SUMMARY OF LASTEST CHANGES

This policy was last updated on February 16, 2022. The February 16th update: (i) explains Mitel’s email tracking policy, (ii) provides additional details on Mitel’s data retention policies, and (iii) provides miscellaneous clarifications throughout including (a) that Mitel may market both its own products and services, as well as those of its partners, including RingCentral, (b) that when analyzing your personal data for marketing and business purposes, Mitel may combine various sources of personal data to extrapolate the likelihood that you and/or your organization will be interested in our products and services and/or those of our partners, such as RingCentral and (c) that Mitel may use a third service provider to confirm the accuracy of your contact information.

MITEL PRIVACY POLICY

Mitel Networks Corporation and its affiliates, subsidiaries and entities that Mitel Networks Corporation operates (collectively, “Mitel”, “we”, “our”, or “us”) is committed to protecting the security and privacy of your personal data and ensuring that we conduct our business in compliance with laws on privacy, data protection and data security.

This is the Privacy Policy ("Policy") for Mitel’s worldwide websites, which includes our online store, our affiliated websites and any websites or marketing applications operated by or on behalf of Mitel (collectively “our Sites”). This Policy also applies to our direct mail, telemarketing, email campaigns and other similar marketing activities as well as any contact information used for an administrative or operational purpose which is contained in a purchase or service order submitted to Mitel, or added into a Mitel product or service portal, by you or another person at your organization. We encourage you to read this Policy so that you understand Mitel’s commitment to your privacy, and how you can contribute to that commitment.

For the purposes of EU/EEA General Data Protection Regulation (“GDPR”), Mitel Europe Limited is the data co

ntroller. Our contact details are set out at the end of this Policy.

This Policy describes our general privacy policy and practices in relation to the personal data that we collect and process. In addition, the Policy and the documents referred to within the Policy set out:

• Information we collect about you;
• Cookies and other technologies we use;
• How we use your information;
• Who we give your information to;
• Where your information is stored;
• How we protect your information;
• How long we keep your information;
• Your rights with respect to your personal data;
• Changes to this policy;
• How to contact us;

This Policy does not extend to the practices of other websites that we may link to, companies that we do not own or control, or to people that we do not employ or manage.

Information we collect about you

When you use our Sites or otherwise communicate with us including through our sales or support teams, or apply for a job, through our Sites or otherwise, we may collect the following types of personal data:

• Technical information, including:
  • the Internet protocol (IP) address used to connect your computer to the Internet
  • your login information
  • your browser type and version
  • time zone setting
  • browser plug-in types and versions
  • operating system and platform
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Sites (including date and time). For details see our Cookie Policy;
• Information about how you interact with emails we send you. For details see the Cookies and Other Technologies Section;.
• products you viewed or searched for;
• page response times;
• domain name of the sites from which you came;
• number of visits, average time spent, pages viewed;
• download errors;
• page interaction information (such as scrolling, clicks, and mouse-overs);
• methods used to browse away from the page;
• any phone number used to call our customer service number or social media handle used to connect with our customer service team;
• Any personal data you share when creating an account, which includes procuring our products and services for your organization, subscribing or opting into marketing programs, promotions or similar activities and events, or when applying for employment such as the below:
  • your name
  • your email address
  • your address and phone number(s)
  • documents and information provided for an employment application
• other personal data that you provide when communicating with us by phone, by e-mail, via our Sites, via social media, or through other interactions. This might include information you provide when you obtain or subscribe to our goods or services, when you supply goods or services to us, when you enquire about a product, place an order, enter a competition, promotion or survey, or contact us to report a problem, whether you perform these actions on your own behalf or on behalf of the organization that you work for;

The categories of personal data we collect have not changed for the past twelve months.

From Third Parties

We may also collect the following types of personal data about you from (a) our customers or another person at your organization, including by way of a purchase or service order submitted to Mitel, or a Mitel product or service portal, and (b) prospects or third parties we work with, such as business partners, sub-contractors, advertising networks, lead providers, analytics providers, search information providers, social media providers or media companies:

• your name;
• your username;
• your IP address;
• your online identifier;
• your employer, job title or role and department;
• your birth date;
• your LinkedIn or Twitter link;
• your address, phone number, email address or other contact details (these details may relate to your work or to you personally, depending on the nature of our relationship with you or the company that you work for);
• other information relating to you which it is necessary for us to process an order, to enter into or perform a contract with you or the company you work for (for example, right to work information and information obtained from credit references agencies);
• where relevant, information about events to which you or your colleagues are invited, and your personal data and preferences to the extent that this information is relevant to organizing and managing those events (for example, your dietary requirements, social media names/links, personal preferences for hotel rooms);

How we use your information

We use your personal data to support our business functions, such as fraud prevention, marketing, and legal functions. Examples of how we use your personal data include:

• to fulfill your requests for information, products and services and communicate with you about those requests;
• to provide relevant communications related to products and services (for example software releases);
• to create and send relevant marketing communications. We may market both Mitel and Mitel partner, such as RingCentral, products and services;
• to send special offers;
• to generally support our business relationship;
• to better understand customer behavior so that we may improve our Sites, products, services and applications, as well as our marketing and advertising efforts;
• to take steps to enter into any contract or carry out our obligations arising from any contract entered into between you or the company you work for and us including:
  • supplying products and services to you or the company you work for or receiving them from you or the company you work for, as the case may be
  • administering your/your company's account with us, including completion and support of current activity
• to archive your information;
• to conduct research and development activities;
• to analyze your personal data for marketing purposes or other business purposes. In doing so we may combine various sources of personal data such as information you have directly provided us, information about your visits to our sites, your interactions with our emails (and clicks therein) and information we have obtained about you from our customers, prospects and third parties and extrapolate the likelihood that you and/or your organization will be interested in our products and services and/or those of our partners, such as RingCentral. Information from third parties may include information known, or inferred, about your organization’s interest in certain products and procurement cycles based on your general Internet activity;
• to provide you with promotional update communications about our and our partners’ products and services by email or telephone; You can object to further marketing at any time by selecting the "unsubscribe" link at the end of all our marketing and promotional email communications to you or by sending an email to our Privacy Service Team at [email protected] . Even if you opt-out, you will continue to receive transaction-related emails regarding products or services you have purchased. For telephone communications, we maintain a telephone Mitel specific “do-not-call” list. If you would like to be added to our “do-not-call” list you can email [email protected] or if we call you, let us know you prefer not to be contacted again.

Cookies and Other Technologies

Cookie Policy

Email Tracking.

Emails we send you may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that automatically provide us information about how you interact with our email, if at all. For example, the web beacon tells us when you receive our email, when you open the email, how many times, and if you click on the call to action. We may also track if you click any other link in the email including those to social media. This allows us to gauge the effectiveness of our communications and marketing campaigns and your interest in same.

Summary of legal basis and purpose of processing

Data protection laws (including the GDPR) set out a number of different reasons for which we may collect and process your personal data in certain circumstances. Where data protection Laws apply, the legal bases we rely upon include:

• Consent
  We can collect and process your data with your consent, where required by data protection laws. For example, if you have given your consent to receiving marketing material from us or the party who collected your information.
• Contractual obligations
  We need your personal data to comply with our contractual obligations. For example, where you have provided us with your email address to receive our services or products, we will use this information in order to effectively deliver and communicate information to you in regard to such products and services.
• Compliance with legal obligations
  If the law requires us to, we may need to collect and process your data for legal compliance reasons. For example, we can pass on details of people involved in fraud or other criminal activity affecting us to applicable law enforcement authorities.
• Legitimate interest
  We may require your data to pursue our legitimate interests or those of a third party in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, it is in our legitimate interests to (a) ensure that content from our Sites are presented in the most effective manner for you and your computer and that we provide you with the information, products and services that you request from us, (b) to keep our Sites safe and secure;(c) for measuring or understanding the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you (including individual and pseudonymous analysis and profiling); (d) to allow you to participate in interactive features of our service when you choose to do so, and (e) to use marketing related information about you that we have lawfully collected.

Who we give your information to

We may share your personal data with:

• any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, and our subcontractors, who support our processing of personal data under this policy;
• appropriate third parties including:
  • our channel partners, business partners, customers, suppliers and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the organization that you work for. We currently use the following third-party service providers to maintain contacts and run marketing and advertising campaigns: 6Sense, ZoomInfo, Marketo, Saleforce, Google, SiteCore, and SalesLoft
  • our auditors, legal advisors and other professional advisors or service providers
  • credit reference agencies for the purpose of assessing your credit score where this is in the context of us entering into a contract with you or the organization that you work for
• in relation to information obtained via our Sites:
  • our advertisers and advertising networks that require the data to select and serve relevant adverts to you and others on their platform. We do not disclose information about identifiable individuals to our advertisers and advertising networks, but we may provide them with aggregate information about our users. We may also use such aggregate information to help both us and our advertisers reach the kind of audience they/we want to target. We may make use of the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience and subject to the cookie section of this Policy
  • analytics and search engine providers that assist us in the improvement and optimization of our site and subject to the cookie section of this Policy

Other Disclosures We May Make

• We may disclose your personal data to third parties:
  • if we sell or buy any Mitel business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if Mitel or substantially all of its assets are acquired by a third party, in which case personal data held by Mitel about its customers may be one of the transferred assets;
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our supply terms or other agreements with you or the company you work for; or
  • to protect the rights, property, or safety of Mitel, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime
  • to determine whether your contact information is current

Where your information is stored

Personal data collected by us may be stored and processed in your region, in Canada, and in any other country where Mitel or its service providers operate. We maintain major data centers in the following countries: the United Kingdom, France, Canada and the United States. Where your information is stored by Mitel itself, typically, the primary storage location is in your region.

If you are a EU citizen, personal data that we process in relation to you may be transferred and stored at, a destination outside the EEA that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers. The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.

• We may transfer your personal data outside the EEA:
  • in order to store it;
  • in order to enable us to provide goods or services to and fulfil our contract with you or the company your work for;
  • where we are legally required to do so;
  • in order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights;

Where your information is transferred outside the EEA, we take steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as where applicable relying on a recognised legal adequacy mechanism and contracts, to help ensure your rights and protections travel with your data and that your personal data is treated securely and in accordance with this Policy.

• How we protect your information
  • Mitel takes precautions that are consistent with industry practices to ensure the security of your personal data. We strive to protect your personal data from loss, destruction, falsification, manipulation and unauthorised access or disclosure;
  • All information you provide to us is stored on servers which have been appropriately secured;
  • Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone;

Unfortunately, the transmission of information via the internet is not completely secure. We will do our best to protect your personal data, but we cannot guarantee the security of your data transmitted to our Sites; any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to try to prevent unauthorised access.

How long we keep your information

Where we process personal data about you on behalf of our clients that use our products and services, the period for which we keep your data is determined by our client or by legal or regulatory requirements.

Where we process personal data about you in conjunction with the supply of our products or services (e.g., contact data for technical or billing purposes), we retain that personal data for as long as necessary to provide the products and fulfill the transactions our clients have requested, or for other purposes such as complying with our legal or regulatory requirements, resolving disputes and enforcing our agreements. The criteria used to determine the retention periods include whether your personal data is still needed to provide, maintain or improve the performance of our products and services, you requested that your personal data be deleted, we have determined a specific retention period for certain types of data, you have provided your consent (where applicable), and have not withdrawn your consent.

We keep your contact information, and our extrapolation of your organization’s procurements cycle and the likelihood that you and/or your organization will be interested in our products and services and/or those of any of our partners, until you ask to us delete it or unsubscribe to our marketing list. For clarity, even where you ask us to delete your contact information or opt-out of future marketing, we will keep your email and phone number on our email and phone opt-out lists.

Your rights

You, or a verifiably authorized person acting on your behalf, have the right under certain circumstances to be provided with a copy of your personal data held by us.

Depending upon the data protection law applicable to you, you may have some or all of the following rights under certain circumstances:

• to be provided with a copy of your personal data held (or disclosed) by us;
• to request the rectification or erasure of your personal data held by us;
• to request that we restrict the processing of your personal data (for example, while we verify or investigate your concerns about your information);
• to object to the further processing of your personal data, including the right to object to marketing; and
• to request that your personal data be moved to a third party;

Prior to processing any of the aforementioned requests Mitel will require proof of identity acceptable to Mitel.

• to receive equal service and price, even if you exercised your privacy rights;
• Mitel does not sell (as defined in the CCPA) personal data;

Your right to withdraw consent:

Where the processing of your personal data by us is based on consent (provided either directly to us or to a third party from whom we obtained your personal data), you have the right to withdraw that consent without detriment at any time by contacting us using the contact details at the end of this Policy. You can also change your Marketing Preferences at any time.

How to exercise your rights

You can exercise the rights listed above at any time by contacting our Privacy Service Team at [email protected] It is important to Mitel that the information we have is accurate and complete. To update your personal data, please contact our Privacy Service Team at [email protected]

If you have any further questions, comments or concerns about our privacy policies or practises, please contact our Privacy Service Team at [email protected] Mitel Networks Corporation is committed to resolving any concerns you may have regarding this Policy quickly and efficiently.

If you are an EU citizen, and if your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html). The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.

Changes to this policy

Any changes we make to this Policy in the future will be posted on our websites and all related websites for additional languages and regions. This Policy was last updated on: February 16, 2022

Contact us

Mitel Legal Department
[email protected]