Following the introduction of the GDPR regulations we have implemented a 6 month deletion policy on all message data.
Message data will now be held for 6 months before permanent deletion. Anything older than 6 months will be deleted permanently. If you wish to retain message specific content such as destination and body etc you will need to export this from your account in the "Reports" section where they can be downloaded as CSV files.
Below is the relevant extract from our full Terms and Conditions of sale.
9. DATA PROTECTION, CONFIDENTIALITY & PERSONAL DATA .
9.1) We will at all times keep confidential all information acquired as a consequence of the Agreement in respect of the Customer, except for information already in the public domain or information which We are required to disclose by law, requested by any Regulator or reasonably required by Our professional advisors for the performance of their professional services.
9.2) The Customer will at all times keep confidential all information acquired as a consequence of the Agreement in respect of Us, the Service or any Network Operator, except for information already in the public domain or information which the Customer are required to disclose by law, requested by any Regulator or reasonably required by the Customers professional advisors for the performance of their professional services.
9.3) Each of us, the Customer and the Company will comply with all applicable requirements of the General Data Protection Regulations (the GDPR). This clause 9 is in addition to, and does not relieve, remove or replace, a party’s obligations under the GDPR.
9.4) The parties acknowledge that for the purposes of the GDPR, We the company are the Data Processor and you the customer are the Data Controller.
9.5) Without prejudice to the generality of clause 9.4, the Customer will ensure that they have all necessary appropriate consents and notices in place to enable lawful transfer of all End-User Data, including the mobile telephone numbers of the Customers end-user who will be sent messages or voice calls (as applicable) as a consequence of making the Service available to the Customer (End-User Data).
9.6) To the extent that the Company acts as a data processor on behalf of the Customer, the Company shall, in relation to any End User Data processed in connection with the providing the Service:
i) process that End-User Data only for the Purpose and on the Customers instructions unless the Company are required by the laws of any member of the European Union or by the laws of the European Union applicable to Us to otherwise process End-User Data. Where the Company are relying on laws of a member of the European Union or European Union Law (Applicable Law) as the basis for processing End-User Data, the Company shall promptly notify the Customer of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit such notice;
ii) ensure that the Company have in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of End-User Data and against accidental loss or destruction of, or damage to, End-User Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development;
iii) take all reasonable steps to ensure that all personnel who have access to and/or process End-User Data are legally obliged to keep the End-User Data confidential; and
iv) not transfer any End-User Data outside of the European Economic Area unless such a transfer is on the Customers instruction and solely for the Purpose
v) assist the Customer in responding to any reasonable request from a data subject (as defined in the GDPR) and in ensuring compliance with its obligations under the GDPR with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
vi) notify the Customer without undue delay (and in any event within 24 hours) on becoming aware of a breach involving your End-User Data;
vii) at the Customers written direction, delete or return End-User Data and copies thereof to the Customer on termination of the agreement unless required by law to store the End-User Data; and
viiii) maintain records and information to demonstrate its compliance with this clause 9
9.7) The Customer consents to the Company appointing the below categories of third party processors for the purpose of providing the Services
i) Network Operators for the sole purpose of terminating the communication to the end user handset.
ii) Data Centre Operators for the purpose of storing the End-User Data and hosting the service.
iii) SMS Text messaging platform providers for the purpose of providing the Text-Connect service.
9.8) The Company confirms that we have entered or (as the case may be) will enter with the third-party processor a written agreement incorporating terms which are substantially similar to those set out in this agreement. We shall remain liable for the acts or omissions of any third-party processor, or those employed or appointed by the third party processor, appointed by Us pursuant to clauses 9.7 i) ii) and iii).
9.9) The Customer acknowledges and agrees that any Personal Data contained in any of the Input Material may be processed by and on behalf of the Company in connection with the Services, whether or not the Personal Data relates to the Customer (which, for the purposes of this Condition 9, includes any employee, servant or agent of the Customer) or to another third party data subject. The Customer hereby expressly consents to any processing of the Customer’s Personal Data by the Company and undertakes to procure the consent of any other relevant third party data subject to any processing of their Personal Data, and shall provide such proof of said third party data subject’s consent to such processing as may be requested by the Company.
11 INTELLECTUAL PROPERTY RIGHTS AND CONFIDENTIAL INFORMATION.
11.1 All Intellectual Property Rights produced from or arising as a result of the performance of this Contract or from the Services, the Output Material or the Quotation shall, as between the Company and the Customer and so far as not already vested, become the absolute property of the Company, and the Customer shall do all that is reasonably necessary to ensure that such rights vest in the Company by the execution of appropriate instruments or by entering into any agreements with third parties. The Company licenses all such rights (without the right to grant sublicenses) to the Customer free of charge and on a non-exclusive, worldwide basis to such extent as is necessary to enable the Customer to make reasonable use of the Services. If the Company terminates the Contract or the Contract terminates, as applicable, this licence shall automatically terminate.
11.2 The Customer and the Company agree that in the course of the Company providing Services to the Customer, the parties may disclose to each other certain Confidential Information. The Customer and the Company agree that each party will maintain the Confidential Information’s confidentiality and not disseminate it to any third party without the disclosing party’s prior written consent, save that this obligation shall not apply to any Confidential Information that either party has a duty (whether legal or otherwise) to communicate or that is in the public domain or is already in the receiving party’s possession through no fault of the receiving party.
Rev 2nd May 2018.