Privacy
Policy

Privacy Policy

v5.1 last updated October 4, 2019

MeetingZone Limited and its business with the trading name ‘Enablit’ is a member of the LoopUp Group (“Enablit”, “us”, “we” or “our”). Enablit is strongly committed to protecting your personal data / personally identifiable information (“personal data”) and upholding your right to privacy. This privacy policy describes the collection and processing of personal data by us as well as an overview of the rights which you have in relation to your personal data. It applies to information which you may provide directly to us or via third parties.

Our policy is to be as transparent as possible about how and why we process your personal data. However, should you have any questions please contact us at either privacy@loopup.com or by writing to us at Legal and Compliance, First Floor, 78 Kingsland Road, London E2 8DP, UK.

This privacy policy is set out in the following sections:

PART 1 – WHO WE ARE

PART 2 – INFORMATION WE MAY COLLECT AND HOW WE USE IT

PART 3 – HOW WE KEEP YOUR PERSONAL DATA SECURE

PART 4 – DELETING YOUR PERSONAL DATA

PART 5 – YOUR RIGHTS

PART 6 – UPDATING THIS POLICY

Part 1 – Who we are

1. Enablit and the LoopUp Group

1.1. This privacy policy is issued on behalf of Enablit which forms part of the LoopUp Group of companies. Enablit is a trading name of MeetingZone Limited, a company incorporated and registered in England and Wales with company number 04300344 at First Floor, 78 Kingsland Road, London E2 8DP, UK. MeetingZone Limited is responsible for this website. You shall be notified if you are contracting or dealing with another member of the LoopUp Group.

2. Contact us

2.1 Please feel free to contact your regular point of contact at Enablit, however, in order to process any requests as swiftly as possible we encourage you to contact us at either privacy@loopup.com or by writing to us at Legal and Compliance, First Floor, 78 Kingsland Road, London E2 8DP, UK.

Part 2 – Information we may collect and how we use it

3. Collecting your personal data

3.1 We use different methods for collecting your personal data, including:

  • Direct interactions. By signing up to our services, corresponding directly with us or applying for jobs with us.
  • Automated technologies. As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies. Such activity is carried out in accordance with our cookies policy.
  • Third-party or publicly available sources. We may receive personal data about you from various third parties and public sources (such as LinkedIn).

4. How we use your personal data

4.1 Personal data, or personally identifiable information, means any information where an individual can be identified (or is identifiable). We shall only use your personal data when the law allows us to do so.

4.2 Most commonly we shall use your personal data for either: (i) the performance of a contract we are about to enter or have entered into with you; (ii) for our legitimate interests (or those of a third party) provided always that your interests and fundamental interest do not override those interests (please notify us if you believe we have not assessed this correctly in relation to your own personal data); (iii) where we need to comply with a legal or regulatory obligation; or (iv) where you have consented to our collection and use.

4.3 Set out below are the principal categories of individuals where we may collect and process personal data (other than from our employees which is governed by a separate policy). Please note that these categories are for ease of reference and you may fall into one or more such categories. Similarly, we may be relying upon more than one lawful basis for processing.

Customers

 

Purpose for which we collect personal data Type of personal data collected Lawful basis for processing
To register you as a new customer
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate postal address for customer administrator)
  • Financial data (corporate billing information – to the extent it relates to a personal account (such as for sole traders), credit card (to the extent personal credit cards are used))
Performance of a contract
To provision users
  • Contact details (name, location and email address of each provisioned user)
Performance of contract
General account management, including:

  • provision of the services to you;
  • managing payments, fees and charges;
  • collection and recovery of money owed to us;
  • notifying you of changes to our services, terms or other important announcements; and service updates
  • Call detail records (name of users (if provided), time, date and duration of call, project name (if any))
  • Call recordings (if so requested)
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate address for customer administrator)
  • Contact details (name, location and email address of each provisioned user)
  • User profiles
Performance of contract

Regulatory or legal compliance

Legitimate interests ((i) to recover debts due to us, and (ii) to keep our records updated and to analyse how customers use our services)

Troubleshooting / customer support
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate address for customer administrator)
  • Contact details (name, location and email address of each provisioned user)
  • In limited instances we may be required to ‘ping’ an account to monitor and act against fraudulent use
  • Technical data such as IP address, browser type and version, time zone setting, browser plug-in types and versions, operating systems and platform and other technology on the devices which you use to access our services
Performance of contract

Legitimate interests ((i) to protect against fraudulent use that may be damaging to our services or your account, and (ii) for running our business, provision of IT services and network security)

 

Users – Microsoft Skype for Business

Processing shall be in line with the Microsoft Privacy Statement (https://privacy.microsoft.com/en-gb/privacystatement) and any additional privacy commitments as offered by Microsoft and found at https://www.microsoft.com/en-us/trust-center/privacy/gdpr-accountability-documentation (each as may be updated from time to time).

Users – Other Services

Purpose for which we collect personal data Type of personal data collected Lawful basis for processing
To grant access to reservation-less audio account
  • Contact details (to the extent provided – name and phone number)
  • Call recordings (if so approved)
  • Video / images (if so requested)
Consent (requirement to manually include caller ID details and prior notification of call recordings before use; video function only at the option of the user)

Legitimate interests (for running our business, provision of IT services and network security)

To provide call summaries (participants, duration and recordings (where applicable)) to our customers
  • Contact details (to the extent provided – name and phone number)
  • Call recordings (if so approved)
  • Video / images (if so requested)
Consent (requirement to manually include caller ID details and prior notification of call recordings before use; video function only at the option of the user)

Legitimate interests (for running our business, provision of IT services and network security)

Collation of feedback
  • Contact details (to the extent provided)
Consent (requirement to manually include caller ID details and prior notification of call recordings before use; video function only at the option of the user)

Legitimate interests (for running our business, provision of IT services and network security)

Prospective customers and website users

Purpose for which we collect personal data Type of personal data collected Lawful basis for processing
‘Request a Trial’ (or similar)
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate address)
Consent
Providing access to our website
  • Cookies
Performance of a contract

Legitimate interests (for analytical review)

Prospecting and marketing (providing information about our services)
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate address)
Legitimate interests (for prospecting new business opportunities)

Consent (where sought and provided)

Operation of prizes or competition
  • As set out in the specific terms and condition, however, will require contact details (name, title/position, corporate email address, corporate phone number and corporate address)
Consent

Job applicants

Purpose for which we collect personal data Type of personal data collected Lawful basis for processing
Considering your job application
  • Contact details (name, email address, phone number and address)
  • Employment history, experience and interests
  • Passport and visa / right to work (or such other evidence of status or qualifications)
Performance of a contract

Regulatory or legal compliance

Legitimate interests (to identify right to work and conduct necessary background checks)

Visitors to our offices or to our stands at trade fairs

Purpose for which we collect personal data Type of personal data collected Lawful basis for processing
Monitoring attendance at our offices
  • Contact details (name, email address and person visiting)
  • CCTV (where applicable)
Regulatory or legal compliance

Legitimate interests (for operation of and maintaining security at our premises)

Monitoring attendance at trade fairs
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate address)
Performance of contract (in relation to pre-contract negotiations)

Legitimate interests (for prospecting new business opportunities)

Consent (where sought and provided)

Suppliers

Purpose for which we collect personal data Type of personal data collected Lawful basis for processing
Receipt of services
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate postal address for customer administrator)
  • Financial data (corporate billing information – to the extent it relates to a personal account (such as for sole traders))
Performance of contract
Monitoring attendance at trade fairs
  • Contact details (name, title/position, corporate email address, corporate phone number and corporate address)
Performance of contract (in relation to pre-contract negotiations)

Legitimate interests (for prospecting new business opportunities)

Consent (where sought and provided)

Others who get in touch with us

Purpose for which we collect personal data Type of personal data collected Lawful basis for processing
Responding to communication
  • •Contact details (to the extent provided – such as name, email address, phone number and address)
  • Such other information you wish to provide
Performance of contract

Regulatory or legal compliance

Please note that in instances where we refer to ‘performance of a contract’ this may include performance of a contract which has been entered into with your employer. In such circumstances we are either relying upon our legitimate interests or expect your employer has suitable authority for us to carry out such activity.

Unsubscribing

Where we are processing your personal data based on consent or pursuant to our legitimate interests (and feel your interests should override ours), you have the right to withdraw such consent or object to our use of legitimate interests as a ground for processing your personal data at any time or notify us. To do so, simply: (i) opt out or unsubscribe (using our preference centre or the unsubscribe link to emails); (ii) notify your Enablit point of contact; or (iii) contact us at privacy@loopup.com. Please allow us a short time to process such requests.

In some instances, where we collect personal data by law or pursuant to the terms of a contract we have with you if you fail to provide such data when requested we may not be able to fully perform our contract with you. In such an instance we shall endeavor to let you know the consequence.

Sensitive personal data

Please note that we will not actively collect any ‘sensitive personal data’ or special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).

This website and our services are not intended for children and we do not knowingly collect data relating to children.

As a user of our services, you may choose to transmit sensitive personal data or data relating to children over our service. If you do so, you: (i) must have appropriate authority to do so; (ii) acknowledge that we do not monitor or review consent transmitted over our services; and (iii) acknowledge that such personal data shall be treated in accordance with this privacy policy.

Keeping your personal data up to date

It is important that the personal data that we hold on you is kept accurate and up to date. Therefore, please keep us informed if your personal data changes during your relationship with us.

Sharing your personal data

We will only share personal data with others when we are legally permitted to do so. When we share personal data with others, we put contractual arrangements and security mechanisms in place to protect the personal data and to comply with our data protection, confidentiality and security standards.

We are part of a global network of firms (the LoopUp Group) and we use third parties located in other countries to help us run our business. As a result, personal data may be transferred outside the countries where we and our clients are located. This includes to countries outside the European Economic Union (“EEA”) and to countries that do not have laws that provide specific protection for personal data. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EEA are done lawfully. Where we transfer personal data outside of the EEA to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the requirements for the transfer of personal data outside the EEA, such as the European Commission approved Standard Contractual Clauses.

Specifically, personal data held by us may be transferred to:

  • Other members within the LoopUp Group. We may share personal data with other LoopUp entities where necessary for administrative purposes and to provide our services (and customer support) to our customers. This transfer may include transfers to our international data centres for disaster recovery and business continuity purposes. Furthermore, job applicant personal data may be transferred within the group.
  • Third party organisations that provide applications/functionality, data processing or IT services to us. We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. Most notably this includes a relationship with Microsoft where personal data will be processed in accordance with the Microsoft Privacy Statement (https://privacy.microsoft.com/en-gb/privacystatement) and any additional privacy commitments as offered by Microsoft and found at https://www.microsoft.com/en-us/trust-center/privacy/gdpr-accountability-documentation (each as may be updated from time to time). We may also engage with other third parties, for example, providers of information technology, cloud based software as a service providers, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them
  • Third party organisations that otherwise assist us in providing goods, services or information. For example credit agencies, recruiters or such other ancillary service provider or service providers to which we may resell certain services.
  • Auditors and other professional advisers. Such as our accountants, lawyer, brokers and such other professional service providers.
  • Law enforcement or other government and regulatory agencies. Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.
  • Investors. Should we enter into negotiations with third parties for the sale or purchaser of all or part of our business, in limited circumstances such personal data may be accessible by such third party.

Third party links

This website may contain links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for their privacy statements.

California privacy notice

Our websites do not respond to ‘do not track’ signals communicated by your internet browser.

PART 3 – HOW WE KEEP YOUR PERSONAL DATA SECURE

Data security

We take the security of all the personal data we hold very seriously. We adhere to internationally recognised security standards and we have a framework of policies, procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the personal data we hold secure.

In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

PART 4 – DELETING YOUR PERSONAL DATA

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.

Basic information about our customers is retained for six years after ceasing being customers (for tax and regulatory reasons).

Deletion

All personal data shall be deleted or erased in a secure and confidential manner.

PART 5 – YOUR RIGHTS

Your rights

Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights. Where we decide how and why personal data is processed, we are a data controller and include further information about the rights that individuals have and how to exercise them below.

Access to personal data

You have a right to access your personal data (“data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

To make a request, please put the request in writing addressing it to our Legal and Compliance department at the address provided above or at privacy@loopup.com. If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting the Legal and Compliance department.

Amendment of personal data

To update personal data submitted to us, you may email us at privacy@loopup.com or, where appropriate, contact us via the relevant website registration page or by amending the personal details held on relevant applications with which you registered.

When practically possible, once we are informed that any personal data processed by us is no longer accurate, we will make corrections (where appropriate) based on your updated information.

Withdrawal of consent

Where we process personal data based on consent, individuals have a right to withdraw consent at any time. We do not generally process personal data based on consent (as we can usually rely on another legal basis). To withdraw consent to our processing of your personal data please email us at privacy@loopup.com or, to stop receiving an email from our marketing list, please click on the unsubscribe link in the relevant email received from us.

Object to processing

You may object to our processing of your personal data where we are relying upon a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some case, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Transfer requests

You may request the transfer of your personal data to you or a third party. We will provide you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Request erasure

You may request the erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continuing to process it.

Request restriction on processing

You may request the restriction of processing of your personal data by us. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (i) if you want us to establish the personal data’s accuracy; (ii) where our use of the personal data is unlawful but you do not want us to erase it; (iii) where you need us to hold the personal data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your personal data but we need to verify whether we have overriding legitimate interest grounds to use it.

Complaints

We hope that you won’t ever need to, but if you do want to complain about our use of personal data, please send an email with the details of your complaint to privacy@loopup.com. We will look into and respond to any complaints we receive.

You also have the right to lodge a complaint with the local data protection regulator. We would, however, appreciate the chance to deal with your concerns before you approach the appropriate regulator. In the UK that is the Information Commissioner’s Office. For further information on your rights and how to complain to your local data protection regulator, please contact us or refer to the local data protection regulator’s website.

This privacy policy was drafted with clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address above.

PART 6 – UPDATING THIS POLICY

Status

We recognise that transparency is an ongoing responsibility so we will keep this privacy policy under regular review. By visiting our website and using our services your personal data shall be processed in accordance with the then-current version of this policy.

This privacy policy was last updated on 4 October 2019.