Privacy and Cookies Policy

Last updated: 1st July 2019

Compliance Certification Programs

PPLINK is committed to helping our customers support their regulatory compliance requirements. Our Information Security Risk Management Program is built on a solid foundation of widely-accepted frameworks for Information Security and Risk Management, including ISO and NIST. PPLINK attests to the integrity of our compliance with specific regulatory mandates, including EU-U.S. Privacy Shield Framework, SOC2, PCI-DSS, GDPR, and HIPAA.

PPLINK adheres to Fair Information Practice Principles of notice, choice, access, security, and enforcement.

Notice

PPLINK provides customers and website visitors with notice of our information practices before collecting their personal information.

PPLINK knows that you care about how your information is used and shared and takes data privacy seriously. This Privacy Policy describes our current policies and practices with regard to data collected by us and by third parties on our behalf.

This Privacy Policy covers natural persons who visit our websites, users who are PPLINK customers, PPLINK employees, and PPLINK third-party vendors.

Choice

PPLINK provides customers and website visitors with options for how PPLINK collects and uses their personal information. Website visitors may opt-in to specific marketing communications and opt-out at any time.

Customers can modify account contact information, configure service preferences, and close their PPLINK account.

Access

Upon request, PPLINK will provide you with information about whether we hold any of your personal information. PPLINK enables customers and website visitors with the ability to access and correct personal information we have collected. If you have any concerns or suspect unauthorized activities associated with your account, please contact us at support@pplink.net. We will respond to your request within a reasonable timeframe.

PPLINK acknowledges that you have the right to access your personal information. If you are a person who uses an application or website that incorporates the PPLINK Service, then PPLINK has no direct relationship with you and your data that it processes. In such case, if you seek to access, correct, amend, or delete data, you should direct your query to PPLINK’s customer (the data controller). If you are a person who has signed up directly with PPLINK for the use of the PPLINK Service and you seek to access, correct, amend, or delete data, you should direct your query to PPLINK. If requested to remove data under either scenario, we will respond within a reasonable timeframe.

Security

PPLINK exercises managerial and technical safeguards designed to protect against the loss or unauthorized use or disclosure of personal information belonging to our customers and website visitors. These safeguards include: encryption, malware protection, logical and physical access controls, and detection of social engineering attacks.

It is our customer’s responsibility to ensure authorized access to personal information by selecting and protecting your PageCall resources.

Enforcement

PPLINK monitors and reviews security safeguards and takes corrective action whenever we discover deviations from our Privacy Policy.

Data Classifications

Personal Data means any information relating to an identified or identifiable natural person. Sensitive Personal Data is Personal Data comprised of an individual's financial account number, social security number, driver's license number or other government-issued identification number, financial account password or PIN, mother's maiden name, answers to security questions, or other Personal Data that allows access to financial accounts, or that can be used to facilitate identity theft, as well as any other special category of Personal Data such as biometric, genetic or health data, data concerning sex life or sexual orientation, racial or ethnic origin, data concerning a person’s political opinions, religious beliefs, membership in trade unions or criminal history.

Confidential Data is any proprietary data which is not in the public domain, and/or, data which is controlled by its owner and requires explicit permission to access, store, process, or transfer.

End User Data is data provided by End Users in connection with the PPLINK Services.

Customer Data is data provided by customer's to PPLINK in connection with the PPLINK Services. Customer Data may be Personal Data, Sensitive Personal, End User Data or Confidential Data. Agreements between PPLINK and PPLINK's customers specify how Customer Data and End User Data is processed, transferred, and stored.

With respect to data protection legislation, PPLINK may be a Data Controller or a Data Processor. PPLINK is a Data Controller with respect to data provided by website visitors and, customer contact and billing information, and PPLINK employees.

Collection of Data:

PPLINK groups all user data into 2 main categories for the purposes of informing on the use, retention periods and user configurable options available.

  • Part A: Visitors to our website
  • Part B: Customers of PPLINK

Specific details about each are listed below, which is followed by additional explanatory information on collection practices and data transfers.

Part A - Website Visitors

Data we collect about website visitors: what, where, when, and why

  1. What: Web log data (IP addresses, cookies)
    Where: PPLINK Public Website
    When: During your website visit
    Why: To provide, maintain, tailor and improve our website and service

Data retention periods for website visitor information

  1. What: Web log data (IP addresses, cookies)
    Where: Server logs
    Retention Period: N/A
  2. What: Information you submit through web forms, buttons, hyperlinks, etc.
    Where: Social media sites
    Retention Period: 780 days
  3. What: Demographic marketing information Aggregated in the PPLINK analytics infrastructure used for analyzing and improving marketing campaigns
    Where: Analytics data repository
    Retention Period: 780 days

User-Configurable Options for Processing or Sharing Personal Data

  1. Reasons to share your personal information: Marketing Communications: Special promotional offers for products and services provided or endorsed by PPLINK or our partners
    Options : support@pplink.net
  2. Options for managing your personal information: Marketing Communications: Removal from all communications
    Options: support@pplink.net
  3. Options for managing your personal information: Removal of Personal Information:Request to be forgotten **
    Options: support@pplink.net
  4. Options for managing your personal information: Filing a Complaint: Complaints about our Privacy Policy or non-resolved privacy issues
    Options: support@pplink.net

** PPLINK is required to maintain records of consent and requests for correcting or deleting personal information for 6 years.

Part B - Customers of PPLINK

Data we collect about customers: what, where, when, and why

  1. What: First and Last Name, Postal Address, Email Address, Telephone Number and Payment Type
    Where: Dashboard
    When: You purchase a product or service
    Why: To verify your identity for protection of PPLINK staff, customers, website visitors, or the public as required or permitted by applicable law.
  2. What: Technical
    Where: PPLINK Support
    When: You explicitly
    Why: To assist you in being more
  3. What: information you submit through forms, email, etc.
    Where: Forum, PPLINK Developer Blog, GitHub Pull Requests
    When: Give permission by posting your content
    Why: productive with PageCall
  4. What: Service Notifications
    Where: Email or Dashboard
    When: We update your purchased products and services
    Why: To inform you about service updates and faults, request feedback or participation in online surveys, and to publish legal notices, such as this Privacy Policy

Data retention periods for customer information

  1. What: Dashboard access log entries, such as: password, date, time, User ID, URL and source IP addressLogging of administrative changes to an account with PPLINK will be stored for security purposes. This includes: company name, address, phone number, billing and tax related records
    Where: Dashboard
    Retention Period: 3 years after account
  2. What: IP addresses
    Where: Server logs
    Retention Period: N/A
  3. What: Service accessEntries will be maintained, containing date, time, operation performed (connect, publish, etc).
    Where: Server Security Audit Logs
    Retention Period: N/A
  4. What: API Traffic
    Where: Server API application log analytics
    Retention Period: N/A

User-Configurable Options for Processing or Sharing Personal Data

  1. Reasons to share your personal information: Customer Notifications:We may receive correspondence from you in connections with our Website and our services, including questions you may have about this Privacy Policy, customer support interactions or other matters.
    Options: support@pplink.net
  2. Reasons to share your personal information: PageCall Service Notifications:You may receive correspondence from us in connections with our Website and our services, including scheduled maintenance, changes to our Privacy Policy or Terms of Service, or security-related notifications.
    Options: support@pplink.net
  3. Options for managing your personal information: Marketing Communications: Removal from all communications
    Options: support@pplink.net
  4. Options for managing your personal information: Correcting customer account information
    Options: support@pplink.net
  5. Options for managing your personal information: Terminating your PageCall Account
    Options: support@pplink.net

** PPLINK is required to maintain records of consent and requests for correcting or deleting personal information for 6 years.

DATA PROTECTION OFFICER

To communicate with our Data Protection Officer, please email jurung@pplink.net.

Collection of Personal Data About Other People

It is our customer’s responsibility to obtain the EXPRESS CONSENT of individual Data Subjects (for example, your family members, co-workers, or customers) to transfer their Personal Data to PPLINK as a Data Processor and/or Data Importer. PPLINK processes all such information in accordance with the terms of our Data Processing Agreements, applicable law and/or this Privacy Policy.

Transfer of Personal Data

PPLINK’s headquarters in the Republic of Korea is our primary location for business operations.In order to provide you with the information, products, or services you have requested, Personal Data may be transferred or shared with other companies where has process Personal Data in accordance with the purposes for which the data was originally collected, or for purposes to which Data Subjects have subsequently consented. Our Privacy Policy, supported by model contract agreements and safeguards for data governance, are designed to provide equivalent data protection for all customers wherever they may reside.For example, regarding normal business operations, PPLINK may engage a third party to support our billing, support services, information technology, or mailings on our behalf.We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety, or the safety of others, investigate fraud, or respond to a government request.

International Transfer of Personal Data

PPLINK protects personal information in accordance with Fair Information Practice Principles, General Data Protection Regulations (GDPR), and applicable law pertaining to residents of any country where personal data is shared. All personal data received from European Union (EU) member countries are subject to the EU-U.S. Privacy Shield Framework, and to the Framework’s applicable Principles. For example, when visitors access our public websites from any country outside the United States, personal information will be transferred across national boundaries. Customers who reside and conduct business outside the United States, enter into contractual agreements with PPLINK to provide products and services which may result in international data transfers.

PPLINK provides an array of product and service offerings designed to support regulatory requirements for the data protection of our customers and their interests.

EU-U.S. Privacy Shield

PPLINK participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. PPLINK is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List (https://www.privacyshield.gov/list)

PPLINK is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. PPLINK complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, PPLINK is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, PPLINK may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Changes to this Privacy Policy

PPLINK may make changes to this Privacy Policy from time to time for any reason. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make any material changes or changes in the way we use information, we will notify customers via e-mail or by posting an announcement on the website prior to the change becoming effective. Website users are bound by any changes to the Privacy Policy after such changes have been posted.

In the event that PPLINK is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy. Account holders will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your information, as well as any choices you may have regarding your information.

Cookies Policy

Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information. You can choose to disable cookies, but if you do, your ability to use or access certain parts of our website may be affected.

They also help us track users, conduct research, allow you to back click to earlier registration pages viewed by you and improve our content and services. For instance, we may use web beacons on our websites to access and set cookies and otherwise help us to better understand how users are moving through our websites. Information provided by the web beacon includes the computer’s IP address, the type of browser being used and the time that the web beacon was viewed. We may also use web beacons in e-mails and newsletters so that we know when such communications have been opened and to otherwise help us tailor our communications to individual users.

Learn more about when and how we use cookies and tracking technologies and some of our service providers:

  • When it’s strictly necessary
    These cookies and other technologies enable us to recognize you when you return to our service and to maintain your web session so you can more easily navigate the subscription process or your viewing of your call details. They are also essential for you to access secure areas of our sites, for example, to use shopping baskets or make payments.

    Google Tag Manager is a third-party service provider that allows us to manage website tags via an interface. Tags are small elements of code that are used, for example, to measure traffic and visitor behavior, to understand the effect of online advertising and social channels, to set up remarketing and orientation towards target groups, and to test and optimize websites. Google Tag Manager only implements tags. This means that no cookies are used and, as a result, no personal data is recorded. We list it here for completeness and to be transparent about the tools we use. If deactivation has been performed at a domain, page, event or 3rd party script level, this remains in place for all tracking tags if these are implemented with Google Tag Manager.
  • For performance and analytics
    These cookies and similar technologies collect statistical information about how you use our websites so that we can improve your user experience. We use cookies to identify the number of unique visitors we receive to different parts of the website and identify where leads originate. This helps us for our legitimate interests of improving the way our website works, for example, by ensuring that users are finding what they are looking for easily.

    Google Analytics is one of the third-party analytics providers that we use to help us improve our website. Google Analytics uses cookies to help the website analyze how visitors use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by a Google server in the United States. Google uses this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing website operators with other services relating to website activity and internet usage. You can prevent the storage of data relating to your use of the website and created via the cookie (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available here.
  • To enable functionality
    These cookies and similar technologies can tell us which language you prefer and what your communications preferences are. They can help you fill out forms on our sites more easily. They also enable customization of the layout and/or content of the pages on our sites.
  • For targeted advertising
    These cookies and other technologies record your visits to our website, the pages you have visited and the links you have followed. We will use this information subject to your choices and preferences to make our website more relevant to your interests. We may also share this information with third parties for this purpose. These companies may use information about your online activities over time and across our services and other online properties, the region of the country or world where your IP address indicates you are located, as well as other information about you, in order to provide advertisements about goods and services of interest to you. The information practices of these ads networks are governed by their own privacy policies and are not covered by this Privacy Policy. For more information about third-party advertisers and how to prevent them from using your information, visit Aboutads.info and for our EEA users http://www.youronlinechoices.eu. You have to opt out using each of your web browsing applications, computers and mobile devices separately.
  • Social media cookies and widgets
    We use social media platforms to advertise to you online and to monitor the success of our advertising (for instance by receiving reports when you click on our ads on Facebook, LinkedIn and others). We summarize the main advertising and social media partners who drop cookies below:
  1. LinkedIn Ads: the analysis and conversion tracking technology provided by the social network LinkedIn is integrated into our website. When you visit our website, a connection is established between your browser and the LinkedIn server via the remarketing tags. This informs LinkedIn that you visited our website with your IP address, meaning that LinkedIn can connect your visit to our website with your user account. We can use this information to display LinkedIn ads. Please be aware that we as the website provider do not receive any information about the content of the transferred data or how it is used by LinkedIn. Further information can be found in LinkedIn’s privacy policy.
  2. Marketo: We use third party marketing software from a company called Marketo to send some of our e-mails. We use cookies as part of tracking so we have information on e-mail open rates and click through rates. We also track activity on the website. For example, visitors can download marketing white papers from the site and we use Marketo cookies to see who does this and if they then visit other parts of our website. For more information on Marketo’s privacy and cookie policy, please visit Marketo’s privacy policy.
  3. DoubleClick: Google's Doubleclick re-targeting cookie lets us serve personalized advertising to you when you're browsing other websites and social media platforms. You can control advertising personalization on Google and partner websites here.
  4. Facebook Custom Audience: This service from Facebook enables us to display personalized ads to people on our e-mail lists when they visit Facebook. We provide personal information such as your e-mail address and phone number in encrypted form to Facebook (so they cannot be seen by anyone at Facebook) to enable Facebook to determine if you are a registered account holder with Facebook.
  5. Twitter advertising and remarketing: We advertise on Twitter and our advertising content will be tailored to your interests on the basis of your browsing behavior and the pages you have consulted on this and other websites. In order to improve the relevance of our marketing content, the cookie may therefore transmit such data to Twitter, who will use it to understand your interests better including to benefit their other advertising customers. If you decide that you do not wish your browsing data to be collected, you can find comprehensive information on Twitter’s advertising policy and the steps you can take to protect your privacy here.
  6. We also use Facebook Connect to allow you to sign up and log in to our websites by using your Facebook account. If you sign up using Facebook Connect, Facebook will ask your permission to share certain information from your Facebook account with us. This may include your first name, last name, and e-mail address in order for us to verify your identity and gender, general location, a link to your Facebook profile, your time zone, birthday, profile picture, your "likes" and your list of friends. This information is collected by Facebook and is provided to us under the terms of Facebook’s data privacy policy. You can control the information that we receive from Facebook using the privacy settings in your Facebook account.

How to control cookies

You can control and/or delete cookies as you wish – for details, see www.aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work. You will not be able to opt-out of any cookies or other technologies that are “strictly necessary” for the services. Where you have not set your permissions, we may also separately prompt you regarding our use of cookies on the site.