1. General provisions
Cellact LTD is a communications and software company that specializes in providing business communications solutions, and is located in Kibbutz Shefayim, Israel.
Cellact LTD Personal Data Processing Policy describes the basic principles, objectives, conditions and methods for personal data processing, work procedures related to processing personal data, as well as requirements to the personal data protection.
The Policy is developed based on the requirements of the EU General Data Protection Regulation 2016/679 (the “GDPR”).
The Policy complies with the requirements of the Privacy Protection Regulations (Information Security) 2017 of the Privacy Protection Authority, Ministry of Justice in Israel.
This policy constitutes a commitment taken by Cellact to preserve the confidentiality of personal information of private customers, which are stored in its systems. Whether they are customers of the Company, who provide services to end customers, or whether they are end customers.Cellact commits that access to these details will be given to authorized persons only and will be carried out only when necessary and with the consent of the customers.Cellact undertakes not to transfer the details of the customers stored in its systems to a third party without the consent of the customers.
Cellact serves as a data controller since it determines the goals and manner of collecting, saving and using the data, and also as a data processor since it provides the means and implements the processing of customer data.
- The Company manages a database and may process any information about its subscribers or users of the Site (such as name, address, telephone number, e-mail address, etc.) (hereinafter: “Personal Information” or “Personal details“) which will become known as a result of using the Site and / or transferred by users / subscribers of their own free will..
- The Company undertakes that the use of the personal information and the manner in which it is managed will be for any purpose within the Company’s business activity and in accordance with the provisions of the laws of the State of Israel applicable to that matter.
- If a non-subscriber, (i.e. a user who does not have a user account on the Site) does not wish their personal information to be collected, stored or processed in any way as described above, it must refrain from transferring its personal information to the company.
- It is hereby clarified that for providing personal information by a person under the age of 18, the consent of a parent or guardian is required.
- A user of the site who has consented to the conditions described above regarding the collection, storage and processing of his personal information in accordance with these provisions may exercise any right reserved to him under the privacy laws of Israel. A user of the site who wishes to exercise his right as aforesaid shall do so by means of a written request or an e-mail to the Company at email@example.com.
- The Company shall have no liability in the event that the Site User transfers or informs the Company or a third party, whether in the services of the Site or its contents or voluntarily, the personal details of another person (including without limitation, name, address, e-mail address, telephone number, etc.) That the user of the site first received the consent of that person. In such case, this notice will be made at the user’s sole responsibility.
- Please, note that by creating the username on the Site and / or becoming a subscriber of the Company, you agree that the Company may contact you in any media that it deems appropriate in various advertising offers and messages relating to the Company’s services. If you are not interested in receiving these messages, please contact us by email at firstname.lastname@example.org or by phone: 09-9704100.
10. The Company respects your right to delete personal information from the Company’s databases. To remove your personal information, please contact us by e-mail at email@example.com. Receiving your request, the company undertakes to remove your personal details, which will prevent contacting you in the future. Please note that if in the future we are asked to add your details as a new Contact Person to the Cellact contact / customer database – the Company may do so.In addition, the Company may continue to keep details required by the laws of the State of Israel and details that the Company will be required to present in the event of a legal claim or court order.
3. Data privacy in Cellact products and applications
Cellact provides a range of products that include information that customers upload in order to send messages, establish phone calls, send and receive emails or faxes.When using Cellact software or product, different types of information is collected according to the nature of the product.
The information we collect includes:
Information that comes directly from the user it provides to the system. This information includes personal information such as name, email address, phone number or cases of receiving payment from businesses – also credit card details.
3.2 MEnterprise, integration with ME API, ME WS and sending automated campaigns via FTP
The infrastructure enables the company’s customers to send SMS, email and voice messages to end customers, as well as receive alerts and answers from end users via SMS, redialing or clicking a link within SMS or email messages.
As part of the service, Cellact systems are exposed to the following:
- Telephone numbers and e-mail addresses of end customers and their affiliation to the distribution lists of the Company’s customers.
- Content of SMS messages and voice messages sent to end customers via Cellact infrastructure and SMS message content sent by end customers to the Cellact virtual numbers available to Company customers.
- Content of email templates sent to end customers.
Data is saved on several levels:
- System Logs – The data is stored for a limited period of up to several days, and is used to solve technical issues.
- Report Interface – The data is used by the Company’s customers for viewing statistics and sending data, and for details received from end customers. By default, outgoing message content is not saved in the Reports interface, except at the client request.
- System files – the information in system files may be used for investigation in the event of malfunctions, as well as internal use by Cellact. Access to system files is limited. In system files, message content is saved by default for technical investigation purposes if required, as well as for claims or court orders.
3.2.1 mEnterprise interface
The mEnterprise system is one of the systems used by Large Account customers to send SMS, email and voice messages.
The settings include customers interfacing with ME API, ME WS, and automated campaign submissions by transferring files to FTP, SFTP, or safes.
In addition to what is written in Section 8.2, customer information stored in the systems also includes files that the user uploads to the system via a web interface or FTP or SFTP file transfer, such as distribution lists for distributing text or voice messages, and updating user information in mailing lists.
These lists may contain end-user personal information such as phone numbers, email addresses, first and last name, address, and other personal information that the user chooses to upload to the system.
The information is used to send messages to end customers, where personal information is used as part of the message content, as well as for the generating reports and statistics by the company’s customers.
Managing, updating and deleting mailing lists is the responsibility of the Company’s customers. Access and updating of the lists, including their deletion, by representatives of the Company shall be made only at the request of the Company’s customer.
3.3 Cellact Communications services
3.3.1 Cellact SIM
Cellact Communications provides its customers with SIM cards and serves as a mobile operator.
Data stored in Cellact Communications systems regarding SIM card uses are:
- Details of the customer who purchased the SIM from Cellact, whether it is a private, business or White Label customer, for distribution use.
These details include: full name, company name, company ID, billing address, email address, telephone and billing details. The details are stored for billing the customer and in order to maintain contact with the customer and identify him when contacting the company call center. For sending an invoice and producing data according to the customer’s request.
Cellact Communications does not store the details of those who purchased a SIM card from a White Label client
- Details of SIM usage. Details include the selected MSISDN number, date and time of use (call, SMS, DATA), originating / receiving MSISDN number, call duration and call status.
The data is stored in the systems for the purpose of periodic billing of customers, generating reports for customers on demand and for technical investigation in cases of malfunctions. In addition, data will be provided in case of court order.
Option to record calls to SIM customers – The option will be set only at customer request. Cellact Communications does not store the recording files: the files are deleted from the systems after they are sent to the client.
3.3.2 Voice services – stars, SIP connections, call routers and ATS services
Cellact Communications provides its customers with mobile / landline virtual numbers on the Cellact network, as well as short number services (asterisk) used to generate and receive calls.
Data stored in Cellact Communications systems in connection with the use of VOICE services:
- Details of the customer who purchased the service: full name, company name, company ID, billing address, email, telephone and billing details. The details are stored for billing and maintaining contact with the customer, and for the purpose of sending an invoice and producing data according to the customer’s request.
- Voice services usage details: Details include the Cellact Communications MSISDN number (“shadow number”), the short number (asterisk) in the case of the star service, the number originated / received the call, routing information (MSISDN number on clients side / customers ATS number), status, and call duration.
The data is stored in the systems for the purpose of periodic billing of customers, generating reports for customers on demand and for technical investigation in cases of malfunctions. In addition, data will be provided in case of court order
3.4 The SecNum app (Num2)
The secondary number / Num2 application allows you to use an additional phone number on an existing device without having to purchase a SIM card.
- The Num2 application does not collect information from the device’s Contacts list and does not use it except for dialing a contact or identifying an incoming call from Contacts.
- Permissions that are required to set up in the app installation:
- In-app purchases – You can purchase additional in-app services.
- Device and app history – The app can read within the call log and find the call records made to the secondary number.
- Contacts – The app can use your device’s contacts, as well as create and change a temporary contact for the app, to show caller ID.
- SMS – Read the text messages sent to the app from a special app-related identifier
- Phone – The app can use your phone and / or call history. Phone access may include the following capabilities:
(A) Direct call to phone numbers
(B) Write a call log (for example: call history)
(C) Reading a call log
- Pictures / Media / Files-To set up a ringtone in a call / SMS
- Info on calls – The application can access information about all call participants, including the MSISDN number associated with the device on which the application is installed, and an MSISDN number of additional participants in the call.
- Do Not Disturb setting – for the purpose of managing a VOIP call regardless of incoming calls to the GSM dialer.
3. Information gained from application use, such as history of user actions, IP address, cookie, or information about the model of the device from which the user is using web, the cellular network from which the user arrives, this for secondary number app usage only. This information includes info how to use the Cellact services, the phone number to which a message was sent, or a message received, call log, call duration, date and time. Information for the investigation in case the application crashes, which includes operating system information and application identification, the browser, language, and the date and time of the crash.
App information such as a unique number that is installed for each application.
We store local information on the end device such as an application’s private phone book, message and call logging, or application status such as Call forwarding, Call barring, or Voice answer forwarding. In addition, a call forwarding address is stored.
We record calls according to the customer’s request and send them to the destination according to the customer’s choice. We do not store the recordings in our systems after they are sent.
We keep the user’s real phone number and the numbers assigned to him by the various services in order to know how to associate them with the user.
3.5 Mobile manager app
The Mobile Manager application enables the customer to manage a virtual switchboard for a business controlled by the cellular device and uses various cellular or stationary devices as extensions. You can ring a group of numbers.
- The Mobile Manager application does not collect information from the device’s Contacts list and does not use it except to dial through contacts or identify an incoming call from Contacts.
- Permissions that are required to set up in the app installation:
- Dialer access – to enable dial-up transfer to a set of numbers defined under the switchboard.
- Contacts – The app can use your device’s contacts for app settings. Contact information is stored locally on the device and not transferred to the server.
- Receive SMS – Read text messages during application registration only.
- Phone – The app can use your phone. Phone access may include the following capabilities:
(A) Direct call to phone numbers
- Full access to the Internet – application work is based on the use of browsing data to allow access to the application server to access settings and routing calls and SMS according to the settings; Also to view and edit additional numbers defined under Num2 tab.
- Information gained from the use of the system, such as logs of user actions, IP address, cookie, or information about the model of the device from which the user is surfing, the cellular network from which the user arrives, for use only in a Mobile Manager application. This information includes usage character of Cellact services, the phone number to which a message was sent or received, logging calls including the duration and date and time. Information for the investigation when the application crashes, which includes operating system information and application identification, the browser, language, and the date and time of the crash. Information of app usage such as a unique number that can be installed for each application. We store local information on the end device such as call logs, and a call forwarding email address. We record calls according to the customer’s request and send them to the destination of customer’s choice. The proper arrival of the recording file in an email to an end user depends on a number of factors, including correct email address, e-mail server and end device health when sending the file, and other factors independent of Cellact systems. As a result, Cellact does not guarantee that email containing call recording will be properly delivered to the user’s email box. We do not store the recordings in our systems after they have been sent, so we can not retrieve a recording if it has not reached a user’s email or was deleted by the user. We keep the user’s real phone number and the numbers assigned to him in the various services in order to know how to associate them with the user
3.6 How do we use the information?
The information that we collect and receive is intended to enable the service for users. We may use the user’s phone number or email address to contact it for technical or other questions that arise in the use of our services.
We use the distribution files that the user uploads to make it possible for the user to send text messages, mail or calls to destinations at times chosen by the user.
We use data to provide user reports about the use of our services.
We keep the real phone number of the user and the numbers we assign to him in the application to enable the various services of call transfer and referral.
It should be noted that calls and messages sent by the user reach different destinations of his choice and attention should be paid to the issue of the privacy of the information when transferring this information to others.
Saved information includes regulatory instructions that must be kept such as details of calls and messages and assigning a number to the user.
3.7 Does Cellact share information about using its products with other companies?
Cellact shares information with Cellact Communications on the provision of its services to users. Information sharing is for providing service and continuity of service.
We do not forward information to third parties or other companies.
We are subject to the laws of the state and the regulation and transfer information to the parties following a legal demand in which there is a demand or request for information such as a judge’s order to reveal a telephone number or call details. We will allow access to information for investigation on suspicion of fraud or any violation of state law. We will allow access to information in the event of security issues or technical issues
3.8 Information security measures in Cellact products
For security purposes we use SSL certificates to encrypt traffic between the user and the system. There is a possibility of choosing the client for certain services not to use SSL encryption for various reasons – and then one must know that the traffic between the user and the system will be exposed on the network.
We use physical systems and software systems to protect information and prevent unauthorized parties from reaching it. We provide access to information to authorized employees under a confidentiality agreement to which they are bound.
3.9 Managing customer’s data in case of contract termination
In order to protect the privacy of customers and former customers, in case of termination of the contract, Cellact will remove the following information from its systems:
- Access details for Cellact interfaces
- Distribution lists uploaded by the customer to the systems
The following information will not be removed:
- For business customers, we maintain a database of contact details of former clients who, with exception of customers who have requested that their details be removed from the database.
- Mapping between the secondary number and the primary number – for the Num2 app users
- Usage reports
The information that is not removed at the end of the contract is kept for the following reasons:
(A) In case of clarification of a customer about the transaction or uses, as well as in case of complaints.
(B) Cases of requests from legal entities such as police or lawsuits
(C) To maintain contact
4. Contact us