Privacy Notice

Privacy Notice and processing of Personal Data at Icetrak Limited

Icetrak Limited (“Icetrak”) is responsible for storing and processing Personal Data on behalf of individuals and organisations. Icetrak shall process Personal Data within applicable laws and regulations. This privacy notice provides information about Icetrak’s processing of personal data.

Terminology

·       Data Subject is an identifiable natural person.

·       Data Controller is the organisation that defines the purpose(s) for the processing of Personal data and has an agreement with the registered Data Subject.

·       Data Processor processes Personal Data on behalf of a Data Controller

·       Personal Data is any data that directly or indirectly is linked to an individual (Data Subject).

·       Traffic Data is data generated through the use of a network. As an example, when an individual is using the mobile network, information about who is sending and receiving a message or a phone call, start and end time, and the location of the mobile phone is generated. If traffic data directly or indirectly can be linked to you as an individual, these are classified as Personal Data. Icetrak for example uses some Traffic Data for billing purposes.

·       Anonymous Data is data where all identifying items have been removed making it impossible to associate the data with an individual. Icetrak for example removes all sms message content from message logs after seven days leaving only the mobile number as Anonymous Data. 

·       The Processing of Personal Data is any use of Personal Data, including collecting, storing, modifying, transferring or deleting.

Icetrak as a Data Processor

The data about an individual (Data Subject) that we process as a Data Processor depends on which of our services are used by the Data Controller.

Icetrak will only process Personal Data to provide services to the customer, and in accordance with the customer’s instructions. Upon termination of the agreement or instructions from the customer, we will delete or return the Personal Data processed under the agreement, unless otherwise required by law.

Examples of Icetrak data processing

·       Sending of messages like SMS or email from our customer (Data Controller) to the end user (Data Subject).

·       Producing customer usage reports of messages sent and received

·       Monitoring of traffic to ensure message delivery and system stability but not monitoring of personal data.

·       Manage Data Subject consents.

Depending on the service and the customer’s use of the service in question, Icetrak may as a Data Processor process Personal Data within the following categories

·       Basic Personal Data – name, contact details (such as email or phone number).

·       Special categories of Personal Data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or health data.

·       Location Data, such as GPS, Wi-Fi location data and location data derived from Processor’s network (that is not traffic data as defined below).

·       Traffic Data: Personal Data processed in relation to the conveyance of communication on an electronic communications network or billing thereof.

·       Data related to content of communication, such as e-mails, voice mails, SMS/MMS, etc.

In some cases, Icetrak will be able to link Personal Data collected by several different services, as long as the data is collected for the same purpose.

Icetrak as a Data Controller

The data about the end user (Icetrak’s direct customer) that we process as a Data Controller depends on which of our messaging services that are used.

Examples of processing activities

·       Manage end user profile.

·       Manage end user consents.

·       Execute individual rights.

·       Notify end user of changes to services, terms and conditions or this privacy notice.

·       Respond to enquiries or questions related to services, terms and conditions or this privacy notice.

·       Mediate information and membership offers.

Depending on the service and the end user’s use of the service in question, we may as Data Controller process Personal Data within the following categories

·       Basic Personal Data – name, contact details (such as email or phone number).

·       Special categories of Personal Data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or health data.

·       Location Data, such as GPS, Wi-Fi location data and location data derived from Processor’s network (that is not traffic data as defined below).

·       Traffic Data: Personal Data processed in relation to the conveyance of communication on an electronic communications network or billing thereof.

·       Data related to content of communication, such as e-mails, voice mails, SMS/MMS, etc.

In some cases, Icetrak will be able to link Personal Data collected by several different services, as long as the data is collected for the same purpose.

Legal basis for Icetrak’s processing are:

·       To fulfil the agreement for use of a service provided by Icetrak to the end user, e.g. in relation to management of the user profile or memberships and to notify end users of changes to, or respond to enquiries related to services, terms and conditions or this privacy notice.

·       To pursue Icetrak’s legitimate interests (provided always that the interests of the data subjects do not override such interests), e.g. in relation to improve the services or the user experience, to establish, exercise or defend a legal claim, to prevent loss or damages to Icetrak or any third parties or to prevent any actions that may compromise Icetrak or a third party’s property or the personal data of the other users of the services.

·       Consent, e.g. in relation to marketing of Icetrak’s services.

·       To comply with a legal obligation to which Icetrak is subject, e.g. continued storage due to statutory rules of storage for accounting purposes.

The end user can by requesting in writing at any time

·       Withdraw consent to processing activities based on consent.

·       Access Personal Data.

·       Amend Personal Data.

·       Request deletion of Personal Data.

·       Request restriction of, or object to, processing.

·       Request export of Personal Data.

·       Terminate the agreement.

Icetrak will retain your Personal Data for as long as it is necessary to fulfil the purposes for processing as defined in the terms and conditions in the agreement between Icetrak and our end user and will as a main rule retain Personal Data until cancellation of the agreement or until end users request deletion. Please note that legal obligations, e.g. statutory rules related to storage for accounting purposes, may make it necessary to store Personal Data after cancellation of the agreement. Continued storage may also occur where such storage is necessary for the purposes of legitimate interests pursued by Icetrak, including, but not limited to, the establishment, exercise or defence of legal claims.

With whom do we share data?

By the nature of the networked messaging services delivered by Icetrak, Icetrak may disclose subsets of personal data to third party vendors and hosting partners who perform services for Icetrak, in order to be able to deliver the services. These third party vendors will only use the Personal Data for the purposes they were collected, and in order to perform their services towards Icetrak. The relationship to such third party vendors will be governed by a Data Processing Agreement.

The disclosure of Personal Data to public bodies may occur if and to the extent required by law and current regulations.

How do we use cookies?

Icetrak uses cookies and similar technologies on our websites. Cookies help us to determine the most popular parts of our websites, which pages are visited and for how long. The data is used for development and analysis of services but not for marketing or promotional purposes.

How do we protect Personal Data?

Safeguarding Personal Data is of the utmost importance to Icetrak. We therefore continuously work to protect Personal Data. Our security policy embraces protection for personnel, data, IT infrastructure, internal and public networks, as well as office buildings and technical facilities. Special attention is given to information such as Personal Data.

Our security work aims to balance risk exposure, business value, available technology, vulnerabilities, and threats in order to comply with applicable laws, regulations as well as with contractual demands. Icetrak strives to implement security measures by setting appropriate levels of protection for Personal Data and by so preventing disclosure of Personal Data to unauthorised parties, externally and internally.

Right to lodge a complaint with a supervisory authority

If you believe that Icetrak’s processing of personal data infringes relevant data protection regulations, you are entitled to lodge a complaint with the supervisory authority of your habitual residence, place of work or place of the alleged infringement, or other relevant supervisory authority.

Modifications to this privacy notice

Icetrak reserves the right to modify this privacy notice from time to time. The most recent revision shall supersede any earlier versions. The current version of the privacy notice will be available at Icetrak’s website or at request at all times. We advise that you check the privacy notice from time to time, to keep up to date with the current notice. We will notify you of any changes to the privacy notice that you are entitled to receive information about or which requires your consent.

Contact information

If you are a direct customer of Icetrak, please contact our Customer Support:

support@icetrak.net