Last Updated: May 17, 2018
Plivo enables its users via its website (https://www.plivo.com, https://console.plivo.com) (the “Website”), its API, and its related services (collectively, the “Plivo Cloud”) to build Voice and Messaging Applications using their existing web development skills and offer such Applications to its users’ customers.
This policy applies to use of the Website and the Plivo Cloud and how Plivo may access and process personal data shared with Plivo – either by you, the customer, or your end-users.
We are always ready to address your questions and concerns regarding this policy and our privacy practices. If you would like to contact Plivo for more information about this policy, or our practices in general, please email us at firstname.lastname@example.org.
Plivo is also committed to providing services functionality that allows our developers to provide platforms that respect data protection and compliance efforts. To that objective, you may also wish to review the particular functionalities defined within our technical documentation https://www.plivo.com/docs/ to further equip yourself with platform options to help achieve compliant controls associated to downstream end-user personal data management.
Types and Uses of Accessed Information. Plivo collects or processes two fundamental categories of data: data related to you (as a customer), and data related to your customers (as end-users). Data protection laws vary by jurisdiction, but some (i.e., EEA) differentiate between the concepts of “control” or “processing” of data depending upon the role of the data accessor. Depending upon the circumstance as described further herein, Plivo may be acting as a processor or controller of data, which may include personal data or personally identifiable information (as included within the definition of personal data). Customer’s Personal Data. Personal data means any information that is or can be used to identify an individual (a “data subject”), and includes: a first and last name, home or other physical address, email address, phone number, location data, online identifiers or other contact information. When you engage in certain activities on this Website or through your participation in the Plivo Cloud, including but not limited to creating an account, sending feedback, making calls, or otherwise participating in the Plivo Cloud (collectively, “Identification Activities”), we may ask you to provide certain information about yourself as a customer of Plivo. As a customer, when you enroll in the Plivo Cloud, we may also ask you to provide us with additional contact information, such as credit card information. Depending on the Identification Activity, some of the information we ask you to provide may be identified as mandatory and some identified as voluntary. If you do not provide the mandatory information for a particular Identification Activity that requires it (subject to your consent), you will not be permitted to engage in that Identification Activity. Depending on the Identification Activity, Plivo may not ask you again for personal information if it is already stored with us under the Plivo Cloud, except as required by law.
End User Personal Data. Plivo is committed to proper utilization of personal data. In respect of customer solutions, Plivo provides configuration options to allow adequate control of personal data, and our customers are primarily responsible for establishing the configuration requirements associated with control over end-user personal data in regard to such customer solutions. Plivo may store end user personal information on Plivo systems as authorized hereunder, and in accordance with our technical documentation located here https://www.plivo.com/docs/ (the “Technical Documentation”). Additional backup, security, access and deletion policies and processes are as further described in our Technical Documentation.
Depending upon configuration, we may keep a cached copy of the content served as a part of your use of the Plivo Cloud, which can include phone numbers, media files, XML files, text content or telephone identifiers. If your web server does not specify that we can cache your content, we will not keep a cached copy of any text or audio data transmitted through the Plivo Cloud during calls, but we may still maintain copies in your notification log. If data privacy is a concern, you should make sure your server does not allow us to cache such content, and contact us so that we may assist you to turn off other application logging around requests to and responses from your application. Plivo’s use and policies regarding management and deletion of call log, notification log, billing/ payment, and other log data is further documented in the Technical Documentation. Non-Personally Identifiable Information. Non-Personally Identifiable Information is information that does not identify a specific person. This type of information may include things like the Uniform Resource Locator (“URL”) of the website you visited before coming to our Website, the URL of the website you visit after leaving our Website, the type of browser you are using, your Internet Protocol (“IP”) address, or general and/or aggregated location data that does constitute personally identifiable information, and cannot be used as an identifier to discern you as a data subject. We may automatically collect this information when you visit our Website through the use of electronic tools like Cookies and Web beacons or Pixel tags, provided that, if considered personal data subject to data regulation, we have received your explicit consent to use. Release of Personally Identifiable Information. We will not sell your personal data. Nor will we share your personally identifiable information with other parties except with your explicit consent and solely as provided herein.
Authorized Third Party Service Providers. Plivo may provide services and products through third parties. You also may elect to use one or more third party applications that integrate with the Plivo Cloud. These “Third Party Service Providers” perform functions on our or your behalf. You or We may share your Personally Identifiable Information with such Third Party Service Providers to operate the Website and the Plivo Cloud, troubleshoot, and improve overall customer experience. Plivo Customer Acknowledgement. Plivo encourages our customers to adopt and post privacy policies associated to their end users’ data management. Customer acknowledges that they are acting as a controller of end user data in connection with end user use of customers’ solutions.
Release of Non-Personally Identifiable Information. We may disclose or share Non-Personally Identifiable Information with Affiliates and Third Party Service Providers, and Third Party Advertisers. For example, we may share aggregated demographic information (which does not include any Personally Identifiable Information) with “Third Party Advertisers” or “Third Party Advertising Companies.” We may use Third Party Advertising Companies to serve ads when you visit our Website or participate in the Plivo Cloud. These companies may use Non-Personally Identifiable Information about your visits to this Website, your use of the Plivo Cloud, and visits to other websites or locations in order to provide, through the use of network tags, advertisements about goods and services that may be of interest to you. We also use Third Party Service Providers to track and analyze Non-Personally Identifiable usage and volume statistical information from our users to administer our Website and the Plivo Cloud, in order to constantly improve their quality. We may also publish this information for promotional purposes or as a representative audience for Third Party Advertisers. Such data is collected on our behalf, and is owned and used by Plivo. Updating Information. If you are enrolled in the Plivo Cloud, you may change any of your Personally Identifiable Information by logging into your account and accessing the “Account Profile” page. We encourage you to promptly update your personal data if it changes, as out-of-date personal data may negatively affect the quality of your Plivo Cloud use and experience. You may ask to have the information on your account deleted or removed; however, because we keep track of past transactions, you cannot delete information associated with past transactions on the Website or through the Plivo Cloud. Additionally, it may be impossible for us to completely delete all of your information because we periodically backup information.
Choices on Collection/Use of Information. You can always choose not to provide certain information, although a certain level of information is required to engage in activities on the Website and to use the Plivo Cloud. You cannot opt-out of Administrative Emails. “Administrative Emails” relate to your activity on the Website and the Plivo Cloud, and include but are not limited to emails regarding your account, requests or inquiries, and purchases of products and services. If you do not want to receive promotional emails from us, you may elect to opt-out of receiving promotional emails at any time after registering by hitting the “unsubscribe” button at the bottom of any of our emails.
Security of Information. You can access your personal data on our Website with your email and password. This password is encrypted. We advise against sharing your password with anyone. In addition, your personal data resides on a secure server that only selected personnel and contractors have access to. We may encrypt certain sensitive information using Secure Socket Layer (SSL) technology to ensure that your personal data is safe as it is transmitted to us. However, no data transmission can be guaranteed to be 100% secure. As a result, while we employ commercially reasonable security measures to protect data and seek to partner with companies that do the same, we cannot guarantee the security of any information transmitted to or from the Website or via the Plivo Cloud, and are not responsible for the actions of any third parties that may receive any such information. Plivo’s developer support team has access to your contact details and other information you share during the course of the communication over support tickets. Please note that Plivo’s developer support team will be able to access the call and SMS detail records, debug logs, audio recordings and auth keys to your account for debugging purposes.
Privacy Settings. As a customer, you have access to privacy settings. These settings help our customers configure their solutions in a customized fashion for our customers’ end-users to optimize their solution and address data protection considerations if required. This may allow our customers to configure a solution that may hide information an end-user may not wish to share with other users and/or the public. It is up to you, our customers, to select the appropriate privacy settings as controllers of data associated to their particularized solution.
Public Areas. We may provide areas on our Website or via the Plivo Cloud where you can publicly post information about yourself including your location, can communicate with others such as discussion boards, chat rooms, or blogs. This information may be accessible by other non-users, users, and companies and may appear on other websites or web searches, and therefore this information could be read, collected, and used by others. We have no control over who reads your postings or what other users may do with the information you voluntarily post, so please use caution when posting any content or providing anything that could be deemed personal information.
We do not knowingly engage with, collect or solicit personal information from anyone under the age of 16. If you are under 16, please do not attempt to register for Plivo Services or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 16, we will take steps to remove such information and terminate the applicable account as soon as possible.
Onward Transfers of Personal Data. Except as described herein, Plivo discloses personal data only to third parties that contractually agree to abide by or provide the same level of protections as set forth in the Privacy Shield Principles. Plivo may provide personal data to third parties that act as service providers, consultants, and contractors to perform tasks on behalf of and under our written instructions (“Third Party Agents”). Third Party Agents must agree to use such personal data only for the purpose for which it is provided by us and they must contractually agree to provide adequate protections for the personal data that are no less protective than those required by the Privacy Shield Principles. In cases of onward transfer to third parties of personal data covered under our EU-US Privacy Shield or Swiss-US Privacy Shield certifications, Plivo may continue to be liable.
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.