Last updated March 17, 2025.

Sorenson Communications, LLC; CaptionCall, LLC; Sign Language Interactions (SLi) Limited; and their affiliates (collectively, “Sorenson,” “we”, “us”, or “our”) are global language service providers and leading communication service providers for Deaf and hard-of-hearing people. This Privacy Notice describes how Sorenson processes personal information that we collect through our websites, software, telephones, mobile applications, social media pages, Sorenson-branded devices, marketing activities and other activities described in this Privacy Notice.  We reserve the right to make changes to this Notice at any given time.

State Privacy Rights Notice / California Notice at Collection: See the U.S. State Privacy Rights section below for important information about your rights under applicable U.S. state privacy laws.

CONSUMER HEALTH DATA PRIVACY POLICY:  Some U.S. state consumer health data-specific privacy laws to which we are subject require a separate Consumer Health Data Privacy Policy, which applies to our processing of certain health status-related data (as defined under such laws).

CHILDREN’S NOTICE: See the Children’s Privacy section below for additional information regarding users of our services who are under the age of 13.

NOTICE TO EUROPEAN USERS: See the Notice to European Users section below for additional information for individuals located in the European Economic Area or the United Kingdom (which we collectively refer to as “Europe”, and “European” should be understood accordingly).

Index

• Personal information we collect
• How we use your personal information
• How we share your personal information
• Your choices
• Other sites and services
• Retention
• Security
• Children’s privacy
• International data transfers
• Changes to this Privacy Notice
• How to contact us
• State privacy rights notice
• Notice to European users

Personal information we collect

Information you provide to us. Personal information you may provide to us through or in connection with your use of our services or otherwise includes:

• Contact data, such as your first and last name, email address, address, and phone number.
• Account data, such as the username and password that you may set to establish an online account on our services, date of birth, age, account number, last four digits of your government identification number, information relating to your hearing loss (including self-certification), information regarding your user preferences, and any other information that you add to your profile.
• Communications data based on our exchanges with you, including when you contact us through our services, the contents of chats you initiate with our chat services, and your communications with other users of our services, social media, or otherwise.
• Transactional data, such as purchasing history, dates of service, call information, and video relay service/internet protocol caption telephone service provider name.
• Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
• Payment data needed to complete transactions, including payment card information or bank account number. We use a third-party vendor to directly collect and process your payment card information, as described further below.
• Promotions data, including information about your participation in our promotional campaigns as permitted under applicable law.
• Research data, such as your responses to surveys and questionnaires that we might ask you to complete for research purposes related to our business.
• Precise geolocation data, which we may collect when you provide consent for us to collect your precise geolocation data from your mobile device for emergency services purposes.
• User-generated content, such as photos, images, videos, comments, questions, messages, works of authorship, and other content or information that you generate, transmit, or otherwise make available on our products or services, as well as associated metadata. Metadata includes information on how, when, where, and by whom a piece of content was collected or generated and how that content has been formatted or edited. Metadata also includes information users can add or can have added to their content, such as keywords, general geographical or location information, and other similar data.
• Customer Proprietary Network Information (“CPNI”), which may include the types of services you currently receive and related usage and billing information for those services.
• Audio and related transmission data needed to provide our telecommunications relay services. Specifically, we require automated speech-recognition systems and individuals, including our representatives and agents, to process, listen to, and transcribe the incoming audio portion (one side) of your telephone conversations. To do this, the incoming audio portion of your telephone call audio will be transmitted to us, or our third-party service providers, for transcription and captioning. To protect your privacy, neither the audio transmission nor transcription of the call will be retained by us or our third-party service providers.
• Personal information that we infer from other personal information about you and other information that we process, including information we obtain from other sources as described below.
• Other data not specifically listed here, which we will use as described in this Privacy Notice or as otherwise disclosed at the time of collection.

Third-party sources. We may obtain personal information falling within one of the categories identified above from third-party sources, such as:

• Public sources, such as government agencies, public records, social media platforms, and other publicly available sources.
• Private sources, such as data insights providers and market research providers.
• Partners, such marketing partners and event co-sponsors.
• Business transaction partners. We may receive personal information in connection with an actual or prospective business transaction. For example, we may receive your personal information from an entity we acquire or are acquired by, a successor, or assignee, or any party involved in a business transaction such as a merger, acquisition, sale of assets or similar transaction, and/or in the context of an insolvency, bankruptcy, or receivership.

Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, your use of Sorenson Devices, and your interaction over time with our products and services, our communications, and other online services, such as:

• Computer and mobile device data, such as your computer or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state, or geographic area.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to our services, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
• Communication interaction data such as your interactions with our emails or other communications (e.g., whether you open and/or forward emails) — we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails.
• Information collected from Sorenson Devices, such as CPNI, using CaptionCall devices, VRS devices, and other hardware and software solutions owned or deployed by Sorenson pursuant to our products or services.

Cookies and other similar technologies. Some of the automatic collection described above is facilitated by cookies and similar technologies. For more information, see our Cookie Notice. We will also store a record of your preferences in respect of the use of these technologies in connection with our services.

Data about others. We offer features that allow hearing health providers to refer patients to use our products and services, and we may collect contact details about these patients so we can deliver the referrals. Do not refer someone to us or share their contact details with us unless you have their permission to do so.

How we use your personal information

We may use your personal information for the following purposes or as otherwise described at the time of collection:

Service delivery and operations. We may use your personal information to:

• provide our products and services;
• enable security features of our products and services;
• establish and maintain your account and user profile on our products and services;
• communicate with you about our products and services, including by sending service-related announcements, updates, security alerts, and support and administrative messages;
• communicate with you about events or contests in which you participate; and
• provide support for our products and services, and respond to your requests, questions and feedback.

Service personalization, which may include using your personal information to:

• understand your needs and interests;
• personalize your experience with our products and services and our service-related communications; and
• remember your selections and preferences as you navigate webpages.

Service improvement and analytics. We may use your personal information to analyze your usage of our products and services, improve our products and services, improve any part of our business, help us understand user activity on our services, including which pages are most and least visited and how visitors move around our services, as well as user interactions with our emails, and to develop new products and services. For example, we use Google Analytics for this purpose. You can learn more about Google Analytics and how to prevent the use of Google Analytics relating to your use of our sites here.

Marketing and advertising. We, our service providers, and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:

• Direct marketing. We may send you direct marketing communications and may personalize these messages based on your needs and interests. You may opt-out of our marketing communications as described in the Opt-out of marketing section below.
• Targeted advertising. We, our service providers, and our third-party advertising partners may use cookies and other tracking technologies to collect information about your interaction (including the data described in the automatic data collection section above) with our products and services, our communications and other online services over time, and use that information to serve online ads that we or they think will interest you. This is called targeted advertising. We may also share information about our users with these companies to facilitate targeted advertising to those or similar users on other online platforms. You can learn more about your choices for limiting targeted advertising in the Your choices section below.

Events or contests. We may use your personal information to:

• administer promotions and contests;
• communicate with you about promotions or contests in which you may participate; and
• contact or market to you after collecting your personal information at an event.

Compliance and protection. We may use your personal information to:

• comply with applicable laws, including 47 C.F.R. § 64.611(j), as part of registration for certain services with the FCC’s User Registration Database, lawful requests, and legal process, such as to respond to subpoenas, investigations, or requests from government authorities;
• protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• enforce the terms and conditions that govern our services; and
• prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.

Research and development. We may use your personal information for research and development purposes, including to analyze and improve our products and services, our business, and to develop new products and services. We may also use the information we collect, as outlined in this Notice, to help train our machine learning or artificial intelligence models to analyze and improve our products and services, our business, and to develop new products and services in accordance with applicable. As part of these activities, we may create aggregated, de-identified and/or anonymized data from your personal information and other individuals whose personal information we collect. We make personal information into de-identified data by removing information that makes the data identifiable to you and we will not attempt to reidentify any such data. We may share this aggregated and/or de-identified data with third parties for lawful business purposes and in accordance with applicable law.

Uses specific to CPNI. We collect and maintain certain CPNI in accordance with the rules and regulations of the FCC. Your telephone number, name, and address are not CPNI. We do not sell, trade, or share your CPNI except as required to provide our services or required by law. Generally, and not exclusively, we can use your CPNI without your approval to offer additional, related services to you, to maintain and improve our products and services, and for billing and collections purposes. We require your approval to market unrelated services to you, which we would seek via electronic methods. Before doing so, we will provide you notice of your right to restrict use and disclosure of, and access to, your CPNI. In addition, we can disclose your CPNI without your prior knowledge or consent for legal or regulatory reasons, including in response to subpoenas and court orders. We can also use CPNI to investigate fraud and to prevent violation of our terms and policies and unlawful use of our network and services. To use your CPNI for other reasons not set out in this section, we will provide you the option to “opt-out” or “opt-in” to such uses and disclosures. Generally, we may obtain your consent after providing notification through oral, written, or electronic methods.

With your consent. In some cases, we may specifically ask for your consent to collect, use, or share your personal information, such as when required by law.

How we share your personal information

We may share your personal information with the following parties and as otherwise described in this Privacy Notice, in other applicable notices, or at the time of collection.

Affiliates. Our corporate subsidiaries and affiliates.

Service providers. Third parties that provide services on our behalf or help us operate our services or our business (such as video hosting, audio transmission, information technology, customer support, email delivery, marketing, consumer research, and website analytics).

Business partners. Third parties with whom we partner, including parties with whom we co-sponsor events or promotions, with whom we jointly offer products or services, or whose products or services may be of interest to you.

Third parties designated by you. We may share your personal information with third parties where you have instructed us or provided your consent to do so.

Professional advisors. Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.

Government, Law Enforcement, and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the Compliance and protection purposes described above. For example, if you use a Sorenson Device, we may share information about your usage to the Administrator of the Telecommunications Relay Service (“TRS”) Fund and/or the Federal Communications Commission (“FCC”) for billing purposes.

Business transferees. We may disclose personal information in the context of actual or prospective business transactions (e.g., investments in Sorenson, financing of Sorenson, stock offerings, or the sale, transfer, or merger of all or part of our business, assets, or shares), for example, we may need to share certain personal information with prospective counterparties and their advisers. We may also disclose your personal information to an acquirer, successor, or assignee of Sorenson as part of any merger, acquisition, sale of assets, or similar transaction, and/or in the event of an insolvency, bankruptcy, or receivership in which personal information is transferred to one or more third parties as one of our business assets.

A list of Sorenson’s Subprocessors is available here.

Your choices

In this section, we describe the rights and choices available to all users. Users who are residents of certain U.S. states or are located in Europe may have additional rights, as described further below.

Opt-out of communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. Note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.

Cookies and other technologies. For information about cookies employed by our websites and services and how to control them, see our Cookie Notice| Sorenson Communications.

Mobile application.If you use our Video Relay Service (VRS) mobile application, you can delete your account by submitting a request to [email protected] or by deleting your account through the application. If you delete your account from within the application, we will delete the accompanying personal data subject to legal and contractual requirements.

Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

Delete your content or close your account. You can also choose to delete certain content or close your account by contacting us.

Other sites and services

Our products, services, or websites may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into webpages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications, or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use.

Retention

We generally retain personal information to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements, to establish or defend legal claims, or for fraud-prevention purposes. To determine the appropriate retention period for personal information, we may consider factors such as the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, whether we can achieve those purposes through other means, and the applicable legal requirements.

When we no longer require the personal information, we have collected about you, we may either delete it, de-identify, or aggregate it, or if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

Security

We employ technical, organizational, and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal information.

Children’s privacy

A user of our products and services who is under the age of 13 (“Child User”) may only use our products and services with the prior consent of their parent or legal guardian (“Parent”). If we learn that we have collected personal information from a Child User without the consent of their Parent, we will delete the personal information in accordance with applicable law. If you are a Parent of a Child User and would like to review the personal information we have collected from the Child User, withdraw your consent to prevent further collection or use of personal information from the Child User, or request that we delete the personal information of the Child User, contact us at the email or mailing address below.

Personal information collected from Child Users.

Once a Parent has provided consent, we may collect from or about the Child User any of the personal information described above under “Personal information we collect” in order to provide our products and services to the Child User.

How we use and share personal information collected from Child Users.

No Child User’s personal information is made available or visible generally to the public or to users other than the Parent through our services, except as otherwise described in this section.  We may use and share a Child User’s personal information for any purpose described above under “How we use your personal information” and “How we share your personal information.” Without limiting the foregoing, we may also share information from or about a Child User with government agencies and private entities responsible for administering or overseeing the Telecommunications Relay Service (“TRS”) Fund and verifying eligibility for our services. For example, Sorenson may submit a Parent’s and a Child User’s information to the TRS User Registration Database, a database administered by a government contractor, as required by FCC regulations. Additionally, we may submit information about a Parent’s or Child User’s TRS usage to the Administrator of the TRS Fund and/or the FCC for billing purposes.

We may also share a Child User’s name, image (if the Child User uploads an image), and video phone number(s) with other users of our products and services in the Child User’s contact list, and we may share information about a Child User’s location with emergency services if the Child User calls 911 from a mobile device enabled with our services.

A list of Sorenson’s Subprocessors is available here.

For any inquiries regarding how Sorenson shares personal information of Child Users, contact us by sending an email to [email protected], navigating to our Privacy Portal, or calling us toll free at the appropriate number shown here:

International data transfer

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

Users in Europe should read the important information provided below about transfers of personal information outside of Europe.

Changes to this Privacy Notice

We reserve the right to modify this Privacy Notice at any time. If we make material changes to this Privacy Notice, we will notify you by updating the date of this Privacy Notice and posting it on our services or other appropriate means. Any modifications to this Privacy Notice will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of our products and services after the effective date of any modified Privacy Notice indicates you acknowledge that the modified Privacy Notice applies to your interactions with our products and services, our business.

How to contact us

• Email: [email protected]
• Mail: Sorenson Communications, Attn: Legal Department, 4192 S. Riverboat Road, Taylorsville, UT 84123

State Privacy Rights Notice

Except as otherwise provided, this section applies to residents of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Utah, Virginia, and other states to the extent they have privacy laws applicable to us that grant their residents the rights described below (such states, the “Applicable States” and the laws of such Applicable States, the “State Privacy Laws”).

This section describes how we collect, use, disclose, and share Personal Information of residents of the Applicable States and the rights these users may have with respect to their Personal Information. Note that not all rights listed below may be afforded to all users and that if you are not a resident of an Applicable State, you may not be able to exercise these rights.

For purposes of this section, the term “Personal Information” has the meaning given to “personal data,” “personal information,” or other similar terms under the State Privacy Laws, and “Sensitive Personal Information” has the meaning given to “sensitive personal information,” “sensitive data,” or other similar terms under the State Privacy Laws, except that in neither case does such term include information exempted from the scope of the State Privacy Laws, such as certain publicly available information. In some cases, we may provide a different privacy notice to certain categories of residents of the Applicable States, such as employees or job applicants, in which case that notice will apply instead of this section.

Your privacy rights. The State Privacy Laws may provide residents with some, or all of the rights listed below. However, these rights are not absolute, and some State Privacy Laws do not provide all of these rights to their residents. Therefore, we may decline your request in certain cases as permitted by law.

• Information. You may have the right to request the following information about how we have collected and used your Personal Information during the past 12 months, or the timeframe provided by applicable State Privacy Laws:
  • The categories of Personal Information that we have collected.
  • The categories of sources from which we collected Personal Information.
  • The business or commercial purpose for collecting and/or selling Personal Information.
  • The categories of third parties with which we share Personal Information.
  • The categories of Personal Information that we sold or disclosed for a business purpose.
  • The categories of third parties to whom the Personal Information was sold or disclosed for a business purpose.

• Access. You may have the right to request a copy of the Personal Information that we have collected about you.
• Appeal. You may have the right to appeal our denial of any request validly submitted. You may appeal our decision by submitting an Appeal Request. Please refer to the letter you received from Sorenson refusing your request for additional information you may need to provide in making your appeal request. Within sixty days of receipt of an appeal, Sorenson will inform you in writing of any action taken or not taken in response to your appeal. If the appeal is denied, you may contact your Attorney General to submit a complaint at the applicable website listed below.
• If the appeal is denied, you may contact your Attorney General to submit a complaint at the applicable website listed below.

• Correction. You may have the right to ask us to correct inaccurate Personal Information that we have collected about you.
• Deletion. You may have the right to ask us to delete the Personal Information that we have collected from and/or about you.
• Opt-out.
  • Opt-out of certain processing for targeted advertising purposes. We may process Personal Information for targeted advertising purposes. You may have the right to opt-out of certain processing of Personal Information for targeted advertising purposes.
  • Opt-out of profiling/automated decision making. While you may have the right to opt-out of automated processing or profiling performed on Personal Information to evaluate, analyze, or predict certain personal aspects, we do not engage in profiling in furtherance of decisions that produce legal or similarly significant effects concerning individuals, such as significant impacts relating to finance, housing, education, employment, health care, criminal justice, or similarly significant impacts.
  • Opt-out of other sales of Personal Information. You may have the right to opt-out of other sales of your Personal Information; however, while we may use your Personal Information for targeted advertising purposes, we do not “sell” your Personal Information for monetary consideration within the meaning of State Privacy Laws, as described further below.
  • Limit processing of sensitive personal Information

• Consumers under 16. We do not have actual knowledge that we sell or share for targeted advertising purposes the Personal Information of consumers under 16 years of age.
• Sensitive Personal Information. While we process certain categories of Sensitive Personal Information as described in this Privacy Notice, we do not use or disclose Sensitive Personal Information for the purpose of inferring characteristics about consumers under the California Consumer Privacy Act (“CCPA”).
• Nondiscrimination. You are entitled to exercise the rights described above free from discrimination as prohibited by the State Privacy Laws.

Exercising your right to information/know, access, appeal, correction, deletion, or make changes with respect to your consents. You may submit requests to exercise your right to information, to know, access, appeal, correction, deletion, or make changes with respect to your consent by sending an email to [email protected], navigating to our Privacy Portal, or calling us toll free at one of the phone numbers shown here:

Exercising your right to opt-out of the “sale” or “sharing” of your Personal Information. While we do not sell Personal Information for money, we, like many companies, use services that help deliver targeted ads to you as described above. The State Privacy Laws may classify our use of some of these services as “selling” or “sharing” your Personal Information with the advertising partners that provide the services. You can submit requests to opt-out of tracking for targeted advertising purposes or other sales of Personal Information by visiting the Your Privacy Choices webpage or by sending an email to [email protected]. In addition, users who are residents in US states that recognize universal opt-out mechanisms (specifically Global Privacy Control (GPC) as an available sale and/or sharing opt-out mechanism (including California, Colorado, Connecticut, Delaware, Montana, and Texas) may broadcast the GPC signal from their browser to exercise their right to opt out of the “sale” or “sharing” of their personal information.  If our website detects that your browser is transmitting the GPC signal, we will opt that browser out of cookies on our website that result in a “sale” or “sharing” of your personal information. To download and use a browser supporting the GPC browser signal, click here: Founding Organizations | Global Privacy Control.  If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use to visit our websites.

Verification of Identity; Authorized agents. We may not be able to process your request if you do not provide us with sufficient detail to allow us to confirm your identity or understand and respond to your information, know, access, appeal, correction, or deletion request.

Under some State Privacy Laws, you may enable an authorized agent to make a request on your behalf. However, we may need to verify your authorized agent’s identity and authority to act on your behalf. We may require a copy of a valid power of attorney given to your authorized agent pursuant to applicable law. If you have not provided your agent with such a power of attorney, we may ask you to take additional steps permitted by law to verify that your request is authorized, such as by providing your agent with written and signed permission to exercise your State Privacy Laws rights on your behalf, the information we request to verify your identity, and confirmation that you have given the authorized agent permission to submit the request.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

Applicable law may limit the number of times you may make a verifiable consumer request in a certain time period. The verifiable consumer request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

In order to verify your identify, we will ask you for information related your interactions with Sorenson or other personal information that only you would reasonably know. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

Personal information that we collect, use, disclose, and share. We have summarized the Personal Information we collect, the purposes for which we collect it, and the third parties to whom we may disclose it by reference below to both the categories defined in the “Personal information we collect” section of this Privacy Notice above and the categories of Personal Information specified in the CCPA (Cal. Civ. Code §1798.140). This chart describes our practices currently and during the 12 months preceding the effective date of this Privacy Notice. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of Personal Information not described below.

Additional information for Nevada residents. Nevada residents have the right to opt-out of the sale of certain personal information for monetary consideration. While we do not currently engage in such sales, if you are a Nevada resident and would like to make a request to opt-out of any potential future sales, send an email to [email protected].

Notice to European users

General

Where this Notice to European users applies. The information provided in this “Notice to European users” section applies where we are processing the personal information of individuals located in the United Kingdom or the European Economic Area (“Europe” as defined at the top of this Privacy Notice).

Personal information. References to “personal information” in this Privacy Notice should be understood to include reference to “personal data” as defined in the “GDPR” (the General Data Protection Regulation 2016/679 (“EU GDPR”) and the EU GDPR as it forms part of UK law (“UK GDPR”). This means information about individuals from which they are either directly identified or can be identified.

Controller. Sorenson is the controller in respect of the processing of your personal information covered by this Privacy Notice for purposes of the GDPR. See the ‘How to contact us’ section above for our contact details.

Our GDPR Representatives. We have appointed the following representatives in Europe as required by the GDPR — you can also contact them directly should you wish:

Our Representative in the EU and UK. Our EU/UK representative appointed under the EU/UK GDPR is Intelligent STORM Solutions Ltd. You can contact them:

• Email: [email protected].
• Mail: 10 John Street, Stratford Upon Avon, Cv37 6UB

Our legal bases for processing

In respect of each of the purposes for which we use your personal information, the GDPR requires us to ensure that we have a “legal basis” for that use.

Our legal bases for processing your personal information described in this Privacy Notice are listed below.

• Where we need to process your personal information to deliver our services (“Contractual Necessity”).
• Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (“Legitimate Interests”). More detail about the specific legitimate interests pursued in respect of each Purpose we use your personal information for is set out in the table below.
• Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).
• Where we have your specific consent to carry out the processing for the Purpose in question (“Consent”).

We have set out below, in a table format, the legal bases we rely on in respect of the relevant purposes for which we use your personal information — for more information on these purposes and the data types involved, see ‘How we use your personal information’.

Other information

No obligation to provide personal information. You do not have to provide personal information to us. However, where we need to process your personal information either to comply with applicable law or to deliver our products and services to you, and you fail to provide that personal information when requested, we may not be able to provide some or all aspects of our products and services to you. We will notify you if this is the case at the time.

No unnecessary sensitive personal information. Unless specifically requested, we ask that you not provide us with any unnecessary sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, biometrics or genetic characteristics, criminal background, or trade union membership) on or through our products and services, or otherwise to us, other than sensitive data that is necessary for us to deliver our services (e.g., hearing-related data). When you provide us with any sensitive personal information when you use our products and services, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Notice. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our services.

No Automated Decision-Making and Profiling. As part of our services, we do not engage in automated decision-making and/or profiling, which produces legal or similarly significant effects.

Security. We have put in place procedures designed to deal with breaches of personal information. In the event of any such breach, we have procedures in place to work with applicable regulators. In addition, in certain circumstances (including where we are legally required to do so), we may notify you of breaches affecting your personal information.

Your rights

General. European data protection laws give you certain rights regarding your personal information. If you are located in Europe, you may ask us to take any of the following actions in relation to your personal information that we hold:

• Access. Provide you with information about our processing of your personal information and give you access to your personal information.
• Correct. Update or correct inaccuracies in your personal information.
• Delete. Delete your personal information where there is no lawful reason for us continuing to store or process it — you also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons that will be notified to you, if applicable, at the time of your request.
• Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice, in certain circumstances. Note that this right only applies to automated information for which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Restrict. Restrict the processing of your personal information, if: (i) you want us to establish the personal information’s accuracy; (ii) our use of the personal information is unlawful but you do not want us to erase it; (iii) you need us to hold the personal information even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (iv) you have objected to our use of your personal information but we need to verify whether we have overriding legitimate grounds to use.
• Object. Object to our processing of your personal information where we are relying on legitimate interests as our legal basis, and there is something about your particular situation that makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedom — you also have the right to object where we are processing your personal information for direct-marketing purposes.
• Withdraw Consent. When we use your personal information based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent.

Exercising These Rights. You may submit these requests by sending an email to [email protected] or by visiting the Privacy Portal webpage. We may request specific information from you to help us confirm your identity and process your request. Whether or not we are required to fulfill any request you make will depend on a number of factors (e.g., why and how we are processing your personal information), if we reject any request you may make (whether in whole or in part) we will let you know our grounds for doing so at the time, subject to any legal restrictions. Typically, you will not have to pay a fee to exercise your rights; however, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. We try to respond to all legitimate requests within a month. It may take us longer than a month if your request is particularly complex or if you have made a number of requests; in this case, we will notify you and keep you updated.

Your Right to Lodge a Complaint with your Supervisory Authority. In addition to your rights outlined above, if you are not satisfied with our response to a request you make, or how we process your personal information, you can make a complaint to the data protection regulator in your habitual place of residence.

• For users in the European Economic Area — the contact information for the data protection regulator in your place of residence can be found here: Our Members | European Data Protection Board
• For users in the UK — the contact information for the UK data protection regulator can be found here: Make a complaint | ICO.

Data Processing Outside Europe 

We are an international company and some of our service providers, advisers, partners, or other recipients of data are based in the U.S. and other jurisdictions. This means that, if you use our products and services, your personal information may necessarily be accessed and processed in the other countries outside Europe.

Where we share your personal information with third parties who are based outside Europe, we try to ensure a similar degree of protection is afforded to it by making sure one of the following mechanisms is implemented:

• Transfers to territories with an adequacy decision. We may transfer your personal information to countries or territories whose laws have been deemed to provide an adequate level of protection for personal information by the European Commission or UK Government (as and where applicable; from time to time) or under specific adequacy frameworks approved by the European Commission or UK Government (as and where applicable; from time to time), such as the EU-U.S. Data Privacy Framework or the UK Extension thereto.
• Transfers to territories without an adequacy decision.
  • We may transfer your personal information to countries or territories whose laws have notbeen deemed to provide such an adequate level of protection.
  • However, in these cases:
    • we may use specific appropriate safeguards, which are designed to give personal information effectively the same protection it has in Europe — for example, standard-form contracts approved by relevant authorities for this purpose; or
    • in limited circumstances, we may rely on an exception, or ‘derogation’, which permits us to transfer your personal information to such country despite the absence of an ‘adequacy decision’ or ‘appropriate safeguards’ — for example, reliance on your explicit consent to that transfer.

You may contact us if you want further information on the specific mechanism used by us when transferring your personal information out of Europe.