Mitel Privacy Policy

Mitel Networks Corporation and its affiliates, subsidiaries and entities that Mitel Networks Corporation operates (collectively, “Mitel”, “we”, “our”, or “us”) is committed to protecting the security and privacy of your personal data and ensuring that we conduct our business in compliance with laws on privacy, data protection and data security.

This is the Privacy Policy ("Policy") for Mitel’s worldwide websites, our affiliated websites and any websites or marketing applications operated by on behalf of Mitel (collectively “our Sites”). This Policy also applies to our direct mail, telemarketing, email campaigns and other similar marketing activities. We encourage you to read this Policy so that you understand Mitel’s commitment to your privacy, and how you can contribute to that commitment.

For the purposes of EU/EEA General Data Protection Regulation (“GDPR”), Mitel Europe Limited is the data controller. Our contact details are set out at the end of this Policy.

This Policy describes our general privacy policy and practices in relation to the personal data that we collect and process. In addition, the Policy and the documents referred to within the Policy set out:

• Information we collect about you
• Cookies and other technologies we use
• How we use your information
• Who we give your information to
• Where your information is stored
• How we protect your information
• How long we keep your information.
• Your rights with respect to your personal data
• Changes to this policy
• How to Contact us

This Policy does not extend to the practices of other websites that we may link to, companies that we do not own or control, or to people that we do not employ or manage.

Information we collect about you

When you use our Sites or otherwise communicate with us including through our sales or support teams, or apply for a job, through our Sites or otherwise, we may collect the following types of personal data:

• Technical information, including:
  • the Internet protocol (IP) address used to connect your computer to the Internet
  • your login information
  • your browser type and version
  • time zone setting
  • browser plug-in types and versions
  • operating system and platform
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Sites (including date and time)
• products you viewed or searched for
• page response times
• domain name of the sites from which you came
• number of visits, average time spent, pages viewed
• download errors
• page interaction information (such as scrolling, clicks, and mouse-overs)
• methods used to browse away from the page, and
• any phone number used to call our customer service number or social media handle used to connect with our customer service team

Any personal data you share when creating an account, subscribing or opting into to marketing programs, promotions or similar activities and events, or when applying for employment such as:

• your name;
• your email address;
• your address and phone number(s);
• documents and information provided for an employment application;
• other personal data that you provide when communicating with us by phone, by e-mail, via our Sites, via social media, or through other interactions. This might include as information you provide when you obtain or subscribe to our goods or services, when you supply goods or services to us, when you enquire about a product, place an order, enter a competition, promotion or survey, or contact us to report a problem, whether you perform these actions on your own behalf or on behalf of the person that you work for.

The categories of personal data we collect have not changed for the past twelve months.

From Third Parties

We may also collect the following types of personal data about you from our customers and prospects or third parties we work with, such as business partners, sub-contractors, advertising networks, lead providers, analytics providers, search information providers, social media providers or media companies.

• your name;
• your username;
• your IP address;
• your online identifier;
• your employer, job title or role and department;
• your birth date;
• your LinkedIn or Twitter link;
• your address, phone number, email address or other contact details (these details may relate to your work or to you personally, depending on the nature of our relationship with you or the company that you work for);
• other information relating to you which it is necessary for us to process an order, to enter into or perform a contract with you or the company you work for (for example, right to work information and information obtained from credit references agencies); and
• where relevant, information about events to which you or your colleagues are invited, and your personal data and preferences to the extent that this information is relevant to organising and managing those events (for example, your dietary requirements, social media names/links, personal preferences for hotel rooms).

Cookies and other technologies

Cookie Policy

How we use your information

We use your personal data to support our business functions, such as fraud prevention, marketing, and legal functions. Examples of how we use your personal data include:

• to fulfill your requests for information, products and services and communicate with you about those requests;
• to provide relevant communications related to products and services (for example software releases);
• to create and send relevant marketing communications;
• to send special offers;
• to generally support our business relationship;
• to better understand customer behavior so that we may improve our Sites, products, services and applications, as well as our marketing and advertising efforts;
• to take steps to enter into any contract or carry out our obligations arising from any contract entered into between you or the company you work for and us including:
  • supplying products and services to you or the company you work for or receiving them from you or the company you work for, as the case may be;
  • administering your/your company's account with us, including completion and support of current activity;
• to archive your information;
• to conduct research and development activities;
• to analyse your personal data for marketing purposes or other business purposes;
• where permitted, and in our legitimate interest or with your prior consent where required by law, we will use your personal data for marketing analysis; and
• to provide you with promotional update communications about our products and services by email or telephone.

You can object to further marketing at any time by selecting the "unsubscribe" link at the end of all our marketing and promotional update communications to you or by sending an email to our Privacy Service Team at [email protected] .

Summary of legal basis and purpose of processing

Data protection laws (including the GDPR) set out a number of different reasons for which we may collect and process your personal data in certain circumstances. Where data protection Laws apply, the legal bases we rely upon include:

• Consent
  We can collect and process your data with your consent, where required by data protection laws. For example, if you have given your consent to receiving marketing material from us.
• Contractual obligations
  We need your personal data to comply with our contractual obligations. For example, where you have provided us with your email address to receive our services or products, we will use this information in order to effectively deliver and communicate information to you in regard to such products and services.
• Compliance with legal obligations
  If the law requires us to, we may need to collect and process your data for legal compliance reasons. For example, we can pass on details of people involved in fraud or other criminal activity affecting us to applicable law enforcement authorities.
• Legitimate interest
  We may require your data to pursue our legitimate interests or those of a third party in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, it is in our legitimate interests to (a) ensure that content from our Sites are presented in the most effective manner for you and your computer and that we provide you with the information, products and services that you request from us, (b) to keep our Sites safe and secure;(c) for measuring or understanding the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you (including individual and pseudonymous analysis and profiling); (d) to allow you to participate in interactive features of our service when you choose to do so, and (e) to use marketing related information about you that we have lawfully collected.

Who we give your information to

We may share your personal data with:

• any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, and our subcontractors, who support our processing of personal data under this policy. If any of these parties are using your information for direct marketing purposes, we will only transfer the information to them for that purpose with your prior consent.
• appropriate third parties including
  • our channel partners, business partners, customers, suppliers and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the person that you work for;
  • our auditors, legal advisors and other professional advisors or service providers;
  • credit reference agencies for the purpose of assessing your credit score where this is in the context of us entering into a contract with you or the person that you work for.
• in relation to information obtained via our Sites:
  • our advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we will provide them with aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience and subject to the cookie section of this Policy;
  • analytics and search engine providers that assist us in the improvement and optimisation of our site and subject to the cookie section of this Policy.

  The categories of personal data we have disclosed over the last twelve months has not changed.

  Other Disclosures We May Make

  We may disclose your personal data to third parties:

  • if we sell or buy any Mitel business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets subject to the terms of this Policy;
  • if Mitel or substantially all of its assets are acquired by a third party, in which case personal data held by Mitel about its customers may be one of the transferred assets;
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our supply terms or other agreements with you or the company you work for; or
  • to protect the rights, property, or safety of Mitel, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.

  
  

  Where your information is stored

  Personal data collected by us may be stored and processed in your region, in Canada, and in any other country where Mitel or its service providers operate. We maintain major data centres in the following countries: the United Kingdom, France, Canada and the United States. Typically, the primary storage location is in your region.

  If you are a EU citizen, personal data that we process in relation to you may be transferred and stored at, a destination outside the EEA that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers. The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.

  We may transfer your personal data outside the EEA:

  • in order to store it;
  • in order to enable us to provide goods or services to and fulfil our contract with you or the company your work for;
  • where we are legally required to do so;
  • in order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.

  Where your information is transferred outside the EEA, we take steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as where applicable relying on a recognised legal adequacy mechanism and contracts, to help ensure your rights and protections travel with your data and that your personal data is treated securely and in accordance with this Policy.

  How we protect your information

  Mitel takes precautions that are consistent with industry practices to ensure the security of your personal data. We strive to protect your personal data from loss, destruction, falsification, manipulation and unauthorised access or disclosure.

  • All information you provide to us is stored on servers which have been appropriately secured;
  • Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

  Unfortunately, the transmission of information via the internet is not completely secure. We will do our best to protect your personal data, but we cannot guarantee the security of your data transmitted to our Sites; any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to try to prevent unauthorised access.

  
  

  How long we keep your information

  Where we process personal data about you on behalf of our clients that use our products and services, the period for which we keep your data is determined by our client or by legal or regulatory requirements.

  Where we process personal data about you in conjunction with the supply of our products or services (e.g. contact data for technical or billing purposes), we retain that personal data for as long as necessary to provide the products and fulfill the transactions our clients have requested, or for other purposes such as complying with our legal or regulatory requirements, resolving disputes and enforcing our agreements. The criteria used to determine the retention periods include whether your personal data is still needed to provide, maintain or improve the performance of our products and services, you requested that your personal data be deleted, we have determined a specific retention period for certain types of data, you have provided your consent (where applicable), and have not withdrawn your consent.

  
  

  Your rights

  You, or a verifiably authorized person acting on your behalf, have the right under certain circumstances to be provided with a copy of your personal data held by us.

  Depending upon the data protection law applicable to you, you may have some or all of the following rights under certain circumstances:

  • to be provided with a copy of your personal data held (or disclosed) by us;
  • to request the rectification or erasure of your personal data held by us;
  • to request that we restrict the processing of your personal data (for example, while we verify or investigate your concerns about your information);
  • to object to the further processing of your personal data, including the right to object to marketing; and
  • to request that your personal data be moved to a third party.

  Prior to processing any of the aforementioned requests Mitel will require proof of identity acceptable to Mitel.

  • to receive equal service and price, even if you exercised your privacy rights.
  • Mitel does not sell (as defined in the CCPA) personal data
  Your right to withdraw consent:

  Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us using the contact details at the end of this Policy. You can also change your Marketing Preferences at any time.

  How to exercise your rights

  You can exercise the rights listed above at any time by contacting our Privacy Service Team at [email protected].

  It is important to Mitel that the information we have is accurate and complete. To update your personal data, please contact our Privacy Service Team at [email protected]

  If you have any further questions, comments or concerns about our privacy policies or practises, please contact our Privacy Service Team at [email protected]. Mitel Networks Corporation is committed to resolving any concerns you may have regarding this Policy quickly and efficiently.

  If you are a EU citizen, and if your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html). The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.

  
  

  Changes to this policy

  Any changes we make to this Policy in the future will be posted on our websites and all related websites for additional languages and regions. This Policy was last updated on: January 23, 2020

  
  

  Contact us

  Mitel Legal Department
  [email protected]

  
  

  Last revised January 23, 2020