Bicom Systems will comply with the GDPR in the delivery of Our service to Our Customers and offer tools and solutions as part of Our COMMSware products suite in order to help Our customers to maintain their own GDPR compliance and to process private data in a secure and lawful manner.
We will continually update and enhance Our products, services, contracts, and documentation to increase data security and protect data privacy which will ensure compliance with the GDPR.
For any additional inquiries regarding GDPR and Our compliance please send Us an email to:
Modifications To This Policy
Definitions of Data Protection terms
Personal data - means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Processing - means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Controller - means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
Processor - means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
Bicom Systems’ role in data processing
Within GDPR there are 3 roles describing parties that are subject to this regulation: data subjects, data controllers and data processors. Bicom Systems has different roles (data subject, data controller) depending on the following scenarios:
- Bicom Systems offers a Product that is hosted, configured and administered by a Partner. In this instance, Bicom Systems is not liable under GDPR (or many similar legislations) and all obligations squarely lie with the Partner.
- Bicom Systems offers a hosted solution that is being administered by Partners. In this instance under GDPR (or many similar legislations) Bicom Systems is only a data processor while the Partners may be a data controller. Thus, the Partner would have the obligations to fulfil all obligations concerning data controllers and processors, while Bicom Systems fulfils GDPR obligations concerning data processors only.
- Bicom Systems offers a direct service hosted on Bicom Systems servers and administered by Bicom Systems staff. In this case Bicom Systems is both the data controller and processor and thus liable under GDPR to fulfil all GDPR obligations concerning these two roles.
Bicom Systems Sub-Processors
Our data center and public cloud vendors maintain certifications that cover data security. We have chosen the Sub-processors that will ensure the security and privacy and We do not grant them access to Your private data. Sub-processors are used by Us for hosting and archiving purposes.
Our Point of Presence data centers are located in Europe and the USA. We will not transfer data between data centers in different countries without express permission from Our Customers and Partners which in turn will provide the necessary consent from their End users.
Archiving support is offered for Amazon S3, Google drive and Dropbox. It is up to You to choose the one best suited for Your purposes and make the necessary configurations and adjustments to ensure security and privacy of data within these 3rd party services.
How Does Bicom Systems Protect Your Data?
Bicom Systems operates through different entities across many different legal and trading jurisdictions with varying levels of laws and practises. As such and not withstanding Bicom Systems and all associated companies will not trade, sell, or disclose to any third party any form of identifiable information without the consent of the data subject except as required by law, search warrant or other legal process. This includes information derived from registration, subscription, and use of Bicom Systems’ service and products. We use technical security measures to prevent the loss, misuse and alteration of information under Our control and all information is maintained in a secure environment.
When You register details with us, make an order or access account details, We use a secure server. Any data You give Us is encrypted using a ‘Secure Socket Layer’ (SSL) session. SSL is an industry standard and is one of the best ways to ensure Internet messages are not intercepted. You should be aware, however, that older browsers cannot use SSL.
Over and above what Bicom Systems does to safeguard You privacy and security, there are a number of things You can do to protect yourself from Internet fraud:
Choose a password You can remember but others will not guess, one that uses alphanumeric upper/lower case combination with special characters, change it regularly, and if You do write it down, keep it somewhere safe and secure.
When You have finished Your session on a Bicom Systems website, make sure that You prevent Your details being seen by anyone that You do not wish to see them. So, if You have registered and logged in, remember to log off. Clear any ‘cache’ so there is no record of any transactions left on screen – all modern browsers provide you with this option. We also recommend You then close Your browser so any history of the session is cleared. As an extra precaution Your session on many areas of the www.bicomsystems.com will terminate if You have not used the site for 20 minutes.
Data We Process
As part of Our operations, as well as service and product functionality We may process different types of personal and non-personal information based on Your use of Our products, services and Our business relationship with You. Information may be collected when You give it to Us with the intent to purchase or interact with Us about a product or service We offer or provide; when We collect it automatically when You visit Our websites or use Our products and services; or when We obtain it from other sources, such as credit agencies.
Bicom Systems does not want You to, and You should not, send any non-personal confidential information or proprietary information to Bicom Systems via Our websites and services. Any submission by You becomes the property of Bicom Systems and You grant Bicom Systems the authority and right to use that information subject to the Bicom Systems Privacy Statement set forth here. By sending Bicom Systems materials or information, You grant Bicom Systems an unrestricted, irrevocable license to use, reproduce, display, perform, modify, transmit and distribute such material or information and You further agree that Bicom Systems is free to use any ideas, concepts, know-how or techniques that You provide for any purpose.
We gather anonymous data within Our products and services in order to provide You with summary statistics and to help Us with support, planning as well as with enhancement and development of new products and service. Anonymous data includes information on equipment, performance, usage of Our websites, viewing and other technical information about Your use of Our network, services, products or websites. This information does not contain personally identifiable information.
Personally identifiable data that is process within Our products and services includes:
- Account details
- Email addresses and other contact information
- Billing information
- IP addresses
- CDRs, Call Recordings, Faxes and Voicemails
- Data gathered with Google Analytics
In addition to the above data, Diagnostic data that We gather may contain personally identifiable data.
How we use personal data
Account and profile information is primarily used for authentication and authorization purposes. In order to be granted any level of access to The Software You must register or subscribe by submitting information to Us that will uniquely identify You as a company or an individual. You as the subscriber are responsible for ensuring that the information on file with Bicom Systems is current and accurate. Bicom Systems will collect and use subscriber identifiable information for billing, provisioning of service, resolution of problems associated with service, directory services, and to inform subscribers of new products or services that will enhance the Bicom Systems’ ability to provide service to subscribers. We will use subscriber identifiable information to market products and services to the subscriber, but will not disclose or make available any subscriber identifiable information to any third parties seeking to market products. If a subscriber chooses in writing not to participate in direct marketing of new products and services from the Bicom Systems then subscriber’s information will not be used for the purpose of marketing new products. Additionally, the subscriber may request to have identifiable information deleted from the Bicom Systems’ directory.
If You are accessing Bicom Systems products and services with Your Company account that includes company name, company’s physical address, company’s email addresses and other contact details, that information is not considered personally identifiable data and thus is not within the scope of Our GDPR compliance.
Email Addresses and Other Contact Information
Bicom Systems people and those working for agents or contractors of Bicom Systems have a responsibility to keep Your information confidential and will only use it to offer products and services on behalf of Bicom Systems. The personal details that We use to provide or promote Our products and services (for example Your name, telephone number, or details of the services You use), as well as any information provided by You, will NOT be passed to ANY organisation beyond Bicom Systems to be used for marketing purposes. Your details may sometimes be shared with Bicom Systems contractors or agents in order to provide You with Bicom Systems products and services You have requested, but We will make this clear to You in the relevant terms and conditions We give You when You order.
At Bicom Systems We respect the privacy of personal email accounts and We store Your email addresses just as securely as other personal information on www.bicomsystems.com. We will not send You unwanted email messages or junk mail, and Your details will not be passed to ANY organisation beyond Bicom Systems without Your explicit permission. However, We will use email to send You messages about outstanding orders, faults and service issues. We may also use email to keep You up to date with news about Your current services, as well as anything You show an interest in, either online, or through other contact with Bicom Systems. If You do not want to be kept informed in this way by email, please let Us know. You can do this by ticking the relevant box where Your email address is stored in the www.bicomsystems.com personal profile.
When Bicom Systems bills for services rendered, a third-party processing company may be used to charge customer credit cards and collect payment. A third-party is used only to process credit card charges, and does not store or distribute customer credit card or billing information. Our billing is Payment Card Industry Data Security Standard (PCI-DSS) compliant, based on the standard administered by the Payment Card Industry Security Standards Council.
When using The Software We may collect IP addresses of devices containing client software connecting to Our products and services in order to maintain security of the connection and to prevent unauthorized access to Your data. These IP addresses are processed only during the active connection to Our products and services.
CDRs, Call Recordings, Faxes and Voicemails
The Software provides functionality to record calls, leave voicemail and send faxes. Access to these files is given only to those that have explicit permissions and to do so. Call recording can be controlled before or during the call itself in order to ensure a lawful basis for data processing and to easily avoid recording of private information.
Call Detail Records are processed in order to provide support for accounting, billing, call quality analysis and detect unlawful activity. Depending on Our Data retention policy and relevant Laws We will keep CDRs for a limited time after which they will be deleted. Before CDRs get deleted You will have an option to Archive anonymized CDRs in a remote long term secure storage of Your choosing (ie. Dropbox, Google Drive, AWS).
You are advised that The Software may contain diagnostic capabilities that allow Bicom Systems, authorized Bicom Systems Partners, and authorized customer administrators to capture packets, run diagnostics, capture anonymous usage information from endpoints. You are responsible for enabling these diagnostic capabilities, for ensuring Your users are aware of activities or potential activities and for compliance with any legal requirements with respect to use of The Software and diagnostic capabilities on its network, including, without limitation, compliance with laws regarding notifications regarding capture of personal data, call recording and wiretapping.
Data gathered with Google Analytics
Bicom Systems uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google). Google Analytics employs various techniques, including 'cookies', which are stored on Your computer and facilitate an analysis of how users utilise a website. The information Google Analytics obtains regarding the use of a website is transmitted to Google servers, which may be operated in states outside the Member States of the European Union and may also be outside the Contracting Member States of the European Economic Community. On behalf of a website's operator, Google will use the information for the purpose of evaluating Your visit to Our web pages, compiling reports on website activity for website operators and providing other services relating to website activity and usage to Us. The IP address transmitted by the user's browser for Google Analytics will not be merged with other Google data. Users can hinder Google cookies from being saved via a corresponding setting in the browser software. However, users should note this may mean that not all website functions can be used in full. Furthermore, users can prevent Google's collection and use of the data generated by cookies (including Your IP address) associated with their use of the site as well as Google's processing of that data by downloading and installing the browser plug-in under the following link: https://tools.google.com/dlpage/gaoptout.
Alternatively to the browser add-on, and in browsers on mobile devices, please click on this link to stop future data collection via Google Analytics on Our website. An opt-out cookie will be stored on Your device. This click will have to be used again if You delete Your cookies.
Bicom Systems websites create a ‘cookie’ when You first register online. A ‘cookie’ is a piece of information, like a tag, which some websites create against Your PC. Our ‘cookie’ stores some basic information which helps Us to identify if You have visited the site before and if You have provide You with some personalised content such as welcoming You by name if You have supplied this in a previous visit. However, as it is based on Your PC, We will not find the ‘cookie’ if You visit www.bicomsystems.com from a different PC to the one You registered on.
Bicom Systems’ use of ‘cookies’ includes the following assurances:
No information regarding Your telephone number, account or payment details is included in the cookie or can be accessed using it.
They do not collect any personal information regarding the use of Your PC or Internet browsing in any way.
If You do not want a cookie to be created on Your PC, web browsers provide the option to disable them. Please bear in mind that some personalised services on www.bicomsystems.com may not be available if You choose to disable cookies.
Bicom Systems also uses third parties to track its advertising across the web. The information these third parties collects does not include any personal information, but is merely for the purpose of identifying the general effectiveness of such online advertising.
Data retention policy
Personal data will be removed automatically or by an administrator as soon as the data is no longer necessary for processing and there is no legal obligation to keep the data. Removal of data can be requested at any time by the data subject after which the data in question will be removed immediately or as soon as there is no other requirement to keep the data defined by a Contractual obligation or by Law. Upon Your request We will archive Your anonymized data to a 3rd party long term secure storage solution that is GDPR compliant. This includes CDRs, Call recordings, voicemail, fax and other data that may contain personally identifiable information.
Data subject rights
GDPR defines several data subject rights that controllers and processors must ensure within their duties and responsibilities. Data subject right include:
- Right of access by the data subject
- Right to rectification
- Right to erasure (right to be forgotten)
- Right to restriction of processing
- Right to withdraw consent
- Right to be informed and Right to be notified
- Right to data portability
When We act as a data processor on behalf of Our Customers We will help You to comply with legitimate data subject rights requests. Please be advised that during processing of Your Data subject rights requests We may request additional means of confirming Your identity in order to avoid unauthorized disclosures.
Please direct any such requests to:
Right Of Access To Your Bicom Systems Information
When You visit www.bicomsystems.com You have direct personal control over information in Your personal profile. You can access and change this information at any time by using the ‘update Your profile’ link.
If You want to know exactly what personal information Bicom Systems holds on You, You can obtain it. If it transpires that the information held is inaccurate, We will make the necessary amendments and confirm to You that these have been made. Please write to the following address email@example.com stating Your Bicom Systems account number in the subject.
Right to rectification, erasure and restriction of processing
If Your personally identifiable information changes, or if You no longer desire Our service, You may correct, update, delete or deactivate it by making the change in the service or product containing the data in question or by emailing Us at firstname.lastname@example.org.
We will retain Your information for as long as Your account is active, as needed to provide You services or is required of Us by Law or a contractual obligation. We will retain and use Your information as necessary to comply with Our legal obligations, resolve disputes, and enforce Our agreements.
Right to withdraw consent
We communicate with users who subscribe to Our services on a regular basis via email as well as via phone and text message. For example, We may use Your email address to confirm Your request, to send You notice of payments, to send You information about changes to Our products and services, and to send notices and other disclosures as required by law. We may call You or send text messages to provide You with reminders in accordance with Our service to You. You can opt-out of some but not all of these communications, however, they will be primarily informational in nature rather than promotional.
However, We provide You the opportunity to exercise an opt-out choice to withdraw consent if You do not want to receive other types of communication from us, such as emails or updates from Us regarding new services and products. The opt-out choice may be exercised by ticking or un-ticking the appropriate box if such checkbox is available at the points where personally identifiable information is collected or by contacting Us at email@example.com. You also may opt-out of receiving certain emails by clicking on the "unsubscribe" link within the text of the email. We will process Your unsubscribe as soon as possible, but please be aware that in some circumstances You may receive a few more messages until the unsubscribe is processed.
Right to be informed and Right to be notified
In case of any changes that might affect Your personal data We will notify You and the Regulatory Authorities. When a data breach occurs We will notify the impacted Customers with an accurate, actionable, and timely notice. After the detection of a Security Incident, the notification process takes place as expeditiously as possible while still considering the security risks. Notices are delivered without undue delay to all affected parties.
Right to data portability
Upon request We will provide You with all personal data that we keep on You. Please direct any such requests to:
Disclosure Of Information
Bicom Systems may or may not be obliged to comply with or register under the data protection laws of Canada, China, Japan, The European Union, the United States or others, We do however take all reasonable care to prevent any unauthorised access to Your personal data.
Bicom Systems does not sell products or services for purchase or use by children. Bicom Systems does not knowingly solicit or collect subscriber identifiable information from children or teenagers under the age of eighteen. In addition, Bicom Systems will not knowingly link to any third party web site that solicits or collects subscriber identifiable information from minors. If You believe that a minor has disclosed personally identifiable information to Bicom Systems, please contact Bicom Systems at firstname.lastname@example.org so that the information can be removed.
Spam is email or voicemail that is sent against the wishes of the recipient. There are two kinds. The first kind of spam concerns individuals who email people that they don’t know personally. The second type of spam is sent by organizations to individuals who have not expressed a desire to receive such communications. Bicom Systems regards both kinds of spam is inappropriate.
Bicom Systems has zero tolerance for spam. Spam complaints will be dealt with seriously and can result in losing Bicom Systems privileges such as loss of referral credits and even loss of a customer’s account. Please don’t send spam on Bicom Systems’ behalf.
If You receive spam and want to report it to Bicom Systems, please forward the email You have received to email@example.com
Upon receipt We will:
Remove the email address provided from Our own sales-related communications and;
Follow up with the party who sent the message for further disciplinary actions.
For questions about Our spam policy or any spam-related issues, please email Us at
Bicom Systems may use subscriber identifiable information to investigate and help prevent potentially unlawful activity or activities that threaten the integrity of service, the network integrity, that otherwise violate Bicom Systems’ Service Agreements or activities that are or may be illegal. Bicom Systems shall be the sole determinant of what is legal and what is not legal. This will however expressly not include normal political or commercial activities. To offer assistance to relevant authorities Bicom Systems seeks sufficient evidence of the possibility of illegal activities before disclosing private information. This may come in the form of a request from a relevant Court.
Bicom Systems also expects all relevant authorities to comply to a minimum of standards similar but not exclusively with those set out by The Hague Convention or the Council of Europe. These standards include but not exclusively the renouncement of terrorism, a fair trial through right of representation, commitment to inform detainees of the right to be represented as well as freedom of expression, freedom of religion and other standards as the Company sees fit form time to time.