Privacy Policy

EFFECTIVE DATE: 8 Feb 2020

ZOOM TELEPHONICS, INC. & MTRLC LLC VERSION: 1.3 VERSION DATE: 3 Feb 2020 DESTINATION URL: https://www.motorolacable.com/privacy
  1. Scope
    1. This Privacy Policy (“Policy”) sets forth the policy and policy principles relating to the collection and processing / use of Personal Data / PII that are applied by Zoom Telephonics, Inc. and its subsidiaries (if any) (“Zoom, MTRLC LLC”).
    2. This Policy, publicly posted at the following locations, is governed and incorporated by reference into Zoom’s Terms of Service, which is available at:
      1. Privacy Policy Links
        1. https://www.motorolacable.com/privacy/
        2. https://www.zoom.net/privacy/
        3. http://www.zoomtel.com/privacy/
      2. Terms
        1. https://www.motorolacable.com/sensor/terms/
        2. https://www.motorolacable.com/app/terms/
    3. More specifically, the Policy covers:
      1. The method and process by which a Data Subject may CHOOSE to object to the collection or processing of their Personal Data / PII.
      2. The ONWARD TRANSFER of Personal Data / PII Zoom collects or processes
      3. Methods and processes by which Personal Data / PII collected and / or processed by Zoom is SECURED.
      4. Methods and processes by which Zoom ensures, and enables Data Subjects to ensure, the INTEGRITY of the Personal Data / PII that Zoom collects or processes
      5. The PURPOSE for which Zoom collects and processes Personal Data / PII from Data Subjects.
      6. The method and process by which a Data Subject may seek to ACCESS their Personal Data / PII.
      7. Certain activities, methods and processes by which Zoom builds CONFIDENCE and provides Data Subjects with RECOURSE mechanisms relating to how Zoom collects and / or processes Personal Data / PII.
  2. Terms and Definitions
    1. Defined Terms

      “Account” means a record in systems controlled by Zoom that enable the use of the Zoom Solution.

      “Compartmentalized Digital Access” means that information subject to this protection protocol may not be accessed in its entirety by a single privilege set.

      “Cookies” are small text files that are placed on a customer device by a web server when a customer or end user accesses the Zoom Solution.

      “Data Controller” means the natural or legal person, public authority, agency or other body which alone, or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by the European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

      “Data Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of a Data Controller.

      “Data Subject” means any individual whose personal data is being collected, maintained or processed.

      “Encryption at Rest” means a method of storing information where the information is encrypted.

      “Encryption in Transit” means a method for sending and receiving information where the information is encrypted.

      “General Data Protection Regulation” or “GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

      “Zoom Solution” means the combination of software and services provided by Zoom to secure and manage a WiFi network belonging to a customer or end user.

      “Personal Data” means information relating to an identified or identifiable Data Subject and can refer to a Data Subject’s name, his or her home address, publications on social networks.

      “Personally Identifiable Information” or “PII” means Personal Data where it, directly or indirectly, by way of particular reference to an identifier such as a name, identification number, location data, online identifier or to one or more factors specific to an individual (e.g., physical, physiological, genetic, mental, economic, cultural or social) can be used to identify a specific Data Subject.

      “Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

      “Restricted Digital Access” means instances where digital access to data is restricted to certain users based on rights or privileges in a system that the user must use credentials, tokens or other such security artifacts to access.

      “Restricted Physical Access” means instances where physical access to systems on which data is restricted to persons based on the rights or privileges the person uses credentials, keys, cards or other such security artifacts to gain access.

      “Supervisory Authority” means an independent public authority which is established by a European Union member State pursuant to GDPR Article 51 Other terms and definitions used in this policy have the same meaning as in International standard ISO/IEC 27000 “Information technology – Security techniques - Information security management systems-Overview and vocabulary.”

    2. Capitalized terms that are not defined herein will have the meanings set forth in those Terms of Service.
  3. Privacy Related Statements
    1. Zoom classifies PII as confidential information.
    2. As a Data Controller and/or Data Processor, Zoom is responsible for establishment and proper application of this Policy.
    3. To meet the European Union law requirements that PII transferred from the EU to the United States be adequately protected, Zoom adheres to the Privacy Shield Principles.
  4. Privacy Related Notices
    1. Zoom collects / processes certain types of Personal Data / PII as such are specified below.
    2. As set forth above and as is detailed further below, Zoom is committed to following the Principles of the Privacy Shield program with respect to all personal data received from the EU.
    3. Zoom collects and / or processes certain Personal Data / PII for purposes specified below.
    4. Data Subjects may, as specified below, contact Zoom with respect to inquiries complaints, including any relevant establishment in the EU that can respond to such inquiries or complaints.
    5. Zoom may, under certain circumstances, transfer onward certain Personal Data / PII that it collects and / or processes to certain parties, as such are specified below.
    6. Data Subjects have, in accordance with the below, the right to access their Personal Data / PII.
    7. Data Subjects may, in accordance with the below, to limit the collection and / or processing of their Personal Data / PII.
    8. Zoom has registered with JAMS to serve as its third party alternative dispute resolution provider for Data Subject complaints. Data Subjects may seek recourse with JAMS free of charge.
    9. Zoom is subject to the investigation and enforcement powers of the Federal Trade Commission and, as may be applicable, other U.S. authorized statutory body.
    10. Data Subjects may, under certain conditions and in accordance with the below, invoke binding arbitration.
    11. Zoom may, under certain circumstances and in accordance with the below, disclose Personal Data / PII in response to lawful requests by public authorities.
    12. Zoom is, under certain circumstances and in accordance with the below, liable in cases of onward transfers to third parties.
  5. Consent
    1. Zoom collects and processes PII only where a Data Subject’s consent has been received or as a result of another legal basis.
  6. Purpose of Collection and Processing / Use
    1. General Purpose
      1. Zoom’s general purposes in collecting and / or using / processing PII are to provide and improve the Zoom Solution that it provides to its customers and, as may be applicable, its customer’s customers, to administer use of the Zoom Solution by the same (including accounts, if customer is an account holder), and to enable the same to enjoy and easily use the Zoom Solution.
    2. Information Categories and Specific Purpose
      1. Zoom collects and processes certain categories of Personal Data for the purposes set forth below:

        Table 1. Information Categories
        Information Category Purpose Legal Basis
        1 End User / Customer Data Provision of services or products Performance of contract or required proof prior to entry into contract GDPR - (point (b), Art. 6(1))
        2 End User / Customer Metadata Provision of services or products Performance of contract or required proof prior to entry into contract GDPR – (point (b), Art. 6(1))
        3 Personal data used for direct marketing Direct marketing Data subject consent GDPR - (point (a), art. 6(1))
        4 Prospective Customer (legal entity) Internal administration Data subject consent GDPR - (point (a), art. 6(1))
        5 Third parties (suppliers, distributors, etc.) contact data Customer service, Provision of services or products Performance of contract or required proof prior to entry into contract GDPR - (point (b), art. 6(1))
        6 Candidates for employee data Internal administration Data subject consent GDPR - (point (a), art. 6(1))
        7 Employee data Internal administration Legal obligation GDPR - (point (c), art. 6(1))
    3. More specifically, Category 1 Data, includes, but may not be limited to types:
      1. End User / Customer Account Information. If a Data Subject creates an Account, Zoom collects certain information that can be used to identify the customer, which such information may include, but is not limited to, personal, device and device profile names (meta-data related to the same) and contact information. This information includes:
        1. First Name, Last Name and Middle Name
        2. Email address
        3. Phone number
        4. Device IMEI and serial number (if applicable)
        5. Device MAC address and serial number (if applicable)
        6. Information provided for authentication
      2. End User / Customer Network Information. If a Data Subject uses the Zoom Solution, Zoom collects certain information about how the Zoom Solution is used, which such information includes: connected device information; network connection information; mesh network information; network router information; internet provider information and network management information.
      3. End User / Customer Website Application Use and Device Information. If a Data Subject uses the Zoom Solution, Zoom collects certain information about how the Zoom Solution is used, which such information includes: device identifiers, device configuration information, what objects on the website application the Data Subject interacts with; the frequency and duration that a Data Subject spends engaging with various parts of the website application.
      4. End User / Customer Mobile Application Use and Device Information. If a Data Subject uses the Zoom Solution, Zoom collects certain information about how the Zoom Solution is used, which such information includes: device identifiers, device configuration information, mobile application use information and mobile device location information. When a customer uses our mobile application, Zoom may collect and store information about the customer’s location by converting his or her IP address into a rough geo-location or by accessing the customer mobile device’s GPS coordinates or approximate location if the customer enables location services on his or her device. Zoom may use location information to improve and personalize our services for customers. If customer does not want us to collect location information, he or she may disable that feature on the mobile device. The customer agrees and acknowledges that it has been informed about this the foregoing.
    4. More specifically, Category 3 and 4 data include, but may not be limited to the following
      1. Website & Email Use Information. If a Data Subject visits websites maintained by Zoom or opens an email sent by Zoom, Zoom collects certain information about how a person interacts with the website or the email, which such information includes: what objects on a website / email the Data Subject interacts with; the frequency and duration that a Data Subject spends engaging with various part of a website / email.
  7. Protection of Personal Data and PII
    1. Zoom takes reasonable administrative, physical and electronic measures designed to protect Personal Data and PII from unauthorized or unlawful processing and against accidental loss, destruction or damage.
    2. More specifically, these measures include, but may not be limited to:
      1. Compartmentalized Digital Access
      2. Encryption at Rest
      3. Encryption in Transit
      4. Restricted Digital Access and
      5. Restricted Physical Access
  8. PII Retention Periods and Protection Protocols
    1. Zoom acts as a Data Processor for Data Controllers. Such processing and any retention periods and protection protocols associated therewith may be subject to the terms of Zoom’s contractual arrangements with those Data Controllers and any additional requirements or restrictions that result from the doing business in the jurisdictions in which an applicable Data Controller is located.
    2. Zoom retains and protects PII as set forth below:
      Table 2: PII Retention Periods and Protection Protocols
      Information Category PII Type Retention Period Protection Protocols In Use
      1 End User / Customer Account Information For the life of the Account plus thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Zoom is processing data Compartmentalized Digital Access, Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      2 End User / Customer Network Information Thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Zoom is processing data Compartmentalized Digital Access, Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      3 End User / Customer Website Application Use and Device Information Thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Zoom is processing data Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      4 End User / Customer Mobile Application Use and Device Information Thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Zoom is processing data Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      5 End User / Customer Meta data As long as necessary to achieve the purpose set forth in Section 3.1 Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      3 Personal data used for direct marketing As long as necessary to achieve the purpose set forth in Section 3.1 Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      4 Prospective Customer (legal entity) As long as necessary to achieve the purpose set forth in Section 3.1 Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      5 Third parties (suppliers, distributors, etc.) contact data As long as necessary to achieve the purpose set forth in Section 3.1 Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      6 Candidates for employee data One year Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
      7 Employee data As long as necessary to achieve the purpose set forth in Section 3.1 Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
  9. Sharing with Third Parties / Onward Transfer of Personal Information / PII
    1. Zoom will appropriately manage and coordinate the onward transfers of PII to third parties in accordance with this Policy.
    2. Zoom will not sell, share or otherwise distribute PII to third parties except as provided in this Policy.
    3. Zoom will not directly disclose the identity of any person except as provided in this Policy.
    4. PII may be transferred to third parties who act for or on Zoom behalf and that are contracted to:
      1. not sell the PII to third parties and
      2. not disclose the PII to third parties (except as may be required by law, as permitted by us or as stated in this Privacy Policy).
    5. If Zoom has knowledge that Data Processor is processing PII provided to it by Zoom in a manner contrary to this Policy, it will take all reasonable steps to prevent or stop the processing.
    6. In accordance with its obligations under the Privacy Shield Principles, under certain circumstances, Zoom may remain liable for the processing of PII by Data Processors and the onward transfer thereof.
    7. Notwithstanding the above, Zoom may also share PII as follows:
      1. If Zoom is acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if its assets are acquired by a third party in the event Zoom goes out of business or enters bankruptcy, some or all of its assets, including PII, may be disclosed or transferred to a third-party acquirer in connection with the transaction.
      2. Zoom will cooperate with government and law enforcement officials or private parties to enforce and comply with applicable law(s). As a result, Zoom may disclose information about a Data Subject to government or law enforcement officials or private parties that Zoom, in its sole discretion, believes is necessary or appropriate:
        1. to respond to claims, legal process (including subpoenas);
        2. to protect our property, rights and safety and the property, rights and safety of a third party or the public in general;
        3. to stop any activity that Zoom, in its sole discretion, believes is illegal, unethical or legally actionable activity or
        4. in response to other lawful requests by public authorities, including to meet national security or law enforcement requirements.
  10. Data Subject Rights
    1. Access
      1. Data Subjects have the right to access PII that is collected from them and processed by Zoom and to obtain information, free of charge, on the sources and the type of the PII that has been collected, the purpose of processing of such PII and the data recipients to whom the PII are disclosed or have been disclosed by Zoom in connection with the Zoom Solution, and other related information according to GDPR Article 15.
      2. Data Subjects may request this access by sending Zoom requests to dataconsent@zoom.net or MTRLC LLC requests to dataconsent@motorolanetwork.com.
      3. Zoom shall reply not later than 30 calendar days from receipt of such an access request in writing and shall provide the requested information or justification for the refusal to grant the request of the data subject.
      4. Upon the request of the data subject, such information must be provided by Zoom in writing.
    2. Correction / Rectification
      1. If the Data Subject finds out that PII that has been collected from them by Zoom is incorrect, incomplete or inaccurate, he or she may contact Zoom by emailing dataconsent@zoom.net or MTRLC LLC by emailing dataconsent@motorolanetwork.com.
      2. Zoom will then review the data elements at issue and rectify any incorrect, incomplete and inaccurate PII without delay and/or suspend processing of such PII, except for the purpose of storage, or provide a written explanation to the data subject describing why such efforts were not necessary.
      3. Zoom may keep archive copies of such data if doing so is necessary to fulfill contractual obligations to the data subject and/or if it is required by applicable law or regulation (for example, for accounting purposes, cybercrime investigation, etc.).
    3. Erasure / Right to be Forgotten
      1. A Data Subject may request that Zoom erase some or all of his or her PII from Zoom or Motorola Network systems by sending Zoom requests to dataconsent@zoom.net or MTRLC LLC requests to dataconsent@motorolanetwork.com.
      2. Such erasure may prevent the Data Subject from successfully accessing, using or benefiting from the Zoom or Motorola Network Solution.
    4. Restriction of Processing
      1. A Data Subject may ask Zoom to restrict further processing of his or her PII by sending Zoom requests to dataconsent@zoom.net or Motorola Network requests to dataconsent@motorolanetwork.com.
      2. Such processing restrictions may prevent the Data Subject from successfully accessing, using or benefiting from the Zoom Solution.
    5. Portability
      1. A Data Subject may ask for a copy of his or her PII in a machine-readable format by sending Zoom requests to dataconsent@zoom.net or MTRLC LLC requests to dataconsent@motorolanetwork.com.
      2. He or she can also request that Zoom transmit the data to another controller where technically feasible by sending Zoom requests to dataconsent@zoom.net or Motorola Network requests to dataconsent@motorolanetwork.com.
    6. Objection
      1. A Data Subject may contact Zoom via email at dataconsent@zoom.net or MTRLC LLC by emailing dataconsent@motorolanetwork.com to let Zoom know that he or she objects to the further use or disclosure of his or her PII for certain purposes, such as for direct marketing purposes or for the purposes of the legitimate interests pursued by the Data Controller or by a third party.
    7. Right to File Complaint
      1. A Data Subject may appeal the validity or appropriateness of Zoom’s actions (either as a Data Controller or Data Processor), to the appropriate Supervisory Authority or enforcement agency within three months of receipt of the refusal to grant the request or within three months of the date when the period imposed by applicable law or regulation for giving a reply (if any) expires.
      2. In order to avail himself or herself of the rights set forth in this section, the Data Subject must provide a valid identity document or otherwise verify his or her identity according to applicable laws or through electronic means of communication, which must provide reliable identification of the person.
      3. Zoom has registered with JAMS to serve as its third party alternative dispute resolution provider for Data Subject complaints. Data Subjects may seek recourse with JAMS free of charge.
  11. Enforcement and Dispute Resolution
    1. Zoom complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom and/or Switzerland, as applicable to the United States in reliance on Privacy Shield. Zoom has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit  https://www.privacyshield.gov.
    2. Individuals residing in the EU, United Kingdom, Lichtenstein, Norway or Iceland (collectively, “EU Residents”) who have inquiries or complaints regarding our Privacy Shield policy should first contact Zoom via email at dataconsent-complaints@zoom.net or MTRLC LLC at dataconsent-complaints@motorolanetwork.com.
    3. Zoom has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.
    4. If a Data Subject does not receive timely acknowledgement of his or her complaint, or if a complaint is not satisfactorily addressed, as a last resort and in limited situations, EU Residents (other that employees of Zoom) may seek redress from the ICDR/AAA Privacy Shield Program, which is a binding arbitration mechanism.
    5. The Federal Trade Commission (FTC) has jurisdiction over Zoom’s compliance with the Privacy Shield.
  12. Children under 13
    1. Our Site and Services are not designed for children under 13. If we discover that a child under 13 has provided us with personal information, we will delete such information from our systems.
  13. Updates
    1. Zoom periodically reviews and may, as necessary and/or appropriate, make updates to this Policy.
    2. Zoom will provide notice of updates to this Privacy Policy by posting them on our website, on our web application or mobile application, by sending an email to relevant Data Subjects or by undertaking other notification methods.
    3. Upon each material update, the Version Date set forth above will also be updated.
  14. How to Contact Us About this Policy
    1. Please contact us at dataconsent-complaints@zoom.net regarding Zoom and dataconsent-complaints@motorolanetwork.comregarding MTRLC LLC if you have any questions about this Policy.