Updated 31 Jan 2021
Table of Contents
Who we are
SIPcity is a trading brand of Blast Technologies Pty Ltd (“SIPcity”), including its corporate affiliates, is an Australian provider of cloud communications. For our business customers, we offer a complete and fully-configured VoIP and Cloud PBX solution for the delivery of end-to-end communications via voice.
What information we collect.
We collect your information in the following ways:
- Information you provide directly to us. When you subscribe to our newsletters, sign up for our services, request us to contact you, or through other interactions with us, we may ask you for certain personal information, such as your name, birthdate, address, e-mail address, telephone number, company name, job title, or payment information. When you request support from us, we may also collect information from you such as contact information, documentation, screenshots, or other information you or we may believe is helpful to solving the issue. When you speak with our customer service or sales representative on the phone, your calls may be recorded and/or monitored for quality assurance and training purposes.
- Information we collect automatically when you visit our websites. We and our third-party partners, such as our advertising and analytics partners, collect information about your visits to our websites and your interactions with our ads or content, together with information such as your IP address, cookies, and other tracking technologies (eg, web beacons, device identifiers, and pixels). For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.
- Information we get from third parties. Third party sources of information include:
- Third party services and social media. If you create an account or access our services through your account with a third-party service, such as Facebook, Google, LinkedIn or Twitter, or use a social media feature through our services, certain personal data from those third-party social media services may be shared with us, such as your interests, “likes,” and friends list. We may use this information, for example, to personalise your SIPcity experiences and marketing communications, to enhance our services, and to better serve you. You can control this data sharing via options in your social media accounts. We may also collect information from third party services that are integrated with our services, such as third-party CRMs or other applications that you authorise our services to connect with.
- Credit agencies. We may obtain your credit information from third party reporting agencies in order to control our own credit risk in onboarding new customers.
- Demographic, lead, and interest data. We may obtain information from outside companies such as those that collect customer information including demographic and interest data. Examples of this information include your employment status, your job title with your current employer, and your business contact information. We use this data and combine it with other information we have about you to help us predict your preferences and to provide direct marketing offers that might be more relevant to you. We also obtain, where permitted by law, contact information and other marketing lead information from third parties, website “refer-a-friend” options or social media platforms and may combine it with information we have to contact you or direct SIPcity marketing offers to you.
- Information about our customers’ users. Our customers and other third parties may also provide us with personal information about our customers’ users and others. For example, we may receive personal information and other information from our customers, message senders, mobile network operators, databases with information relevant to mobile telephone numbers submitted to our services, and other third parties. This information may include, without limitation, telephone numbers, telephone numbers’ validity, type (eg, mobile, landline, etc.), corresponding device status (eg, whether or not it is currently available for messaging), roaming status, carrier, country of location, and whether or not the number has been ported and is used to help us provide our services.
- Information collected in connection with your use of services delivered via our platform. We and our service providers may collect information in connection with your use of communications services delivered via our platform.
- Communications usage information. This includes information about your communications delivered via our platform such as the time and duration of usage, source and destination identifiers, completion status, location, IP address, and amount of usage.
- Communications content. To enable you to send and receive communications via our platform, we need to be able to handle the content of the messages, calls, and other communications channels used by you. This also includes, for example, voicemails and call recordings recorded via our services.
- Device information. Where we have provided end user equipment to you, such as a VoIP phone, or you have installed our software on your device, we collect device-specific information from you. This includes, for example, your hardware model, operating system version, firmware, browser information, device and network configuration, device identifier, IP address, device performance, signal strength, call quality, telemetry, and mobile or wireless network information. We use the device information we collect in order to deliver and improve our services.
Why we collect your information and how we use it.
How we use the information we collect depends on which of our services you use, how you use them, and specific preferences you may have communicated to us. We list below the specific purposes for which we collect your information.
- To deliver our services. We use your information because it is necessary to perform our obligations in delivering our services to our customers. This includes delivering your communications to the intended end user, processing transactions with you (such as billing), authenticating you when you log into our platform, providing customer support, and operating and maintaining our services. We also need your information to communicate with you about the services, including registration confirmations, purchase confirmations, expiration or renewal reminders, responding to your requests, and sending you notices, updates, security alerts, administrative messages, and other communications necessary to usage of the services.
- To carry out core activities relating to our services. To effectively deliver our services to you, we use your information to engage in important supporting activities such as:
- billing and collections, including maintenance of records in the event of a subsequent billing dispute;
- preventing fraud, violations of our acceptable use policies, and unlawful activities;
- troubleshooting, quality control, and analytics; and
- monitoring the performance of our systems and platform.
- For research and development. We are constantly looking for ways to improve our services, to make them more reliable, secure, and useful to you and our users generally. We use data regarding our users’ communications on our platform to understand how our services are performing and how they are being used in order to identify areas where we can do better. For instance, we may use message delivery and call connection information to gauge the effectiveness of our routing to ensure that your messages are delivered and your calls are connected. We and our service providers may use your information to assess the level of interest in, and use of, our services, our communications to our customers, and our other messaging campaigns, both on an individual basis and in the aggregate. We also use information about your use of our websites to understand how our website visitors are using our websites. Among other things, this usage information, along with tracking technologies, enables third-party analytics companies, such as Google Analytics, to generate analytics reports on the usage of our services. To opt out of your usage information being included in our Google Analytics reports, you may follow these instructions.
- To comply with legal requirements. Applicable laws or regulations may require our processing of your data, such as laws mandating retention of communications data.
- To protect our legitimate business interests and legal rights. Where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
- According to your explicit consent. If we wish to use your information for certain purposes which require consent under applicable law, we will first seek out and obtain your consent. This may include, for example, testimonials or case studies that identify you in your individual capacity.
European Economic Area users and our “lawful bases” for using their data.
European data protection law requires organizations like us to provide a lawful basis to collect and use your information. Our lawful basis to collect and use information from our EEA users include when:
- We need it in order to provide you with the services and to carry out the core activities related to our provision of the services.
- We need to comply with a legal obligation.
- We have a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the services and to protect our legal rights and interests.
- You give us your consent to do so for a specific purpose.
Who we share your information with and why.
We may share your information as detailed below:
- Third-party service providers that help us to deliver the services and allow us to operate our businesses.
- Communications providers. As the provider of a communications platform, we share the data we collect from you with communications providers (including traditional PSTN telecommunications companies and over-the-top communications service providers) as necessary in order to provide you with the services. These are the telecommunications companies, for instance, who we need to ensure your calls, messages and other communications reach the people you want to contact.
- Business operations vendors. We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. We only work with carefully selected vendors, and we require any vendors with whom we share personal data to protect the confidentiality of such information and use it solely for the purposes for which it was shared.
- Partners. In the event that you purchase services offered by SIPcity or a partner through a special marketing arrangement (for example, through a co-branded advertisement or offer, or an arrangement where we and a partner market or offer the other’s products or services), we may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localised support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.
- Compliance with law enforcement requests and applicable laws; enforcement of our rights. We may disclose personal data as required by applicable law, regulation, legal process or government request; to protect SIPcity, our services, our customers or the public from harm or illegal activities; and to enforce our agreements, policies and service terms.
- With your explicit consent. We share information about you with third parties when you give us consent to do so. For example, we often display use cases or testimonials of satisfied customers on our public websites and require your consent to identify you in your individual capacity. If you are a business customer, and have requested this, your business name and phone number may be included in public directories
- Sharing with senders and recipients of communications. The name on your account, or a portion thereof, and/or your phone number may be displayed to people that you make calls to and to other users of the services so that they may contact you. Depending on the service you’re using, you may be able to control what’s displayed by adjusting your settings within your customer account.
- SIPcity Affiliates; business transactions. We share your information with and among our corporate affiliates in order to operate and improve the services we provide to you; and we may share your information in connection with a sale, merger, liquidation, or reorganization of our business or assets.
- Credit control. We conduct credit checks on new customers in order to control the risk of non-payment. In the event of non- or late payment, we may disclose your name, address and other details to credit bureaus and agencies. They may use that information to assess your credit rating and provide that rating to other companies.
How we protect your information.
SIPcity has implemented administrative, physical, and technical safeguards to help protect the personal data that we transmit and maintain. However, no system or service can provide a 100% guarantee of security, especially a service that relies upon the public internet. Therefore, you acknowledge the risk that third parties may gain unauthorised access to your information. Keep your account password secret and please let us know immediately if you think your password was compromised. Remember, you are responsible for any activity under your account using your account password or other credentials.
Where we store your information and international transfers.
Personal information held by SIPcity is stored on and processed on computers situated in the Australia, and in other jurisdictions. We and/or our service providers also process data in some other countries for customer care, account management and service provisioning.
If you are an EEA resident, your personal data held by SIPcity may be transferred to, and stored at, destinations outside the EEA that may not be subject to equivalent data protection laws, including the United States. When you sign up for service with SIPcity or inquire about our services, we transfer your information to Australia and other countries as necessary to perform our agreement with you or to respond to an inquiry you make. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers.
- International transfers within SIPcity and its corporate affiliates. To facilitate our global operations, we transfer information among our corporate affiliates in countries whose privacy and data protection laws may not be as robust as the laws of the countries where our customers and users are based. We utilise standard contractual clauses approved by the European Commission and rely on the European Commission’s adequacy decisions about certain countries, as applicable, for data transfers from the EEA to the United States and other countries.
How long we store your information.
The data retention obligations require us to retain specific telecommunications data (the data set) relating to the services we offer for at least 2 years.
In addition, we store your information until it is no longer necessary to provide the services or otherwise relevant for the purposes for which it was collected. This time period may vary depending on the type of information and the services used, as detailed below. After such time, we will either delete or anonymise your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible. We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from anonymised information retained or used for these purposes.
- Customer account information. We store your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services.
- Communications usage information. While you’re an active customer, we retain the communications usage information generated by your use of the services until the information is no longer necessary to provide our services, and for a reasonable time thereafter as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services.
- Marketing information, cookies and web beacons. If you have elected to receive marketing e-mails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our services, such as when you last opened an e-mail from us or visited our websites. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
- Device information. We collect device-specific information from you when we have provided end user equipment to you, such as an analogue telephone adapter or a VoIP phone, or you have installed our software on your device. If you do not revoke our access to this information via the privacy settings on your device, we will retain this information for as long as your account is active.
How to access and control your information.
- Opt out of communications. You may opt out of receiving promotional communications from us by using some or all of the following methods: the unsubscribe link within each e-mail, updating your e-mail preferences within your service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional e-mail list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our services. Depending on your type of account with SIPcity, you may be able to opt out of some notification messages in your account settings.
- Your rights as an EEA resident. If you are from the EEA, you may have broader or additional rights, including:
- to be provided with a copy of your personal data held by us;
- to request the rectification or erasure of your personal data held by us;
- to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
- to object to the further processing of your personal data, including the right to object to marketing and profiling; and
- to request that your provided personal data be moved to a third party.
Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us. If you do not want your personal data used by SIPcity for any direct marketing purposes, or shared with third parties for their own marketing use, then you may opt out of such use or sharing by contacting us, even if you have previously consented to such use.
You can exercise the rights listed above at any time by contacting us and if you feel that your request or concern has not been satisfactorily resolved, you may approach your local data protection authority.
Other important information
Information from children. SIPcity does not sell products or services for purchase by children and we do not knowingly solicit or collect personal data from children or teenagers under the age of eighteen. If you believe that a minor has disclosed personal data to SIPcity, please contact us.
Changes to this policy
How to contact us.
Blast Technologies Limited
Attn: SIPcity Data Protection
24-30 Springfield Avenue
Potts Point, NSw 2011
E-mail: [email protected]
Cookies and Tracking Notice
They also help us track users, conduct research, allow you to back click to earlier registration pages viewed by you and improve our content and services. For instance, we may use web beacons on our websites to access and set cookies and otherwise help us to better understand how users are moving through our websites. Information provided by the web beacon includes the computer’s IP address, the type of browser being used and the time that the web beacon was viewed. We may also use web beacons in e-mails and newsletters so that we know when such communications have been opened and to otherwise help us tailor our communications to individual users.
- When it’s strictly necessary
These cookies and other technologies enable us to recognise you when you return to our service and to maintain your web session so you can more easily navigate the subscription process or your viewing of your call details. They are also essential for you to access secure areas of our sites, for example, to use shopping baskets or make payments.
Google Tag Manager is a third-party service provider that allows us to manage website tags via an interface. Tags are small elements of code that are used, for example, to measure traffic and visitor behaviour, to understand the effect of online advertising and social channels, to set up remarketing and orientation towards target groups, and to test and optimise websites. Google Tag Manager only implements tags. This means that no cookies are used and, as a result, no personal data is recorded. We list it here for completeness and to be transparent about the tools we use. If deactivation has been performed at a domain, page, event or 3rd party script level, this remains in place for all tracking tags if these are implemented with Google Tag Manager.
- For performance and analytics
- To enable functionality
These cookies and similar technologies can tell us which language you prefer and what your communications preferences are. They can help you fill out forms on our sites more easily. They also enable customisation of the layout and/or content of the pages on our sites.
- For targeted advertising
- Social media cookies and widgets We use social media platforms to advertise to you online and to monitor the success of our advertising (for instance by receiving reports when you click on our ads on Facebook, LinkedIn and others). We summarise the main advertising and social media partners who drop cookies below:
- DoubleClick: Google’s Doubleclick re-targeting cookie lets us serve personalised advertising to you when you’re browsing other websites and social media platforms. You can control advertising personalisation on Google and partner websites here.
o Facebook Custom Audience: This service from Facebook enables us to display personalised ads to people on our e-mail lists when they visit Facebook. We provide personal information such as your e-mail address and phone number in encrypted form to Facebook (so they cannot be seen by anyone at Facebook) to enable Facebook to determine if you are a registered account holder with Facebook.
- Twitter advertising and remarketing: We advertise on Twitter and our advertising content will be tailored to your interests on the basis of your browsing behaviour and the pages you have consulted on this and other websites. In order to improve the relevance of our marketing content, the cookie may therefore transmit such data to Twitter, who will use it to understand your interests better including to benefit their other advertising customers. If you decide that you do not wish your browsing data to be collected, you can find comprehensive information on Twitter’s advertising policy and the steps you can take to protect your privacy here.
How to control cookies.