8×8, Inc. and its group companies and affiliates (each an “8×8 Group Entity” and collectively “8×8“, “we“, “our“, “us“) respect your right to privacy. This Privacy Notice applies to 8×8 Inc.; Voicenet Solutions Limited (t/a 8×8); 8×8 Research and Developments SRL; 8×8 Canada Inc.; and 8×8 Australia Pty Limited, and explains who we are, how we collect, share and use personal information about you, and how you can exercise your privacy rights. This Privacy Notice applies to personal information that we process about:
– our suppliers, vendors and business advisors;
– our existing, prospective and past customers;
– visitors to our offices; and
– authors of publically available research material.
If you have any questions or concerns about our use of your personal information, then please contact us using the contact details provided at the bottom of this Privacy Notice.
We recommend that you read this Privacy Notice in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Notice, then you can click on the relevant link below to jump to that section.
- What does 8×8 do?
- What personal information does 8×8 collect and why?
- Who does 8×8 share my personal information with?
- Legal basis for processing personal information
- Cookies and similar tracking technology
- How does 8×8 keep my personal information secure?
- International data transfers
- Privacy Shield
- Information about others
- Data retention
- Your data protection rights
- Updates to this Privacy Notice
- How to contact us
What does 8×8 do?
8×8 offers voice, video, mobile, and unified communications solutions for businesses of all sizes. More specifically, 8×8 offers a portfolio of SaaS and IaaS solutions encompassing hosted communications services, contact centres, unified communications, video web conferencing, managed dedicated hosting, virtual private servers and more. 8×8 has been delivering cloud services since 2002 and our customers include small to medium-sized businesses, distributed enterprise organizations and government agencies. We are headquartered in the United States with further offices in the UK, Romania and Australia.
For more information about 8×8, please see the About Us section of our Website.
To learn more about how we use your personal information and for what purpose, please click on the relevant link below.
Note that in general, we will use the personal information we collect from you only for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect your personal information. However, we may also use your personal information for other purposes that are not incompatible with the purposes we have disclosed to you if and where this is permitted by applicable data protection laws.
During the course of our relationship with you we may collect other information than that detailed in this Privacy Notice. If we ask you to provide information voluntarily then the personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information. If we obtain the information from other sources then we will only do so where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us.
If you are a visitor to our Websites, we may collect certain information automatically from your device. In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws. Specifically, the information we collect automatically may include information like your IP address, associated device type, unique device identification numbers, browser-type, operating system, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked, when those pages were accessed, how long they were viewed.
Collecting this information enables us to better understand the visitors who come to our Websites, where they come from, and what content on our Websites is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Websites to our visitors.
Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading Cookies and similar tracking technology.
If you are a prospective customer (who may also use our Websites), the personal information that we may collect about you falls broadly into the following categories:
Information that you provide voluntarily.
Certain parts of our Websites may ask you to provide personal information voluntarily: for example, to submit an enquiry about our products and services, or to request a quote; to subscribe to marketing communications from us and/or to submit enquiries to us. We will use this information to communicate with your organization about our Websites, products and services, to send you offers, for our other legitimate interests or those of a third party, or to comply with a legal obligation to which we are subject, for example to investigate and help prevent unlawful or potentially unlawful activity. We may also gather information from our prospective customers through offline communications, such as in-person meetings and phone calls, or corporate/industry events.
Calls with 8×8’s sales, customer service and other 8×8 departments may be recorded to gather information to improve our customer service. However, if you would prefer that your call was not recorded, you can opt out by stating this, or by hanging up.
In general, the personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point that we ask you to provide your personal information; however, it may include: your full name, company, work email address, work phone number, country; and in relation to your employer your industry, revenue, number of employees and purchasing timeframe.
Information that we collect automatically.
If you use our Websites to enquire about our products and services, or otherwise interact with us via a digital device, we may collect that information described more clearly in the “Website Visitors” section, above. We use this information to help us analyze how you use our Website and services and to better match your experience with our Websites and services to your organization’s interests. Please click here: Website Visitors for further information.
In addition, we may also collect information about your viewing of our emails (for example, information about whether or not you have opened the email), so we can understand the success of our email campaigns and improve our marketing.
Information that we obtain from third party sources
From time to time, we may receive personal information about you from third party sources (including third party websites, data brokers or credit reference agencies), but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us.
The types of information we collect from third parties include biographical information about you and your job role or marketing information; and we use the information we receive from these third parties to help us market our products and services to you, or otherwise develop and improve our products and services.
If your organization is a current customer (who may also use our Websites), we may already have collected information about you when your organization was a prospective customer and we will continue to use this information in accordance with our data retention policies. For further information about this, please click on following link to see the Prospective Customers section.
In addition, where your organization is a current customer, the further types of personal information that we may collect about you falls broadly into the following categories:
Information that you provide voluntarily.
Once your organization has entered into an agreement with 8×8, we will collect and maintain information about that agreement, including your organizations’ payment information and information about its transactions. We also collect information to enable us to manage and deliver our online services, support and training, for example:
– we will collect your username and password for your organization’s account when you register to use our services (including via our online portal);
– we may also collect additional personal information relating to you or your organization, including your name, address, email address, telephone number and/or payment card details during the registration/payment process, or for emergency services registration;
– we will collect information relating to your (and your organization’s) use of our services, including the phone numbers you dial or provide to our services, service set-up information, service configurations and settings, recorded calls, messages, and meetings, voicemails, incoming and outgoing faxes, user-saved or stored content shared among users, email and text communications, Call Records Data, and contact centre customer information you provide to us;
– Other information you choose to provide to us, for example the purpose of your visit if you visit one of our site locations or any feedback you provide to us in relation to your use of our Websites or services.
– if you register as a third party reseller or distributor, we may also collect personal data relating to you in the context of our reseller/distribution programme including your name, address, email address and telephone number.
We will use this information to process your organization’s payments and to provide your organization with the information, products or services that it has requested from us (including controlling access to those services, for example enabling your organization to join meetings or to log into our portal); to respond to your enquiries and requests; to enable your organization to register on our Websites; to administer records about your organization’s account; quality control of and to improve our Websites and services; to provide you and your organization with marketing and other communications about our products and services (where permitted by law); and for the purpose of general business or contract relationship management within 8×8, including auditing the use of our services and establishing, exercising or defending any legal claims against us.
We may also use your personal information for our other legitimate business interests, including providing training and support; to manage any queries, complaints or claims relating to the services that 8×8 provides to your organization; for entertainment purposes (e.g. to invite you to events) and to facilitate ongoing relationships; and for investigating and helping to prevent unlawful or potentially unlawful activity that threatens either 8×8, any company affiliated with 8×8, or any of our respective customers.
Calls with 8×8’s sales, customer service and other 8×8 departments may be recorded to gather information to improve our customer service. However, we will let you know if your call is being recorded before we do so if you would prefer that your call was not recorded, you can opt out by stating this, or by hanging up.
Information that we obtain from third party sources
From time to time, to protect your credit card, debit card or charge card from use without your consent, we may validate your name, address and other personal information supplied by you during the order process against appropriate third party databases, such as Credit Reference Agency databases. We may also use your personal information in combination with information we receive about other individuals for the purposes set out in this Privacy Notice.
If you are an employee of a supplier or business advisor, we may process the following personal information about you.
- Identification data – such as your name, date of birth.
- Contact details – such as business address, telephone/business email address;
- Professional details – such as job title/position, affiliated organization, office location;
- Financial characteristics – such as your or your organization’s account number and bank details.
- National identifiers – such as tax ID and VAT number of your organization.
- Information relating to your transactional history with us.
- Other information you choose to provide to us, for example the purpose of your visit if you visit one of our site locations.
We may collect and use personal information about you for the following purposes:
- For the purpose of general business relationship management within 8×8;
- To manage our daily business activities, such as executing payments and obtaining the goods, advice or services that we have purchased from your organization;
- For entertainment purposes (e.g. to invite you to events) and to facilitate ongoing relationships with your organization;
- To manage any queries, complaints or claims relating to the services your organization provides to 8×8;
- For product development purposes, to allow us to improve our products and services or develop new products and services;
- Where necessary to comply with laws and regulations, under judicial authorization, or to exercise or defend the legal rights of 8×8;
- To help us conduct our business more effectively and efficiently or check and improve the quality of our products and/or services;
- To carry out research and development with various 8×8 Group Entities;
- To investigate violations of law or breaches of other 8×8 policies.
- We may also collect personal information from you when you use our Websites. For further information about how we use personal information that we collect when you visit our Websites, please click on following link to see the Website Visitors
When you visit one of our offices, you will be asked to provide your name and company to us. We collect this information for our legitimate business interests, including administrative, notification and housekeeping purposes.
8×8 carries out research for our legitimate business interests, more specifically to improve our business and technology. In order to do this we sometimes use publicly available research material. If you are the author of this material then we will collect and process information about you related to your research material such as your name, title, organization and relevant qualifications.
We may disclose your personal information to the following categories of recipients:
- to our group companies, third party services providers and partners who provide data processing services to us, for example (i) to support the delivery of, provide functionality on, or help to enhance the security of our Websites or services, (ii) for quality control and assurance, or (iii) improving our services and developing new services. We may also share personal information with such third parties where we consider that such disclosure is necessary to protect the safety or legitimate business interests of those third parties, including to investigate suspected fraud or to trace debtors.
- to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
- to an actual or potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Notice;
- to any other person with your consent to the disclosure.
This section applies to European Economic Area visitors only. If you are a visitor from the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only (i) where the processing is in our legitimate interests and not overridden by your rights, (ii) where the processing is a contractual necessity, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement or to enter into a contact with your organization, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate our Websites or services and to communicate with you as necessary to provide our services to your organization; as well as for our legitimate commercial interests, for instance, when responding to your queries, improving our Website or services, undertaking marketing, or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided below, which you can see by clicking the following link: How to contact us.
We use appropriate technical and organisational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. Specific measures we use include SSL encryption technology for protection of sensitive information such as payments when in transit. We have industry-standard administrative, technical and physical safeguards in place to protect the confidentiality, integrity and availability of your personal information. Furthermore, in the US we are validated to HIPPAA and FISMA standards, and in the UK we are certified to ISO27001; ISO9000:2015 and Cyber Essentials certification schemes.
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).
Specifically, our Websites servers are located in various locations, including the UK and the US, and our group companies and third party service providers and partners operate around the world. This means that when we collect your personal information we may process it in any of these countries.
However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice. These include implementing an intra-group agreement based on the European Commission’s Standard Contractual Clauses for transfer of personal information between our group companies. 8×8 Inc. also has certified to the European Union-United States Privacy Shield Framework and the United Stated-Swiss Safe Harbor framework.
8×8 also requires such third parties to protect personal information they process from the EEA in accordance with European Union data protection law. Further details can be provided upon request.
8×8 Inc. has certified certain of our services, for which we act as a data processor, under the EU-U.S. Privacy Shield framework (the certification can be found here). In the event of any conflict between the terms in this Privacy Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
8×8 Inc. adheres to the principles of the EU-U.S. Privacy Shield framework with respect to personal data of individuals in the European Economic Area member states (“EU Individuals”) included in the content of communications transmitted, received, or stored by 8×8 Inc.’s customers or by 8×8 Inc. on behalf of its customers in reliance on the Privacy Shield through the following services: 8×8 Virtual Office and 8×8 Virtual Contact Center (“Personal Data”).
8×8 Inc. provides cloud communications services, including virtual private branch exchange and virtual contact center services, to business customers. In providing these services, 8×8 Inc. processes the communications our customers transmit, receive, or store through our services or instruct us to process on their behalf. While 8×8 Inc.’s customers decide what, if any, Personal Data to include in such communications, it typically includes information about 8×8 Inc. customers’ users, their current, prospective, or former customers, or any other person or entity communicating with 8×8 Inc. customers.
Purposes for which data is used:
8×8 Inc. may use Personal Data for providing, managing, deploying, enhancing, or improving our services, as otherwise instructed by the 8×8 Inc. customer or other data controller who transmitted, received, or stored the data, or in accordance with contractual requirements. 8×8 Inc. may also use Personal Data for other purposes for which the customer or other data controller has obtained the relevant EU Individual’s consent.
Inquiries and complaints:
If you are an EU Individual covered by Privacy Shield and this Privacy Notice and believe that 8×8 Inc. maintains your Personal Data in one of the services within the scope of our Privacy Shield certification, you may submit any privacy or data use concerns concerning such data by email to [email protected]×8.com or by mail to:
2125 O’Nel Drive,
San Jose, CA 95131, USA
8×8 Inc. will respond within 45 days of receiving the communication. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.- based third party dispute resolution provider, TRUSTe (free of charge) at https://feedback-form.truste.com/watchdog/request. TRUSTe has committed to respond to complaints and to provide appropriate recourse at no cost to you. TRUSTe’s Dispute Resolution process is only available in English. If neither 8×8 Inc. nor TRUSTe resolves your complaint, you may have the possibility to engage in binding arbitration through the Privacy Shield Panel.
Third parties who may receive Personal Data:
8×8 Inc. may disclose Personal Data to its affiliates, as well as to a limited number of third-party business partners, service providers, vendors, suppliers and other contractors (collectively, “Service Providers”) for the purpose of assisting us in providing, managing, deploying, enhancing, or improving our services. 8×8 Inc. maintains contracts with these 8×8 Inc. affiliates and Service Providers restricting their access, use and disclosure of Personal Data in compliance with our Privacy Shield obligations, and 8×8 Inc. may be liable if such parties fail to meet those obligations and we are responsible for the event giving rise to the damage. We also may share or disclose Personal Data to the extent that the customer or other data controller has obtained the relevant EU Individual’s consent.
Your rights to access, to limit use, and to limit disclosure:
EU Individuals have rights to access their stored Personal Data and to limit its use and disclosure. With our Privacy Shield certification, 8×8 has committed to respect those rights. Because 8×8 Inc. personnel have limited ability to access data our customers or other data controllers transmit, receive, or store through our services, if you are an EU Individual covered by Privacy Shield and this Privacy Notice, and you wish to request access to or to limit use or disclosure of your Personal Data, please provide the name of the 8×8 Inc. customer or other data controller who transmitted, received, or stored your Personal Data through our services. We will refer your request to that customer or other data controller and will support that business as needed in responding to your request.
U.S. Federal Trade Commission enforcement:
8×8 Inc.’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission or the applicable United States authorized statutory body.
8×8 Inc. may be required to disclose Personal Data in response to lawful requests by public authorities, or administrative or judicial process, including to meet national security or law enforcement requirements.
Children are not eligible to use 8×8’s website and services, and we ask that minors (under age eighteen) not submit personal information to us. If we become aware that we have inadvertently received personal information from an individual under the age of eighteen, we will delete this information from our records.
If you provide us with information about another person, you confirm that you have obtained their consent to the processing of their personal data by us (or are otherwise legally entitled to provide us with that information) and that you have informed them of our identity, the purposes for which their personal data will be processed and their rights (as set out in this Privacy Notice), as well as where they can obtain a copy of this Privacy Notice.
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
If you are a resident of the European Economic Area you have the following data protection rights:
- If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details using the contact details provided below, which you can see by clicking the following link: How to contact us. You may also be able to access and update certain information via your online account.
- In addition, if you are a resident of the European Union, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided below, which you can see by clicking the following link: How to contact us.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided below, which you can see by clicking the following link: How to contact us.
- Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here.)
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws.
You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.
If you have any questions or concerns about our use of your personal information, please contact our data protection officer using the following details:
2125 O’Nel Drive
Voicenet Solutions Limited (t/a 8×8)
Bell Business Park
8×8 Research and Innovation SARL
Decembrie 1989 77,
8×8 Australia Pty Limited
135 King Street,
Sydney, NSW 2000
Depending on which of our Websites and services you use, the data controller of your personal information will be the 8×8 Group Entity that your organisation has contracted with, or otherwise the Website operator.
Last updated: 25 May, 2018