Compliance
Compliance
Last Updated 12 March 2024
Introduction
Numonix LLC, a Delaware limited liability company, (“Numonix”, “we”, “us”, “our”) takes the protection of personally identifiable information (“Personal Data”) very seriously. Please read this privacy policy (the “Policy”) to learn what we are doing with your Personal Data, how we protect it, and what privacy rights you may have under applicable data protection and privacy laws.
What Is Covered by This Privacy Policy
This Policy addresses data subjects whose Personal Data we may receive from our customers (“Customers”) in our IXCloud web-based software application, TRaaS service offers and our Recite and Recite SPE software applications (collectively, the “Services”).
If you are not a Numonix Customer but engage in communications powered by our Services (an “End User”), we may collect and store Personal Data about you on behalf of our Customers. However, in these cases, we do not decide why and how that Personal Data will be processed. Our Customers use our Services to store and process an End User’s Personal Data. In that case, we act only as a storage and service provider. We do not decide what Personal Data is being stored, and in general, we will only access such Personal Data at our Customer’s request in connection with customer and technical support matters. We will only access Personal Data to provide the Services that our Customer has directed us to provide, or if we are required by law to do so.
When you give your Personal Data to one of our Customers or when we collect your Personal Data on their behalf, our Customer’s privacy policy, rather than this Policy, will apply to the processing of your Personal Data. If you have a direct relationship with one of our Customers, please contact them to exercise your privacy rights.
This Policy also addresses Personal Data we receive directly from data subjects through their use of our websites. You can also manage your cookie preferences.
Our Role with Respect to Your Personal Data
There is Personal Data that we process for own purposes and Personal Data that we process on behalf of our Customers. This means that we do not always have the same degree of decision-making with respect to why and how each piece of Personal Data will be processed.
Processor. Numonix acts as a data processor or service provider for the Personal Data we process for our Customer when providing our Services. This means that our Customers determine the type of Personal Data they provide to us to process on their behalf. We typically have no direct relationship with the individuals whose Personal Data we receive from our Customers.
Controller. Numonix acts as a data controller or business for the Personal Data we collect from visitors that visit our websites.
Lawful Bases for Processing
We must have a valid reason to use your Personal Data. This is called the “lawful basis for processing”.
When we act as a data controller, we may process your Personal Data on the basis of:
- your consent;
- the need to perform a contract with you;
- our legitimate interests;
- the need to comply with the law; or
- any other ground, as required or permitted by law.
Where we process your Personal Data based on your consent, you may withdraw it at any time. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect the validity of our processing of Personal Data performed on other lawful grounds.
Where we receive your Personal Data as part of providing our Services to you to fulfill a contract, we require such Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to provide the Services to you.
Where we process your Personal Data based on our legitimate interests, the legitimate interests pursued by us include the provision of our Services, our interests in marketing our Services, and our interests in monitoring and enhancing the performance of our Services.
Within the scope of this Policy, we may also process Personal Data based on the instructions of our Customers. To learn about their lawful bases for processing your Personal Data, please read the privacy policy of the relevant Customer.
How Personal Data is Collected and for What Purpose
We will not collect additional categories of Personal Data or otherwise utilize your Personal Data without informing you.
Technical and Customer Support. If our Customers require customer or technical support, we may obtain access to any Personal Data you, as an End User, may have shared with the Customer through our Services. We may also collect the statistics of call recordings (such as call telemetry: call duration, technical errors, participant locations and names) pursuant to the Services. Numonix has procedures in place so that such Personal Data is access only at our Customer’s written request or where required by law. If you request support, or if you contact us by other means including via a phone call or webform, we process your Personal Data to perform our contract with our Customer and to the extent it is necessary for our legitimate interest in fulfilling your requests, communicating with you, and abiding by our legal obligations.
Interest in Services. If you contact us with an interest in obtaining information about our Services; register for our mailing list or Services; explore or download content from our websites; or interact with our marketing emails and advertisements, we may use Tracking Technologies (defined below) to collect information related to your interests and ask for your contact information (name, title, company name, address, phone number, and email address) to send you marketing information and communications about us, our partners, and our Services, promotions or events. We may also automatically collect information about your device and your usage of our websites or emails. This information may include identifiers, internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider and/or mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the websites.
If we have not entered into a contract with you, we base the processing of your Personal Data on our legitimate interest to operate and administer our websites, conduct marketing research, analyze overall trends, advertise our Services and events, identify customer opportunities, provide you with content you access and request (e.g., to download content from our websites), help us provide and improve our Services, offer a tailored experience for users, secure and maintain our Services and websites, verify accounts and activity, investigate suspicious activity, assess and improve customer and user experiences, enforce our terms and policies, identify future opportunities for development, assess capacity requirements, and protect our rights and the rights of others.
If we have entered into a contract with you, we base the processing of your Personal Data on our obligations to perform our contract with you as a Customer.
Service Accounts. If you register for an account that we provide, we may ask you to provide account information (such as username, contact information and location), your contact information (such as name, title, company name, address, country, phone number and email address) and financial and billing information (such as billing name and address, account receiving contacts or bank account information). We will process your Personal Data to provide our Services to you, including sending related communications to you, to perform our contract. If you have provided financial information to us, we process your Personal Data to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you.
If you utilize our Services, we may automatically collect information about your device and your usage of our Services. This information may include identifiers, internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider and/or mobile carrier, the pages and files viewed, operating system, system configuration information, date and time stamps associated with your usage, and frequency of visits to the websites. If we have entered into a contract with you, we base the processing of your Personal Data on our obligations to perform our contract with you as a Customer.
We may also collect the statistics of call recordings pursuant to the Services, to provide technical support, improve our services, and abide by our legal obligations.
Surveys. If you voluntarily submit certain information to our Services, such as filling out a survey about your experience, we may collect the information you have provided to satisfy our legitimate interest in improving our Services.
Events and Promotions. If you register for an event, webinar, or promotion, we may require you to provide to us your contact information (such as name, title, company name, address, country, phone number and email address) and financial or billing information (such as billing name and address). We will process your Personal Data to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you, to perform our contract. If you register for a contest or promotion, we process your Personal Data to perform our contract. If you have provided financial information to us, we process your Personal Data to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you.
We may use Tracking Technologies (defined below) to collect information related to your interests and to send you marketing information and communications about us, our partners, and our Services, promotions or events. If we have not entered into a contract with you, we base the processing of your Personal Data on our legitimate interest to conduct marketing research, advertise our Services and events, assess potential customer opportunities, and to provide you with content you access and request (e.g., access to a webinar).
Office Visits. If you visit our offices, you may be required to register as a visitor and to provide your name, email address, phone number, company name and time and date of arrival. We will process your Personal Data for security reasons, to register visitors to our offices and to manage non-disclosure agreements that visitors may be required to sign, to the extent such processing is necessary for our legitimate interest or to perform our contracts with our Customers.
Other Sources. We also may collect information about you from other sources including third parties, partners and resellers for the purposes of delivering relevant email content, event promotion, determining eligibility, verifying contact information, and supporting their sales activities. We may collect Personal Data like business contact information (including name, mailing addresses, job titles, email addresses, phone numbers, intent data, and IP addresses). We may combine this information with Personal Data provided by you. We base the processing of your Personal Data on our legitimate interest to update, expand, and analyze our records, identify new customers, and to provide Services that may be of interest to you.
Compliance and Legal Obligations. We process your Personal Data to review compliance with the contracts and policies to the extent that it is in our legitimate interest. We may also process your Personal Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights or is necessary for our legitimate interest.
Cookies and Other Tracking Technologies. We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, tags, and similar technologies to automatically collect information that may contain Personal Data as you navigate our websites, our Services, or interact with emails we have sent to you. We base the processing of your Personal Data on our legitimate interest to operate and improve our websites and marketing emails. All of these tracking technologies are collectively referred to as “Tracking Technologies” in this Policy.
Cookies. A cookie is a small file stored on your device that contains information about your device. We may use cookies to provide basic relevant ads, website functionality, authentication (session management), usage analytics (web analytics), to remember your settings, and to generally improve our websites and Services.
Local Storage. Local storage enables our website to store information locally on your device. Local storage may be used to improve your experience with our website, for example, by enabling features, remembering your preferences and speeding up our website functionality.
GIFs (a.k.a. “web beacons”). Our website may also employ a software technology called clear GIFs that helps us better manage content on our website by providing insight into which content is most effective. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies, which are used to track the online movements of website users.
Pixels. A tracking pixel is a 1×1 pixel graphic used for the purpose of tracking user behavior, web traffic and site conversions. A tracking pixel allows us to collect data relating to the use of our website. Tracking pixels are used to trigger advertisements on any participating websites based on the activity tracked from your browser or device and can also be used for third-party web analytics. For example, we may place a pixel in marketing emails that notify us when you click on a link in the email.
Tags. A tag is a generic name for code elements found in web pages. Most tags simply describe the content of the page, but certain types of tags contain programmatic elements or inject dynamic content like video or audio files into the page. Most of the cookies set on our website will be set via these tags, but some tags may also collect data about our visitors without the use of cookies.
How We Use Tracking Technologies on our Website
You can manage your cookie preferences manage your cookie preferences through our website.
The use of cookies is industry standard so your browser may be set to accept cookies. If you would prefer not to accept cookies, you can alter the configuration of your browser to reject all cookies or some cookies. Note, if you reject certain cookies, you may not be able to access all features provided by our Services. For more information, please visit https://www.aboutcookies.org. You may also control your online behavioral advertising preferences and opt out from having your data processed by certain marketing companies by visiting http://www.youronlinechoices.com/ and http://optout.aboutads.info/. Please note that managing these preferences will not turn off internet advertisements in general. You will receive the same amount of advertisements, but it will be less reflective of your interests, as based on your web browsing habits. The opt-out preferences that you set may be nullified if you delete your cookies.
Responding to Do Not Track (DNT) Signals. “Do Not Track” is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third-parties. For more information, please visit https://allaboutdnt.com/. Our Services are set to respond to “Do Not Track” signals received from various web browsers.
We use session and persistent cookies. Session cookies are deleted when you close your browser. Persistent cookies may remain even after you close your browser, but always have an expiration date. Most of the cookies placed on your device through our Services are first-party cookies which are placed directly by us. Other parties, such as Google and Freshworks, may also set their own (third-party) cookies through our Services. Please refer to the policies of these third parties to learn more about the way in which they collect and process information about you.
Strictly Necessary Tracking Technologies. These Tracking Technologies are necessary for our website to function and cannot be turned off in our systems. They are usually only set in response to actions you take which amount to a request for services, such as logging in or filling out forms. You may be able to set your browser to block or alert you about some of these Tracking Technologies. However, if you block these Tracking Technologies, some parts of our website will not work.
Name | Provider | Purpose | Duration |
XSRF-TOKEN | Used to help with site security in preventing Cross-Site Request Forgery attacks. | session | |
_helpkit_session | The secret key for verifying cookie session data integrity. If you change this key, all old sessions become invalid. | session | |
_x_w | Used to provide customer support and track unique sessions. | session | |
ARRAffinitySameSite | Numonix | Used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. | session |
ARRAffinity | Numonix | Used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. | session |
qdloGbDnF | Numonix | Used for Cerber firewall anti malware. | a few seconds |
cerber_groove | Used to provide protection against hackers. | one year | |
cerber_groove_x_* | Used to provide protection against hackers. | two weeks |
Performance Tracking Technologies. These Tracking Technologies allow us, among other things, to count website visits and traffic sources so we can measure and improve the performance of our website. They help us to know which pages are the most – and least – popular, and see how you move around the website. If you do not allow these Tracking Technologies, we will not know when you have visited our website and will not be able to monitor our website’s performance.
Name | Provider | Purpose | Duration |
_gid | Numonix | Used for Google Analytics to store and count page views. | one day |
_ga | Numonix | Used for Google Analytics to store and count page views. | two years |
_gat | Numonix | Used for Google Analytics to read and filter requests from bots. | one minute |
_gclxxxx | Numonix | Used for conversion tracking. | three months |
__hssrc | Numonix | Used for HubSpot to store a unique session ID. | session |
__hstc | Numonix | Used for HubSpot to store time of visit. | six months |
__hssc | Numonix | Used for HubSpot to keep track of sessions. | thirty minutes |
pyHjuYgviBOmf | Numonix | Used for Hubspot. | a few seconds |
History.store | Numonix | Used for WooCommerce to store last visit. | at least one session |
Functional Tracking Technologies. Theses Tracking Technologies enable our website to provide enhanced functionality and personalization. They may be used by us or by third-party providers whose services we have added to our pages. If you do not allow these Tracking Technologies, then some or all of these services may not function properly.
Name | Provider | Purpose | Duration |
cookie_notice_accepted | Numonix | Used to read if cookies can be placed. | one month |
_GRECAPTCHA | Used to help identify bots and prevent abuse of the website. | six months | |
test_cookie | DoubleClick (Google third-party cookie) | Used to check if the user’s browser supports cookies. | fifteen minutes |
zsFnIf | Numonix | Used to allow website accessibility through Userway. | a few seconds |
lJsfRN | Numonix | Used to provide Freshdesk chat. | a few seconds |
pnUuVRyIblxfQT | Numonix | Used to provide the cookie notice. | a few seconds |
__hsmem | Numonix | Used for HubSpot to identifies a membership user when they are currently logged in. | seven days |
messagesUtk | Numonix | Used for HubSpot to recognize visitors who utilize the chat feature by storing browser details. | six months |
hs-messages-is-open | Numonix | Used for HubSpot to store if a message has been shown. | thirty minutes |
hs-messages-hide-welcome-message | Numonix | Used for HubSpot to prevent the chat widget welcome message from appearing again after it is dismissed. | one day |
hs_ab_test | Numonix | Used for HubSpot to store ID’s of experiments and sessions for A/B testing. | session |
__hs_do_not_track | Numonix | Used for HubSpot to store “do not track” signals. | six months |
*_key | Numonix | Used for HubSpot when visiting a password-protected page, so future visits to the page from the same browser do not require login again. | fourteen days |
wordpress_test_cookie | Used to read if cookies can be placed. | Session | |
wordpress_logged_in_* | Used to store logged in users. | persistent | |
_lscache_vary | Used to store whether you are logged into the site and what your user role is. It us used to help improve site performance for logged in users. | two days | |
FUvpzjDoTrOscu | Numonix | Used for the Litespeed cache | a few seconds |
VISITOR_INFO1_LIVE | Used to provide bandwidth estimations. | six months | |
wd | Used to read screen resolution. | one week | |
csm | Used to provide fraud prevention. | ninety days | |
actppresence | Used to store and track if the browser tab is active. | session | |
local_storage_support_test | Used to provide load balancing functionality. | persistent | |
cmplz_banner-status | Used to store if the cookie banner has been dismissed. | one year | |
cmplz_marketing | Used to store cookie consent preferences. | one year | |
cmplz_functional | Used to store cookie consent preferences. | one year | |
cmplz_preferences | Used to store cookie consent preferences. | one year | |
cmplz_statistics | Used to store cookie consent preferences. | one year | |
cmplz_policy_id | Used to store accepted cookie policy ID. | one year |
Targeting Tracking Technologies. These Tracking Technologies may be used on our website by us or our advertising partners (or set directly by our advertising partners) to collect data about your online activity. They record your visits to our website, the pages you have visited, and the links you have followed. They are used by our advertising partners to build a profile of your interests and show you relevant advertisements on our website as well as other sites. For example, they are used to detect when you click on an ad and show you ads based on your social media interests and browsing history.
If you do not allow these Tracking Technologies, you will experience less targeted advertising.
Name | Provider | Purpose | Duration |
__cf_bm | Numonix | Used to manage incoming traffic that matches criteria associated with bot. | a few seconds |
_gat_gtag_xxxxxxxx xxxxxxxxxxxxxxxxxxx | Numonix | Google Analytics. | a few seconds |
ljZTyHzgqAm | Numonix | Google Analytics. | a few seconds |
CONSENT | Detect if you have accepted the marketing cookies in the cookie banner. | seventeen years | |
YSC | Registers a unique ID to keep statistics of what videos from YouTube the user has seen. | session | |
GPS | Used to store location data. | session | |
PREF | Used to store user preferences. | eight months | |
Google Fonts API | Used to read user IP address. | session | |
rc::c | Used to read and filter requests from bots. | session | |
rc::b | Used to read and filter requests from bots. | session | |
rc::a | Used to read and filter requests from bots. | persistent | |
IDE | DoubleClick (Google third-party cookie) | Doubleclick is Googles real time bidding advertising exchange. | twenty-four months |
_fw_crm_v | Used to track visitor/user identity and chat sessions performed by the user. | one year | |
hubspotutk | Used to store and track a visitor’s identity | six months | |
_fbc | Used to store last visit. | two years | |
fbm* | Used to store account details. | one year | |
xs | Used to store a unique session ID. | three months | |
fr | Used to provide ad delivery or retargeting. | three months | |
act | Used to store logged in users. | ninety days | |
_fbp | Used to store and track visits across websites. | three months | |
datr | Used to provide fraud prevention. | two years | |
c_user | Used to store a unique user ID. | thirty days | |
sb | Used to store browser details. | two years | |
*_fbm_ | Used to store account details. | one year | |
metrics_token | Used to store if the user has seen embedded content. | persistent |
Disclosure and Sharing
We may share or disclose Personal Data to the third parties listed below. Some of these third parties may be located outside of the United States. However, when the Personal Data is protected by the GDPR, before transferring your Personal Data to these third parties, we will either ask for your explicit consent or require the third party to maintain at least the same level of privacy and security for your Personal Data that we do. We remain liable for the protection of your Personal Data that we transfer or have transferred to third parties, except to the extent that we are not responsible for the event that leads to any unauthorized or improper processing.
Service Providers. With our contracted service providers, who provide services such as IT and system administration and hosting, communication services, credit card processing, research and analytics, marketing, webforms, and customer support.
Our Resellers. With resellers to the extent such sharing of data is necessary to fulfill a request you have submitted via our websites or for customer support, marketing, technical operations and account management purposes.
Your Affiliates. If you use our Services as a user, we may share your Personal Data with our affiliated Customer responsible for your access to the Services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies.
Our Affiliates. We may disclose your Personal Data to our subsidiaries or affiliates, but only if necessary for business purposes, as described in this Privacy Policy.
Event Sponsors. If you attend an event or webinar organized by us, or download or access content, we may share your Personal Data with sponsors of the event. If required by applicable law, you may consent to such sharing via the registration form or by allowing your attendee badge to be scanned at a sponsor booth. In these circumstances, your information will be subject to the sponsors’ privacy statements.
Contest and Promotion Sponsors. With sponsors of contests or promotions for which you register.
Third party networks and websites. With third-party advertising networks and websites, so that we can market and advertise on third party platforms and websites (examples: Google and Freshworks).
Professional Advisers. In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers – including lawyers, bankers, auditors, and insurers based in countries in which we operate, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Personal Data.
Change in Ownership. We may disclose your Personal Data if we sell or transfer all or some of our company’s business interests, assets, or both, or in connection with a corporate restructuring. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.
Anonymous and Aggregated. We reserve the right to use, transfer, sell, and share any anonymous and aggregated data for any legal purpose. Such data does not include any Personal Data. The purposes may include analyzing usage trends or seeking compatible advertisers, sponsors, and customers.
Legal Requirements. We may disclose your Personal Data to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings (whether initiated by governmental/law enforcement officials, or private parties). If we must disclose your Personal Data to governmental/law enforcement officials, we may not be able to ensure that such recipients will maintain the privacy or security of your Personal Data.
How Long Do We Keep Your Personal Data
We will retain your Personal Data for as long as necessary to fulfil the purpose for which it was provided or collected, in accordance with our data retention policies. For example, we will retain and use your Personal Data to the extent necessary to comply with our legal obligations (such as, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
If your Personal Data is used for more than one purpose, we will retain it until the purpose with the longest retention period expires; but we will stop using it for the purpose with a shorter retention period once that period expires. Our retention periods are also based on our business needs and good practice and legal requirements.
In cases where we act as a data processor, we retain Personal Data for as long as instructed by the respective Customer (who typically acts as a data controller). We may delete the Personal Data submitted to us by our Customers within two (2) weeks of the end of our service agreement with the Customer, unless
applicable laws require otherwise.
What Privacy Rights Do You Have?
You have specific rights regarding your Personal Data that we collect and process. Please note that you can only exercise these rights with respect to Personal Data that we process about you when we act as a data controller or as a “business” under the CCPA. To exercise your rights with respect to information processed by us on behalf of one of our Customers, please read the privacy policy of that Customer.
In this section, we first describe those rights and then we explain how you can exercise those rights.
Right to Know What Happens to Your Personal Data (The
This is called the right to be informed. It means that you have the right to obtain from us all information regarding our data processing activities that concern you, such as how we collect and use your Personal Data, how long we will keep it, and who it will be shared with, among other things.
We are informing you of how we process your Personal Data with this Policy. We will always try to inform you about how we process your Personal Data. However, if we do not collect the Personal Data directly from you, the GDPR exempts us from the obligation to inform you (i) when providing the information is either impossible or unreasonably expensive; (ii) the gathering and/or transmission is required by law, or if (iii) the Personal Data must remain confidential due to professional secrecy or other statutory secrecy obligations.
Right to Know What Personal Data Numonix Has About You
This is called the right of access. This right allows you to ask for full details of the Personal Data we hold about you.
You have the right to obtain from us, including confirmation of whether or not we process Personal Data concerning you, and, where that is the case, a copy or access to the Personal Data and certain related information.
Once we receive and confirm that the request came from you or your authorized agent, we will disclose to you:
- The categories of your Personal Data that we process;
- The categories of sources for your Personal Data;
- Our purposes for processing your Personal Data;
- Where possible, the retention period for your Personal Data, or, if not possible, the criteria used to determine the retention period;
- The categories of third parties with whom we share your Personal Data;
- If we carry out automated decision-making, including profiling, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you;
- The specific pieces of Personal Data we process about you in an easily-sharable format;
- If we disclosed your Personal Data for a business purpose, the categories of Personal Data and categories of recipients of that Personal Data for and disclosure;
- If we rely on legitimate interests as a lawful basis to process your Personal Data, the specific legitimate interests; and
- The appropriate safeguards used to transfer Personal Data from the EEA or the UK to a third country, if applicable.
Under some circumstances, we may deny your access request. In that event, we will respond to you with the reason for the denial.
Right to Change Your Personal Data
This is called the right to rectification. It gives you the right to ask us to correct without undue delay anything that you think is wrong with the Personal Data we have on file about you, and to complete any incomplete Personal Data.
If your account settings do not allow you change the information yourself, please contact us and we will do our best to change the Personal Data for you.
Right to Delete Your Personal Data
This is called the right to erasure, right to deletion, or the right to be forgotten. This right means you can ask for your Personal Data to be deleted.
Sometimes we can delete your information, but other times it is not possible for either technical or legal reasons. If that is the case, we will consider if we can limit how we use it. We will also inform you of our reason for denying your deletion request.
Right to Ask Us to Limit How We Process Your Personal Data
This is called the right to restrict processing. It is the right to ask us to only use or store your Personal Data for certain purposes. You have this right in certain instances, such as where you believe the data is inaccurate or the processing activity is unlawful.
Right to Ask Us to Stop Using Your Personal Data
This is called the right to object. This is your right to tell us to stop using your Personal Data. You have this right where we rely on a legitimate interest of ours (or of a third party). You may also object at any time to the processing of your Personal Data for direct marketing purposes.
We will stop processing the relevant Personal Data unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, or freedoms; or (ii) we need to continue processing your Personal Data to establish, exercise, or defend a legal claim.
If we have received your Personal Data in reliance on the Data Privacy Framework, you may also have the right to opt out of having your Personal Data shared with third parties and to revoke your consent to our sharing your Personal Data with third parties. You may also have the right to opt out if your Personal Data is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized.
Right to Port or Move Your Personal Data
This is called the right to data portability. It is the right to ask for and receive a portable copy of your Personal Data that you have given us or that you have generated by using our services, so that you can:
- Move it;
- Copy it;
- Keep it for yourself; or
- Transfer it to another organization.
We will provide your Personal Data in a structured, commonly used, and machine-readable format. When you request this information electronically, we will provide you a copy in electronic format.
Rights related to automated decision-making including profiling
This is called the right to data Rights in relation to automated decision-making including profiling GDPR includes provisions for decisions made with no human involvement, such as profiling, which uses personal data to make calculated assumptions about individuals.
There are strict rules about this kind of processing, and individuals are permitted to challenge and request a review of the processing if they believe the rules aren’t being followed.
Right to Withdraw Your Consent
Where we rely on your consent as the legal basis for processing your Personal Data, you may withdraw your consent at any time. If you withdraw your consent, our use of your Personal Data before you withdraw is still lawful.
If you have given consent for your details to be shared with a third party and wish to withdraw this consent, please also contact the relevant third party in order to change your preferences.
Please note that, if you change your mind about being sent marketing emails you can “opt out” at any time by clicking the “unsubscribe” link at the bottom of any marketing email. Once you “opt out”, you will no longer receive any marketing emails from us. We will continue to communicate with you regarding your service billing and support via email.
Right to Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights. Unless the applicable data protection laws permit it, we will not:
- Deny you goods or services;
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits or imposing penalties;
- Provide you a different level or quality of goods or services; or
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
How Can You Exercise Your Privacy Rights?
To exercise any of the rights described above, please contact us.
If the GDPR applies to our processing of your Personal Data, you have the right to lodge a complaint with the supervisory authority of the country in which you are located or to our EU representative. You may also complain to the Information Commissioner’s Office (“ICO”), which is the UK or to our UK representative.
Verification of Your Identity
In order to correctly respond to your privacy rights requests, we need to confirm that YOU made the request. Consequently, we may require additional information to confirm that you are who you say you are.
We will only use the Personal Data you provide us in a request to verify your identity or authority to make the request.
Verification of Authority
If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual. When contacting us, please provide us with proof that the individual gave you signed permission to submit this request, a valid power of attorney on behalf of the individual, or proof of parental responsibility or legal guardianship. Alternatively, you may ask the individual to directly contact us to verify their identity and confirm with us that they gave you permission to submit this request.
Response Timing and Format of Our Responses
We will confirm the receipt of your request within ten (10) business days and, in that communication, we will also describe our identity verification process (if needed) and when you should expect a response, unless we have already granted or denied the request.
Please allow us up to a month to reply to your requests from the day we received your request. If we need more time (up to 90 days in total), we will inform you of the reason why and the extension period in writing.
If we cannot satisfy a request, we will explain why in our response. For data portability requests, we will choose a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without difficulty.
We will not charge a fee for processing or responding to your requests. However, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request.
EU-U.S. and Swiss-U.S. Data Privacy Frameworks
With respect to Personal Data processed in the scope of this Policy, Numonix complies with the EU-U.S. Data Privacy Framework (and its UK Extension) and Swiss-U.S. Data Privacy Framework (the “Data Privacy Framework”) as adopted and set forth by the U.S. Department of Commerce regarding the processing of Personal Data. Numonix commits to adhere to and has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles.
To learn more about the Data Privacy Framework, and to view Numonix’s certification, please visit https://www.dataprivacyframework.gov/s/ and https://www.dataprivacyframework.gov/s/participant-search, respectively.
Dispute Resolution
Where a privacy complaint or dispute relating to Personal Data received by Numonix in reliance on the Data Privacy Framework cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy- services/dispute-resolution/submit-dispute/.
If a complaint or dispute cannot be resolved through our internal process, we have also agreed to cooperate with the EU data protection authorities, the UK Information Commissioner’s Office, and the Swiss Federal Data Protection and Information Commissioner and to participate in the dispute resolution procedures of the panel established by such data protection authorities.
Binding Arbitration
If your dispute or complaint cannot be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you under the “Recourse, Enforcement and Liability” Principle and Annex I of the Data Privacy Framework.
https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2
U.S. Regulatory Oversight
Numonix is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
Contact Us
If you have any questions about this Policy or our processing of your Personal Data, please submit a request by either:
Calling us at +1 (855) 686-6649 (domestic) or +1 (561) 952-2600 (international);
Contacting our Security Officer by email at dataprotection@numonix.cloud; or
Writing to us at:
Numonix LLC
Attn: Darren Poswell, Security Officer
2650 N. Military Trail, Suite 150
Boca Raton Florida, 33431 USA
Please allow up to 30 days for us to reply.
EU and UK Representative. We have appointed VeraSafe Ireland Ltd and VeraSafe United Kingdom Ltd. (“VeraSafe”) as our representative in the EU and UK, respectively, for data protection matters. While you may also contact us, VeraSafe can be contacted on matters related to the processing of Personal Data. To contact VeraSafe, please use this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative.
Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
United Kingdom
Other Terms
Industry Standard Security. Numonix has implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect PII from unauthorized processing such as unauthorized access, disclosure, alteration, or destruction.
No Children Under Age 13. We do not intentionally gather Personal Data about visitors who are under the age of 13. If you believe your child’s data may have been inadvertently collected, please contact us to submit a deletion request.
No Contractual Rights. This Privacy Policy is not a contract and does not create any contractual rights or obligations.
Links to Third-Party Sites. Our Service may contain links to other sites and services, which are owned and controlled by others. These third-party websites have their own policies regarding privacy, and you should review those policies.
Revisions to this Policy. If we make any material change to this Policy, we will post the revised Policy to this web page. We will also update the “Last Updated” date.
Acceptable Use Policy (AUP)
All users of the Numonix web-based service (Service) must comply with this Acceptable Use Policy (AUP). This AUP is part of our Subscription Services Agreement (SSA). Your use or continuation of the Service constitutes your acceptance of this AUP. It is your responsibility, and contractual obligation, to ensure that your affiliates, agents, and/or customers (End Users) comply with this AUP.
- You expressly understand that the evolving nature of the Internet and online commerce makes it necessary for us to reserve the right to make changes to this AUP at any time and without notice, but which will only apply on a prospective basis.
- This AUP may not represent all possible ways in which you or an End User engage in unacceptable behavior.
- Numonix encourages prospective customers to carefully review sections of this AUP covering Recording, Intellectual Property Violations, and Security.
- A thorough review of those sections and the entire AUP may help avoid creating issues under it that will cause Numonix to take action, up to, and including, termination of a customer’s account.
- Services we provide may be subject to other acceptable use policies.
- Numonix will provide these acceptable use policies to you on request.
Scope and Purpose
Numonix does not review, edit, censor, or take responsibility for any information customers or End Users may create or store.
Contacting us about Abuse and Requests for Information about Customers and End Users
- Individuals who contact Numonix about this AUP, the behavior of our customers, or for other purposes, are required to provide us with accurate information to enable us to contact them and respond to their requests.
- Numonix does not respond to anonymous correspondence.
E-mail addresses used to contact Numonix are set out here dataprotection@numonix.cloud
- Please note that Numonix has created special addresses for certain types of complaints.
- Complaints misdirected by a Customer or End User may not be responded to by Numonix.
- Complaints submitted to Numonix are not confidential and may be forwarded to Numonix’s Customer or law enforcement, without notice.
- Numonix does not recognize requests that complaints be kept confidential and will not honor those requests.
- Some abuse complaints may not receive a reply depending on the volume of abuse complaints about that particular issue.
- Numonix does not respond to anonymous correspondence.
- Numonix may disclose information, including information that Customers or End Users consider confidential, in order to comply with a court order, subpoena, summons, discovery request, warrant, regulation, or governmental request, which appears to be valid.
- Numonix may also disclose such information when it is necessary for us to protect our business, or others, from harm.
- Numonix assumes no obligation to inform Customers or End Users that Numonix has provided this type of information unless Numonix has affirmatively agreed to do so. In some cases, Numonix may be prohibited by law from giving such notice.
- Individuals who contact Numonix about this AUP, the behavior of our customers, or for other purposes, are required to provide us with accurate information to enable us to contact them and respond to their requests.
The Services may be used for lawful purposes only
Transmission, storage, or presentation of any information, data or material in violation of any applicable law, regulation, this AUP, or our SSA, is prohibited. You may not use the Service to directly facilitate the violation of any law or regulation, including, but not limited to:
- forging, misrepresenting, omitting or deleting message headers, return mailing information, and/or internet protocol addresses, to conceal or misidentify the origin of a message;
- creating or sending Internet viruses, worms or Trojan horses, flood or mail bombs, or engaging in denial of service attacks;
- hacking, and/or subverting, or assisting others in subverting, the security or integrity of our products or systems;
- disseminating material that may cause us to be subject to attacks on our network, or that which is, but is not limited to, racist, pornographic, hateful material, or those which create customer service or abuse issues for us. Under no circumstances may Numonix’s systems be used to gain access or deny access to a system without the permission of the system’s owners (or rightful users);
- probes, port-scans, sweeps and spoofing of systems without the express permission of the owners of those systems; Numonix reserves the right to use probes, port-scans, sweeps and spoofing on any system connected to the Numonix network in the course of performing security assessments and threat management;
- soliciting the performance of any illegal activity, even if the activity itself is not performed; and/or acting in any manner that might subject us to unfavorable regulatory action, subject us to any liability for any reason, or adversely affect our public image, reputation or goodwill, as determined by us in our sole and exclusive discretion.
Copyright
Numonix is a registered trademark with the United States.
Numonix’s designated agent for receipt of notices pursuant to the DMCA is: dataprotection@numonix.cloud
Other Intellectual Property Infringement
Customers and End Users may not engage in activity that infringes or misappropriates the intellectual property rights of others. This includes but is not limited to trademarks, service marks, trade secrets, software piracy, and patents. Complaints about such activity by Customers or End Users may be directed to the address at the end of this AUP.
U.S. Export and Import Laws
- Customers and End Users may not use Numonix’s services to engage in a violation of
U.S. export and import control laws.
o More information about U.S. export laws may be found at http://www.export.gov/exportcontrols.html
- Customers and End Users may not use Numonix’s services to engage in a violation of
Subpoenas, Warrants, Document Preservation Requests and Other Requests for Information
- Law enforcement agencies who seek information about Numonix’s customers, or their use of Numonix’s services, are required to submit a subpoena, or other similar documents, pursuant to which Numonix is required by law to produce this information (Subpoena).
- Unless specifically required by law and so clearly communicated to Numonix, the subpoena will be transmitted to Numonix’s Customer.
- Civil demands for information, such as discovery requests and similar demands (Civil Demands), must be part of a filed and pending litigation matter.
- Responses to Civil Demands are at Numonix’s discretion.
- Responses are subject to a response fee of $250 per hour.
- Numonix does not honor requests from civil litigants to limit or to pre-approve response expenses.
- Civil litigants are encouraged to contact Numonix prior to serving Civil Demands in order to minimize their expenses.
- Numonix understands its obligations to preserve certain electronically stored material.
- Parties who ask Numonix to preserve this material, must contact Numonix in writing, and describe specifically what information they would like preserved.
- Preservation of any material is at Customer’s cost, which must be paid in advance.
- Law enforcement agencies who seek information about Numonix’s customers, or their use of Numonix’s services, are required to submit a subpoena, or other similar documents, pursuant to which Numonix is required by law to produce this information (Subpoena).
Changes to the Acceptable Use Policy
This Acceptable Use Policy may be updated from time to time, and the latest version of the document will be made available in this page.
Updated April 10, 2020
IXCloud Fair Usage Policy
Policy Statement:
This offering is designed for significant usage, however at some point there can be excessive usage.
Excessive Usage means:
Audio – 8 hours per day (on average over a month using 22 days per month) of continuous audio recording (using standard audio(mono)),
Video – 5 hours per day of continuous video recording (using video (up to 1920 × 1080)), or
Stored Calls – If the number of calls stored by the service in relation to the number of named active users is excessive.
Daily API Calls – if the number of API calls is greater than 2400 API calls per day per tenant.
If customer repeatedly exceeds violates this policy Numonix may throttle down the service or customer may incur charges (upon electronic advance notice) to limit the excessive usage.
Prior Notice of Extenuating Customer Circumstances.
Numonix understands that customers will occasionally have very high volumes of traffic outside of normal usage patterns. In those cases where this traffic can be predicted Numonix requests to be informed with as much notice as possible to ensure that service delivery remains consistently high.
Changes to the Fair Usage Policy
This Fair Usage Policy may be updated from time to time, and the latest version of the document will be made available in this page.
Rev. January 12,2021
IXCloud
API Policy
Modifications to Policy
IXCloud (Numonix) reserve the right, in its sole discretion, to modify this IXCloud or Numonix Software API Policy at any time. You are responsible for reviewing and becoming familiar with any modifications. Modifications are effective when first posted. To receive notifications about changes to this policy and the API functionality, see the Deprecation and API Changes section below.
Principles
Applications that access the IXCloud or Numonix Software API should adhere to the following principles:
- Don’t impersonate.
- Don’t surprise users.
- Respect the privacy of any information retrieved.
- Don’t overload users.
- Don’t Overload API’s
Additionally, your applications must adhere to API rate limits where applicable (see the API Rate Limits section below).
Don’t Impersonate
- Your application should not mirror or replicate IXCloud , or any other organization using Numonix software or services.
- Do not impersonate or facilitate impersonation of others in a manner that can mislead, confuse, or deceive users.
- End users should understand that your application is integrated with IXCloud or Numonix Software or Services but is an independent resource.
- You should not remove or alter any proprietary notices in the provided API’s.
Don’t Surprise Users
Your application should not…
- Use the API for different purposes other than what your application states or implies.
- Confuse or mislead users about the source or purpose of your application.
- Use business names and/or logos in a manner that can mislead, confuse, or deceive users.
- Use the IXCloud or Numonix software or services API’s on behalf of any third-party.
- Facilitate or encourage the publishing of links to malicious, inappropriate, untrue, illegal, private or obscene content.
Your service should outline what actions your application will take on the user’s behalf as part of the application registration process.
Respect the Privacy of any Information Retrieved
- Any user information—including extensions, personal contact, Business contact , profile information, etc.—retrieved through the IXCloud or Numonix API’s should be considered private information and, in some cases, will be protected by government regulations, please review applicable regulations and insure your use is compliant.
- Know what information your tool will disclose to the public or to other products and services, and be clear with end users about what information will be disclosed.
- Do not facilitate or encourage the publishing of private or confidential information.
- Always ensure that proper notification is given to customers and end users, including the customers clients be it Business to Business (B2B) or Business to Consumer(B2C) interactions.
Don’t Overload Users
IX cloud provides a number of different ways to contact, notify, and inform users of information. Where these methods are exposed in the API, it’s important to monitor how often your application is pushing information to users.
In general, you should try to push information as rarely as possible, both to prevent user annoyance and also to make your pushes more effective.
API Rate Limits
Applications that access the IXCloud Or Numonix Software or Services API’s must not place undue load on Numonix servers or infrastructure. Numonix will monitor, limit and in some cases terminate excessive use . Where applicable when the rate limit or number of calls is exceeded, API requests will fail. Limiting is enforced per user access token (and tenant) so that partners who perform requests on behalf of multiple end users will not be throttled.
If an application regularly exceeds the API rate limits or uses a disproportionately large number of high-impact (e.g. non-GET) requests, the access tokens may be revoked, or other measures may be taken to ensure the stability of the system for all users.
If you are concerned about hitting the rate limit, please contact your Customer Success Manager to either adjust your rate limit or seek assistance from our or other paid for professional services optimizing your application for lower impact on the provided Software or Services and to improve overall performance.
Deprecation and API Changes
The IXCloud and Numonix Software and Services API’s are versioned to allow for future enhancements. We strive to deliver a platform that is stable, consistent, and secure so you can confidently build scalable solutions on top of our APIs. Over time we will add, change, and remove API endpoints and fields from time to time using commercially reasonable efforts to provide communication and backward compatibility where possible as indicated:
Type of change | Notice | What you should do |
Remove an endpoint | Endpoint will be marked DEPRECATED at least 60 days before endpoint is removed | Watch release notes |
Remove a documented field in a result set | Field will be marked DEPRECATED at least 60 days before field is removed | Watch release notes |
Remove an undocumented field in a result set | Undocumented fields can be removed or changed without notice | Avoid using these fields or be aware that they could be experimental and could change at any time |
Add a field to a result set | Field can be added without prior notice | Write your code to be resilient to these types of changes |
Add to the attribute set of a field in the result set | New values can be added to a field without prior notice | Write your code to be resilient to these types of changes |
Change the attribute set of a field in the result set | Field value will be marked DEPRECATED at least 60 days before attribute is changed | Watch release notes |
Remove the attribute set of a field in the result set | Field value will be marked DEPRECATED at least 60 days before attribute is removed | Watch release notes |
Change to BETA endpoints, fields, or attributes | Can be removed or changed without prior notice | Watch release notes |
Change to Sandbox endpoints, fields, or attributes | Can be removed or changed without prior notice we will make best effort to give at least 5 days | Watch release notes |
Changes related to fixing a security vulnerability | Any change related to repairing a security vulnerability could be made without prior notice | Watch release notes or security notifications where applicable |
Numonix has no liability to Customer as a result of any change, temporary unavailability, suspension, or termination of access to the API.
Information and notices regarding the available APIs can be found in the technical documentation on the website and in IXCloud API Release and Documentations as and where applicable.
API Support
Developers using iCloud Services provide by Numonix can submit questions or issues with the API to the Support team in one of the following ways:
- Email support@Numonix.cloud
Tickets about the API will be handled following the same service-level agreement that applies to any other ticket from a given organization.
Developers who are not part of an official program can get support through the developer community:
- Engage in conversation on
- Participate in our TBD site found here: TBD
Rev. May 15, 2020
SUBSCRIPTION SERVICES AGREEMENT
PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USINGTHIS SERVICE.
BY USING THE SERVICE ORCLICKING AGREE (OR AN EQUIVALENT) YOU ARE AGREEING TO BE BOUND BY THIS AGREEMENT. IF YOU ARE AGREEING TO THIS AGREEMENT ON BEHALF OF OR FOR THE BENEFITOF YOUR EMPLOYER OR A THIRD PARTY, THEN YOU REPRESENT AND WARRANT THATYOU HAVE THE NECESSARY AUTHORITY TO AGREE TO THIS AGREEMENT ON THEIR BEHALF.
This agreement is betweenNumonix, LLC, a Delaware corporation (Numonix), and the Customer agreeingto these terms (Customer).
SOFTWARE SERVICE.
>This agreement providesCustomer access to and usage of an Internet-based softwareservice, including, withoutlimitation, its features, functions, and user interface, as specified on an order (Service).
USE OF SERVICES (SUBSCRIPTION).
a. Customer Owned Data. All audio and video files and other data uploadedby Customer to the Serviceremains the property ofCustomer, as between Numonix and Customer (Customer Data). Customergrants Numonix the right to use theCustomer Data solely for purposes of performing under this agreement. Duringthe term of this agreement, Customermay export its Customer Data as allowed by functionality within the Service. If Customer plans to process data of EUresidents, then the Data Processing Addendum in our privacy policy https://numonix.cloud/Compliance/ applies to this agreement.
b. Local Laws. Customer is responsible for compliance with all applicable laws when using the Service, includingwithout limitation, call recording laws and appropriate consents to record.
c. Access and Usage. Customer may allow itscontractors to access the Service in compliance with the terms of this agreement, which access must befor the sole benefit of Customer. Customer is responsible for the compliance with this agreementby its contractors.
d.CustomerResponsibilities. Customer:(i) must keep its passwords secure and confidential; (ii) is solely responsible for Customer Data and allactivity in its account in the Service; (iii) must use commercially reasonable efforts to prevent unauthorizedaccess to its account, and notify Numonix promptly of any such unauthorized access; (iv) backup the CustomerData and ensure that it meets Customer’s backup requirements;and (v) may use the Service only in accordance with the Service’s technicaldocumentation, policies and applicable law. Please see https://numonix.cloud/Compliance/ for IXCloudstandard policies including Privacy Policy , Cookie Policy, Acceptable UsagePolicy (AUP), Fair Usage Policy and API policy
e. Numonix Support. Numonix must provideCustomer support for the Service under the terms of Numonix’s CustomerSupport Policy (Support), which is locatedat https://numonix.cloud/support/
f. 30-Day Trial Version. If Customer has registeredfor a trial use of the Service, Customer may access the Service for a 30-day time period (unlessextended by Numonixin writing). The Service is provided AS IS withno warranty during this time period. All Customer Data will be deletedafter the trial period unless Customer converts its account to a paid Service.
g. Free Version. If Customer has registeredfor a no-charge use of the Service, Customer may access the Serviceuntil it is cancelled by Numonix (withoutcause) upon noticesent via email (using its email addressin the Service), or by the Customer. The Service is provided AS IS withno warranty. All Customer information will be deleted after the no-chargeperiod ends unless Customer converts its account to a paid Service.
h. Third-Party Services. The Service interoperates with one or more thirdparty services (e.g. Salesforce, Skypefor Business, ShoreTel, AudioCodes, Microsoft Teams etc.) and depends onthe continuing availability and accessto such third-party service and any data or information interfaces (Third-PartyServices). If for any reason Numonixcannot access or use the applicable Third-Party Service (including withoutlimitation, change in terms or increase in fees chargedby a third-party service provider), Numonix may not be able to provideall the functions of its Service.No refund or credit will be providedfor unavailability of any Third-Party Services.
i. API. Numonix provides accessto its free set of application-programming interface(API) as part of the Service for no additional fee. Subject to the other terms of this agreement, Numonix grants Customera non-exclusive, nontransferable, terminable license to interact only with the Service as allowedby the API.
·Customermay not use the API in a manner, as reasonably determined by Numonix, thatexceeds reasonable request volume,constitutes excessive or abusive usage, or fails to comply with any part of the API. If any of these occur, Numonixcan suspend or terminate Customer’s access to the API on a temporaryor permanent basis. For usage levels see Fair Usage Policy for guidanceon what Numonix considers reasonable https://numonix.cloud/Compliance/
·Numonixmay change or remove existing endpoints or fields in API results upon at least30 days’ notice to Customer, but Numonix will use commercially reasonable efforts to support the previous versionof the API for at least 6 months. Numonixmay add new endpoints or fields in API resultswithout prior noticeto Customer.
·The APIis provided on an AS IS basis. Numonix has no liability to Customer as a resultof any change, temporary unavailability, suspension, or termination of accessto the API.
j. Locally Run Software. Depending on the Service offeringpurchased, any softwareprovided by Numonixas part of the Service thatis designed to run locally (On-Premise Software) is licensed to Customeras follows: Numonix grants Customera non-exclusive, non-transferable license during the term of the order, to useand copy such On-Premise Softwarein accordance with its technical documentation, solely in connection with the Service.
SERVICE LEVEL AGREEMENT & WARRANTY.
a. Warranty. Numonix warrants toCustomer: (i) that commercially reasonable efforts will be made to maintain the online availability of the Service fora minimum of availability in any given month as provided in the SLA locatedat https://numonix.cloud/support/ &https://numonix.cloud/Compliance/ (ii) the functionality orfeatures of the Service may change but will not materially decreaseduring any paid term; and (iii) that the Supportmay change but willnot materially degrade during any paid term.
b. DISCLAIMER. NUMONIXDISCLAIMS ALL OTHER WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, AND FITNESSFOR A PARTICULAR PURPOSE.WHILE NUMONIX TAKES REASONABLE PHYSICAL, TECHNICAL, AND ADMINISTRATIVE MEASURES TO SECURE THE SERVICE, NUMONIXDOES NOT GUARANTEE THAT THE SERVICE CANNOT BE COMPROMISED. CUSTOMERUNDERSTANDS THAT THE SERVICE MAY NOT BE ERROR FREE,AND USE MAY BE INTERRUPTED.
PAYMENT.
Customer must pay all feesas specified on the order, but if not specified, then within 30 days of receiptof an invoice. Customer isresponsible for the payment of all sales, use, withholding, VAT, and othersimilar taxes. This agreementcontemplates one or more orders for the Service, which orders are governed bythe terms of this agreement.
MUTUAL CONFIDENTIALITY.
a. Definition of ConfidentialInformation. ConfidentialInformation means all non-public information disclosed by a party (Discloser) to theother party (Recipient), whether orally, visually, or in writing, thatis designated as confidential or that reasonably shouldbe understood to be confidential giventhe nature of the information and the circumstances ofdisclosure (Confidential Information). Numonix’s Confidential Informationincludes, without limitation, the Service, its user interface design andlayout, and pricing information, and the On-Premise Software. Customer’s Confidential Information includes,without limitation, the Customer Data.
b. Protection of ConfidentialInformation. TheRecipient must use the same degree of care that it uses to protect the confidentiality of its ownconfidential information (but in no event less than reasonable care), and it may not disclose or use anyConfidential Information of the Discloser for any purpose outside the scope of this agreement. The Recipient must makecommercially reasonable efforts to limit access to Confidential Information of Discloser to those of itsemployees and contractors who need such access for purposes consistent with this agreement and whohave signed confidentiality agreements with Recipient no less restrictive than the confidentiality terms of this agreement.
c. Exclusions. Confidential Information excludes information that: (i) is or becomes generallyknown to the public without breach of any obligation owed toDiscloser; (ii) was known to the Recipient prior to its disclosure by the Discloser withoutbreach of any obligation owed to the Discloser; (iii) is receivedfrom a third party withoutbreach of any obligation owed to Discloser; or (iv) was independently developedby the Recipient without use oraccess to the Confidential Information. The Recipient may disclose ConfidentialInformation to the extent required by law or court order butwill provide Discloserwith advance noticeto seek a protective order.
·Security Measures. In order to protectCustomer’s Confidential Information, Numonix: (i) implements and maintains allreasonable security measures appropriate to the nature of the ConfidentialInformation including, withoutlimitation, technical, physical, administrative, and organizational controls,and will maintain theconfidentiality, security, and integrity of such Confidential Information; (ii)implements and maintainsindustry standard systems and procedures for detecting, preventing, and responding to attacks, intrusions, or other systems failures andregularly tests, or otherwise monitors the effectiveness of the safeguards’ key controls, systems, andprocedures; (iii) designates an employee or employees to coordinate implementation and maintenance of its SecurityMeasures (as defined below); and (iv) identifiesreasonably foreseeable internal and external risks to the security,confidentiality, and integrity of Customer’s Confidential Information that could resultin the unauthorized disclosure, misuse,alteration, destruction, orother compromise of such information, and assesses the sufficiency of anysafeguards in place to control these risks (collectively, Security Measures).
·Noticeof Data Breach. IfNumonix knows that Customer Confidential Information has been accessed, disclosed, or acquired withoutproper authorization and contrary to the terms of this agreement, Numonixwill promptly alert Customer of any such data breach, and immediatelytake such actions as may be necessaryto preserve forensic evidence and eliminate the cause of the data breach.Numonix will give highest priority toimmediately correcting any data breach and will devote such resources as may be requiredto accomplish that goal. Numonixwill provide Customerwith all available information reasonably necessary to enable Customerto fully understand the nature and scope of the data breach. To the extentthat Customer, in its sole reasonable discretion, deems warranted,Customer may provide notice to any orall parties affected by any data breach. In such case, Numonix will consultwith Customer in a timely fashionregarding appropriate steps required to notify third parties. Numonix willprovide Customer with information about what Numonixhas done or plans to do to minimize any harmful effect of the unauthorized use or disclosure of, or access to, Confidential Information.
e. DataProtection Agreement
·IXCloudoffers a data processing agreement (DPA) that defines Numonix and Customer’sobligations under GDPR, and includes the EU’s approved Standard ContractualClauses for the handling of data collected in the European Economic Area andSwitzerland outside of those areas. If Customer has a need for this agreement,Customer should please request it from Customer’s IXCloud accountrepresentative.
f.Compliancewith Data Protection Laws
·Inprocessing Personal Data in the Numonix Products and through the ProfessionalServices to Customer, Numonix shall comply with applicable legal requirementsfor privacy, data protection and confidentiality of communications. Suchapplicable legal requirements include the Standards for the Protection ofPersonal Information of Residents of the Commonwealth of Massachusetts (201 CMR17.00), the California Consumer Privacy Act of 2018 (the “CCPA”), and otherapplicable United States data protection laws at the state level, andimplementing national legislation, and Regulation 2016/679 (also known asGDPR), if applicable. Numonix shall not (i) sell Personal Data as defined underthe CCPA, or (ii) retain, use, or disclose Personal Data for any purpose otherthan for the specific purpose of providing the Numonix Services. Numonix iscertified under the Privacy Shield to cover the transfer of data collected inthe European Economic Area and Switzerland to the United States.
PROPERTY.
a. Reservation of Rights. The Service and theOn-Premise Software are the proprietary property of Numonix and its licensors, and all right,title, and interestin and to the Serviceand the On-Premise Software, including all associated intellectual property rights, remainonly with Numonix.Customer may not remove or modify any proprietary markingor restrictive legendsin the Service or On-Premise Software. Numonix reservesall rights unlessexpressly granted in this agreement.
b. Restrictions. Customer may not:(i) sell, resell, rent, or lease the Service or use it in a service-provider capacity;(ii) use the Service to store or transmit infringing, unsolicited marketing emails,libelous, or otherwise objectionable, unlawful, or tortious material, or to storeor transmit materialin violation of third-party rights;(iii) interfere with ordisrupt the integrity or performance of the Service; (iv) attempt to gainunauthorized access to the Serviceor its related systemsor networks; (v) reverse engineerthe Service or the On-Premise Software; or (vi)access the Service or use the On-Premise Software to build a competitiveservice or product, or copy any feature, function, or graphic for competitive purposes.
c. Statistical Information. Numonix may compile statisticalinformation related to the performance of theService and may make such information publicly available, provided thatsuch information does not identify CustomerData, and there is no means to re-identify Customer Data. Numonix retains allintellectual property rights in such information.
TERM AND TERMINATION.
a. Term. This agreement continuesuntil all orders have expired or are terminated for material breach under Section7(b).
b. Mutual Termination forMaterial Breach. Ifeither party is in material breach of this agreement, the other party may terminate this agreement at theend of a written 30-day notice/cure period if the breach has not been cured.
·Within15 days after termination, upon request of the Customer, Numonix will make the Service available for Customer to export CustomerData as provided in Section 2(a). If Customer needs additional assistance beyond the servicesNumonix provides to other customers under Support, then Numonix will provide such servicesat its then current hourly rates.
·Aftersuch 15-day period, Numonixhas no obligation to maintain the Customer Data and will destroy it.
d. Return Numonix Property Upon Termination. Upon termination of this agreementfor any reason,Customer must pay Numonixfor any unpaid amounts and destroy or return all property of Numonix. UponNumonix’s request, Customerwill confirm in writing its compliance with this destruction or return requirement.
e. Suspension for Violationsof Law. Numonixmay temporarily suspend the Service and/or remove the applicable Customer Data if it in good faith believes that, aspart of using the Service, Customer has violated a law. Numonix will attempt to contact Customer in advance.
f. Suspension for Non-Payment.Numonixmay temporarily suspend the Service if Customer is more than 30 dayslate on any payment due pursuant to an order.
LIABILITY LIMIT.
a. Exclusion of IndirectDamages. Numonix is not liable for any indirect, special, incidental, orconsequential damages arisingout of or related to this agreement (including, withoutlimitation, costs of delay; and lost profits,revenue, or anticipated cost savings), even if it knows of the possibilityor foreseeability of such damage or loss.
b. Total Limiton Liability. Numonix’s total liability arisingout of or related to this agreement (whether in contract,tort, or otherwise) does not exceedthe amount paid by Customerwithin the 12-monthperiod prior to the eventthat gave rise to the liability.
DEFENSE OF THIRD-PARTY CLAIMS.
a.Numonix will defend or settle any third-party claim against Customerto the extent that such claim allegesthat Numonix technology usedto provide the Service violates a copyright, patent, trademark, or otherintellectual property right, ifCustomer promptly notifies Numonix of the claim in writing, cooperates withNumonix in the defense, and allows Numonixto solely controlthe defense or settlement of the claim.Costs. Numonix will pay infringement claim defense costs itincurs in defending Customer, Numonix-negotiated settlement amounts, and court-awarded damages. Process. Ifsuch a claim appears likely, then Numonix may modify the Service, procure the necessary rights, or replaceit with the functional equivalent. If Numonix determines that none of these are reasonably available, then Numonixmay terminate the Service and refund any prepaid and unused fees. Exclusions. Numonix has no obligation for any claim arising from: Numonix’s compliance with Customer’s specifications; a combination of theService with other technology or aspects where the infringement would not occur but for the combination; use ofCustomer Data; or technology or aspects not provided by Numonix. THIS SECTION CONTAINS CUSTOMER’SEXCLUSIVE REMEDIES AND NUMONIX’S SOLE LIABILITY FOR INTELLECTUAL PROPERTY INFRINGEMENT CLAIMS.
b. If a third party claimsagainst Numonix that any part of the Customer Data infringes or violates thatparty’s patent, copyright, or other right,Customer will defend Numonix againstthat claim at Customer’s expenseand pay all costs, damages,and attorneys’ fees that a court finally awards or that are included in asettlement approved by Customer,provided that Numonix promptly notifies Customer of the claim in writing,cooperates with Customerin the defense, and allowsCustomer to solelycontrol the defenseor settlement of the claim.
GOVERNING LAW AND FORUM.
This agreement is governed by the laws of the State of Florida (withoutregard to conflictsof law principles) for any dispute betweenthe parties or relating in any way to the subject matter of this agreement. Any suit or legal proceeding must be exclusivelybrought in the federal or state courts for Palm Beach County, Florida,and Customer submitsto this personaljurisdiction and venue. Nothing in this agreement prevents either partyfrom seeking injunctive relief in a court of competent jurisdiction. Theprevailing party in any litigation is entitled to recover its attorneys’ fees andcosts from the other party.
If the Customer is located outside the United States, then this agreement is governed by the laws of Florida,without regard to conflict of laws principles. Any dispute between customer and Numonix arising out of or related to this agreementmust be exclusively determined by bindingarbitration in Palm Beach County,FL, US in English, under the then current commercial or international rulesof The International Centre For Dispute Resolution. The decisions of the arbitrators may be enteredin any court of competentjurisdiction. Nothing in thisagreement prevents either party from seeking injunctive relief in any court ofcompetent jurisdiction. The prevailing party in any arbitration orlitigation is entitled to recover its attorneys’ fees and costs from the otherparty.
OTHER TERMS.
a. Entire Agreement and Changes. This agreement and the order constitute the entire agreement between the parties and supersede any prior orcontemporaneous negotiations or agreements, whether oral or written, related to this subject matter. Customeris not relying on any representation concerning this subject matter, oral or written,not included in this agreement. No representation, promise,or inducement not included in this agreement is binding. No modification or waiver of any term of this agreement is effective unlessboth parties signit, however this agreement may be modifiedthrough an onlineprocess provided by Numonix.
b. No Assignment. Neither party may assign ortransfer this agreement to a third party, nor delegate any duty, except that the agreement and all ordersmay be assigned, without the consent of the other party, as part of a mergeror sale of all or substantially all the businesses or assetsof a party.
c. Independent Contractors. The partiesare independent contractors with respect to each other.
d. Enforceability and Force Majeure.If any term of this agreementis invalid or unenforceable, the other termsremain in effect. Except for the payment of monies, neither party isliable for events beyond its reasonable control, including, without limitation, forcemajeure events.
e. Money Damages Insufficient.Any breachby a party of this agreement or violation of the other party’s intellectual property rights could cause irreparable injury or harm to the other party. The other party may seek a courtorder to stop any breach or avoid any future breach of thisagreement.
f. No Additional Terms. Numonix rejects additionalor conflicting terms of a Customer’s form-purchasing document.
g. Order of Precedence. If there is an inconsistency between this agreementand an
order, the order prevails.
h. Survival of Terms. Any terms, that by theirnature survive termination of this agreement for a party to assert its rights and receive the protections of this agreement, will survive (including, without limitation, the confidentiality terms).The UN Convention on Contracts for the International Sale of Goods does not apply.
i. Feedback. If Customer providesfeedback or suggestions about the Service, then Numonix (and those it allowsto use its technology) may use such information withoutobligation to Customer.
k.ExportCompliance. Customermust comply with all applicable export control laws of the United States, foreignjurisdictions and other applicable laws and regulations.
l. Restricted Rights.If Customeris a United States government agency or acquiredthe license to the softwarehereunder pursuant to a government contract or with government funds,then as defined in FAR §2.101, DFAR §252.227-7014(a)(1) and DFAR §252.227-7014(a)(5) or otherwise, all software providedin connection with this agreement are “commercialitems,” “commercial computer software” or “commercial computer softwaredocumentation.” Consistent with DFAR§227.7202 and FAR §12.212, any use, modification, reproduction, release, performance, display,disclosure or distribution by or for the UnitedStates government is governed solelyby the terms of this agreement and is prohibited except to the extent permittedby the terms of this agreement.
m. Clause Required byMicrosoft. Everyuser of the Service must personally notify other participants prior to invokingany action in the Servicethat will initiate recording or persisting of media.
Last Revised 10/07/21
IXCLOUD (NUMONIX)
DATA PROCESSING
ADDENDUM
This Data Processing Addendum (“DPA”) applies to IXCloud (Numonix)’s Processing of Personal Data provided to IXCloud (Numonix) by Customer as part of IXCloud (Numonix)’s provision of Recording Software, Services, or Software-as-a-Service (“Services”) to Customer. This DPA forms part of the IXCloud Subscription Services Agreement, Terms of Service, End User License Agreement, or other written or electronic agreement (“Agreement”) between Numonix and Customer for the purchase of Services to reflect the parties’ agreement with regard to the Processing of Personal Data.
In the course of providing products and/or services to Customer pursuant to this DPA, IXCloud (Numonix) may Process Personal Data on behalf of Customer and the parties agree to comply with the following provisions with respect to any Personal Data, each acting reasonably and in good faith.
The terms of this DPA will be effective and replace any previously applicable data processing terms as of the date of execution.
Introduction
- Customer is a Controller (as applicable partner or end tenant) of certain Personal Data and wishes to appoint IXCloud (Numonix) as a Processor to Process this Personal Data on its behalf.
- The parties are entering into this DPA to ensure that IXCloud (Numonix) conducts such data Processing in accordance with Customer’s instructions and Applicable Data Protection Law requirements, and with full respect for the fundamental data protection rights of the Data Subjects whose Personal Data will be Processed.
Definitions
In this DPA, the following terms shall have the following meanings:
“Controller“, “Processor“,” Sub-Processor“, “Data Subject“, “Personal Data” and “Processing“ (and “Process”) shall have the meanings given in Applicable Data Protection Law. “Personal Data” shall include “Personal information” as that term is defined under Applicable Data Protection Law.
“Applicable Data Protection Law” shall mean: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation); (ii) EU Directive 2002/58/EC concerning the Processing of Personal Data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications); (iii) any national legislation made under or pursuant to (i) or (ii) ; (iii) California Consumer Privacy Act,; (iv) any amendments or successor legislation to (i), (ii), (iii), or (v); and (v) any other applicable data protection law, all as updated or superseded from time to time.
“Model Clauses” shall mean the model clauses for the transfer of Personal Data to Processors established in third countries approved by the European Commission from time to time, the approved version of which in force at present is that set out in the European Commission’s Decision 2010/87/EU of 5 February 2010.
Data Processing
- Relationship of the Parties. Customer (the Controller) appoints IXCloud (Numonix) as a Processor or (Sub- Processor as applicable) to Process the Personal Data that is the subject matter of the Agreement. Each party shall comply with the obligations that apply to it under Applicable Data Protection Law.
- Purpose Limitation. IXCloud (Numonix) shall Process the Personal Data as a Processor only as necessary to perform its obligations under the Agreement, and strictly in accordance with the documented instructions of Customer
- International Transfers. Customer acknowledges and agrees that IXCloud (Numonix) may transfer and process Personal Data anywhere in the world where IXCloud (Numonix), its affiliates or its sub-processors maintain data processing operations. IXCloud (Numonix) shall not transfer the Personal Data (nor permit the Personal Data to be transferred) outside of the European Economic Area (the “EEA”) or the United Kingdom (the “UK”) unless it takes such measures as are necessary to ensure the transfer is in compliance with Applicable Data Protection Law. Such measures may include (without limitation) transferring the Personal Data to a recipient in a country that the European Commission or any applicable UK authority has decided provides adequate protection for Personal Data, to a recipient that has achieved binding corporate rules authorization in accordance with Applicable Data Protection Law, or to a recipient that has executed Model Clauses. Where required under Applicable Data Protection Law to transfer Personal Data to IXCloud (Numonix) outside of the EEA or the UK, the Customer and IXCloud (Numonix) will be deemed to have entered into Model Clauses with Customer as the “data exporter”; IXCloud (Numonix) as the “data importer”, Appendix 1 and Appendix 2 to the Model Clauses shall be deemed completed with Appendix 1 and Appendix 2 of this DPA, and with the Additional Terms in the Model Clauses set out in Appendix 3 of this DPA. The date of the Model Clauses shall be the date of the Agreement. It is not the intention of either party, nor the effect of this DPA, to contradict or restrict any of the provisions set forth in the Model Clauses. Accordingly, if and to the extent the Model Clauses conflict with any provision of this DPA, the Model Clauses shall prevail to the extent of such conflict. Where IXCloud (Numonix) is onward transferring Personal Data outside of the EEA or the UK under Model Clauses, Customer authorizes IXCloud (Numonix) to enter into the Model Clauses for the benefit of Customer.
- Confidentiality of Processing. Numonix shall ensure that any person that it authorizes to Process the Personal Data (including Numonix’s staff, agents and subcontractors) (an “Authorized Person”) shall be subject to a strict duty of confidentiality (whether a contractual duty or a statutory duty) and shall not permit any person to Process the Personal Data who is not under such a duty of confidentiality. Numonix shall ensure that all Authorized Persons Process the Personal Data only as necessary for the Permitted Purpose.
- Security. Numonix shall implement appropriate technical and organizational measures to protect the Personal Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to the Personal Data (a “Security Incident”). Such measures shall have regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. Such measures may include, as appropriate:
- the pseudonymization and encryption of Personal Data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of Processing systems and services.
- the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident;
- a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the Processing.
- Sub-processing. Customer specifically authorizes the engagement of IXCloud (Numonix)’s affiliates as Sub- processing. Customer consents to IXCloud (Numonix) engaging third party Sub-processing to Process the Personal Data provided that: (i) IXCloud (Numonix) maintains an up-to-date list of its Sub-processing available upon request which it shall update with details of any change in Sub-processing at least 10 days’ prior to any such change; (ii) Numonix imposes data protection terms on any Sub-processing it appoints that protect the Personal Data to substantially similar terms to the terms of this DPA; and (iii) Numonix remains fully responsible for any breach of this DPA that is caused by an act, error or omission of its Sub-processing. Customer may object to Numonix’s appointment or replacement of a third-party Sub-processing within thirty (30) days of the update to the list of Sub-processing, provided such objection is on reasonable grounds relating to the protection of the Personal Data. In such event, Numonix will either not appoint or replace the Sub-processing or, if this is not possible, Customer may suspend or terminate this DPA.
- Cooperation and Data Subjects‘ Rights. Numonix) shall provide all reasonable and timely assistance (including by appropriate technical and organizational measures) to Customer to enable Customer to respond to: (i) any request from a Data Subject to exercise any of its rights under Applicable Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable); and (ii) any other correspondence, enquiry or complaint received from a Data Subject, regulator or other third party in connection with the Processing of the Personal (the “Permitted Purpose”), except where otherwise required or allowed by Applicable Data Protection Law applicable to IXCloud (Numonix). In no event shall IXCloud (Numonix) Process the Personal Data for its own purposes or those of any third party except as set forth in the Agreement. Other than as otherwise agreed upon by the parties in the Agreement or as otherwise permitted under Applicable Data Protection Law, IXCloud (Numonix) shall not (i) sell the Personal Data, or (ii) retain, use or disclose the Personal Data for any commercial purpose.
Data. In the event that any such request, correspondence, enquiry or complaint is made directly to IXCloud (Numonix), Numonix shall promptly inform Customer providing details of the same.
- Data Protection Impact Assessment. If Numonix believes or becomes aware that its Sub-Processing, Processing of the Personal Data is likely to result in a high risk to the data protection rights and freedoms of Data Subjects, it shall promptly inform Customer and provide Customer with all such reasonable and timely assistance as Customer may require in order to conduct a data protection impact assessment and, if necessary, consult with its relevant data protection authority.
- Security Incidents. Upon becoming aware of a Security Incident, Numonix shall inform Customer without undue delay and shall provide all such timely information and cooperation as Customer may require in order for Customer to fulfil its data breach reporting obligations under (and in accordance with the timescales required by) Applicable Data Protection Law. Numonix shall further take all such measures and actions as are necessary to remedy or mitigate the effects of the Security Incident and shall keep Customer apprised of all developments in connection with the Security Incident.
- Deletion or Return of Data. After termination or expiration of the Agreement, or upon Customer’s request, Numonix shall destroy or return to Customer all Personal Data (including all copies of the Personal Data) in its possession or control (including any Personal Data subcontracted to a third party for Processing). This requirement shall not apply to the extent that Numonix is required by any EU (or any EU Member State) law to retain some or all of the Personal Data, in which event Numonix shall isolate and protect the Personal Data from any further Processing except to the extent required by such law.
- Audit. Numonix shall permit upon Customer’s written request, when Customer has reasonable cause to believe Numonix is in non- compliance with its obligations under this DPA, a mutually agreed-upon third party auditor (the “Auditor”) to audit Numonix’s compliance with this DPA and shall make available to such third party auditor all information, systems and staff necessary for the Auditor to conduct such audit. Numonix acknowledges that the Auditor may enter its premises for the purposes of conducting this audit, provided that Customer gives it reasonable prior notice of its intention to audit, conducts its audit during normal business hours, and takes all reasonable measures to prevent unnecessary disruption to Numonix’s operations. Customer will not exercise its audit rights more than once in any twelve (12) calendar month period, except (i) if and when required by instruction of a competent data protection authority; or (ii) Customer reasonably believes a further audit is necessary due to a Security Incident suffered by IXCloud (Numonix).
IXCloud (Numonix) and Customer have caused this Agreement to be executed by their duly authorized representatives as of the Effective Date.
(Customer) | Numonix, LLC., a Delaware corporation |
Signature: | Signature: |
Printed Name: | Printed Name: |
Title: | Title: |
Date: | Date: |
Address: | Address: 2650 N. Military Trail Suite 150, Boca Raton, FL 33431, USA |
Data exporter
is (i) Customer which is subject to the data protection laws and regulations of the EU, the EEA and/or their member states, Switzerland and/or the UK and, (ii) its Affiliates (as defined in the Agreement).
Data importer
The data importer is (please specify briefly activities relevant to the transfer):
IXCloud (Numonix) is a provider of recording software and Software-as-a-Service subscription services which may process personal data upon the instruction of the data exporter in accordance with the terms of the Agreement.
Data subjects
The personal data transferred concern the following categories of data subjects (please specify):
Data exporter may submit Personal Data to data importer through Services, as applicable, the extent of which is determined and controlled by the data exporter in its sole discretion, and which may include, but is not limited to Personal Data relating to the following categories of data subjects:
- Prospects, customers, business partners and vendors of data exporter (who are natural persons)
- Employees or contact persons of data exporter’s prospects, customers, business partners and vendors
- Employees, agents, advisors, freelancers of data exporter (who are natural persons)
- Data exporter’s Users authorized by data exporter to use IXCloud (Numonix)’s products and/or services (who are natural persons)
Categories of data
The personal data transferred concern the following categories of data (please specify):
Data exporter may submit Personal Data to the data importer through Services, as applicable, the extent of which is determined and controlled by the data exporter in its sole discretion, and which may include, but is not limited to the following categories of Personal Data:
- First and last name
- Title/Position
- Contact information (company, email, phone, physical business address)
- Network data (including source and destination IP addresses and domains, approximate geolocation based on IP lookup, network traffic flows, communications metadata, machine names, and unique device identifiers)
- User and endpoint behavior (including user account activity & metadata, applications executed on endpoints, and accessed URLs)
- Application logs (including firewall logs, DHCP/DNS logs, intrusion detection logs, malware logs, cloud service logs, proxy logs, file access logs)
- Other relevant machine data which the data exporter elects to send to the data importer for processing.
Special categories of data (if appropriate)
The personal data transferred concern the following special categories of data (please specify):
The data importer does not intentionally collect or process any special categories of data. However, the data exporter may submit special categories of data to the data importer through Services, as applicable, the extent of which is determined and controlled by the data exporter in its sole discretion.
Appendix 1
Data exporter
The data exporter is (please specify briefly your activities relevant to the transfer):
Processing operations
The personal data transferred will be subject to the following basic processing activities (please specify):
Aggregation and processing by IXCloud (Numonix) products and services for use by the data exporter in its normal business activities.
Data importer will maintain administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Personal Data uploaded to the Services, as applicable, as described in the Security, Privacy and Architecture Documentation applicable to the specific Services, as applicable, purchased by data exporter, and available upon request or otherwise made reasonably available by data importer. Data importer will not materially decrease the overall security of the Services, as applicable during a license, services, or subscription term.
Appendix 2
Description of the technical and organizational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
Appendix 3
Additional clauses
The parties agree that the audits described in Clause 5(f), Clause 11 and Clause 12(2) of the Model Clauses shall be carried out in accordance with the Section 11 of this DPA.
The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the Model Clauses shall be provided by the data importer to the data exporter only upon data exporter’s request.
The parties agree that data exporter’s consent for sub-processing as set forth in Section 6 of this DPA shall be deemed consent for the purposes of the Model Clauses.
Hopefully that has clarified things for you and as was previously mentioned if there is something that you aren’t sure whether you need or not it’s usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. This cookies policy applies to both public and subscriber sections of the https://numonix.cloud/ site and any of its white labels. However, if you are still looking for more information, you can contact us through one of our preferred contact methods: By visiting this link: https://www.numonix.io/contact-us or https://numonix.io/contact