(Last Updated: 9th May 2018)
At Hoxfon we want to be as transparent as possible in regard to our customers’ privacy. Please take a few minutes to read this document, so that you understand what information we collect and why. This document also includes a list of third parties services we share data with. Hoxfon follows the EU GDPR regulation for all the users’ personal data regardless of the users’ country of residence. The user’s personal data are stored in Ireland in databases provided by AWS.
It is important to notice that we only collect information that allows us to provide you with the best service and to keep you and our services clear of fraud.
Our Privacy Policy applies to our websites (including www.hoxfon.com) and our mobile applications, which collectively will be referred to as “our Services” in the following paragraphs.
We collect the following information provided by users to Hoxfon using our Services: first name, last name, email address, telephone numbers, physical addresses. We store user’s personal data in databases located in Ireland provided by AWS. For the registration of telephone numbers we share your SIM number, first name, last name, email and (only when required) physical address with our Telecom partner Twilio.
We collect the following data from you when you register for the newsletter on the website: - first name - last name - email - device used
When you register to use our Services we collect: - your telephone number to verify that you own it and to log you in. Your telephone number is securely stored along with your account information. - first name - last name - email address We use Facebook Account Kit for the telephone number verification. For further details please refer to the Facebook Account Kit FAQ page.
In order to register a new telephone number we collect: - first name - last name - email address - payment details including postcode In some cases we are required also to collect your physical address by the local Telecom authority of the Country where the number is in. Your first name, last name, e-mail and your physical address are processed by our Telecom partner in compliance to the Government legislation of the Country where you are registering your telephone numbers.
In order to make purchases using our Services, we may collect credit card, debit card or additional payment information from you. However, it’s important to note that we do not store any of this payment information or process any of your payments on our servers, but rather use ‘Stripe’ as payment gateway. Therefore, any information regarding your payment processing and security must be verified in Stripe’s own Terms of Service Agreement and Privacy Policy. Hoxfon is a “Partner Application” as defined in the Stripe Terms of Service. By using Hoxfon and agreeing to the Hoxfon Terms of Service, You also agree to be bound by Stripe’s Terms of Service. You expressly understand and agree that Hoxfon shall not be liable for any payments and monetary transactions that occur through Your use of the Service. You expressly understand and agree that all payments and monetary transactions are handled by Stripe. You agree that Hoxfon shall not be liable for any issues regarding financial and monetary transactions between You and any other party, including Stripe. You are responsible for all transactions (one-time, recurring, and refunds) processed through the Service and/or Stripe. Hoxfon is not liable for loss or damage from errant or invalid transactions processed with Your Stripe account. This includes transactions that were not processed due to a network communication error, or any other reason. If You process a transaction, it is Your responsibility to verify that the transaction was successfully processed. You understand that Hoxfon uses the Stripe API to run the Service and that the Stripe API is subject to change at any time and such changes may adversely affect the Service. You understand and agree to not hold Hoxfon liable for any adverse effects that actions (whether intentional or unintentional) on the part of Stripe may cause to Your Stripe account, Your Hoxfon account, or Your business.
The payment processor, ‘Stripe’, may provide Hoxfon with an unique authentication token to make payments requests with. The payment processor ‘Stripe’ may also provide Hoxfon with information such as your name, credit card type, expiration date, and the last four digits of your credit card number. This information is used only to make single payment requests, or to register the user for an ongoing subscription that requires automatic payments in the future. In addition, Hoxfon may also request and receive any payment history between the user and Hoxfon. The personal data of the payment method owner is not stored by Hoxfon, however is shown in the app upon an user request.
You must not process stolen credit cards, or unauthorized credit cards through Stripe and/or Your Hoxfon account.
Stripe’s privacy policy is available at https://stripe.com/privacy.
The Hoxfon Apps use device specific capabilities in order to provide our customer with the best possible service.
Access your device telephone number
The Hoxfon Apps automatically fill in your number information obtained from the device. Your device number or the telephone number you provide during registration is securely stored and kept from third parties at any time. With the exception of our Telecom partners and Facebook Account Kit which perform telephone number verification.
SMS access
The Hoxfon Apps automatically fill in the authorisation code information received by SMS. In order to do that the Apps request access to the user’s telephone SMS.
Microphone access
The Hoxfon Apps use your microphone during telephone calls to allow your voice to be transmitted when making and receiving calls.
Access to your contacts
The Hoxfon Apps access your telephone contacts list to allow you to browse your contacts directly in the App. This data is only available to the Apps installed on your device. Your contacts list is never sent to the server and/or it is never stored in a central database. Your contacts are not shared with third parties at any time.
Monitor the telephone status
The Hoxfon Apps needs to be able to check whether there are ongoing calls when receiving a call on a Hoxfon number.
Calls and SMS logs
Our Telecom partner receives in real time and stores call data, including the date and time of the call or SMS message, the parties’ telephone numbers, and the content of the SMS messages.
Registered users can amend and review their personal information at any time by accessing our Services. We ask users to keep this information accurate and updated at any time. Hoxfon may keep some information after an account termination or suspension in compliance with the law to prevent fraud, assist with investigations, resolve disputes, analyse, enforce our Terms of Service, or take other actions permitted by the law. In case you terminate your account, Hoxfon may keep some information to prevent the same user from re-registering. Hoxfon removes all personal user data within 7 days when the user doesn’t verify the email address. In case the email is verified the user data are stored until the user request its deletion or decide to terminate using the service.
Hoxfon uses Google Analytics to track anonymously visits on the website. The tracking data are deleted automatically after 26 months by Google Analytics. Hoxfon uses IP Anonymization to prevent the visitor real IP address to be processed by Google Analytics.
In the event of a company merger or acquisition by another company the data we collect will be shared with this company, including with companies established outside the European Union, on the terms and to the extent authorised by law and in accordance herewith.
We may be constrained to communicate your personal data under a law or a statutory provision in force, a legal order or a regulation, or if this disclosure is required in the context of an investigation or proceedings, within the national territory or abroad.
We’ll only store your personal data for as long as is necessary to fulfil the purposes outlined in this Privacy Policy or for as long as we reasonably consider necessary to establish, exercise or defend our legal rights. Your data will be retained in line with statutory and regulatory requirements. The criteria used to determine these retention periods includes: - To comply with the minimum regulatory retention requirements as set by OFCOM. - To comply with the statutory retention periods for accounting records, as set by the Companies Act and HM Revenue & Customs (HMRC). - To comply with the retention periods set by the TRAS Fraud Prevention Agency Where our retention periods are not governed by legislation, our retention policy is based on commercial justifications, which have been set in accordance with the principle of retaining personal data for no longer than is necessary for the purposes for which it is processed. These include: - To comply with our Supplier Licence Conditions - To enable us to provide you with our products and services - To allow us to resolve any disputes or complaints - For the detection and prevention of fraud
You have the right to request access to a copy of your personal data. You are entitled to obtain confirmation that your data is being processed, access to a copy of your personal data, and other supplementary information which largely corresponds to the information that should be provided in a Privacy Policy. Should you wish to exercise this right, please contact us with a description of the information you would like to see. We will provide our response to you without undue delay and within one month of receipt of your request. Please note, however, that in certain circumstances we are not required to provide the information requested. Where requests are manifestly unfounded or excessive, in particular because they are repetitive, we may charge a reasonable fee taking into account the administrative costs of providing the information, or refuse to provide the information. Where we refuse a request, we will explain our reasons for the refusal, and remind you of your right to complain. Certain personal data may be exempt from such requests in certain circumstances. If an exemption applies, we will tell you this when responding to your request. We may request that you provide us with information necessary to confirm your identity before responding to any request you make.
You have the right to ensure that any information we hold about you is accurate and kept up to date. Please let us know if you would like to update any inaccurate or incomplete records.
You have the right to request the restriction of processing of your personal data under specific conditions, unless we have a lawful reason to continue, such as for the establishment, exercise or defence of legal claims.
You have the right to request a copy of personal data you have provided to us in a structured, commonly used and machine readable format, so that you can transmit this to another organisation. Where technically feasible you can also request that we transmit this data to another organisation.
You have the right to object to processing which is based on:
Legitimate interests
Tasks carried out in the public interest
Direct marketing
You have the right not to be subject to any decisions made based solely on automated processing, including profiling, which produces legal effects or significantly affects you. Where such decisions are made, you have the right to:
Obtain human intervention
Express your point of view
Obtain an explanation of the decision and challenge it
We may also collect information about your device type, browser, IP address, referrer websites. Hoxfon uses this information to analyse and improve our services performance and to protect against fraud. The app shares tracking information with the following third party providers: - Fabric: for crash and bug reporting, statistics and analytics reports; - Amazon Mobile Analytics: for statistics and analytics reports; - Sentry: for crash and bug reports; - Firebase: for crash and bug reporting, statistics and analytics reports; - Facebook: for statistics and analytics reports; - Twilio: for quality purposes related to telephony services. You may opt-out from crash reporting and analytics and statistical reporting by following the opt-out procedure in the app.
For operation and maintenance purposes, our Services and any third party services may collect files that record users interaction with our Services and other data such as IP Address, device name, device type and manufacturer, operating system type and version, wireless carrier, network type, Country of origin and the dates and times of your interactions.
To see how we use Cookies please refer to our Cookies Policy
Any personal information that we store is contained behind secured networks and is only accessible by authorized employees who have special access rights to such systems, and are required and trained to keep the information confidential. In addition, all data communications is protected by industry-standard Secure Socket Layer (SSL) encryption technology.
If a data breach occurs, Hoxfon will notify you and the supervisory authority within 72 hours. We will do our best to provide you with actionable steps to ensure your privacy is not compromised after the breach.
Hoxfon and third parties will retain your information for as long as is required in order to meet our obligations under applicable laws and for the purposes of collecting that information as described in the section “What personal data we collect”. You may ask for your personal information to be completely deleted, in which case we must also terminate your account. You may ask for a copy of your personal data that Hoxfon stores.
Hoxfon may contact you by email to deliver our Services invoices, to communicate important changes on how we provide you with our Services, in case of faults in our Services that we think you should be informed about, in case of suspension or termination of your account and/or for any details regarding violations when using our Services and whenever contacting by email is part of our Services that you subscribed to.
Hoxfon may send you alerts by email or SMS or push notification to notify you when someone has tried to contact you on your purchased telephone numbers.
Hoxfon may email you about surveys, feedback requests, special offers and other marketing campaigns. You may opt out of receiving further communications by following the opt-out procedure in the app or outlined in the communication you receive.
Hoxfon reserve the right to amend this document to reflect changes in the law, new features provided by our services or advances in technology. You can find the most updated version on this Internet page or on another page if explicitly specified. The new version will become effective on the date it’s posted, which is reported at the top of the page.
In case that you do not agree with the way we use your information or the way that a third party uses your information, or any term or provision of this Privacy Policy, as now existing or as amended in the future, you may simply stop using our Services.
If you have further questions regarding our Privacy Policy you can contact us at help@hoxfon.com.
Get Hoxfon on the AppStore or on the PlayStore. Join hundreds of people like YOU and leave your feedback. We want to hear your suggestions, comments and frustrations; so we can design a better App around your needs.