Last updated April 15, 2019 (modified to reflect the TokBox services and Vonage’s service offering in Australia)
- Who we are
- What information we collect
- Why we collect your information and how we use it
- EEA users and our “lawful bases” for using their data
- Who we share your data with and why
- How we protect your information
- Where we store your information and international transfers
- How long we keep your information
- How to access and control your information
- Other important information
- How to contact us
- Cookies and Tracking Notice
Who we are
Vonage Holdings Corp., including its corporate affiliates, is a global provider of cloud communications. For our business and residential customers, we offer a complete and fully-configured unified communications solution for the delivery of end-to-end communications via voice, video, text, mobile applications, and collaboration tools. Through our subsidiary Nexmo Inc., the Vonage API Platform, we provide our communications services in programmable modules delivered via APIs and SDKs, enabling our customers to incorporate these services into their own applications to serve their own customers.
If you are a customer located in the European Economic Area (“EEA”), the following corporate affiliates of Vonage Holdings Corp., may also process your personal data as joint controllers with Vonage Holdings Corp., including for the provision of their products and services, marketing and support:
- Vonage Limited (company number 05199171) with a registered address of 5 New Street Square, London, England EC4A 3TW
- Nexmo Limited (company number 07935346) with a registered address of 5 New Street Square, London, England, EC4A 3TW
What information we collect
We collect your information in the following ways:
- Information you provide directly to us. When you subscribe to our newsletters, register for one of our webinars, sign up for our services, request us to contact you, or through other interactions with us, we may ask you for certain personal information, such as your name, birthdate, address, e-mail address, telephone number, company name, job title, or payment information. When you request support from us, we may also collect information from you such as contact information, documentation, screenshots, or other information you or we may believe is helpful to solving the issue. When you speak with our customer service or sales representative on the phone, your calls may be recorded and/or monitored for quality assurance and training purposes. In certain circumstances, we may collect your Social Security number from you for a limited purpose, such as for tax reporting relating to a payment for a customer referral or to facilitate an international money transfer.
- Information we collect automatically when you visit our websites. We and our third-party partners, such as our advertising and analytics partners, collect information about your visits to our websites and your interactions with our ads or content, together with information such as your IP address, cookies, and other tracking technologies (e.g., web beacons, device identifiers, and pixels). For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.
- Information we get from third parties. Third party sources of information include:
- Third party services and social media. If you create an account or access our services through your account with a third-party service, such as Facebook, Google, LinkedIn, GitHub or Twitter, or use a social media feature through our services, certain personal data from those third-party social media services may be shared with us, such as your interests, “likes,” and friends list. We may use this information, for example, to personalize your Vonage experiences and marketing communications, to enhance our services, and to better serve you. You can control this data sharing via options in your social media accounts. We may also collect information from third party services that are integrated with our services, such as third-party CRMs or other applications that you authorize our services to connect with.
- Credit agencies. We may obtain your credit information from third party reporting agencies in order to control our own credit risk in onboarding new customers.
- Demographic, lead, and interest data. We may obtain information from outside companies such as those that collect customer information including demographic and interest data. Examples of this information include your employment status, your job title with your current employer, and your business contact information. We use this data and combine it with other information we have about you to help us predict your preferences and to direct marketing offers that might be more relevant to you. We also obtain where permitted by law contact information and other marketing lead information from third parties, website “refer-a-friend” options or social media platforms and may combine it with information we have to contact you or direct Vonage marketing offers to you.
- Information about our customers’ users. Our customers and other third parties may also provide us with personal information about our customers’ users and others. For example, we may receive personal information and other information from our customers, message senders, mobile network operators, databases with information relevant to mobile telephone numbers submitted to our services, and other third parties. This information may include, without limitation, telephone numbers, telephone numbers’ validity, type (e.g., mobile, landline, etc.), corresponding device status (e.g., whether or not it is currently available for messaging), roaming status, carrier, country of location, and whether or not the number has been ported and is used to help us provide our services.
- Information collected in connection with your use of services delivered via our
platform. We and our service providers may collect information in connection with your use
of communications services delivered via our platform.
- Communications usage information. This includes information about your communications delivered via our platform such as the time and duration of usage, source and destination identifiers, completion status, location, IP address, and amount of usage.
- Communications content. To enable you to send and receive communications via our platform, we need to be able to handle the content of the messages, calls, and other communications channels used by you. This also includes, for example, voicemails and call recordings recorded via our services.
- Device information. Where we have provided end user equipment to you, such as an analog
telephone adapter or a VoIP phone, or you have installed our software on your device, we collect
device-specific information from you. This includes, for example, your hardware model, operating system
version, firmware, browser information, device and network configuration, device identifier, IP address,
device performance, signal strength, call quality, telemetry, and mobile or wireless network
information. We use the device information we collect in order to deliver and improve our services.
- Your contact lists and address book. If you use our mobile apps, we may request your permission to access and store the contact list or address book maintained on your mobile phone, tablet, or other broadband-connected device. Your contact list is considered your personal data. We may use your contact list information to facilitate certain services where selected by you such as to enable you to make calls easily and to facilitate calls, texts, and other services. We may also facilitate the delivery of messages to individuals in your contact list that you wish to invite to download our mobile apps so that you can utilize our services with these selected individuals, although it is always your choice to send invites to such individuals. We will not use your contact list information for other purposes without first notifying you of the proposed use. You do not have to allow us to access your contact list information, but if you do not, certain features of our mobile apps may not be available to you. You may at any time opt out from allowing this access via the privacy settings on your device.
- Mobile device camera, microphone and photos. If you use our mobile apps, we may request your permission to access the camera, microphone, and photos on your mobile device, to make and receive voice and video calls and messages and to send photos to others. You do not have to allow us to access these functions of your device, but if you do not, certain features of our mobile apps may not be available to you. You may at any time opt out from allowing this access via the privacy settings on your device.
- Your location information. If your mobile device is equipped with GPS or can connect with wireless access points or hot spots, or if your mobile device is also a phone that communicates with cell towers or satellites, then your mobile device is able to use these features to determine its precise geographic location. You may use the mobile app to do a one-time share of your precise geographic location through a message in a chat session by pressing the location attachment button within the mobile app (a “Location Share Event”). We will retain the Location Share Event within your chat session on the mobile app until you delete the message. Your precise geographic location, including a Location Share Event, is considered your personal data. To the extent our mobile apps collect precise geographic location, you may at any time opt out from further allowing us to have access to your mobile device’s precise location information via the mobile app’s location settings on your mobile device.
Why we collect your information and how we use it
How we use the information we collect depends on which of our services you use, how you use them, and specific preferences you may have communicated to us. We list below the specific purposes for which we collect your information.
- To deliver our services. We use your information because it is necessary to perform our obligations in delivering our services to our customers. This includes delivering your communications to the intended end user, processing transactions with you (such as billing), authenticating you when you log into our platform, providing customer support, and operating and maintaining our services. We also need your information to communicate with you about the services, including registration confirmations, purchase confirmations, expiration or renewal reminders, responding to your requests, and sending you notices, updates, security alerts, administrative messages, and other communications necessary to usage of the services.
- To carry out core activities relating to our services. To effectively deliver our
services to you, we use your information to engage in important supporting activities such as:
- billing and collections, including maintenance of records in the event of a subsequent billing dispute;
- preventing fraud, violations of our acceptable use policies, and unlawful activities;
- troubleshooting, quality control, and analytics; and
- monitoring the performance of our systems and platform.
- For research and development. We are constantly looking for ways to improve our services, to make them more reliable, secure, and useful to you and our users generally. We use data regarding our users’ communications on our platform to understand how our services are performing and how they are being used in order to identify areas where we can do better. For instance, we may use message delivery and call connection information to gauge the effectiveness of our routing to ensure that your messages are delivered and your calls are connected. We and our service providers may use your information to assess the level of interest in, and use of, our services, our communications to our customers, and our other messaging campaigns, both on an individual basis and in the aggregate. We also use information about your use of our websites to understand how our website visitors are using our websites. Among other things, this usage information, along with tracking technologies, enables third-party analytics companies, such as Google Analytics, to generate analytics reports on the usage of our services. To opt out of your usage information being included in our Google Analytics reports, you may follow these instructions.
- To comply with legal requirements. Applicable laws or regulations may require our processing of your data, such as laws mandating retention of communications data.
- To protect our legitimate business interests and legal rights. Where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
- According to your explicit consent. If we wish to use your information for certain purposes which require consent under applicable law, we will first seek out and obtain your consent. This may include, for example, testimonials or case studies that identify you in your individual capacity.
European Economic Area users and our “lawful bases” for using their data
European data protection law requires organizations like us to provide a lawful basis to collect and use your information. Our lawful basis to collect and use information from our EEA users include when:
- We need it in order to provide you with the services and to carry out the core activities related to our provision of the services.
- We need to comply with a legal obligation.
- We have a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the services and to protect our legal rights and interests.
- You give us your consent to do so for a specific purpose.
Who we share your information with and why
We may share your information as detailed below:
- Third-party service providers that help us to deliver the services and allow us to operate our
- Communications providers. As the provider of a communications platform, we share the data we collect from you with communications providers (including traditional PSTN telecommunications companies and over-the-top communications service providers) as necessary in order to provide you with the services. These are the telecommunications companies, for instance, who we need to ensure your calls, messages and other communications reach the people you want to contact.
- Business operations vendors. We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. We only work with carefully selected vendors, and we require any vendors with whom we share personal data to protect the confidentiality of such information and use it solely for the purposes for which it was shared.
- Partners. In the event that you purchase services offered by Vonage or a partner through a special marketing arrangement (for example, through a co-branded advertisement or offer, or an arrangement where we and a partner market or offer the other’s products or services), we may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.
- Compliance with law enforcement requests and applicable laws; enforcement of our rights. We may disclose personal data as required by applicable law, regulation, legal process or government request; to protect Vonage, our services, our customers or the public from harm or illegal activities; and to enforce our agreements, policies and service terms.
- With your explicit consent. We share information about you with third parties when you give us consent to do so. For example, we often display use cases or testimonials of satisfied customers on our public websites and require your consent to identify you in your individual capacity. If you are a business customer, and have requested this, your business name and phone number may be included in public directories.
- Sharing with senders and recipients of communications. The name on your account, or a portion thereof, and/or your phone number may be displayed to people that you make calls to and to other users of the services so that they may contact you. Depending on the service you’re using, you may be able to control what’s displayed by adjusting your settings within the mobile app or your customer account, or by contacting customer care at the address provided when you signed up for the services.
- Vonage affiliates; business transactions. We share your information with and among our corporate affiliates in order to operate and improve the services we provide to you; and we may share your information in connection with a sale, merger, liquidation, or reorganization of our business or assets.
- Credit control. We conduct credit checks on new customers in order to control the risk of non-payment. In the event of non- or late payment, we may disclose your name, address and other details to credit bureaus and agencies. They may use that information to assess your credit rating and provide that rating to other companies.
How we protect your information
Vonage has implemented administrative, physical, and technical safeguards to help protect the personal data that we transmit and maintain. However, no system or service can provide a 100% guarantee of security, especially a service that relies upon the public internet. Therefore, you acknowledge the risk that third parties may gain unauthorized access to your information. Keep your account password secret and please let us know immediately if you think your password was compromised. Remember, you are responsible for any activity under your account using your account password or other credentials.
Where we store your information and international transfers
Personal information held by Vonage is stored on and processed on computers situated in the United Kingdom, the EEA, the United States, and in other jurisdictions. We and/or our service providers also process data in some other countries for customer care, account management and service provisioning.
If you are an EEA resident, your personal data held by Vonage may be transferred to, and stored at, destinations outside the EEA that may not be subject to equivalent data protection laws, including the United States. When you sign up for service with Vonage or inquire about our services, we transfer your information to the United States and other countries as necessary to perform our agreement with you or to respond to an inquiry you make. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers.
- International transfers within Vonage and its corporate affiliates. To facilitate our global operations, we transfer information among our corporate affiliates in countries whose privacy and data protection laws may not be as robust as the laws of the countries where our customers and users are based. We utilize standard contractual clauses approved by the European Commission and rely on the European Commission’s adequacy decisions about certain countries, as applicable, for data transfers from the EEA to the United States and other countries.
How long we store your information
We store your information until it is no longer necessary to provide the services or otherwise relevant for the purposes for which it was collected. This time period may vary depending on the type of information and the services used, as detailed below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible. We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from anonymized information retained or used for these purposes.
- Customer account information. We store your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services.
- Communications usage information. While you’re an active customer, we retain the communications usage information generated by your use of the services until the information is no longer necessary to provide our services, and for a reasonable time thereafter as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services.
- Marketing information, cookies and web beacons. If you have elected to receive marketing e-mails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our services, such as when you last opened an e-mail from us or visited our websites. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
- Device information. We collect device-specific information from you when we have provided end user equipment to you, such as an analog telephone adapter or a VoIP phone, or you have installed our software on your device. If you do not revoke our access to this information via the privacy settings on your device, we will retain this information for as long as your account is active.
How to access and control your information
- Opt out of communications. You may opt out of receiving promotional communications from us by using some or all of the following methods: the unsubscribe link within each e-mail, updating your e-mail preferences within your service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional e-mail list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our services. Depending on your type of account with Vonage, you may be able to opt out of some notification messages in your account settings.
- Your rights as an EEA resident. If you are from the EEA, you may have broader or
additional rights, including:
- to be provided with a copy of your personal data held by us;
- to request the rectification or erasure of your personal data held by us;
- to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
- to object to the further processing of your personal data, including the right to object to marketing and profiling; and
- to request that your provided personal data be moved to a third party.
Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us. If you do not want your personal data used by Vonage for any direct marketing purposes, or shared with third parties for their own marketing use, then you may opt out of such use or sharing by contacting us, even if you have previously consented to such use.
If you have any concerns or complaints regarding the treatment of your personal information by us, or you believe we have breached any privacy law in relation to your personal information, please contact us. We will treat any concerns or complaints confidentially. We will promptly investigate any concern or complaint that you raise with us.
You can exercise the rights listed above at any time by contacting us and if you feel that your request or concern has not been satisfactorily resolved, or if our response was not provided within a reasonable time, you may approach your local data protection authority (links here for residents of the EEA or Australia). The Information Commissioner is the supervisory authority in the United Kingdom and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.
Other important information
- Information from children. Vonage does not sell products or services for purchase by children and we do not knowingly solicit or collect personal data from children or teenagers under the age of eighteen. If you believe that a minor has disclosed personal data to Vonage, please contact us.
- Your California privacy rights. California's “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California consumers asking about the businesses' practices related to disclosing personal information to third parties for the third parties' direct marketing purposes. Alternately, such businesses may have in place a policy, as we do, only to disclose personal information of consumers to third parties for the third parties' direct marketing purposes if the consumer has opted into such information-sharing.
- Note for Vonage Integration Suite users. Vonage's use of information received from Gmail APIs will adhere to Google's Limited Use Requirements.
How to contact us
You can use the “Exercise Your Rights” button located on this page to submit a request to the Vonage Privacy Team.
Additionally, if you are a resident of the EEA, the data controller responsible for your information is Vonage Limited, which you can contact as follows:
15 Bonhill Street, 3rd Floor
Vonage Holdings Corp.
23 Main Street
Holmdel, NJ 07733 USA
Cookies and Tracking Notice
They also help us track users, conduct research, allow you to back click to earlier registration pages viewed by you and improve our content and services. For instance, we may use web beacons on our websites to access and set cookies and otherwise help us to better understand how users are moving through our websites. Information provided by the web beacon includes the computer’s IP address, the type of browser being used and the time that the web beacon was viewed. We may also use web beacons in e-mails and newsletters so that we know when such communications have been opened and to otherwise help us tailor our communications to individual users.
- When it’s strictly necessary
These cookies and other technologies enable us to recognize you when you return to our service and to maintain your web session so you can more easily navigate the subscription process or your viewing of your call details. They are also essential for you to access secure areas of our sites, for example, to use shopping baskets or make payments.
Google Tag Manager is a third-party service provider that allows us to manage website tags via an interface. Tags are small elements of code that are used, for example, to measure traffic and visitor behavior, to understand the effect of online advertising and social channels, to set up remarketing and orientation towards target groups, and to test and optimize websites. Google Tag Manager only implements tags. This means that no cookies are used and, as a result, no personal data is recorded. We list it here for completeness and to be transparent about the tools we use. If deactivation has been performed at a domain, page, event or 3rd party script level, this remains in place for all tracking tags if these are implemented with Google Tag Manager.
- For performance and analytics
- To enable functionality
These cookies and similar technologies can tell us which language you prefer and what your communications preferences are. They can help you fill out forms on our sites more easily. They also enable customization of the layout and/or content of the pages on our sites.
- For targeted advertising
- Social media cookies and widgets
We use social media platforms to advertise to you online and to monitor the success of our advertising (for instance by receiving reports when you click on our ads on Facebook, LinkedIn and others). We summarize the main advertising and social media partners who drop cookies below:
- DoubleClick: Google's Doubleclick re-targeting cookie lets us serve personalized advertising to you when you're browsing other websites and social media platforms. You can control advertising personalization on Google and partner websites here.
- Facebook Custom Audience: This service from Facebook enables us to display personalized ads to people on our e-mail lists when they visit Facebook. We provide personal information such as your e-mail address and phone number in encrypted form to Facebook (so they cannot be seen by anyone at Facebook) to enable Facebook to determine if you are a registered account holder with Facebook.
- Twitter advertising and remarketing: We advertise on Twitter and our advertising content will be tailored to your interests on the basis of your browsing behavior and the pages you have consulted on this and other websites. In order to improve the relevance of our marketing content, the cookie may therefore transmit such data to Twitter, who will use it to understand your interests better including to benefit their other advertising customers. If you decide that you do not wish your browsing data to be collected, you can find comprehensive information on Twitter’s advertising policy and the steps you can take to protect your privacy here.
How to control cookies