesDevice and session information; Telephony information; Session audio, video, and messaging; Location; Integrations
 XWhen you use PhonelyDevice and session information; Telephony information; Session audio, video, and messaging; Integrations
 XWhen you browse pages of our websiteDevice and Session; Location
X When you request information from usContact
X When you opt-in for marketing messagesContact, Identifying

All permanent data, such as contact lists, call records, recordings, and transcripts, are stored in the United States via Google Cloud Storage, unless your Phonely Services Administrator has selected a different region. Phonely may also temporarily process Personal Data in other regions for purposes such as technical support, customer support, and sales. In transit and temporary data associated with calls is processed through Phonely’s Data Centers and may be stored there for for no more than 72 hours.

How does Phonely use Personal Data?

What We DoLegal Basis for Processing (under GDPR)Data SubjectsPersonal DataDialapad’s Role
Deliver the Services, including placing and receiving voice and video calls, and providing recordings, transcriptions, and analytics of calls; determining your geographic location for efficient call routing, and organizing your contactsContract (Art. 6(1)(b))Customers
End Users
Location
Identifying
Device and Session
Telephony
Session audio, video, and messaging
Communication
Processor
Manage your account and billing, to enable secure login and single sign on, and allow third party integrationsContract (Art. 6(1)(b))CustomersContact
Billing
Integrations
Processor
Communication with You. If you do not want to receive communications from us, you can always opt out by unsubscribing through the link at the bottom of our emails.Contract (Art. 6(1)(b))
Consent (Art. 6(1)(a))
CustomersContact
Communications
Processor
Prevent, detect, and investigate potentially prohibited or illegal activities, including fraud and violations of our Terms of Service and Acceptable Use PolicyCompliance (Art. 6(1)(c))
Public Interest (Art. 6(1)(e))
Customers
End Users
Location
Identifying
Device and Session
Telephony
Session audio, video, and messaging
Communication
Billing
Processor
Perform backups, disaster recovery, and system status monitoring)Contract (Art. 6(1)(b))Customers
End Users
Telephony
Session audio, video, and messaging
Processor
Direct MarketingConsent (Art. 6(1)(a))CustomersCommunication
Identifying
Processor
Third Party Integrations
We will share your Personal Data with affiliated businesses only if you or your Phonely Services administrator set up an integration, and we will only share your information to the extent that it is related to the transaction or service.
Contract (Art. 6(1)(b))
Consent (Art. 6(1)(a))
Customers
End Users
IntegrationProcessor
Improvement of the Service
Such as A/B testing of new features, improvement of AI speech recognition and language processing, and performance monitoring
Legitimate Interest (Art. 6(1)(a))
Consent (Art. 6(1)(a))
Customers
End Users
Location
Identifying
Device and Session
Telephony
Session audio, video, and messaging
Communication
Billing
Controller

We may anonymize, de-identify, and/or aggregate your Personal Data so that you are not individually identifiable (“De-Identified Personal Data”), and provide De-Identified Personal Data to certain of our partners to help us improve our Service, such as sending anonymized samples of audio or text to a third party to improve speech-to-text transcription and reading comprehension. We may also provide aggregate usage information to our partners to understand how often and in what ways people use our Services. However, we never disclose aggregate usage information to a partner in a manner that would identify you personally, as an individual. De-Identified Personal Data may be aggregated for system administration and to monitor usage of the Website. It may be utilized to measure the number of visits to our Website, average time spent, number of pages viewed and to monitor various other Website statistics. This monitoring helps us evaluate how visitors use and navigate our Website so we can improve the content. We may share De-Identified Personal Data or anonymous information (including, but not limited to, anonymous usage data, referring/exit pages and URLs, IP address, platform types, number of clicks, etc.) with interested third parties in any way we choose and for any purpose.

Data and AI Training

Phonely’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Phonely will not share any data with third party AI Models for training purposes”

Phonely Training

Phonely Training is a key part of how Phonely consistently improves its Services. As described below in the Section titled “Phonely as Data Controller and Processor,” where permitted by law and supported by an appropriate legal basis, Phonely acts as a controller for the data collected for Phonely Training. If you use Phonely, Personal data used for improving the services may include segments of call audio, video, or transcriptions. Training data saved by Phonely is used only for improving Phonely’s language models, and is processed primarily by automated systems. A small fraction of training data may be manually reviewed. You may opt out of manual review at any time by contacting [email protected]. You can control what data is stored by choosing which Phonely features you use from the settings menu in the relevant Service, and you may also opt out entirely from the use of your data for training and improving Phonely’s Ai services by contacting [email protected].

Phonely as Data Processor and Controller

When processing Personal Data for the provision of the Service, Phonely’s direct Customer acts as the Controller (or a Processor processing Personal Data on behalf of a third-party Controller), and Phonely acts as a Processor (or sub-Processor, as applicable). When acting as a Processor, Phonely shall only process Personal Data to provide the Service and in accordance with the Customer’s written instructions, and as required by applicable law. When processing Personal Data for the improvement of the Service, as described above in the Section titled “How Does Phonely Use Personal Data”, Phonely acts as a controller.

Automated Decision Making

Phonely does not use Personal Data to make automated decisions.

What is “Legal Basis”?

Under the GDPR, we only process Personal Data when there is a legal basis for doing so. For the Data Processing described in this policy, we rely on the following legal grounds:

  • Performance of a contract: when we rely on this basis the Data Processing is necessary for the performance of a contract with you or to take steps at your request before entering such a contract.
  • Consent: when we rely on this basis, we only process Personal Data about you for the specific purposes you expressly authorize. Where we process data based on your consent, you have the right to withdraw consent for processing at any time. This election will be effective going forward, but will not affect the lawfulness of processing based on consent before its withdrawal.
  • Substantial public interest: when we rely on this basis, we do it to prevent harm, fraud, money laundering, terrorist financing, child labor and to enable trust safety and compliance.
  • Compliance with a legal obligation: when we rely on this basis, we are obliged to process the relevant Personal Data to comply with the law.
  • Legitimate interests: when we rely on this basis, we process Personal Data as necessary in pursuit of our own or your legitimate interests. When we do this, we must ensure that the interests we pursue do not override your fundamental rights and freedoms. Specifically, the only processing that is solely justified by Legitimate Interests is processing required to improve our services. For more information on these Legitimate Interests, please see the Phonely Training Section below.

Privacy Choices

With Phonely, you are in control of your data and you can always restrict the collection of certain types of information.

  • Disable cookies: You can block cookies through your web browser settings. Please note that the restriction of cookies may impact the functionality of the Phonely website.
  • Don’t provide Personal Data: Certain personal data is needed in order to create an account and provide services to you. However, if you choose to not provide any personal data, you are still able to navigate our website.
  • Phonely Training: Phonely processes personal data to improve our Phonely systems and has implemented strict security measures to keep this data safe and secure. While we encourage all users to permit such data usage so we can provide a superior product, you have the right to opt-out of this type of processing. If you do not want Phonely to use your personal data for Phonely Training, please contact [email protected].
  • Direct Marketing: We endeavor to contact you with direct marketing only if you have given us your consent to do so. It is your right to withdraw this consent at any time. If you no longer wish to receive our marketing messages, simply click the unsubscribe link.

Data Subject Rights

You have various rights related to the Personal Data we process and may exercise those rights by utilizing our Data Subject Access Request (DSAR) Portal. Following the submission of your request, Phonely will verify your identity and respond to you within 30 days of the receipt of the request. When you update information, we may maintain a copy of the unrevised information in our records.

If you are under the jurisdiction of the GDPR, and if you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns, but we hope you will contact us first so that we may address any issues.

Below is a summary of rights for those individuals subject to the GDPR and guidance on how to exercise them:

 

Right of Access

You can request access to the Personal Data we hold about you, including:

  • The categories of data we process
  • The purposes of the data processing
  • The period during which we retain that data
  • Third parties to which we disclose that data

Upon request, we can either provide an overview of the data we hold or we can provide you with a copy of your Personal Data

Right to RectificationIf your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
Right to Erasure

You may ask us to erase your Personal Data in the following circumstances:

  • in case your Personal Data is no longer needed for the purposes for which it was collected;
  • if you have withdrawn your consent and there is no other legal basis for the processing of your Personal Data;
  • if you have filed an objection to our processing of certain of your Personal Data and there are no overriding legitimate reasons for continued processing such Personal Data;
  • if your Personal Data is being processed unlawfully;
  • if your Personal Data must be deleted to fulfil a legal obligation.

If we share your Personal Data with others, we will alert them to the need for erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.

Right to Restrict Processing

You may ask us to restrict or ‘block’ the processing of your Personal Data in the following circumstances:

  • we processed or will process inaccurate Personal Data
  • we processed your Personal Data unlawfully
  • we don’t need to process your Personal Data, but we need to keep it to allow you to establish, exercise, or defend a legal claim
  • you exercised your right to object processing, but we are still validating your request

We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.

Right to data portabilityYou have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you where we process that Personal Data in an automated way. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
Right to object

You may ask us at any time to stop processing your Personal Data, and we will do so if we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing.

If your objection is related to receiving marketing communications or our newsletter, please hit the unsubscribe link on the communication you no longer wish to receive.

Rights in relation to automated decision-making and profilingYou have the right to be free from decisions based solely on automated processing of your Personal Data, including profiling, unless this is necessary in relation to a contract between you and us or you provide your explicit consent to this use. Phonely does not perform automated decision-making.
Right to withdraw consentIf we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place.

Through your account settings, you may access, and, for some information, edit, or delete the following information you’ve provided to us:

  • name and password
  • email address
  • phone number(s)
  • location
  • time zone
  • place of employment
  • devices
  • recorded/transcribed messages and calls
  • call history including incoming/outgoing number and duration
  • user profile information, including images you have uploaded
  • billing information
  • contacts
  • other third-party account information you have linked to the site

To delete your accounts, please follow the instructions on How to Cancel Your Phonely Account. After deletion of your account, some information may remain in our records for a period that is consistent with the purpose it was collected for.

How We Keep Your Data Secure

CompliancePhonely strives to comply with the controls set out in Applicable Data Protection Laws.
Infrastructure SecurityPhonely has implemented appropriate technical and organizational security measures to protect your data, including:
  • Data encryption in transit and at rest
  • SOC 2 Type II Certification
  • Certification under ISO Standards 27001, 27017, and 27018
Internal Best PracticesPhonely has implemented practices in line with industry standards, including
  • Role-based access
  • Single sign-on
  • Internal security and privacy training

A description of our data security practices is available on our Trust page and such security guarantees are incorporated into our Data Processing Agreement (which is available for signature within the Admin Portal of existing customers).

Personal Data Disclosures

To provide, maintain, improve, secure, and promote our Services, Phonely needs to disclose certain Personal Data to third parties. We do not license or sell your Personal Data to third parties, including advertisers, without your consent. As described below, when we share any information about you with third parties, we pseudonymize and aggregate any information about you before we share it unless more detail is necessary to the function of the Services. Although our Privacy Policy does not apply to the practices of companies we don’t own or people that we don’t manage, our Data Processing Agreements define how these third parties can use and store your information, consistent with this Privacy Policy. This section provides further details about the specific disclosures we make to other third parties, such as vendors, governmental authorities, or because of corporate restructuring.

 

Sub-Processors (Processors)

Certain Personal Data may be disclosed to our vendors who are essential for the functioning of the Services. Vendors that have access to Personal Data are considered sub-processors and nearly all our sub-processors are categorized by law as processors. This means that these sub-processors may process Personal Data on our behalf solely in accordance with our instructions and pursuant to a written agreement. For example, we use suppliers for webhosting, secure cloud storage, analytics, email delivery, customer relationship management, and other services.

  • Disclosure of Personal Data to these sub-processors is limited to what is strictly required for the sub-processor to perform the service it provides.
  • These disclosures of Personal Data are either necessary for the purpose of performing our contract with you or necessary for the purposes of our legitimate interests (that are to provide, maintain, improve, secure, and promote our Services).
  • We only disclose Personal Data to sub-processors in accordance with a written contract and based upon a lawful basis.
  • Our sub-processors may change over time, but Phonely maintains an up-to-date list of sub-processors here.
Sub-Processors (Controllers)

In a few rare circumstances, our sub-processors may act as an independent controller of Personal Data. This means that these sub-processors process Personal Data in accordance with their own privacy policies; however, our contracts with such sub-processors require them to comply with applicable data protection law when processing any Personal Data they receive from us.

  • Disclosure of Personal Data to these sub-processors is limited to what is strictly required for the sub-processor to perform the service it provides.
  • These disclosures of Personal Data are either necessary for the purpose of performing our contract with you or necessary for the purposes of our legitimate interests (that are to provide, maintain, improve, secure, and promote our Services).
  • We only disclose Personal Data to sub-processors in accordance with a written contract and based upon a lawful basis.
  • Our sub-processors may change over time, but Phonely maintains an up-to-date list of sub-processors here.
Governmental Authorities

Various authorities such as regulators, tax authorities, law enforcement agencies, courts of law and others may legally require us to produce information that may include Personal Data, for example through a subpoena or warrant. If Phonely becomes aware of any government data demands requesting Personal Data, then Phonely, in accordance with its Government Data Demands Policy, will:

  • immediately notify Customer of the government data demand unless such notification is legally prohibited;
  • Take all reasonable steps to ensure the validity and enforceability of any governmental data demand;
  • disclose Personal Data only in response to a valid and enforceable government data demand; and
  • to the extent Phonely provides access to or discloses Personal Data in response to valid and enforceable government data demand, then Phonely will disclose the minimum amount of Personal Data to the extent it is legally required to do so and in accordance with the applicable legal process.

More information may be found on our Governmental Data Demand Page.

Corporate RestructuringIf we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Data could be one of the assets transferred to or acquired by a third party.
Further InformationWe would be happy to address any specific questions you may have about your Personal Data. This Privacy Policy is intended to provide as much relevant information as possible; however, if you need more specific information, please contact us at [email protected].

Disclosure With Your Consent

Where we are processing your information as a processor on behalf of a Customer, the Customer determines their own policies and practices for the sharing and disclosure of your information and Phonely does not control how a Customer or any other third parties choose to share or disclose information. Where we are processing your information on our own behalf as a controller, we may disclose your information with your consent, which we may obtain in several ways, including:

  • In writing;
  • Verbally;
  • Online, by clicking on a link or button; or,
  • Other mechanisms.

Our Services permit you to submit information which may be displayed to other authorized users in the same or different Customer Account. The sharing and other controls applied to such information may be determined by you, other users and/or an administrator of your Account.

Disclosure Without Your Consent

In general, we may disclose or transfer your information without your consent to disclosure when we reasonably believe disclosure is appropriate to:

  • Comply with the law (e.g., lawful subpoena or court order);
  • Cooperate with or report to law enforcement agencies in investigations that involve users who use our Service Offerings for activities that are or seem illegal or illegitimate activities;
  • Enforce or apply agreements for our Service Offerings; or
  • Protect our rights or property or that of our affiliates, including respective officers, directors, employees, agents, third party content providers, suppliers, sponsors, or licensors (e.g., to address allegations about fraudulent or unlawful activity related to a Miro account).
  • In connection with a merger, acquisition, public offering, sale of company assets, insolvency, bankruptcy, or receivership, subject to standard confidentiality requirements.
  • To defend Phonely and our affiliates, licensors, officers, agents and representatives from legal claims and processes brought to us by third parties (including takedown notices);
  • Use or disclose De-identified Personal Data in our sole discretion.

International Data Transfers

Phonely operates at a global level and therefore Personal Data may need to be transferred to countries outside of where it was originally collected. In such a case, Phonely only makes such cross-border transfers according to applicable laws. For example, to transfer data outside of the EEA or the UK, our Data Processing Agreement (which is available for signature within the Admin Portal of existing customers) incorporates the EU and UK Standard Contractual Clauses and supporting documents, as applicable, or other inter-company agreements. For transfers out of other jurisdictions operating transfer restriction regimes, we take similar steps to ensure compliance with local law.

Data Retention

In accordance with applicable data protection laws, we do not store your Personal Data for longer than needed for the purposes of the respective processing activity. Phonely, by default, will retain your data for as long as your account is active. Upon closure of your account, Phonely will automatically delete your data within 180 days of account termination. You always have the right to implement a customizable retention policy that will delete data routinely based on your specific retention requests. For more information on how to set up a customizable retention policy, please visit our Help Center. This retention policy ensures that Phonely is completely deleting your data if it is no longer needed, unless its further temporary storage is still necessary to:

  • fulfill Phonely’s obligations pursuant to the agreement between Phonely and you;
  • establish, exercise, and defend a legal claim; or
  • fulfil statutory obligations to which Phonely is subject.

For more detailed information about the retention periods of the Personal Data, please contact us at [email protected].

Cookie Policy, Third Party Analytics, and Tracking

Phonely and third-party service providers of tracking technologies gather non-Personal Data about how users enter, navigate, and leave the website and Services, the frequency and length of visits to the Services or third party websites, application or device usage data, and your product or service preference indicated by the number of times and the length of time you view a product. Phonely gathers this data using cookies, web beacons, tags, and other similar techniques that deliver small files to your computer and which allow these networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers. Phonely uses certain third-party services that help us understand traffic on our website in various ways:

 

Cookie NameDescription
Google Analytics and Google AdwordsThese help Phonely understand who is visiting Phonely’s websites and to show relevant ads on other websites to people who have visited Phonely’s websites. You can control what ads you see through the Google Ad Settings Manager. More information on how Google uses information collected when you use Google’s partner sites is available at Google’s Partner Technologies page.
MarketoMarketo is a marketing automation tool that handles various marketing tasks, such as contacting visitors who provide their contact information and requesting additional information. You can read more about Marketo’s Privacy Policy and opt-out options here via Marketo’s Privacy Notice.
WistiaWistia powers the videos on our site. Wistia tracks how you interact with these videos: how much of a video you watch, at what points in a video you pause or rewind, etc. In some videos, we pause the video and request that you provide your email address or name. You are under no obligation to provide this information, but we reserve the right to limit certain videos to identified users. Wistia aggregates the data collected through the videos here, including names and email addresses, and provides it to us. Wistia does not sell or provide the data it collects to third parties.
NextrollNextroll is a marketing automation tool that handles various marketing tasks, such as contacting visitors who provide their contact information and requesting additional information. You can read more about Nextroll’s Privacy Policy and opt-out options here via Nextroll’s Privacy Policy

In general, it is important to note the following regarding the use of cookies:

  • Cookies cannot be used to run programs or deliver viruses to your computer.
  • Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
  • We may use cookies to collect, store, and track information for statistical purposes to operate our Website and Services. You can accept or decline cookies.
  • Most web browsers automatically accept cookies, but you can modify your browser settings to disable cookies if you prefer (check your browser’s Help page).
  • If you choose to decline cookies, you may not be able to experience all the features of the Website and Services.

For more information on cookies and how to manage them, please visit Internet Cookies. You may be able to opt out of tracking conducted by third parties through our Services by adjusting the Do Not Track settings on your browser; but we don’t control whether or how these third parties comply with Do Not Track requests. Our Services do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Services and after you leave our Services. For more information on how to manage or restrict the use of cookies and to opt-out of all interest-based advertising, please visit the Network Advertising Initiative or Your Ad Choices. For End Users located in European Territories, the EDAA opt-out page here: http://youronlinechoices.eu/.

Privacy Shield Framework

Phonely recognizes that the Privacy Shield is no longer a valid transfer mechanism for Personal Data from the European Union and its Member States, the European Economic Area, or Switzerland. However, we continue to comply with the requirements under Privacy Shield due to our commitment to the Privacy Shield Principles. Organizations’ continued participation in the EU-U.S. Privacy Shield demonstrates a serious commitment to protect Personal Data in accordance with a set of privacy principles that offer meaningful privacy protections and recourse for individuals. Phonely has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program and to view our certification, please visit https://www.privacyshield.gov/ or visit our Privacy Shield Policy. Phonely commits to cooperate with the panel established by the EU data protection authorities (DPAs), the Swiss Federal Data Protection, or the Information Commissioner. EU, Swiss, and UK individuals can contact EU DPA, the Swiss Federal Data Protection, or the Information Commissioner as applicable. Please find the contact details of the EU DPAs here. The Federal Trade Commission has jurisdiction over Phonely’s compliance with the Privacy Shield Principles. Failing to follow the Privacy Shield principles could result in U.S. FTC enforcement measures for Phonely.

Privacy of Minors

Phonely does not provide services designed for use by children under the age of 18, nor does it knowingly collect or solicit Personal Data from anyone under the age of 18. If we learn that we have collected such information we will delete that information as quickly as possible. If you believe that a child under 18 has provided us Personal Data, please contact us at [email protected].

Changes and Amendments

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well. We will alert you to changes by placing a notice on the Phonely website, by sending you an email, and/or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used.

Where can I ask questions about this policy?

You can always reach Phonely with questions or concerns regarding our Privacy Policy by sending an email to [email protected].

Acceptance of this Privacy Policy

By using the Website or its Services, you agree to be bound by this Privacy Policy. If you do not agree to abide by the terms of this Privacy Policy, you are not authorized to use or access the Website and its Services.

CCPA/CPRA – California Consumer Protection Act / California Privacy Rights Act (CPRA)

The California Consumer Privacy Act of 2018 (“CCPA”) and the subsequent California Privacy Rights Act (“CPRA”) requires businesses that collect personal data of California residents to make certain disclosures regarding how they collect, use and disclose such information. This CCPA/CPRA-specific section addresses those requirements.

  • Personal Data Collection and Sharing: Phonely collects the Personal Data as set forth in the Section titled “When and How Phonely Collects Personal Data” of the Privacy Policy. For the purposes of the CCPA/CPRA, the term “Personal Data” means “Personal Data,” as defined in the CCPA. For purposes of CCPA/CPRA, we collect the following categories of Personal Data from you when you Interact with us and we share that Personal Data for a business purpose as follows:
    1. You can find the types of Personal Data we collect about you in the Section titled “Types of Data We Collect” of the Privacy Policy, but since California regulations have specific terms, please find below the correct applicable terms:
      1. Identifiers (e.g., unique personal identifiers)
      2. Any categories of Personal Data described in subdivision (e) of Section 1798.80. (e.g., name, address, telephone number, passport number, employment history, bank account number, etc.)
      3. Characteristics of protected classifications under California or federal law (e.g., gender, marital status)
      4. Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding the interaction with the website, applications, or advertisements (e.g. email conversations).
      5. Geolocation data (e.g., your location).
      6. Professional or employment-related information.
  • Sources and Uses of Personal Data: The sources from which we collect Personal Data are described in the Sections titled “How Does Phonely Use Personal Data” and “Types of Data We Collect” of the Privacy Policy.
  • Purposes and Uses for Collecting Personal Data: We collect Personal Data identified in the list above to communicate with you, for marketing and promotional purposes, to provide and improve our services and other purposes set forth in the Section titled “How Does Phonely Use Personal Data” of the Privacy Policy.
  • Subprocessors. Our subprocessors have privacy and security practices in place to ensure compliance with the CCPA and have contractual requirements to protect the privacy and security of the personal data that they sub-process. As described in the Section titled “Personal Data Disclosures” of the Privacy Policy, we share some personal data with these sub-processors to help us provide, manage, secure, and improve the Services we provide. A current list of our third-party sub-processors is available here.
  • Sale or sharing of Personal Data. In this context, the word “sale” means any “selling, renting, releasing, disclosing, disseminating, making available, transferring or otherwise communicating orally, in writing, or by electronic means, a consumer’s Personal Data by the business to another business or a third party, for monetary or other valuable consideration.” Similarly, the word “share” means the disclosure of Personal Data “for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.” Phonely does not sell or share your Personal Data as those terms are defined under California law. Phonely will only disclose your Personal Data as detailed in this Privacy Policy.
  • California Consumer Rights: California law gives California residents the right to make the following requests with regard to certain information we collect about them, at no charge, two times every 12 months:
    1. Disclosure Right. The right to request disclosure of Phonely’s data collection and sales practices, including categories of information we have collected, the source of the information, our use of the information and, if the information was disclosed or sold to third parties, the categories of Personal Data disclosed or sold to third-parties and the categories of third-parties to whom such information was disclosed or sold.
    2. Copy Right. The right to request a copy of the specific Personal Data we collected about you in the past 12 months.
    3. Deletion Right. The right to request deletion of Personal Data we have collected, subject to certain exemptions (for example, where the information is used by us to detect security incidents, debugging or to comply with a legal obligation, and where the Personal Data is being used on an anonymized and aggregated basis consistent with the requirements of the CCPA/CPRA).
    4. Opt-out Right. The right to opt-out of the sale or sharing of your Personal Data, if applicable. However, Phonely strictly does not sell or share, as defined by the CCPA and the CPRA, as applicable, your Personal Data.
    5. Non-discrimination Right. The right not to be discriminated against when exercising any of these rights.
  • Exercising Your Rights: You may exercise those rights by utilizing our Data Subject Access Request (DSAR) Portal. Following the submission of your request, Phonely will verify your identity and respond to you within 30 days of the receipt of the request. When you update information, we may maintain a copy of the unrevised information in our records. Phonely does not and will not discriminate against you for exercising your rights under the CCPA/CPRA.