Last updated on June 29, 2020
This notice explains how TextGrid manages and protects your personal data. We want to make sure that you understand what personal data we need from you in order to serve you better, how we use and protect your personal data, and why we need your personal data when you interact with us.
We have implemented strict personal data protection practices that ensure your data is safe while in our care. TextGrid wants you to know that we care about your privacy at all times and we are constantly looking for better ways to protect you and serve you better.
What is personal data?
It’s important to understand what we mean when we discuss personal data. Personal data refers to any information related to someone who can be identified through it either directly or indirectly. This means that, in some cases, a single element of information may not identify you but several pieces together will and, if they do, then they are considered personal data. Examples of personal data include your name, identification numbers, location, and factors specific to your physical, mental, economic, or social identity, among others.
What personal data protection and privacy regulations does TextGrid comply with?
Because we serve customers globally, we comply with different data protection and privacy regulations around the world, such as the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) and others. And because we understand we live in an interconnected world, we want to assure you that TextGrid commits to protecting all of our customers’ and visitors to our website’s personal data regardless of where they’re located. We respect your privacy rights at all times.
Is TextGrid a data controller or a data processor?
Some data protection regulations differentiate between a data controller and a data processor. A data controller is an organization that determines how to collect and process personal data, whereas a data processor is an organization that collects and processes personal data on a data controller’s behalf and under a data controller’s instructions.
TextGrid is both a data controller and a data processor.
As a controller, TextGrid collects and processes personal data from visitors to TextGrid’s website and from customers that sign up for our services. In this context, TextGrid determines how this personal data is collected, processed, and shared.
As a data processor, TextGrid collects and processes personal data from end users of TextGrid’s registered customers, and only does so as per customers’ requirements. Even if we’re not making decisions about how personal data is being processed, we continue to protect the personal data collected by us at all times.
How does TextGrid collect and process your personal data?
In order to provide you with an optimal web experience and also great products and services, we need to collect and process your personal data.
The following table explains what personal data we collect from you, how we process it, how we classify your personal data, and, according to personal data protection regulations, what is the legal basis for the processing of your personal data.
We classify your personal data as account data, usage data, content data, and visitor data.
|Personal Data Collected||Personal Data Processing||Type of Personal Data||Legal Basis for Processing|
|Contact data (name, address, email, company, phone number, IP address)||This data is used throughout your relationship with TextGrid, including opening an account, managing your account, giving you support, providing you with discussion boards, and communicating with you.||Account data||We process your information to fulfill our obligations to you as part of your engagement with TextGrid.|
|Your feedback about our service||In order to continuously improve our products and services, we collect your feedback through surveys, remarks, and ratings for the calls and messages on your account.||Account data||We process your information to fulfill our obligations to you as part of your engagement with TextGrid.|
|Sending and receiving phone numbers and text content||We use this data to be able to provide you with SMS and MMS texting services||Usage data
|We process your information to fulfill our obligations to you as part of your engagement with TextGrid.|
|Your current phone numbers||If you want to transfer (port) your number to TextGrid, we need your phone numbers to perform this transfer for you.||Account data|
|Voice recording||As part of our services, we store voice recordings for you, we provide you with the option to turn text into speech, and we provide you with other services such as call forwarding, call conferencing and IVR.||Usage data
|Payment management||In order to pay for our services, we need information about your payment method. We also keep history of your usage and payments for you to be able to verify our charges and, if necessary, dispute any billing.||Usage data
|Email address, name||If you are interested in hearing from us, you may sign up for our newsletter.Also, if you want to download any of our white papers, you may share your contact information with us so that we can follow up with you based on your interests.You may opt out of these communications at any time.||Visitor data||This is a legitimate interest on our part to ensure that we are giving you the right information and to engage with you.|
How does TextGrid share your personal data?
As part of the products and services that TextGrid offers to you, we need to share your personal data with our employees and some other third parties that help TextGrid deliver our products and services. We always make sure that we share your personal data when it is absolutely necessary to give you the best products and services, and we ensure that we do so in a safe and controlled way.
TextGrid does not sell or share your personal data for any monetary or business reason that will directly benefit or advance TextGrid’s business interests.
The following table explains who the parties are that we share your personal data with and the purposes why they need access to your personal data.
|Telecom carriers||Carriers require your personal data including your phone number and the content of your message or call.|
|TextGrid’s sub-processors||These are companies that provide services to TextGrid such as storage and infrastructure, payment services, support processing, and data analysis.Refer to the sub-processor page for a list of these service providers.|
How does TextGrid protect your personal data?
TextGrid takes the protection and security of your personal data very seriously. We use physical, organizational, technical, and administrative measures to safeguard your personal data, and regularly reassess and revise our policies and practices to improve security measures to protect personal data, and seek to partner with organizations that do the same.
No data transmission over the internet, whether wired or wireless, is 100% secure, so we cannot fully guarantee the security of information transmitted to TextGrid and cannot be responsible for the actions of any third party that may intercept any such information. Once we receive your data, we commit to making all reasonable efforts to protect it to ensure it resides securely in our systems.
If you believe that your personal data may have been compromised by TextGrid or by using TextGrid’s website, products, or services, please contact our support team immediately.
Where does TextGrid store your personal data?
The personal data that TextGrid receives from you resides in secure data storage.
For personal data stored in the US at any of our third-party providers, TextGrid ensures that we solely work with US third-party providers that comply with the EU-US Privacy Shield Framework.
Keeping in line with our commitment to protect your personal data, TextGrid ensures that all third-party providers we work with sign a Data Processing Agreement to ensure that they will protect your personal data according to TextGrid’s expectations.
Rights over your personal data
Privacy and data protection regulations such as the GDPR and the CCPA grant you rights that you can exercise over the personal data that organizations like TextGrid collect and manage about you. At TextGrid, we believe in providing these rights to all of our customers regardless of where they are located in the world. Every TextGrid customer has the same rights over their personal data.
Unless there are clear exceptions because of legal or regulatory requirements, we will work to ensure that your requests are addressed within 30 days. These are the requests you may contact TextGrid about:
To exercise any of the rights you have over your personal data or if you’re not able to complete your request directly through your account, please send an email to support@TextGrid.com. Once we receive your request, we’ll contact you to provide acknowledgement and request further information if required. We will never discriminate against you for exercising your personal data rights.
TextGrid has implemented automated decision-making rules to monitor payments and account activity to minimize the possibility of fraud. If we find suspicious activity that we believe is fraudulent, we will suspend the payment or the account and will notify you. You will be able to exercise your right to object, where we will explain to you the rationale that we followed for our decision.
Personal data breach notification
TextGrid, as part of our security and data protection measures, has implemented processes to deal with suspected personal data breaches, and will notify you and any applicable regulator of a breach where we are legally required to do so.
Should we learn of a security breach that affects your personal data, we will notify you to explain how this breach may affect you and to provide you with advice on how to protect yourself. We will contact you through the email address we have on file or by posting a notice on our website.
TextGrid’s personal data retention period
To comply with telecommunications and other regulations, we generally retain all the data that you generate as part of your relationship with TextGrid for seven (7) years after you close your account, unless otherwise required by legal, security, or other requirements in accordance with the applicable law.
TextGrid’s Data Processing Addendum
In our role as a processor, we are happy to provide you with a Data Processing Addendum (DPA), where we commit to safeguarding the personal data that we process on your behalf, supporting you on any request you may receive from individuals or Data Protection Authorities, and ensuring that we process personal data according to personal data protection regulations such as the General Data Protection Regulation in the EU.
TextGrid’s contact information
If you have questions about how TextGrid collects, uses, discloses, or protects your personal data, or if you have questions about this privacy notice, including any requests to exercise your personal data rights, you may contact our appointed Data Protection Officer:
Data Protection Officer
Email address: firstname.lastname@example.org
Phone number: +1 (415) 900-1143
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), TextGrid has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
UK General Data Protection Regulation (GDPR) – UK Representative
Pursuant to Article 27 of the UK GDPR, TextGrid has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
EU-US Privacy Shield
Onward Transfers of Personal Data. Except as described herein, TextGrid discloses personal data only to third parties that contractually agree to abide by or provide the same level of protections as set forth in the Privacy Shield Principles. TextGrid may provide personal data to third parties that act as service providers, consultants, and contractors to perform tasks on behalf of and under our written instructions (“Third Party Agents”). Third Party Agents must agree to use such personal data only for the purpose for which it is provided by us, and they must contractually agree to provide adequate protections for the personal data that are no less protective than those required by the Privacy Shield Principles. In cases of onward transfer to third parties of personal data covered under our EU-US Privacy Shield or Swiss-US Privacy Shield certifications, TextGrid may continue to be liable.
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.