On Q Communications » Privacy Policy

OVERVIEW

On Q Communications Limited — which we’ll just call “OnQ” from here on in — is committed to protecting your right to privacy. In this policy, we explain what information we collect, and how we use that information, and why. We also set out your rights, and how to contact us.

For the purposes of this privacy policy, OnQ is the data controller. We are registered with the Information Commissioner’s Office under the registration number ZA935171.

This privacy policy relates only to personal data for which we are responsible. It applies to personal data we hold about individuals (such as company directors, or contacts on business accounts), including sole traders and partners. It does not apply to information which we hold about companies and other legal organisations.

We review this policy regularly and may update it from time to time. The latest version will always be available at https://onqcommunications.co.uk/privacy-policy

THE DATA WE COLLECT AND HOW WE USE IT

The personal data we process depends on how you interact with OnQ, and your relationship with us.

You are not required to provide any data to us. However, if you do not do so, you may not be able to make full use of our services.

OnQ Customers

This section applies to our customers and, where relevant, prospective customers.

To provide you with services. We will use your personal data you provide to us in order to provide you with services. This applies whenever you have an account with OnQ. We will:

Use your contact details and other information to confirm your identity. This includes details such as your name, address, telephone number, eMail address, passwords and other security credentials, payment and financial information. For your security, we do not retain credit card details;
Retain any correspondence with us including eMail and telephone calls;
Retain personal data (such as your eMail address) to enable you to access the OnQ Portal; Contact you for legitimate purposes relating to your account such as Invoices, Service Announcements, and Alerts that you have requested to receive;
Provide your information to partners or other communication providers where necessary to provide services to you.

We use this information to perform our obligations under contract to provide services to you.

To market relevant products to you. We will use your personal data to send you marketing that may be of interest to you. We will do this if you have consented only, and you have the right to withdraw this consent at any time. We will:

Use your contact details – including your name, address, phone number, and eMail address – to effectively communicate with you. We may also use information from publicly available sources such as business directories.
Use information about how you use our services to tailor the communications we send to you based on information held, and recommend other products or services that may be appropriate to you
In each marketing message we send, we provide the means to opt-out from that type of message, or all further communication for marketing purposes. You may also do this at any time by contacting us.

To prevent fraud. We will use personal data for the legitimate interest of detection and prevention of fraud. We will:

Retain any information submitted in an account application including your name, address, telephone number, eMail address, IP address etc.
Where appropriate, disclose information identified as fraudulent to fraud prevention, law enforcement agencies, and other industry bodies.

To recover debt. If you do not pay your invoices on time, we may instruct our solicitors or debt recovery agencies to recover what is owed. We will provide them with your personal data necessary to affect this. This processing is for the legitimate interest of running our business.

End Users of OnQ Services

OnQ is a resale provider of telecommunications services, however, to provide our services – we inevitably process personal data relating to our customer’s end users. If you are an end-user as well as a customer, the following will apply to you too.

Because we have a legitimate interest. We will process personal data if it is in our legitimate interests to do so. We will:

Retain Call Data Records (CDRs) detailing calls made by or to an end-user, including telephone numbers, which may be considered personal data.
Use End User information for the purposes of detection and prevention of fraud and to protect our network.
Create aggregated and anonymised information for analysing the use made of our services and networks to inform business decisions and strategy.

To comply with regulatory obligations. For example, we may:

Retain contact details (name, address, telephone number) of end-users to provide data to the EHA (Emergency Handling Authority) in the event of a call to Emergency services in accordance with General Condition 4;
Use personal data to provide number portability services in accordance with General Condition 18; and
as otherwise necessary to meet our requirements within the General Conditions of Entitlement, The Communications Act 2003, and other relevant legislation.
We do not use end-user information for marketing purposes.

Other Personal Data

As a communications provider, we process personal data about those who are neither a customer nor end-user of OnQ services.

Because we have a legitimate interest. We will process personal data if it is in our legitimate interests to do so. We will;

Retain Call Data Records (CDRs) detailing calls to OnQ customers, including the originating telephone numbers, which may be considered personal data. More information on CDRs is available below;
Create aggregated and anonymised information to analyse the use made of our services and networks to inform business decisions and strategy;
Monitor traffic on our network and trace nuisance or malicious calls; and
Monitor our systems and services to detect and prevent unauthorised usage.

For prevention and detection of crime. We have a legitimate interest to protect our business, network, and infrastructure from attacks and the prevention of crime and fraud. We also share information with other organisations (such as other Communications Providers and industry bodies) to effect this.

CALL DATA RECORDS (CDRS)

As with all communications providers, we process call data records (“CDRs”). These are the metadata of communications to and from our customers’ end users.

CDRs contain the following information about each phone call:

The calling party’s telephone number(s);
The dialled telephone number;
Any telephone number(s) involved in diverting the call;
The date and time of the call;
The duration of the call;
The carrier that the call originated from

Note: CDRs are not voice recordings, and convey no information about the nature of the call beyond the number of the called and calling parties.

RECIPIENTS OF PERSONAL DATA

We share your personal information with other service providers to help provide our services, including to:

Provide transit services, to keep us connected to some hard-to-reach parts of the Internet
Provide customer services, such as support ticket tracking;
Process payments, such as credit cards and Direct Debits;
Keep you informed regarding issues or planned maintenance on our network, via our Status Page
Analyse the information we hold.

We may disclose customer, end-user, or any other personal data, to third parties as may be required to comply with our legal obligations, or for the purposes of fraud prevention, and the prevention and detection of crime.

TRANSFERS OUTSIDE THE EEA

We may transfer your data to providers in the USA. They are all self-certified under the EU/US Privacy Shield.

We take all reasonable steps to ensure that your personal information is only used in accordance with this privacy policy and applicable EU data protection laws and is respected and kept secure.

DATA RETENTION

We will keep your data for no longer than is necessary for the purposes for which the data are processed.

If you have any concerns about how long specific information is held for, please don’t hesitate to contact us for clarification.

We will keep;

Customer contact details for a period of six years after your account is closed.
Details relating to any dispute for a period of six years after it is closed.
CDRs in their full form for a period of six months, except where these are the subject of, or likely to become subject of, a dispute or as otherwise required.
CDRs in anonymised form for a period of up to six years.
Copies of correspondence as long as you are a customer, and then six years thereafter.
Copies of your Invoices for as long as you are a customer, and then six years thereafter.
End Users data (such as EHA address information) for a period of three months after termination of the End User’s service or one year after the termination of the Customer’s service with us.
CCTV recordings for a period of up to 14 days, except where these are required for purposes of investigation or as evidence or we are notified they are likely to be required for such purposes.
Building access logs are retained for a period of 90 days unless otherwise required

In other cases, we’ll store personal data only for the period required, or longer if required by law. Otherwise personal data will be deleted or anonymised.

COOKIES AND OTHER INFORMATION GATHERING TECHNOLOGIES

We may use information tracking and gathering technologies that record and store information about users of the Website automatically. This can include using a “cookie” which would be stored on your browser. This information does not identify you personally.

We use this information to help us identify click stream patterns, to improve our Websites and to learn about the number of visitors to our Website and the types of technology our visitors use.

If you do not wish to receive cookies, there are a number of things you can do, including adjusting your computer’s settings to block cookies, or accepting them only on confirmation from you.

Your browser’s ‘help’ option will tell you how to adjust your cookie settings. However, please be aware that if you choose to delete or restrict cookies, some features of our website(s) may not work. You can also visit www.allaboutcookies.org, for more information about cookies and how to manage them.

YOUR RIGHTS

You have the following rights in relation to your personal information: (i) the right to be informed about how your personal information is being used; (ii) the right to access the personal information we hold about you; (iii) the right to opt-out of receiving direct marketing messages; (iv) the right to request the correction of inaccurate personal information we hold about you; (v) the right to request the blocking or deletion of your personal information in some circumstances and; (vi) the right to request that we port elements of your data either to you or another service provider.

To exercise any of the above rights, or if you have any questions relating to your rights, please contact us.

If you are unhappy with the way we are using your personal information you can also complain to the UK Information Commissioner’s Office or your local data protection regulator. We are here to help and encourage you to contact us to resolve your complaint first.

CONSENT

We process some personal data based on consent, such as for marketing purposes.

We obtain this consent by opt-in means only at the time of creating your account, subscribing to one or more of our mailing lists, or by specific request.

You may withdraw this consent at any time.

USE OF OUR SERVICES BY MINORS

We do not sell products or provide services for purchase by children, nor do we market to children. If you are under 18, you may use our website only with consent from a parent or guardian.

CONTACTING US

In the event of any privacy-related query or complaint, or to exercise your rights, please send an e-mail to support@onqcommunications.co.uk