Privacy Policy

Last updated: January 29, 2026

Communications Hub/Comms Hub (“COMMSHUB”, “we”, “our”, “us”)– company that provides services through an all-in-one platform that offers a range of communication tools, including SMS and email delivery, flash calls, and alpha name registration and your relationship with Comms Hub, who is responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 GDPR, US data protection laws and privacy laws in the jurisdictions where COMMSHUB operates or where https://commshub.com/ (the “Website”) are accessed.

We respect your privacy and are committed to protecting your personal data. This Privacy Policy sets out how we collect, use, disclose, and protect personal information when you interact with us through our website, during direct communications, in the context of our incoming/outgoing and customer support services, or when you apply for employment with us.

This website may be used to explore our business services and also contains current job vacancies. If you submit an application through the website or via other channels, your personal data may be processed for recruitment purposes, as further detailed in this policy.

For the purposes of applicable data protection laws, a COMMSHUB and for personal data collected via our website and for recruitment/HR, we act as a data controller and when we provide services to our clients, we generally act as a data processor, handling personal data only on our clients’ documented instructions and under a written data processing agreement

As a provider of all-in-one communication platform services, we may collect and process personal data relating to clients, prospective clients, partners, job applicants, and end users of our clients. Our platform enables access to various communication tools, including SMS and email delivery, flash calls, and alpha name registration, provided in cooperation with authorized service providers.

We process all personal data lawfully, fairly, and transparently, and we are committed to complying with all applicable data protection and privacy regulations in the jurisdictions where we operate or recruit, including but not limited to:

  • European Union (EU) and European Economic Area (EEA): Compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the relevant national implementing laws of Member States.
  • United Kingdom: Compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
  • United States: Compliance with applicable federal and state privacy laws, as well as other state-level data protection frameworks.
  • Canada: Compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.
  • Israel: Compliance with the Protection of Privacy Law, 1981 and regulations issued by the Israeli Privacy Protection Authority (PPA).
  • United Arab Emirates (UAE): Compliance with the Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data and the supervision of the UAE Data Office.
  • Australia: Compliance with the Privacy Act 1988 and the Australian Privacy Principles (APPs).
  • New Zealand: Compliance with the Privacy Act 2020 and the Information Privacy Principles (IPPs).

In each of these jurisdictions, we ensure that personal data is collected and processed only for legitimate and clearly defined purposes, and where required, we obtain explicit consent from individuals, particularly for recruitment or marketing purposes.
We also apply appropriate technical, organizational, and contractual safeguards to protect personal data and to ensure lawful international data transfers.

This Privacy Policy explains what types of data we collect, the legal basis for processing, how your data is used, and the measures we take to keep it secure. If you have any questions or concerns about how we process your personal information, you are encouraged to contact us using the details provided in the “Contact Us” section below.

By accessing or using our website, submitting information to us, applying for a position, or otherwise engaging with our services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree with any part of this policy, you should refrain from using the website and associated services.

Definitions

Data Controller – Communications Hub/Comms Hub

Personal data – any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Processing – any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting or modifying, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, matching or combining, restricting, deleting or destroying;

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);

CCPA/CPRA – a state-level privacy law that gives consumers the right to know, access, delete, and control how their personal data is used by businesses. (California Consumer Privacy Act/California Privacy Rights Act)

PIPEDA (Personal Information Protection and Electronic Documents Act) – a Canadian federal law that governs how private sector organizations collect, use, and disclose personal information in the course of commercial activities.

CalOPPA (California Online Privacy Protection Act) – a foundational state law that requires websites and online services to post a clear privacy policy, disclose their data collection practices, and state how users can control their information.

VCDPA (Virginia Consumer Data Protection Act) – a state-level privacy law that gives Virginia residents the right to access, delete, correct, and obtain a copy of their personal data, and to opt out of data sales, profiling, and targeted advertising.

UCPA (Utah Consumer Privacy Act) – a state-level privacy law that grants Utah consumers the right to access and delete their personal data, as well as opt out of targeted advertising and data sales.

CPA (Colorado Privacy Act) – a state-level privacy law that grants Colorado residents the right to access, correct, delete, and obtain a copy of their personal data, as well as to opt out of data sales, targeted advertising, and profiling for significant decisions. It also provides the right to appeal a controller’s denial of a privacy rights request.

CTDPA (Connecticut Data Privacy Act) – a state-level privacy law that gives Connecticut residents the right to access, correct, delete, and obtain a copy of their personal data, regardless of how it was obtained. It also allows consumers to opt out of targeted advertising, data sales, and profiling in furtherance of automated decisions that produce legal or similarly significant effects.

APPs (Australian Privacy Principles) are the cornerstone of the privacy protection framework established under the Privacy Act 1988 (“Privacy Act”). They apply to all organizations and agencies covered by the Privacy Act.

Website – website run by us at: https://commshub.com/;

User – any person visiting the Website or using the services or functionalities described in this Privacy Policy.

Collection and Processing of Personal Data

As part of our business operations and recruitment of our own personnel, we collect and process personal data necessary to provide incoming/outgoing calls services, manage customer interactions, and evaluate candidates for employment with our company.

Communications Services

When you contact our company, we may collect and process personal data such as:

  • Identification and contact details (e.g., name, phone number, email address);
  • Call content, inquiries, complaints, or requests;
  • Call recordings (where applicable and with notice);
  • Service usage data required to handle your query or provide support.

This data is collected directly from you during calls or other communications and is used to deliver customer support, improve service quality, ensure security, and for training and dispute resolution purposes.

Recruitment of Our Own Personnel

When you apply for a job with us, we collect and process personal data necessary for assessing your suitability for employment. This may include:

  • Personal identification details (full name, contact information, nationality, residence, and work eligibility status);
  • Professional data (educational background, employment history, qualifications, and references);
  • Supporting materials you provide (CV, cover letter, work samples, certificates).

Where required by law and with appropriate safeguards, we may also process limited sensitive personal data, such as health information (for workplace accommodations) or criminal record data (only for positions where this is legally permitted and relevant).
The data is primarily obtained directly from you through online applications, submitted CVs, interviews, and professional networking platforms. In some cases, we may obtain additional information from third-party sources such as publicly available professional profiles, references provided by you, or recruitment partners, in compliance with applicable laws.

Depending on how you interact with us – whether you’re visiting our website, reaching out about our services, or applying for a job – we may collect different types of information. Below is a breakdown of what we collect and why.

Information You Provide Directly

You may share information with us by:

  • Filling out a contact or job application form;
  • Sending us an email or calling our team;
  • Sharing documents related to partnerships or onboarding.

This can include:

  • Your name;
  • Email address and phone number;
  • Country and current city of residence;
  • Resume or CV (if applying for a position);
  • Cover letters or work samples;
  • Messages, comments, or other content you submit.

If you’re applying for a job listed on our website, we’ll also collect whatever personal or professional details you include in your application. That might include your work history, education, location, and other details relevant to the role.

Information Collected Automatically (Website Use)

We automatically collect certain information when you visit, use, or navigate our website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our website, and other technical information. This information is primarily needed to maintain the security and operation of our website, and for our internal analytics and reporting purposes.

Information collected from other sources

In order to enhance our ability to provide relevant marketing, offers, and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and from other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for purposes of targeted advertising and event promotion. If you interact with us on a social media platform using your social media account (e.g., Facebook or Twitter), we receive personal information about you such as your name, email address, and gender. Any personal information that we collect from your social media account depends on your social media account’s privacy settings.

How We Use Your Information (and Legal Bases for Processing)

We collect and use personal information to operate our business responsibly – whether that involves helping our clients deliver excellent customer service, hiring new talent, or improving the performance of our website. The purposes for processing personal data, along with the legal bases on which we rely, are described below and depend on how you interact with us.

If You’re a Client or Prospect

We may process your personal information in order to:

  • Respond to your inquiries about our services;
  • Set up proposals, quotations, or service agreements;
  • Communicate about project requirements or timelines;
  • Provide ongoing support, onboarding, and account management.

If You’re a Website Visitor

When you browse commshub.com, we may automatically collect technical data (such as IP address, browser type, and pages visited) to:

  • Monitor how visitors use the website;
  • Improve the structure, content, and performance of the website;
  • Troubleshoot errors or broken links;
  • Measure engagement with our services or job postings.

If You’re Applying for a Job

If you submit an application or resume for an open position, we use your data to:

  • Review your application and assess your qualifications;
  • Contact you regarding interviews or other recruitment steps;
  • Retain application materials temporarily for compliance or HR reference.

General Purposes

In addition to the specific uses above, we may process personal data for the following overarching purposes:

  • To comply with applicable legal obligations, regulatory requirements, or lawful requests from authorities;
  • To exercise or defend legal claims, or enforce our rights under applicable agreements.

Purpose and Legal Basis for Processing

We process candidate data to facilitate recruitment activities, including assessing suitability for employment opportunities, verifying credentials, and ensuring compliance with regulatory and client-specific requirements. The lawful bases for processing personal data include:

  • The necessity to take pre-contractual steps at the request of the candidate.
  • Legitimate interests in managing recruitment activities and maintaining an efficient hiring process.
  • Compliance with legal obligations regarding employment verification and equal opportunity regulations.
  • Candidate consent, particularly in cases where data is retained for future job opportunities or included in talent pools.

How We Share Information

At “COMMSHUB”, we take your privacy seriously and only share your information when it’s necessary to provide our services or comply with legal requirements. Here’s when and with whom your data might be shared:

With Service Providers and Partners

We may share your personal information with third-party service providers, vendors, or business partners who perform services on our behalf or support the operation of our business. These may include providers of IT infrastructure, data storage, communication tools, analytics, and other professional services. These third parties are contractually obligated to protect your information, use it only for the purposes we specify, and comply with applicable data protection laws.

With Affiliated Companies (For Job Applicants)

If you apply for a position through us, your application and related personal data may be shared with the affiliated company or business unit where you are being considered for employment. This helps ensure your application is properly reviewed and processed by the hiring team.

For Legal and Safety Reasons

We may disclose your information if required by law—like responding to a court order—or if we believe it’s necessary to protect the safety or rights of us, our clients, or others.

Security of Your Data

We implement robust technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. Security measures include encryption, access controls, and regular security audits to uphold data integrity and confidentiality.

Third-party websites

Our website may link to third-party websites, online services, or mobile applications and/or contain advertisements from third parties that are not affiliated with us and which may link to other websites, services, or applications. Accordingly, we do not make any guarantee regarding any such third parties, and we will not be liable for any loss or damage caused by the use of such third-party websites, services, or applications. The inclusion of a link towards a third-party website, service, or application does not imply an endorsement by us. We cannot guarantee the safety and privacy of data you provide to any third parties. Any data collected by third parties is not covered by this privacy policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services, or applications that may be linked to or from our website. You should review the policies of such third parties and contact them directly to respond to your questions.

We collect personal data to (i) respond to enquiries, (ii) provide and improve our services, (iii) manage recruitment and employment, (iv) comply with legal obligations, and (v) protect our rights and security.

Classes of transferees may include IT/cloud vendors, professional advisers, group companies, and, where we act as processor, the relevant client. Provision of certain data may be mandatory for us to process your request or application; otherwise it may be voluntary, but not providing it may limit our ability to respond.

You have rights of data access and correction under sections 18 and 20 PDPO. Requests can be sent to [email protected].

Call recording

We may record calls for quality assurance, training, dispute resolution, and security. We provide pre-call audio notice where required. Recordings are retained for [e.g., 6 months] unless a longer period is needed for an investigation, legal claim, or as required by law. For EU/UK callers, our legal basis is legitimate interests (balancing test) or consent where local law requires it. You may object to recording; where feasible, we will offer an unrecorded alternative channel (e.g., email or web form).

Your Rights

According to the EU/EEA law (General Data Protection Regulation (GDPR)), UK-GDPR, U.S. laws (Including CCPA/CPRA, CalOPPA, VCDPA, CPAR, UCPA, CTDPA, CPA) and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) you have various rights regarding your personal data.

Your Rights as a Data Subject (under the GDPR and UK GDPR)

This section describes your legal rights under the General Data Protection Regulation (EU) 2016/679 (GDPR) and, where applicable, the United Kingdom General Data Protection Regulation (UK GDPR). These rights apply if your personal data is processed by us as a data controller or data processor, and you reside within the European Economic Area (EEA), the United Kingdom, or any other jurisdiction where these regulations are enforceable.

If you wish to exercise any of the rights described below, please send your request by email or post to the contact details listed at the bottom of this Policy. In order to verify your identity, we may ask you to provide certain information.

Right to access

You have the right to obtain confirmation as to whether or not we are processing your personal data. Where that is the case, you have the right to access the personal data and the following information:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data has been or will be disclosed;
  • the envisaged period for which the personal data will be stored;
  • information about your rights, including the right to lodge a complaint with a supervisory authority;
  • if the data is not collected directly from you, any available information as to its source;
  • the existence of automated decision-making, including profiling.

If personal data is transferred to a third country or an international organization, you have the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR or UK GDPR.

Right to Rectification

You have the right to request the correction of any inaccurate personal data concerning you and to have incomplete personal data completed, including by providing a supplementary statement.

Right to Erasure (‘Right to be Forgotten’)

You have the right to request the deletion of your personal data without undue delay, where one of the following grounds applies:

  • The data is no longer necessary for the purposes for which it was collected or processed;
  • You withdraw your consent, and there is no other legal ground for processing;
  • You object to the processing and there are no overriding legitimate grounds;
  • The data has been unlawfully processed;
  • The data must be erased to comply with a legal obligation under EU or UK law.

Please note that this right may be limited in cases where data must be retained for compliance with legal obligations.

Right to Restriction of Processing

You have the right to request the restriction of processing in the following circumstances:

  • You contest the accuracy of the data – for a period enabling us to verify it;
  • The processing is unlawful, but you oppose erasure and request restriction instead;
  • We no longer need the personal data, but you require it for legal claims;
  • You have objected to processing and we are verifying whether our legitimate grounds override yours.

Right to Data Portability

Where the processing is based on your consent or a contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have it transmitted to another controller where technically feasible.

Right to Object

You have the right to object at any time to the processing of your personal data, including profiling, where the processing is based on legitimate interests.

Where your data is processed for direct marketing purposes, including profiling, you have the absolute right to object at any time.

You may also object to the processing of your personal data for scientific, historical research or statistical purposes, unless it is necessary for the performance of a task carried out for reasons of public interest.

Rights in Relation to Automated Decision-Making and Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

We currently do not engage in automated decision-making that produces such effects. If this changes, we will update this Privacy Policy accordingly.

Right to Withdraw Consent

Where the processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. This does not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint

If you believe that your rights under the GDPR or UK GDPR have been violated, you have the right to file a complaint with a supervisory authority:

For residents of the EEA, you may contact the data protection authority of your country of residence or the country where the alleged violation occurred: https://edpb.europa.eu/about-edpb/about-edpb/members_en

For residents of the United Kingdom, you may contact the Information Commissioner’s Office (ICO): https://ico.org.uk

How We Respond to Your Request

We will respond to your request within one (1) month of its receipt. In certain circumstances, this period may be extended by a further two (2) months, in which case we will notify you of the reason for the delay.

If we are unable to comply with your request, we will provide an explanation of the reasons for our refusal and inform you of your right to lodge a complaint with a supervisory authority.

Notice to individuals in the State of California

Your Rights as a California Resident

As a California resident, you may have certain rights in relation to your personal information.

Right to Know

You may have the right to know how we have collected, used and disclosed your personal information. Specifically, you may have the right to know:

  • The categories of personal information we have collected about you.
  • The categories of sources from which we have collected your personal information.
  • The business or commercial purpose for which we collect, sell or share your personal information.
  • The categories of third parties to whom we have disclosed your personal information.
  • The categories of personal information that we disclosed for a business purpose and the categories of third parties to whom your personal information was disclosed for a business purpose.
  • The categories of personal information we have “sold” to or “shared” with third parties and the categories of third parties to whom we have “sold” or “shared” your personal information.

You may have the right to know the specific pieces of personal information we have collected about you.

Right to Make a Deletion Request

You may have the right to request that we delete your personal information that we have collected about you. Subject to certain exceptions, we must delete your personal information and direct any service provider or contractor to delete your personal information.

Right to Correct Inaccurate Personal Information

You may have the right to request that we correct inaccurate personal information about you, taking into account the nature of the personal information and the purposes of the processing of the personal information.

Right to Opt-Out of Sales of Personal Information

You may have the right to opt-out of the sale of your personal information.

Right to Opt-Out of Sharing of Personal Information

You may have the right to opt-out of us sharing your personal information for cross-context behavioral advertising purposes.

Right to Limit Use and Disclosure of Sensitive Personal Information

Subject to certain exceptions, you may have the right to limit our use and disclosure of your sensitive personal information. We do not use or disclose sensitive personal information in a manner that gives rise to this right.

Right to Non-Discrimination

You have the right to not be discriminated against by us for choosing to exercise your rights under the CCPA.

Other Rights: Notice to California Consumers

You have other rights under California’s “Shine the Light” law. California Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. We have such a policy in place. As discussed above, if you wish to opt-out of our sharing of your information with third parties for the third parties’ direct marketing purposes, please contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs in writing at 1625 North Market Blvd., Suite N 112, Sacramento, California 95834 or by telephone at (800) 952-5210 or (916) 445-1254.

Categories of Data that We Hold about You

As mentioned above, We maintain data about you in only pseudonymized form, which means that we do not know your identity because we do not process your name, email address, or other identifiable information. Instead, we only process digital identifiers such as cookie IDs, IP addresses, mobile advertising IDs on your device, network browsing history and associated preferences, and in some limited circumstances, your hashed email address.

Why We Collect Your Personal Information

We process your Personal Information in order to provide Services and personalized advertisements to You.

Where do We Collect Your Personal Information

We automatically collect User Information when Users interact with our Services that appear on our Customers’ websites and digital properties. Like most other web-based services, we collect this User Information through cookies and other technologies. We may also obtain Information about you from our data partners.

We collect Information either directly from you during your use of our Sites and Services or from third parties that independently collect this Information from you, and we may combine the Information that we collect from these various sources. For more information about these collection methods, please see Sections above.

How do We Share Your Personal Information

We may disclose or make available your pseudonymous Personal Information to our trusted partners. In most cases when we do so, we have contractually restricted their uses of this data for only Our business purposes. Under the CCPA, such disclosures of Personal Information to service providers are not deemed to be a “sale” and thus are not prohibited after you exercise your right to cease or restrict disclosures or sales of your Personal Information to third parties. In any instances where we have not entered into a service provider relationship with such third parties, we will stop sharing your Personal Information when you instruct us not to “sell” your Personal Information.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy.

According to CalOPPA we agree to the following:

  • Users can visit our site anonymously;
  • Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website;
  • Our Privacy Policy link includes the word ‘Privacy’, and can be easily found on the page specified above.

Users will be notified of any privacy policy changes on our Privacy Policy Page.

Users are able to change their personal information by emailing us.

Notice to individuals in the State of Virginia

Your Rights as a Virginia Resident

As a Virginia resident, you may have certain rights in relation to your personal data.

Right to Confirm

You may have the right to confirm whether we process your personal data and to access such personal data.

Right to Delete

You may have the right to request that we delete your personal data that we have collected about you. Subject to certain exceptions, we must delete your personal data.

Right to Correct Inaccurate Personal Data

You may have the right to request that we correct inaccurate personal data about you, taking into account the nature of the personal data and the purposes of the processing of your personal data.

Right to Opt-Out of Processing of Personal Data for Targeted Advertising

You may have the right to opt-out of the processing of your personal data for purposes of targeted advertising.

Right to Opt-Out of the Sale of Personal Data

You may have the right to opt-out of the sale of your personal data.

Right to Opt-Out of Profiling

You may have the right to opt-out of the processing of your personal data for profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

Right to Obtain a Copy of Your Personal Data

You may have the right to obtain a copy of your personal data that you previously provided to us.

Right to Appeal

You may have the right to submit an appeal if your rights request is denied.

We respond to requests within 45 days, with one 45-day extension if necessary.

Notice to individuals in the State of Colorado

Your Rights as a Colorado Resident

As a Colorado resident, you may have certain rights in relation to your personal data.

Right to Access

You have “the right to confirm whether a controller is processing personal data concerning the consumer and to access the consumer’s personal data.”

Right to Correction

You have “the right to correct inaccuracies in the consumer’s personal data, taking into account the nature of the personal data and the purposes of the processing of the consumer’s personal data.”

Right to Delete

You have “the right to delete personal data concerning the consumer.”

Right to Opt-Out

Consumers have “the right to opt-out of the processing of personal data concerning the consumer for purposes of:

  • targeted advertising
  • the sale of personal data
  • profiling in furtherance of decisions that produce legal or similarly significant effects concerning a consumer.”

Right to Appeal

According to the Colorado Privacy Act regulations, Your request must be responded to within 45 days of receipt. The covered entity may subsequently extend that deadline by an additional 45 days if they are able to show reasonable necessity. However, when the deadline is extended, You must be notified by Us within the initial 45-day response period.

Notice to individuals in the State of Utah

Your Rights as a Utah Resident

Right to access, including confirming whether a controller is processing their data, and the ability to request and receive that data;

Right to deletion of personal data, if the data subject directly provided the data to the controller;

Right to portability, obtaining a copy of their personal data that they provided to the controller, in a format that is:

  • portable to a technically reasonable extent
  • readily usable to a practical extent
  • enables the consumer to transmit the data to another controller reasonably easily, where the processing is carried out by automated means.

Right to opt out of certain processing, specifically for the sale of the personal data or the purposes of targeted advertising;

We under the Utah privacy law are not required to recognize “universal opt-out signals” as a method for consumers to opt out of data processing.

Notice to individuals in the State of Connecticut

Your Rights as a Connecticut Resident:

Right to access. You have the right to confirm whether or not a controller is processing Your personal data and access such personal data. However, there is an exception to this right where such confirmation or access would require the controller to reveal a trade secret.

Right to correct. You have the right to correct inaccuracies in Your personal data, taking into account the nature of the personal data and the purposes of the processing of Your personal data.

Right to delete. You also have the right to delete personal data provided by or obtained about You.

Right to data portability. You have the right to obtain a copy of Your personal data processed by the controller, in a portable and, to the extent technically feasible, readily usable format that allows You to transmit the data to another controller without hindrance, where the processing is carried out by automated means, provided such controller shall not be required to reveal any trade secret.

The type of data You have a right to obtain a portable copy of is particularly notable. The Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”) allows You to obtain a copy of the data a controller has processed about You regardless of how the controller acquired it.

Right to opt out. You have the right to opt out of the processing of the personal data for the purposes of:

  • targeted advertising,
  • the sale of personal data, or
  • profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning the consumer.

Notice to Residents of Canada

This notice applies to Users residing in Canada and is provided in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA).

We collect and process your personal information as defined in section 2 of PIPEDA, solely for purposes consistent with your relationship with us and as described in this Privacy Policy.

Your rights under PIPEDA:

As a data subject under Canadian law, you have the right to:

  • Access your personal information – You may request to know whether we hold any personal data about you and request access to that data, if it is reasonably retrievable.
  • Request correction of your personal information – You may ask us to correct any information that is inaccurate or incomplete.
  • Withdraw your consent – You may withdraw your consent to the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions and reasonable notice.
  • File a complaint – You may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) if you believe we have mishandled your personal data.

If you are a resident of Canada and wish to request access to your personal data, correct any information we hold, or file a privacy complaint, please contact our Privacy Officer at [email protected].

We will respond to all privacy-related requests in accordance with PIPEDA’s timeframes and obligations.

Notice to Residents of New Zealand

Data subjects who are residents of New Zealand have the following rights under the Privacy Act 2020 (“the 2020 Act”):

Your Rights under the 2020 Act

  • Right to access information – You have the right to:
    • Receive confirmation as to whether an agency holds personal information about you; and
    • Obtain access to such personal information, where that information may be readily retrieved.
  • Right to correction of information – You have the right to request correction of your personal information. The agency must, either on request or on its own initiative, take reasonable steps to ensure that personal information is accurate, up to date, complete, relevant, and not misleading, having regard to the purposes for which the information may lawfully be used.
  • Right to object to direct marketing – While the 2020 Act does not expressly include a right to object to direct marketing, the Unsolicited Electronic Messages Act 2007 (UEMA) prohibits the sending of unsolicited electronic messages (such as SMS or email) for marketing purposes. In addition, under the Telecommunications Information Privacy Code 2020, telecommunication information may only be used for direct marketing if the individual has been advised that such authorization may be withdrawn at any time (Rule 10 of the Code).

Rights Not Included under the 2020 Act

  • There is no express right to object to processing in New Zealand.
    However, if personal information has not yet been provided, an individual may refuse to supply it (where it is being collected directly), or may lodge a complaint regarding an interference with privacy either with the Office of the Privacy Commissioner (OPC) or directly with the relevant agency.
  • There is no general right to data portability under New Zealand law.
    Note, however, that there is number portability (the ability to transfer local and mobile numbers), which is governed separately under the Telecommunications Act 2001.
  • There is no specific “right to be forgotten” or right to erasure in New Zealand. While an individual may request correction or deletion of inaccurate information, this does not amount to a general erasure right. The Harmful Digital Communications Act 2015, however, provides remedies for individuals harmed by online content (for example, through “cyber-bullying”) and enables courts to issue takedown orders requiring removal of harmful digital communications.

Legal Framework

The primary legislation governing privacy in New Zealand is the Privacy Act 2020. The 2020 Act empowers the Office of the Privacy Commissioner (OPC) to issue Codes of Practice, which form part of New Zealand’s privacy law and may modify the operation of the Act for specific sectors or data types.

In addition to statutory law, common law privacy principles also apply. New Zealand courts recognize a tort of invasion of privacy, relating to the public disclosure of private facts where such disclosure would be considered highly offensive to a reasonable person, balanced against the public interest (Bradley v Wingnut Films Ltd [1993] 1 NZLR 415).

Notice to Citizens of Australia

The Australian Privacy Principles (APPs) are the cornerstone of the privacy protection framework established under the Privacy Act 1988 (“Privacy Act”). They apply to all organizations and agencies covered by the Privacy Act.

There are 13 Australian Privacy Principles, which set out key standards, rights, and obligations for the handling of personal information. The Privacy Act regulates how personal information is collected, used, stored, and disclosed, and provides individuals with greater control over how their personal data is managed.

Your Rights Under the Privacy Act

As an individual, the Privacy Act grants you the right to:

  • Know why your personal information is being collected, how it will be used, and to whom it may be disclosed;
  • Choose not to identify yourself, or to use a pseudonym, in certain circumstances where lawful and practicable;
  • Request access to your personal information, including health information, held by an organization or agency;
  • Request correction of your personal information if it is inaccurate, out of date, incomplete, irrelevant, or misleading;
  • Opt out of receiving unwanted direct marketing communications; and
  • Make a complaint if you believe an organization or agency covered by the Privacy Act has mishandled your personal information.

Complaints can be submitted to the relevant organization directly or to the Office of the Australian Information Commissioner (OAIC), which oversees enforcement of the Privacy Act.

Your Rights Under Israeli Law (Protection of Privacy Law, 1981)

As a data subject under Israeli law, you have the right to:

  • Access your personal information – You may request to know whether we hold any personal data about you and obtain a copy of such data, subject to applicable legal exceptions.
  • Request correction or deletion – You may ask us to correct or delete any personal information that is inaccurate, incomplete, outdated, or no longer necessary for the purpose for which it was collected.
  • Withdraw your consent – You may withdraw your consent to the processing of your personal information at any time, where consent is the legal basis for processing, subject to legal or contractual obligations.
  • File a complaint – You may submit a complaint to the Israeli Privacy Protection Authority (PPA) if you believe your personal data has been mishandled or your privacy rights have been violated.

Your Rights Under UAE Law (Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data)

As a data subject under UAE law, you have the right to:

  • Access your personal information – You may request confirmation of whether we are processing your personal data and obtain access to such data, subject to applicable legal limitations.
  • Request correction or erasure – You may request the correction of inaccurate personal data or the erasure of personal data that is no longer necessary for the purpose for which it was collected.
  • Withdraw your consent – You may withdraw your consent to the processing of your personal data at any time, provided that such withdrawal does not affect the lawfulness of processing carried out before your consent was withdrawn.
  • Restrict processing – You may request to restrict or object to the processing of your personal data in certain circumstances, as permitted by law.
  • File a complaint – You may file a complaint with the UAE Data Office if you believe your personal data has been processed in violation of the UAE Federal Data Protection Law.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions;
  • Process orders and to send information and updates pertaining to orders;
  • We may also send you additional information related to your product and/or service.

To be in accordance with CAN SPAM we agree to the following:

  • NOT use false, or misleading subjects or email addresses;
  • Identify the message as an advertisement in some reasonable way;
  • Include the physical address of our business or site headquarters;
  • Monitor third party email marketing services for compliance, if one is used;
  • Honor opt-out/unsubscribe requests quickly;
  • Allow users to unsubscribe by using the link at the bottom of each email.

Use of cookies and similar technologies

Cookies

We use so-called service cookies primarily to provide the User with services provided electronically and to improve the quality of these services. In connection with this, the Data Controller and other entities providing analytical and statistical services to the Data Controller use cookies, storing information or accessing information already stored in the User’s telecommunications terminal device (computer, telephone, tablet, etc.). Cookies used for this purpose include:

  • to distinguish unique users by assigning a randomly generated ID. Enables calculation of visitor, session, and campaign data;
  • to maintain session state for a specific GA4 property. Helps track user interactions across pages within a session.

Google Analytics

We use Google Analytics analytical tools, which collect information about website visits, such as the subpages you have viewed, the time you spent on the website or the time spent switching between individual subpages. For this purpose, Google LLC cookies are used for the Google Analytics service. As part of Google Analytics, demographic data and data on interests are collected. Neither the Data Controller nor Google uses the collected data to identify the User nor does it combine this information to enable your identification. Detailed information on the scope and principles of data collection in connection with this service can be found at the link:
https://www.google.com/intl/eng/policies/privacy/partners.

Managing Cookies

Most browsers let you control or delete cookies through their settings. You can usually set your browser to refuse cookies, but please note this might affect your experience on our website.

Your Choices

By continuing to use our website without changing your cookie settings, you consent to our use of cookies as described here. You can always adjust your browser preferences if you want to restrict or block cookies.

Cross-Border Data Transfers

In certain instances, personal data may be transferred to jurisdictions outside the country of residence of the data subject, including to jurisdictions that may not offer an equivalent level of data protection. In such cases, we take appropriate steps to safeguard personal data, including:

Standard Contractual Clauses (SCCs): We may implement SCCs approved by the European Commission to ensure that personal data transferred outside of the European Economic Area (EEA) is afforded an equivalent level of protection.

Adequacy decisions: Where applicable, we may rely on adequacy decisions issued by the relevant data protection authorities to transfer personal data to jurisdictions deemed to provide an adequate level of protection.

Binding Corporate Rules (BCRs): In some instances, we may rely on BCRs for intra-group transfers of personal data, ensuring that consistent data protection standards are adhered to across our global operations.

We ensure that adequate safeguards are in place to protect your personal data when it is transferred to another jurisdiction.

Retention Period

Your Personal Data will be kept for as long as is necessary to provide you with the requested service. When your Personal Data is no longer necessary to deliver the requested service, the Company will delete it as soon as possible, unless retaining your Personal Data is required by law for a certain period of time (e.g., for accountancy records).

How long we keep data

We retain personal data no longer than necessary for the purposes collected (PDPO DPP2(2)). Typical periods:

  • Website logs/analytics: [e.g., 13 months]
  • Call recordings: [e.g., 6–12 months]
  • Client account data: life of contract + [e.g., 7 years] for legal/accounting
  • Recruitment (unsuccessful): [e.g., 6–12 months]; talent pool with consent [e.g., 24 months]
  • We will securely delete or anonymize data when no longer needed.

Social networking sites

The Data Controller processes personal data of Users visiting our profiles in social media (Linkedin, Facebook, Instagram) or communication platform (Telegram, Viber, WhatsApp). This data is processed solely in connection with maintaining the profile, including for the purpose of informing Users about our activity and promoting various types of events, services and products. The legal basis for the processing of personal data by the Data Controller for this purpose is its legitimate interest (Article 6, paragraph 1, letter f of the GDPR) consisting in promoting its own brand.

Security measures

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our website is at your own risk. You should only access our website within a secure environment.

Children’s Privacy

We do not knowingly solicit data from or market to children under 18 years of age. By using our website, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of our website. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at [email protected].

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations.

When we make significant updates, we will post the revised policy on our website and update the “Last updated” date at the top of the document. We encourage you to review this policy periodically to stay informed about how we protect your information.

Your continued use of our website or services after changes are posted constitutes your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions, concerns, or requests about this Privacy Policy or how we handle your personal information, please don’t hesitate to get in touch.

You can reach us at:

Email: [email protected].

Cookies consent management
We use technologies such as cookies to store and/or access information on a device. We do this to improve your browsing experience. By agreeing to the use of these technologies, you enable us to process data such as your browsing behavior or unique identifiers on this site. Not giving your consent or withdrawing it may negatively impact certain features and functionality.
Contact us
Cookies consent management
We use technologies such as cookies to store and/or access information on a device. We do this to improve your browsing experience. By agreeing to the use of these technologies, you enable us to process data such as your browsing behavior or unique identifiers on this site. Not giving your consent or withdrawing it may negatively impact certain features and functionality.

The storage of or access to technical data is strictly necessary for the legitimate purpose of enabling the use of a specific service expressly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

These cookies allow us to measure and analyze traffic on our website, such as pages visited and user behavior, using Google Analytics. The information is collected in an anonymized form and does not directly identify you. These cookies are only set if you give your consent.

Privacy Policy