Effective date: January 1, 2018
How your data is used
Viatel is a business to business company, supplying services to other companies, and as such all collection and processing of personal data is done on behalf of our customers and subject to instructions given to Viatel in the Data Processing Agreement between Viatel and the customer. We use the collected data to provide the services to our customers who in turn provide them to you. We do not use data to market anything directly to end users. Personal data collected or received from or on behalf of our customers are kept for the duration necessary to provide our services. Viatel must also keep certain data to comply to legal obligations, enforce agreements, detect fraud and resolve disputes.
Data we collect
- Our Services: Services provided by Viatel are related to telephone calls, text messages (SMS) and mobile payments. We may collect and handle your personally identifiable data such as phone number, payment information, call detail record, address information, social security number, IP address etc. as required to fulfill the service. When required we collect additional data not directly provided by the end user, e.g. to do credit checks. Promotional e-mails are not sent by Viatel but we may have to contact you with information related to the service.
- Information Related to Data Collected for Our Customers: Viatel collects data as instructed by our customers (as part of the Data Processing Agreement with the customer). We have no direct relationship with the end user. If you would like to cancel your services or would no longer like to be contacted by one of our customers to whom you are an end user, please contact our customer directly.
- Access and Storage of Data Controlled by Our Customers: If you wish to be forgotten, to correct or delete data related to you please contact the data controller, our customer, directly. We will in turn respond to their requirements within a reasonable time frame.
- Log File Information: Log files are automatically created when you use our services or visit our web page. Data logged include that specified above under Our Services. Logs are used to enforce the terms of our services, detecting fraud or to fulfill legal obligations. Server logs include web requests, IP addresses, pages and URLs or referring and exiting traffic, clicks, domain names and similar information. This data is not used in combination with any other data to perform automatic decision making or profiling.
How your data is shared by Viatel
- Personally Identifiable Data: We will not sell personally identifiable data to other companies. Viatel will transfer personally identifiable data to sub-suppliers only when required to do so to deliver our services. All Viatel’s data storage is kept within the EU and our servers and databases are not out-sourced to other companies.
- Non-Personally Identifiable Data: We may share non-personally identifiable data with other companies, in particular our customers. Non-personally identifiable data include anonymized and aggregated usage data, platform types or share of traffic from different operators and any other data impossible to connect to a specific identifiable user.
- When We Must Share Data: Viatel will share data when required to do so by law (complying with the law and any reasonable requests made by law enforcement), to protect the integrity or security of our Service, to enforce our General Terms & Conditions, and/or to exercise or protect the rights, property, or personal safety of Viatel, our customers, users, employees or others.
- Change of Control: By change of control we mean selling, divesting, or transferring Viatel (including any shares in the company) as a whole or in part, or any combination of its services, assets and/or subsidiaries. Corporate mergers, acquisitions, dissolutions, reorganizations, bankruptcies, liquidations or other similar transactions also fall under this category. Any personal data related to Viatel’s services may be among the items sold or otherwise transferred in these types of transactions. In case of change of control over personal data Viatel will notify our customers so that they can inform you of any foreseeable consequences.
How your data is protected
Protecting your personal data and privacy is top of our priority list at Viatel. We aspire to follow best practice in regard to industry standards of physical, technical and compliance safeguards. This is also part of our obligation to have appropriate technical and organizational measures implemented to fulfill the General Data Protection Regulation (see below).
However, as our services are not isolated from the rest of the world we cannot guarantee the security of any data we process and store. Sensitive data, such as credentials and card numbers, are communicated with encryption (TLS). When credit card processing companies are used as part of the services Viatel provides they do not store, share, retain or use personally identifiable data for any purposes other than billing.
If you have questions about security measures in relation to your data we recommend you to contact the company you buy your service from directly (as Viatel is just a supplier). But if you would like to direct such questions to us, please contact: data [at] viatel [dot] se.
General Data Protection Regulation
Viatel complies with the EU Data Protection Directive 95/46/EC, Personuppgiftslagen (“PUL”, 1998:204) and the General Data Protection Regulation (“GDPR”, 2016/679) including but not limited to the requirements on choice, notice, onward transfer, data integrity & security, access and enforcement. In case of a breach of security Viatel will follow the legal requirements and inform affected customers. When required Viatel will also inform the Swedish Data Protection Authority.
The legal basis on which Viatel is carrying out data processing under GDPR is specified by the customer using Viatel’s services. Typically it rests upon fulfillment of the direct agreement with the end user. Viatel is just following the instructions in the Data Processing Agreement with the customer and has no means to check the legal basis such as consent or end user agreements.
Review, update, correct or delete your personal data
If you wish to review, update, correct or delete your personal data processed or stored by Viatel we recommend that you contact the company you buy your service from directly (as Viatel is just a supplier). But if you would like to direct such demands directly to us, please contact data [at] viatel [dot] se. We will respond to your request within 30 days. Please note that we are required by law to establish your identity before any data can be sent, updated, corrected or deleted.
Viatel is especially careful to protect the privacy of children. Data of anyone under the age of 13 is not allowed to be entered into services we provide. If you have reason to suspect that we have data regarding children under 13 in our systems, please contact data [at] viatel [dot] se. Collected personal data of that child will then be deleted as quickly as possible.
Links to and from other websites
Viatel is not responsible for any websites or services linked to or from our websites or the content or information provided through our services that Viatel has not produced. Our customers are often content providers using our services to reach their customers/end users and Viatel has no responsibility of their content. Please refer to our customers’ Privacy Policies and Terms & Conditions.
Changes to this policy
When posted on this page changes to this policy are in immediate effect. In case of material changes we will notify customers prior to the change becoming effective and update the effective data (at the start of the page above).