December 31, 2016
This Privacy Statement (“Statement”) describes how information about you is collected, used, and disclosed by ITHAX S.A. (“ITHAX”) and provides other important privacy information, describes when and how we may change this Statement, and tells you how to contact us with any questions or comments.
WHAT TYPES OF INFORMATION WE COLLECT ABOUT YOU
We collect information about you and your associated device(s) when you use our products or services or otherwise interact with us or with third-party services through our products and services. Examples of the types of information we collect include:
- Personal
Information
“Personal Information” means information that we directly associate with a specific person or entity (for example, name; addresses; telephone numbers; email address; Social Security Number; call records; wireless device location). Personal information does not include “de-identified,” “anonymous,” or “aggregate” information – which are not associated with a specific person or entity. - Customer
Proprietary Network Information (CPNI)
Customer Proprietary Network Information, or “CPNI”, is a subset of Personal Information that is generated in connection with the telecommunications services we provide to you. CPNI includes, for example, call details, call location information, and certain information about your rate plans and features. CPNI does not include your name, address, and phone number.
- Credit
and Financial Information
We collect information about your credit card or banking information, Social Security Number, and credit history for account opening, management and billing and collection purposes. - Network
and Device Information
We may collect information about your use of our network (or other carriers’ networks when roaming domestically and internationally) and the device(s) associated with your account, network data related to WiFi usage and device, and performance information, as well as data relating to your use of our website, applications and other products and services. - Location
Data
We may collect your device’s location whenever it is turned on (subject to coverage limitations). - Performance
and Diagnostic Data
We may collect performance and diagnostic data about your use of our network, networks you roam on, WiFi services or your device. For example, we may collect information about the performance of the device, signal strength, dropped calls, data failures, battery strength and other device or network performance issues. We may also collect information about applications on your device, the fact that an application has been added, when an application is launched or fails to launch, and length of time an application has been running. - Back
Up and Cloud Services
Some devices may automatically upload to ITHAX network servers information you have stored on the device and/or SIM card in order to facilitate specific functions. For instance, some devices may back-up your address book, photo album, or diagnostic data. You may choose to disable such uploads, but this may affect functionality of the device or your services. We may also provide you the ability to upload other information from your device to ITHAX or third-party network servers. For instance, you may have the option to upload pictures, text messages, recordings, calendars, tasks, or notes. - Collection
of Information About Children
We do not knowingly solicit children to purchase our services or products. If, however, you authorize a child to use our services or products by providing them a device associated with your account, any information associated with such use will be treated as your information in accordance with this Statement. If you are the primary account holder, you will have the ability to set the marketing preferences for any other lines on your account, including those for any children to whom you provide a device.
Our websites are not designed to attract children under the age of 13 and we do not intentionally or knowingly collect Personal Information on our websites from anyone under the age of 13. We encourage parents to be involved in the online activities (including wireless Internet browsing) of their children to ensure that no information is collected from a child without parental permission.
HOW INFORMATION ABOUT YOU IS COLLECTED
ITHAX collects information about you in three primary ways:
- Information
You Provide
We collect information that you provide to us when you apply for, purchase, or use our products or services, or otherwise communicate with us.
For example, some of the ways you may provide information to us include:- When you sign up for our voice or data services or purchase other products or services, we may collect personal contact, billing, and credit information.
- When you establish or modify an online account, we may collect user identification information, passwords, and/or security question responses that you will use for future sign-on.
- When you interact with our customer service representatives, enter information on our websites, submit survey responses, or pay for services, we may also collect Personal Information and other information. We may monitor and record phone calls, e-mails, live chats, or other communications between you, your device, and our customer service representatives or other employees or representatives.
- When you use our services on a phone provided to you by an account holder.
- Information
We Collect Automatically
We automatically collect a variety of information associated with your use of your device (on our network, when roaming, or in WiFi mode) and our products and services, some of which may be associated with you or another user on your account.
For example some of the ways we may automatically collect information include:- Our systems capture details about the type and location of wireless device(s) you use, when the device is turned on, calls and text messages you send and receive (but we do not retain the content of those calls or messages after delivery), and other data services you use.
- We may also gather information about the performance of your device and our network. Some examples of the types of data collected include: the applications on the device, signal strength, dropped calls, data failures, and other device or network performance issues.
- Cookies,
Web Beacons, and Similar Technologies
We may use, or we may engage third-parties to use on our behalf, cookies (small data text files placed on your computer or device) or similar technologies to identify your computer or device and record your preferences and other data so that our websites can personalize your visit(s), see which areas and features of our websites are popular, and improve our websites and your experience.
We may also use web beacons (small graphic images on a web page or an HTML e-mail) to monitor interaction with our websites or e-mails. Web beacons are generally invisible because they are very small (only 1-by-1 pixel) and the same color as the background of the web page or e-mail message.
The information we receive through cookies, web beacons and similar technologies may enable us to recognize users across devices, such as smartphones, computers, tablets or related browsers. Depending upon your device or computer, you may be able to set your browser(s) to reject cookies or delete cookies, but that may result in the loss of some functionality on our websites. If we combine or link cookie or web beacon information with Personal Information, we will treat the combined or linked information as Personal Information under this Statement. - Web
Browsing Activity
Our Websites. When accessing our websites, mobile websites and related applications and widgets designed for your device or web-based experience, we automatically collect certain information about your device and your visit, such as your IP address, browser type, date and time, the web page you visited before visiting our website, your activities and purchases on our websites, and other analytical information associated with the sites.
Other Websites. When your device’s web browser utilizes our data services to access websites other than our own, we automatically capture information associated with your browsing activities, and measure and monitor network and Internet connection performance, throughput, latency, and similar network data.
Do Not Track Statement. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the websites you visit indicating that you do not wish to be tracked. Those sites (or the third party content on those sites) may continue to engage in activities you might view as tracking even though you have expressed this preference, depending on the sites’ privacy practices. Because there is not yet a common understanding of how to interpret the DNT signal, we do not currently respond to the browser DNT signals when you use our services and products or interact with our websites or online services. We do allow you to exercise choice regarding the collection of information by third parties about your online activities over time and across third-party websites or online services for online interest based advertising purposes and to opt out of our interest-based advertising on your device, as described below. - Voice
Controlled Applications
If you use a voice-controlled application, that application may collect and record your requests and other information from you and your phone. - Retail
Beacons
We may use beacon devices in our retail locations that collect data about your device. These programs use signals from smart devices (like mobile phones and tablets) to track movement and wait times. Retail beacons collect a unique identifier that your device routinely transmits (e.g., a MAC address) and coverts it to an identifier unique to ITHAX. In some cases, we will use identifiers that are already routinely collected by the ITHAX network in order to provide you with wireless service. We use aggregated data in order to understand general traffic trends in our stores. This helps us to better service our customers.
- Information
From Other Sources
We may also obtain information about you from other sources. For example, we may receive credit information from third-party sources before initiating your service, or background information in connection with employment opportunities. We may also obtain updated address information from our shippers or other vendors. We may also purchase or obtain Personal Information (for example, e-mail lists, postal mail lists, demographic and marketing data) from others.
HOW WE USE INFORMATION WE COLLECT ABOUT YOU
We use the information we collect for a variety of business purposes, such as:
- To route your calls or message or otherwise provide you with service;
- To provide and bill for products and services you purchase and charge to your account;
- To deliver and confirm products and services you obtain from us;
- To verify your identity and maintain a record of your transactions and interactions with us;
- To provide customer and technical services to you;
- To create, modify, improve, enhance, remove or fix our network, products and services, and their performance;
- To identify and suggest products or services that might interest you;
- To make internal business decisions about current and future product and service offerings;
- To provide you customized user experiences, including personalized product and service offerings;
- To protect our rights, interests, safety and property and that of our customers, service providers and other third parties; and
- To comply with law or as required for legal purposes.
Fraud Prevention
We may use Personal Information, including voice print recordings, account
information (such as purchase patterns) and device information for
investigations or prevention of fraud or network abuse. We provide fraud
prevention services to banks or other third parties. As part of this service,
we may verify your phone number to help those third parties prevent your
personal information from being used for fraudulent purposes. We also may
provide the information you report as spam to 7726 to a third party to prevent
fraud or network abuse, and we may share such information with government
agencies and others that work to combat spam and prevent fraudulent, deceptive,
and unfair practices.
Information Collected from Cookies
We may also use information collected from cookies or other similar
technologies to improve our websites, make recommendations, and complete
transactions you request.
Marketing
We may use information we collect to contact you about ITHAX or third-party
products, services, and offers that we believe you may find of interest. We may
contact you by telephone, postal mail, e-mail, or other methods. You may
opt-out of receiving marketing communications from us at any time by clicking
on the “opt-out” or “unsubscribe” link on the marketing e-mail that you will
receive.
Directories
We do not publish directories of our customers’ wireless numbers; nor will we
provide or make such numbers available to third-parties for listing in their
public directories, without the customer’s prior consent.
Performance, Diagnostics & Management
We collect information about devices, our network and WiFi usage to perform
diagnostic analyses and understand how your device is performing overall.
Diagnostic data helps us troubleshoot technical issues related to your device’s
performance such as battery life, dropped calls, processing speed, device
memory, service coverage, and network and WiFi signal strength that you and
other customers may experience. If you are using a device in WiFi mode, we may
collect information about that usage, such as the routing address and IP
address. We also may use diagnostic data to identify and recommend products and
services.
Location-Based Services
We use location information to route wireless communications and to provide 911
service, which allows emergency services to locate your general location. We
may disclose, without your consent, the approximate location of a wireless
device to a governmental entity or law enforcement authority when we are served
with lawful process or reasonably believe there is an emergency involving risk
of death or serious physical harm.
Depending on your device, you may also be able to obtain a wide array of
services based on the location of your device (for example, driving directions,
enhanced 411 Directory Assistance, Find My Device, or search results, etc.).
These data services, known as Location-Based Services (“LBS”) are
made available by us and others, usually via applications. These services use
various location technologies and acquire location data from various sources.
These applications and services use various location technologies (including
Global Positioning Satellite (“GPS”), Assisted GPS
(“AGPS”), cell ID and enhanced cell ID technologies) to identify the
approximate location of a device, which is then used in conjunction with the
application to enhance the user’s experience (for example, to provide driving
directions, to provide enhanced 411 Directory Assistance, or search results,
etc.)
LBS may, or may not, involve any interaction with or dependency on our network,
and location-based services may or may not look to our network to obtain
location data. Where we allow third parties the capability of accessing data
about your location that is derived from our network, we require those third
parties to observe specific privacy and security protections consistent with
this statement.
It is important that you understand the location capabilities and settings of
your device, and that you carefully read and understand the terms under which
these services are provided – whether by us or another entity.
You should carefully review the privacy statements and other terms of
third-parties with whom you have authorized the sharing of your location
information, and you should consider the risks involved in disclosing your
location information to other people.
Where we provide a location-based service, you will receive notice of the
location features of the service and collection of location data is with your
consent. You will be provided options for managing when and how such
information should be shared (except in the case of certain parental controls
or similar services associated with enterprise or multi-line accounts – for
example, ITHAX’s FamilyWhereTM services – which may be managed solely by the
primary account holder or their designee, but always with notice to the
end-user). ITHAX follows the CTIA’s Best Practices Guidelines for
Location-Based Services, which are available here.
Advertising
You may see advertisements when you visit our websites, mobile websites, in
mobile applications, or on your device. We may help advertisers better reach
our customers by providing certain information, including device type,
geographic information, language preferences or demographic information
obtained from other companies to allow advertisers to determine which ads may
be more relevant to you. However, we do not share Personal Information for
advertising purposes outside of our corporate family without your consent.
Some examples of the types of advertising you might see include:
Our Ads on Our Websites. We may provide advertisements, such as
banner ads, on our websites, mobile websites, and in mobile applications and
widgets you may download, access or use on your device.
Other Company Ads on Our Websites. You may also see third-party
advertisements on some ITHAX websites, services, or in applications, or on
devices. These third-party advertisers, or their ad networks, may place or
access cookies, web beacons, or similar technologies on your device, or use
your device identifier, and may collect certain anonymous or de-identified
information about your visit on our websites. The third-party advertisers who
provide these ads may use this information to provide you with advertising on
our websites, as well as on other websites. We do not have control over or
access to any information contained in the cookies that are set on your
computer or device by ad servers, ad networks, or third-party advertisers.
Our Ads on Other Websites. We may ask third-parties to place
advertisements about our products and services on other websites, mobile
websites and in mobile applications and widgets. The use of cookies, web
beacons, or similar technologies by such third-parties on other websites is
subject to any applicable privacy statements that they may have, not this Statement.
Interest-Based Ads
You may receive ads from us and our ad providers that are tailored to your
interests. These interest-based ads are selected based on your use of our
services and products as well as other information obtained by us and our ad
providers. None of this information is Personal Information.
- We do not provide your Personal Information to third-party advertisers without your consent.
- Advertising may be tailored to the interests that advertisers have inferred from your browsing of our websites or other websites or applications with which the third-party partners to provide advertising.
- We may provide third-party advertisers with aggregated or de-identified location, demographic or similar data (unrelated to your browsing activities) that does not personally identify you. This data may be used by advertisers to help tailor their ads on our websites, and on other sites and applications.
- We, and our providers, may use a de-identified profile of your web-browsing and application use activity and interests. This profile does not contain information that identifies you personally, but may include a unique or encrypted identifier that enables your device to be matched to a profile of your browsing activity and de-identified characteristics about your interests.
- When
we use information associated with your web browsing activities on
websites that are not our own to provide interest-based advertising or
offers, we will provide you with notice and appropriate choice.
Choices About Advertising
ITHAX adheres to the Digital Advertising Alliance’s (“DAA”)
Self-Regulatory Principles for Online Behavioral Advertising.
- On
Your Mobile Device. Where we offer interest-based ads, you can
opt-out of certain interest-based advertising by clicking on the ad
options link on or near the advertisement.
- If you turn off interest-based ads, you will still see just as many ads, but the ads may not be based on your interests and may be less relevant to you.
- Your choice only affects the ads you see on websites and applications you access on your device.
- If your device’s browser cookies are deleted, or your device is reset, you may need to reset the interest-based ads feature.
- If you are using your device, but are not on our network (such as a WiFi network), we, and our ad providers, may not be able to identify your ad choices.
- On Your Computer or Non-Mobile Device. For information about targeted advertising, or to opt-out of use of your browser information for purposes of certain third-party advertising, please visit www.aboutads.info/choices. Please note that if you opt out, you will continue to receive the same number of ads, but they may be less relevant because they will not be based on your interests. You may still see ads related to content on a web page or based on other nonpersonal information. Please note that this opt-out is cookie-based. If you change computers or devices, change web browsers, or delete cookies, you will need to visit the aboutads site and opt-out again.
WHEN WE SHARE INFORMATION COLLECTED ABOUT YOU
We do not sell, license, rent, or otherwise provide your Personal Information to unaffiliated third-parties (parties outside the ITHAX corporate family) to market their services or products to you without your consent. We may, however, disclose your information to unaffiliated third-parties as follows:
With Your Consent
We may disclose Personal Information about you to third-parties with your
consent. We may obtain your consent in writing; online, through
“click-through” agreements; when you accept the terms of disclosures
on your phone for certain applications or services; orally, in our stores or on
the phone, including through interactive voice response, or implicitly, for
example, when you purchase a product and ask that it be shipped to your home,
consenting to our disclosure of your name and address to a third-party shipping
company to complete delivery.
To the Primary Account Holder
We may disclose information about an account user to the primary account holder
(the party financially responsible for the account). If a business,
governmental agency, or other individual obtains service for you, that entity
or individual is our customer, and we may provide information about you or your
use of the service, products or devices to them or others at their direction.
When you are the primary account holder, but you receive special or discounted
pricing, terms, or other benefits through another party’s agreement with us
(for example, an employee discount), we may provide enough information to that
party to verify your initial and continuing eligibility for benefits under
their agreement with us and to calculate any associated discounts.
To Our Service Providers
We may disclose information to third-party vendors and partners who complete
transactions or perform services on our behalf (for example, credit/debit card
processing, billing, shipping, repair, customer service, auditing, and
marketing).
Third-Party Carriers and Suppliers
If you are roaming on the network of another carrier or WiFi service provider,
your wireless telephone number, your location, the numbers you dial, and other
information about your usage will be available to that carrier to facilitate
that service. Additionally, services and functionality offered through certain
devices are sometimes provided in conjunction with entities other than ITHAX.
As a result, Personal Information from your devices may be uploaded and stored
on their servers. For instance, BlackBerry® service is provided in conjunction
with Research in Motion (RIM), and Personal Information from your device is
stored on their BlackBerry Enterprise Servers™. Their specific terms and
conditions, terms of use, and privacy statements apply to those services.
In a Business Transfer
We may sell, disclose, or transfer information about you as part of a corporate
business transaction, such as a merger or acquisition, joint venture, corporate
reorganization, financing, or sale of company assets, or in the unlikely event
of insolvency, bankruptcy, or receivership, in which such information could be
transferred to third-parties as a business asset in the transaction. We may
also share information with banks for purposes of transferring loans in
connection with your device financing.
For Legal Process & Protection
We may disclose Personal Information, and other information about you, or your
communications, where we have a good faith belief that access, use,
preservation or disclosure of such information is reasonably necessary:
- To satisfy any applicable law, regulation, legal process or enforceable governmental request;
- To enforce or apply agreements, or initiate, render, bill, and collect for services and products (including to collection agencies in order to obtain payment for our products and services);
- To protect our rights or interests, property or safety or that of others;
- In connection with claims, disputes, or litigation – in court or elsewhere;
- To protect users of our services and other carriers or providers from fraudulent, abusive, or unlawful use of, or subscription to, such services;
- When information is reported to the Spam Reporting Service, it may be shared with government agencies and others that work to combat spam and prevent fraudulent, deceptive, and unfair practices;
- To facilitate or verify the appropriate calculation of taxes, fees, or other obligations due to a local, state, or federal government; or
- In an emergency situation.
Co-Sponsored Websites and Partners
If you provide information to us in connection with a co-sponsored website,
this Statement will apply to our use of the information and the co-sponsor’s
statement will apply to their use of the information. If you purchase equipment
or activate service at one of our partner’s locations (including websites of
such dealer or retailer), they may request information from you that is passed
to us as part of the activation process, but which may also be retained by the
partner. This Statement will govern our use of such information, and the
partner’s privacy statement will govern its use of such information.
De-Identified Information
We may provide information that does not identify you personally to
third-parties for marketing, advertising or other purposes.
Third-Party Applications for Your Devices
We are not responsible for the third-party applications (for example,
applications, programs, widgets, etc.) you select and install on your device.
When you install third party applications, you may give your consent for the
third party to access information stored on the device and on our network to
facilitate the application’s functions (for example, you may consent to
third-party access to your location information – see Location Based Services).
The manner in which such third-parties may use, share, or disclose such
information is governed by the terms and conditions and privacy statement
provided by that third party – not by this Statement.
HOW WE STORE AND PROTECT THE INFORMATION COLLECTED ABOUT YOU
Protecting Your Information
We use a variety of physical, electronic, and procedural safeguards to protect
Personal Information from unauthorized access, use, or disclosure while it is
under our control.
We provide password protected online access to your account information through
my.ITHAX.com. For multi-line accounts, the primary account holder is authorized
to access online account information for all the devices and lines on the
account. Other users may generally access online account information related
only to their respective device and line (for example, if a parent provides a
device to their child, the child may access online information about that
device and line– including CPNI). The primary account holder, however, may
designate additional or more limited access rights for other users on the
account.
Under federal law, you have a right, and we have a duty, to protect the
confidentiality of CPNI and we have adopted statements and procedures designed
to ensure compliance with those rules. We will not intentionally disclose your
CPNI to third-parties without your permission, except as allowed under FCC
rules, applicable law, or explained in this Statement. However, if you are the
primary account holder, you may designate other “authorized users”
(for example, a spouse) to access and manage your account information,
including CPNI.
Retention and Disposal
We retain information only for as long as we have a business or tax need or as
applicable laws, regulations, or government orders require. When we dispose of
Personal Information, we use reasonable procedures designed to erase or render
it unreadable (for example, shredding documents and wiping electronic media).
HOW YOU CAN UPDATE YOUR INFORMATION AND CHOOSE HOW WE
CONTACT YOU
You may access and modify your contact information by visiting voip.ithax.net, or by contacting Customer Service.
Choices Regarding Use of Your Information
We may send you communications about services or products we, or our partners,
sell. We want to provide you with meaningful choices regarding our marketing
communications, and you may choose to limit or opt-out of some marketing communications
from us at any time. Although you may elect not to receive marketing
information from us, if you subscribe to our services or buy our products, you
will continue to receive invoices, customer-service and transactional notices,
and similar communications. The Primary Account Holder can configure options
for marketing communications for all lines on the account.
You may also manage your preferences regarding marketing communications by
contacting Customer Service by dialing 0000 from your ITHAX phone or +1-212-444-9704
from any phone, or, with respect to marketing e-mails, by following the
“unsubscribe” instructions on any marketing e-mail we send you.
Do Not Call Registry
The FTC maintains a National Do Not Call Registry at https://www.donotcall.gov/,
and your state may maintain its own Do Not Call Registry. Putting your number
on these Registries also may limit our telemarketing calls to that number.
YOUR ROLE IN PROTECTING YOUR PRIVACY
You play an important role in ensuring the security of Personal Information. We encourage you to use safeguards to protect your information and devices.
OTHER INFORMATION YOU SHOULD KNOW
Consumer Code for Wireless Service
We follow the Consumer Code for Wireless Service established by the
Cellular Telecommunications & Internet Association (“CTIA”). In
doing so, we want to help customers understand their bills, receive quality
service, and make informed choices and conform our information practices under
this Statement to meet the requirements of applicable federal and state laws
and regulations.
Your California Privacy Rights
California Civil Code Section 1798 entitles California customers to request
information concerning whether a business has disclosed Personal Information to
any third parties for the third parties’ direct marketing purposes. As stated
in this Statement, we will not sell or share your Personal Information with
non-affiliated companies for their direct marketing purposes without your
consent. California customers who wish to request further information about our
compliance with this law or have questions or concerns about our privacy
practices and statements may contact us as specified in the section below.
PRIVACY STATEMENT UPDATES AND CONTACT INFORMATION
How We Communicate Changes to This Statement
We may update this Statement at any time to provide updates to or clarification
of our practices. If we make changes, we will revise the date at the top of the
Statement. If we propose to use Personal Information in a materially different
way, we will provide you with notice by posting notice of the changes on our
website for at least 30 days before we implement those changes, and obtain your
consent as specified above for any material change regarding disclosure of
Personal Information. You should refer to this Statement often for the latest
information and the effective date of any changes.
How to Contact Us
If you have any questions or comments about this Statement or about ITHAX’s privacy practices, please call Customer Service at 0000 (from an ITHAX phone) or +1-212-444-9704 (from any phone) or send an e-mail message to info@ithax.net .