We will use your personal information only in ways that are compatible with the purposes for which we collected it from you or which you subsequently authorized, and we will provide you with notice before we use or disclose your personal information to third parties for a purpose other than that for which it was originally collected, except where such disclosure is required by law. We will take reasonable steps to ensure that all personal information we collect, retain, or use is relevant to its intended use, accurate, complete, and current.
When we host data for customers, we start with two simple principles:
- We use, disclose, and otherwise process personal information only to provide the services requested by our customer.
- We maintain reasonable robust security to protect it against unauthorized acquisition or use.
OneNeck’s obligations with respect to personal information for which OneNeck is a data processor, such as data that OneNeck hosts for its customers, are further defined in OneNeck’s contracts with its customers. Personal information obtained from our customers is processed in compliance with the terms and conditions set forth in our customer contracts and correspondence and our professional standards.
OneNeck recognizes that its commercial customers may also be subject to detailed privacy and information security regulations as a financial institution under the Gramm Leach Bliley Act, as a covered entity or business associate under HIPAA, or otherwise as an entity subject to privacy and information security laws and regulations. We can readily accommodate legal requirements to ensure appropriate privacy controls and support your compliance programs, and we enter into additional agreements, such as Business Associate Agreements, when appropriate and required by applicable law. Similarly, businesses with personal information originating in the European Union should rest assured that OneNeck complies with the data protection requirements applicable to it, and OneNeck enters into data processing agreements to support compliance with the General Data Protection Regulation where appropriate as well. If any of these statutory regimes applies to your business and the data to which OneNeck may have access in providing services to you, please let your account representative know so we may include any additional regulatory terms that may be appropriate.
OneNeck complies with the EU – U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework(s), as set forth by the U.S. Department of Commerce, regarding the collection, use and retention of personal information received from the European Union as well as where data is transferred from the United Kingdom and/or Switzerland. OneNeck annually certifies its adherence to the Privacy Shield Principles of notice; choice; accountability for onward transfer; security; data integrity and purpose limitation; access; and recourse, enforcement and liability. To learn more about the EU – U.S. Privacy Shield Framework and/or the Swiss-US Privacy Shield Framework, please visit https://www.privacyshield.gov/EU-US-Framework. To view OneNeck’s certification, please visit https://www.privacyshield.gov/list.
COLLECTION OF YOUR PERSONAL INFORMATION
Types Of Information We Collect About You. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you. Personal information does not include anonymous, aggregated, or de-identified information that cannot personally identify you, your accounts or devices. We may collect the following different types of personal information about you, your associated accounts, or your devices based on your use of our Services, as well as your business relationship with us or with our third parties:
Personal Identifiers. Personal identifiers are personal information that identifies a person such as name, physical and email addresses, telephone numbers, date of birth, Social Security number, driver’s license numbers, credit cards or financial accounts.
Credit and Financial Information. Credit and financial information are specific types of personal information that relate to your (or your employer’s) financial or commercial relationship with us, including banking information and payment history related to your business account or employee relationship.
Location Information. Location information is collected when you provide it directly to us and when you use our Services. Location information may include your physical address, zip code, and a physical address associated with an IP address. Certain types of location information may be considered personal information.
Sensory data. Information including electronic, visual and audio information may be collected when you contact us, or when we contact you, including through our customer service line, such as voice recordings, or may be collected from employees through security video monitoring depending on the facilities in which they work or visit. For training or quality assurance, we may also monitor or record our customer service calls with you.
- Ordering a product or service from us
- Sending us an email
- Registering to receive information about our products or services
- Responding to customer service inquiries
- Applying for a job or a grant, or
- Entering a contest.
We may also collect personal information about you from trusted agents who are authorized to sell our products and services, or from employees of our Affiliates. “Affiliates” refers to any of the Telephone and Data Systems, Inc. owned companies. When we receive personal information from Affiliates, we will use and disclose such information in accordance with the notices provided by the applicable Affiliate and the choices made by the individuals to whom such personal information relates.
We may also collect personal information about you that helps us better serve your special needs and interests, such as when you respond to questions, surveys, or other customer service-related inquiries. You can always choose not to provide certain personal information to us, but we may not be able to provide you with certain services or features as a result.
SENSITIVE PERSONAL INFORMATION
We do not generally collect sensitive personal information, including personal information about personality and private life, racial or ethnic origin, nationality, political opinions, membership in political parties or movements, religious, philosophical or other similar beliefs, membership in trade unions or professions or trade associations, physical or mental health, genetic code, addictions, sexual life, property matters or criminal record (including information about suspected criminal activities). You are not required to provide any sensitive personal information to use any of our services. Certain protected classification characteristics may be collected about employees from time to time as may be required by applicable law.
As part of network operations and when you visit a OneNeck website, we may automatically collect certain information such as your domain type, your IP address, and click-stream information to gauge the effectiveness of our websites, improve our online operations, enhance your online experience with customized content, and focus our marketing efforts to better meet the needs of our customers.
We may store small data files known as cookies, or other similar technologies, on your computer or mobile browser when you visit one of our websites. Cookies allow us to personalize and protect your service by collecting and storing information that will identify you when you visit a website. Cookies also allow us to collect ‘website usage’ information when you visit our websites, including IP address, web browser and operating system types, webpages visited on our websites, time spent on our webpages, and return visits to our websites. We may combine the website usage information with your personal information in order to provide a more customized online experience to you and to provide advertising about goods and services that may be of particular interest to you. These same cookies may also be used by our advertising partners on other websites to display advertisements based on the preferences you demonstrate through your online activities. We do not track user click stream or other information resulting from activity on sites that are not operated by OneNeck. For further information about how to opt-out of behavioral advertising on the Internet, please see http://www.networkadvertising.org/choices/.
You may be able to disable cookies on your computer; however if you do so, you may limit your experience on OneNeck’s websites. You can set your browser to delete cookies or to tell you before you accept one. Look in your browser’s Options or Preferences menu for settings relating to cookies.
“Do Not Track” signals are options available on your browser to tell operators of websites that you do not wish to have your online activity tracked. Our websites operate no differently if these “Do Not Track” signals are enabled or disabled. Our Internet Services do not allow any third parties to collect personal information about your online activities over time or across websites for their own purposes.
THIRD PARTY WEBSITES
USE OF YOUR PERSONAL INFORMATION/ DATA INTEGRITY
When you want to set up an account with OneNeck, in order to determine your credit worthiness, we may use some of your personal information to request a credit report from a credit-reporting agency based on a permissible purpose consistent with the Fair Credit Reporting Act.
OneNeck uses the information collected on its websites to provide you with information you request. When you use our websites to order products or services, or to request information about them, we may use the information we have about you as we would use the same information obtained offline; for example, to evaluate your service needs and contact you regarding additional services you may find useful. You may also submit applications for employment online, and we will use the personal information you provide to consider you for employment.
We will not use your personal information for a purpose other than the purpose for which it was originally collected or subsequently authorized without your consent. We will not use sensitive personal information for a purpose other than the purpose for which it was originally collected or subsequently authorized unless you have provided your affirmative and express (opt-in) consent.
When you provide us with your personal information, we collect that for certain purposes that are required or permitted by applicable law, and OneNeck may access or disclose personal information without further notice or your consent in order to: (i) investigate, protect or defend the legal rights or property of OneNeck, Telephone and Data Systems, Inc. (“TDS”), our Affiliates or their employees, agents and contractors (including enforcement of our agreements); (ii) protect the safety and security of customers or members of the public including acting in urgent circumstances; (iii) protect against fraud or for risk management purposes; or (iv) comply with the law or legal process such as a subpoena. OneNeck will provide its customers with prompt notice of law enforcement requests or demands for their data to the fullest extent allowed by applicable law so that the customer may assert any defenses or other legal interests that it wishes.
If TDS or OneNeck sells all or part of its business or makes a sale or transfer of all or a material part of its assets or is otherwise involved in a merger, transfer, or liquidation of all or a material part of its business, your personal information may be transferred to the party or parties involved in the transaction.
If you submit an employment application, resume or similar information about yourself, it will be used only for the purpose of considering you for employment or such other purpose as requested by you.
OneNeck does not make decisions that have legal effects on individuals due solely to automated processing of personal information.
For United States residents, we undertake marketing only in compliance with the CAN-SPAM Act, the Telephone Consumer Protection Act, and other applicable law. For European Union residents, we undertake marketing outreach only with your expressive affirmative consent and in compliance with applicable data privacy laws. European Union residents will not be added to the marketing lists unless they have already provided express affirmative consent consistent with applicable data protection laws.
COLLECTION AND USE OF CHILDREN’S PERSONAL INFORMATION
OneNeck Services are intended for adults. In order to respect the privacy of children online, OneNeck does not knowingly collect, maintain or process personal information submitted by children under the age of 18, and we will promptly delete any such personal information when we become aware that it was collected inadvertently.
If we do collect age information, and users identify themselves as under the age of 18, the site will block such users from providing personal information.
SHARING OF YOUR PERSONAL INFORMATION / ONWARD TRANSFER
YOUR PRIVACY RIGHTS
We may decline to process requests for personal information that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not legally required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
OneNeck provides customers with the ability to authorize individuals (“Authorized User”) to make inquiries, limited changes, or both, in order to maintain their account. Customers may specify the type of information and changes that the Authorized User is approved to request. Customers may add or remove an Authorized User from their account at any time.
We ask customers and their Authorized Users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests. If you or your Authorized User contacts us via phone, you will be asked to provide your name, the account Personal Identification Number (“PIN”) (if the account is PIN protected; otherwise you will be asked to provide other information for the purposes of identity verification), and the billing address ZIP code before we are able to assist you. You or your Authorized User will be asked to present a valid photo ID when requesting account information while at a business office.
As a processor of personal information on behalf of our customers, we do not provide direct access to personal information we may host or process on behalf of our business customers. If we receive a data subject access request for a customer’s data, we will direct the requester to the business customer to properly place the request.
These choices do not apply to the display of online advertising or the receipt of transactional and service communications that are considered part of certain OneNeck services, which you may receive periodically unless you cancel the service.
If you request to not be contacted by phone for marketing or sales purposes, please note that the OneNeck Do Not Call List restricts these types of phone contacts from OneNeck only, so you may continue to receive calls from other companies. If you would like to add your number to the National Do Not Call List, you may do so by calling 1-888-382-1222 or visiting www.donotcall.gov.
CONTROLLING UNSOLICITED EMAIL (“SPAM”)
OneNeck is concerned about controlling unsolicited email or “spam.” While OneNeck and its vendors maintain controls to help prevent this activity, there is no currently available technology that will totally prevent the sending and receiving of unsolicited email. Using junk email tools and being cautious about the sharing of your email address while online will help reduce the amount of unsolicited email you receive. For more information about this and other related topics go to the Federal Trade Commission’s website at http://www.onguardonline.gov.
CALIFORNIA PRIVACY RIGHTS
Under the California “Shine the Light” Law, a business subject to California Civil Code section 1798.83 is required to disclose to its customers, upon request, the identity of any third parties to whom the business has disclosed “personal information” regarding that customer within the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to:
OneNeck IT Solutions, Attn: Legal Dept., 525 Junction Road, Madison, WI 53717
Please note that California businesses are only required to respond to a customer request once during the course of any calendar year.
The California Consumer Privacy Act of 2018 (“CCPA”) provides current California residents with certain qualified rights regarding their personal information as defined by the CCPA (“CCPA PI”). OneNeck respects the rights of our California resident customers to exercise these rights, including to:
- Be informed about categories of CCPA PI collected; the sources of that information; the business purpose of collecting and using that information; and the categories of third parties with whom CCPA PI is sold or shared if applicable.
- To request to receive information regarding CCPA PI collected by OneNeck over the past 12 months.
- To request the erasure of your CCPA PI held by us.
- To opt-out of the sale of CCPA PI by us to third parties.
- To be free from discrimination for exercising your privacy rights under the CCPA.
Depending on your relationship to OneNeck, some of these rights may not apply to you. Moreover, OneNeck does not sell personal information and has not done so in the preceding twelve (12) months. Further, requests to exercise privacy rights related to data that OneNeck hosts or processes on behalf of its business customers should be directed to that business. If you, or your designated agent, would like more information about these rights or would like to submit a request, you may contact us by calling at 800.272.3077, or email us at firstname.lastname@example.org. We will need to request certain information from you to verify your identity and the authenticity of the request prior to responding.
SECURITY OF YOUR PERSONAL INFORMATION
OneNeck leverages ITIL based practices to manage mission critical data centers and customer infrastructure 24/7/365. Our facilities are SSAE 18 audited to ensure that independent reviewers conclude that our customers’ data is secure, available, and compliant up to these reasonable and rigorous industry standards.
OneNeck has designed these and other reasonable technical and organizational security safeguards to protect against such risks as loss or unauthorized access, destruction, use, alteration, modification, or disclosure of personal information. You should understand that the open nature of the Internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. Cybersecurity threats are also constantly evolving, and while we strive to maintain robust protections, no one can guarantee the absolute security of data accessible via the Internet.
Our policies restrict access to personal information to OneNeck employees, employees of Affiliates, and authorized third parties who need to know that information in order to operate, develop or improve our services; and our policies require that these individuals be bound by confidentiality obligations and may be subject to discipline, including termination, if they fail to meet these obligations. We do not guarantee that our safeguards will always work.
Our policies require us not to store personal information beyond what is necessary for business purposes, including for internal service evaluation and quality assurance purposes, except as otherwise required by law.
PRIVACY SHIELD COMPLIANCE
OneNeck complies with the EU – U.S. Privacy Shield Framework regarding the collection, use, and retention of personal information from the European Union as well as where data is transferred from the United Kingdom and/or Switzerland. OneNeck has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement with respect to all personal data transferred from the EU, United Kingdom and Switzerland to the US within the scope of its certification. To learn more about the EU – U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework(s), and to view OneNeck’s certification, please visit https://www.privacyshield.gov/list.
OneNeck voluntarily complies with the EU – U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework and is subject to the investigatory and enforcement powers of the Federal Trade Commission.
Any person in the EU, UK or Switzerland who is not satisfied with OneNeck’s compliance with the EU – U.S. Privacy Shield or Swiss – U.S. Privacy Shield may contact OneNeck by mail at: OneNeck IT Solutions, Attn: Legal Dept., 525 Junction Road, Madison, WI 53717, or by email at: email@example.com to resolve such complaints. OneNeck will process any such complaint within 45 days of receipt. If you believe that such
complaint has not been resolved, you may first try and settle the dispute by mediation, administered by the International Centre for Dispute Resolution under its Mediation Rules, before resorting to arbitration, litigation, or some other dispute resolution procedure. The rules governing these procedures and information regarding how to file a claim free of charge can be found here: https://go.adr.org/privacyshield.html. If you remain dissatisfied, you may contact your national Data Protection Authority in the country where you reside. OneNeck agrees to cooperate and comply with the U.S. Department of Commerce in resolving such disputes. If you remain dissatisfied and meet the pre-arbitration requirements of Annex I Part C of the EU – U.S. Privacy Shield Framework or Annex I Part C of the Swiss – U.S. Privacy Shield Framework, as applicable, you may invoke binding arbitration pursuant to procedures in Annex I of the EU – U.S. Privacy Shield Framework Principles or Annex I of the Swiss – U.S. Privacy Shield Framework found here: https://www.privacyshield.gov/EU-US-Framework.
OneNeck IT Solutions, Attn: Legal Dept., 525 Junction Road, Madison, WI 53717.
Any questions or concerns regarding the use or disclosure of personal information should be directed to OneNeck at the address given above.
Last Update: June 1, 2021