RINGCENTRAL PRIVACY NOTICE

Legal Overview

Acceptable Use Policy

Emergency Calling Policy

Numbering Policy

Privacy Notice

Online DPA

The updated RingCentral Privacy Notice goes into effect on August 7, 2023.

New page content:

We have updated our International Data Transfers Section to add our U.S. Dept. of Commerce certification with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF)

RingCentral, Inc. and its worldwide affiliates and subsidiaries (collectively ‘RingCentral’, ‘us’, ‘we’, ‘our’) are committed to protecting your privacy while providing you with a positive experience on our website and in using our products and services.

This Privacy Notice (‘Notice’) explains our privacy practices and provides information on how and why we collect, use and share your personal information through our interaction with you in relation to our products and services and when you visit our websites and associated sub-domains (‘Website’), our desktop, IP desk phone and mobile applications (‘Apps’) or use our cloud communications and collaboration solutions (‘Services’). The Notice also describes choices that may be available to you regarding use, access, deletion and correction of your personal information.

Additional information on our personal information practices may be provided in supplemental terms and conditions, supplemental privacy statements or notices provided prior to or at the time of data collection.

If you have received a meeting invitation for your child from a teacher or school, or for information regarding how RingCentral handles personal data as part of the school offering, please visit: www.ringcentral.com/legal/childrens-privacy-notice-school-parental-notification.

QUICK LINKS

We recommend that you read this Notice in full to ensure you are fully informed. However, if you only want to access a particular section of this Notice, you can click on the relevant link below to jump to that section.

How we collect your personal information
What personal information we collect
How we use your personal information
How, why and what personal information we share with third parties
Cookies and other similar technologies
How we respect your privacy rights
How we keep your personal information secured (Security)
How long we retain your personal information (Data Retention)
International Data Transfers
Children`s Privacy
Third-Party Sites
Blogs and Forums
Updates to this Notice
Contact us

HOW WE COLLECT YOUR PERSONAL INFORMATION

We collect your personal information when you actively provide it to us through your interactions with us.
We may automatically collect personal information from you as you use our Apps and Services or visit our Websites as a user or a participant.
We may receive personal information about you from a business or commercial partner or another user of our Apps and Services.

WHAT PERSONAL INFORMATION WE COLLECT

Personal Information that you actively provide to us or we collect from third parties, business partners, other users and service providers

Your Contact Information: Name, username, email address, phone number, IP address and any other identifiers a user provides when accessing or using the Service.

Your payment information: Billing name, address and credit card or other payment information.

Personal information we collect through your interactions with RingCentral, our Websites, Apps and Services as a user or a participant

Account information:

Account holders’ usernames and account numbers, RingCentral phone number, language preference, title, department.

Information about your use of non-RingCentral Services through integrations with our Websites, Apps and Services or otherwise:

Social media account information, single-sign-on service tokens, Google/Apple/Microsoft sign-in tokens.

User content:

Files, any content of communication or other information you or another user or participant upload, provide, grant access to or otherwise implement. *Note that users and participants control the content that they provide, and it may include any category of personal information.

Service Usage Data:

Internet Protocol (‘IP’) address, MAC address, other device ID (‘UDID’), device type, operating system type and version, client version, type of camera, microphone or speakers, connection type and other related information.
User feedback ratings, internal feature usage analytics, usage logs, cookie identifiers.
Traffic data about the communications that take place through our platform (such as chat, video conferencing), network monitoring data.
Call Detail Records of data records produced by a telephone call or other telecommunications transactions. The record contains various attributes of the call, such as time, duration, completion status, source number and destination number.
Fraud data such as blacklist history and security logs.
Metadata such as session logs and join and leave time of participants.
Log data including IP address, Internet Service Provider (‘ISP’), browser type, referring/exit pages, operating system, date/time stamp and/or clickstream data.
Publicly available data from End User accounts.

Geolocation information:

Information about where you are located when using the Services.

Recordings:

A user hosting a phone or video conferencing meeting may choose to record the session, and if so, the host is responsible for obtaining any required consent from you. RingCentral helps hosts obtain consent from other users by providing visual and audio cues to alert users of a recording.
As with all user content, recordings may contain personal data and may be stored with RingCentral at the request of the meeting host. A meeting host may choose to store a recording of a meeting on the host’s local storage device, not with RingCentral. When a host chooses to do that, RingCentral does not have any control over the recording. Transcripts, which may also contain personal data, are treated the same way as recordings.
RingCentral does not monitor, access or use the recordings or transcripts that a meeting host or customer may choose to store with RingCentral, unless they request us to, for example, to provide technical support and where allowed by law.

SMS messages:

Content of blocked SMS messages that violate our spam rules.

HOW WE USE YOUR PERSONAL INFORMATION

We use your personal information for the following purposes: Communicate with you; Create your account; Provide you with RingCentral Services including responding to your requests for support; Manage your order and our customer relationship; Market our Services; Connect you to and optimise your experience using our Website, Apps and Services; Provide customers dashboards and reports; Conduct fraud and threat analysis and detect and prevent spam or unlawful or abusive activity or other violations of our Acceptable Use Policy (‘AUP’); Monitor performance of our data centres and networks; Conduct analytics to improve RingCentral’s Website, App and Service performance; Personalise your experience with our Websites, Apps and Services; Comply with applicable law including those regulating call detail records; and Perform billing for our Services.

Lawful basis for processing personal information (EEA, Switzerland and UK only)

When we collect personal information about you in connection with offering our Website, Apps or Services within the European Economic Area (EEA), Switzerland and the United Kingdom (UK), our lawful basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

We will normally collect personal information from you where we need the personal information to perform a contract with you (e.g. when you order a Service), or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (e.g. to market and provide our Services). In some cases, we may also have a legal obligation to collect and process the personal information in question (i.e. Service Usage Data) or we may process your personal information where we have your consent to do so. You may withdraw your consent at any time as instructed in the communications or in the Apps or Services, or you can contact us as explained below.

COOKIES AND OTHER SIMILAR TECHNOLOGIES

Our Website and Apps use technologies called ‘cookies’ and other tracking technologies such as software development kits (‘SDKs’) to collect certain information. A cookie is a piece of computer code that your internet browser is given when you access the Website. Our cookies help provide additional functionality to the Website, track the traffic patterns for our Website and study how our users use and interact with the Website and Services. For instance, our Website may set a cookie on your browser that allows you to access the Website without needing to remember and then enter a password more than once during a visit to the Website. If available, please refer to your web browser’s instruction guide or help section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. An SDK functions like a cookie, but in mobile applications. We recommend that you leave cookies and SDKs turned on because they allow you to better take advantage of some of our Services and allow us to improve our Services.

First-party cookies

Strictly Necessary cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are often set in response to actions made by you, which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
Functional cookies: These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third-party whose services we have added to our pages.
Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.
Targeting cookies: These cookies may be set through our site and may be used to build a profile of your interests and show you relevant adverts on other sites.

Third-party cookies

In addition to our own cookies, we may also use various third-party cookies to report usage statistics of the Service, deliver advertisements on and through the Service and so on. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites.

What are your choices regarding cookies?

Cookie Preferences on RingCentral websites: Our cookies allow you to take advantage of some essential and useful features. Blocking some types of cookies may impact your experience of our sites. You can change your cookie preferences at any time by clicking ‘Cookie Preferences’ in the footer of the RingCentral websites.

Browser settings: You can also manage browser cookies through your browser settings. The ‘Help’ feature on most browsers will tell you how to remove cookies from your device, prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, how to disable cookies and when cookies will expire. Check the support site for your browser to understand privacy settings available to you. If you block or reject some of our cookies through your browser’s settings, you might not be able to use certain offerings that require you to sign in to an account and some features and services may not work. You might also have to manually adjust your preferences or settings every time you visit our websites.

HOW, WHY AND WHAT PERSONAL INFORMATION WE SHARE WITH THIRD PARTIES

We will not rent or sell your personal information. We may share and disclose your personal information (as identified above [add link to section]), solely for legitimate business or legal purposes as described in this Notice and in accordance with applicable law, with the following third parties:

RingCentral or any of its worldwide affiliates. A list of our current group companies is available here https://www.ringcentral.com/au/en/whyringcentral/contactus.html;
Business partners (e.g. resellers and other authorised third-party agents) to market or sell our Services;
Service providers, contractors, vendors or agents who operate on our behalf to:
- Operate, deliver, improve and customise our Websites, Apps and Services;
- Provide support and technical services;
- Send marketing and other operational communications related to our Websites, Apps and Services;
- Enforce our acceptable use policy;
- Conduct analytics in order to improve your experience while using RingCentral Websites, Apps and Services; and
- Provide offers and advertisements to customers based on their interests and interactions with us.
Any third parties as part of, or in connection with, an actual or prospective corporate business transaction, such as a sale, merger, acquisition, joint venture, financing, corporate change, reorganisation or insolvency, bankruptcy or receivership;
Law enforcement agencies, regulatory or governmental bodies or other third parties in order to respond to legal process, comply with any legal obligation; protect or defend our rights, interests or property or that of third parties; or prevent or investigate wrongdoing in connection with the Website, Apps or our Services; and/or
Other third parties with your consent.

HOW WE RESPECT YOUR PRIVACY RIGHTS

We provide you with the opportunity to access, review, modify and delete your personal information that we process.

Requests from End Users regarding personal information we process on behalf of our Customers as a Data Processor

In general, when processing the content of communications such as voicemails, faxes, recordings, etc. in connection with our Services, we do so on behalf of our Customers and in accordance with their instructions as a data processor. This means that if you believe RingCentral may have collected or stored personal information about you on behalf of a RingCentral customer as a data processor or if you wish to access, review, modify or delete any content of your communications, under applicable law or otherwise, you should direct your request to that Customer.

Your Additional Privacy Rights as an EEA/UK/Swiss Resident

Access: You can request more information about the personal information we hold about you. You can request a copy of the personal information.
Rectification: If you believe that any personal information we are holding about you is incorrect or incomplete, you can request that we correct or supplement the data. You can also correct some of this information directly by logging in to your Service account if you are a customer. Please contact us as soon as possible if you notice any inaccuracy or incompleteness.
Objection: You can let us know that you object to the collection or use of your personal information for certain purposes.
Erasure: You can request that we erase some or all of your personal information from our systems. You can also delete some of this information directly by logging in to your Service account if you are a customer.
Restriction of Processing: You can ask us to restrict further processing of your personal information. (This just means you can ask us to stop using it for what we have been using it for.) This may mean that we have to delete your account.
Portability: You can ask for a copy of your personal information in a machine-readable format. You can also request that we transmit the data to someone else where it’s technically possible.
Withdrawal of Consent: If you have consented to our use of personal information for a specific purpose, you have the right to change your mind at any time. Any such decision will not affect any processing that has already occurred, nor will it affect processing of your personal information conducted in reliance of lawful processing grounds other than consent. Withdrawing your consent may mean your access to the Services will be limited or suspended and your accounts may be terminated, as applicable. Where you withdraw your consent, but we are using your information because we or a third party (e.g. your employer) have a legitimate interest in doing so, or we have a different legal basis for using your information (for example, fulfilling a contract with you), we may continue to process your information, subject to your rights to access and control your information.
Right to File Complaint: You have the right to lodge a complaint about RingCentral’s practices with respect to your personal information with the supervisory authority of an EU Member State (https://edpb.europa.eu/about-edpb/about-edpb/members_en)
No Automated Decision-Making: We do not use any decision-making based solely on automated processing, including profiling.

Your Additional Privacy Rights as a California Resident

Data portability: You can ask for a copy of your personal information in a machine-readable format. You can also request that we transmit the data to someone else where it’s technically possible.
Knowledge and access: You may have the right to know more about personal information that we have collected and disclosed in the preceding 12 months.
Deletion: You have the right to request RingCentral to delete the personal information we have collected about you.
Non-discrimination for the exercise of your privacy rights: You have the right to not receive discriminatory treatment by RingCentral for the exercise of your privacy rights.

We will not share your personal information with third parties for the third parties’ direct marketing purposes if you have exercised an option to opt out of such information-sharing.

We will verify your request using your name and email. Depending on the nature of your request, we may need additional information to verify your identity. You may authorise an agent to make a request on your behalf to exercise your privacy rights under applicable California privacy laws.

To exercise your rights or to allow your authorised agent to exercise your rights, please submit, or have your authorised agent submit, a ticket through our online portal, or contact our Privacy Team at [email protected].

Unsubscribe from our mailing list

You can manage your communication preferences through the following methods:

Following the instructions included in each promotional email from us to unsubscribe from that particular mailing;
Sending us an email at [email protected]; or
Visiting https://go.ringcentral.com/subscription-center.html

These choices do not apply to service notifications or other required communications that are considered part of certain Apps and Services, which you may receive periodically unless you stop using or cancel the App or Service in accordance with its terms and conditions.

HOW WE KEEP YOUR PERSONAL INFORMATION SECURED

Keeping your information secure is important to us. Like all businesses, we cannot guarantee the security of the personal information we collect and process in connection with our Websites, Apps and Services. We have, however, taken certain steps designed to reduce the risk that your personal information will be subject to loss, misuse, unauthorised access, disclosure, alteration or destruction. RingCentral has no control over or responsibility for the security or privacy policies or practices of other sites on the Internet you might visit, interact with or from which you might buy products or services, even if you visit them using links from our Website.

HOW LONG WE RETAIN YOUR PERSONAL INFORMATION

We will retain your personal information for no longer than is necessary to fulfil the purposes for which the information was originally collected unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons or other legitimate and lawful business purposes.

Where we have no ongoing, legitimate business need to process your personal information, we will either delete or anonymise it.

INTERNATIONAL DATA TRANSFERS

Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. Specifically, information collected in the European Economic Area ("EEA") and the UK, may be transferred to and stored on our servers in the United States and Switzerland, and potentially in other countries where our group companies and third-party service providers and partners operate. These countries may have data protection laws that are different to the laws in your country (and in some cases, may not be as protective).

Data Privacy Frameworks (EU-U.S. DPF, UK Extension, Swiss-U.S. DPF)

RingCentral Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. RingCentral has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. RingCentral has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Data processed and purposes of data processing

Please see the relevant sections of this Notice, sections WHAT PERSONAL INFORMATION WE COLLECT and HOW WE USE YOUR PERSONAL INFORMATION, for information regarding the data categories processed by RingCentral as a controller on our own behalf and the purposes.

As a processor to our customers, RingCentral processes personal data that customers choose to submit to the services as customer-generated content, call detail records, usage data, and account information. The purposes for such processing is the provision, maintenance, support, and improvement of the services.

Type of third parties to which RingCentral discloses personal data and purposes

Please see the relevant section of this Notice: HOW, WHY, AND WHAT PERSONAL INFORMATION WE SHARE WITH THIRD PARTIES for more information regarding the type of third parties to which RingCentral discloses personal data and for what purposes.

Independent Recourse Mechanism

If you have any questions, comments or concerns about this Notice, you may contact us at [email protected]. In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, RingCentral commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. Under certain conditions, individuals may invoke binding arbitration through the Data Privacy Framework Panel. For more information, please see Annex I of the EU-U.S. Data Privacy Framework Principles.

Enforcement Authority

The Federal Trade Commission has jurisdiction over RingCentral’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Lawful Requests for Personal Information

Please see https://www.ringcentral.com/legal/policies/data-request-guidelines.html for information regarding how RingCentral responds to lawful requests by public authorities for RingCentral to disclose personal information.

Individual rights to access and to limit use and disclosure

Please see the relevant section in this Notice HOW WE RESPECT YOUR PRIVACY RIGHTS for information regarding how individuals can exercise their rights to access their personal data and to limit the use and disclosure of their personal data.

Liability for Onward Transfers

In the context of an onward transfer, RingCentral has responsibility for the processing of personal information it receives under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF and subsequently transfers to a third party acting as an agent on its behalf. RingCentral shall remain liable under the EU-U.S. DPF Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless RingCentral proves that it is not responsible for the event giving rise to the damage.

Standard Contractual Clauses

RingCentral has taken (i) appropriate safeguards, including adherence to the Standard Contractual Clauses adopted by the European Commission for the transfer of your personal information outside the EEA, the UK and Switzerland to RingCentral, and (ii) further technical and organizational measures to ensure that personal information will remain protected in accordance with this Notice and any applicable laws.

CHILDREN’S PRIVACY

RingCentral does not knowingly provide products or services directly to children under the age of 16, or knowingly collect or solicit personal information from or about children under the age of 16 outside of the school offering. If you believe that a child under the age of 16 has disclosed personal information to RingCentral outside of the school offering, please contact [email protected]

THIRD-PARTY SITES

This Notice does not apply to, nor are we responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Website or Apps link, including but not limited to social media sites. The inclusion of a link on the Website or Apps does not imply our endorsement of the linked site or service. You should check the privacy notices of those sites before providing your personal information to them.

BLOGS AND FORUMS

Our Website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas is public and may be read, collected and used by others who access them and may remain on the public forum indefinitely. To request the removal of your personal information from our blog or community forum, you can submit a request through our online portal. In some cases, we may not be able to remove your personal information, in which case, we will let you know if we are unable to do so and why. We encourage all users to exercise caution when providing personal information in blogs and community forums.

UPDATES TO THIS NOTICE

We may update this Notice from time to time in response to changing legal, technical or business developments. If we make non-material changes to our Notice, we will post those changes on this page in addition to updating the ‘Last Updated’ or effective date at the top of this webpage. If we make material changes, we will notify you more directly, for example by emailing you prior to such material changes taking effect.

CONTACT US

If you have any questions, comments or concerns about this Notice, please email our data protection officer at [email protected]. Or, you can write to us at:

RingCentral, Inc.

Attn: RingCentral Chief Privacy Officer

20 Davis Drive,

Belmont, California 94002

USA