Privacy Policy

NICE Privacy Policy and the inContact Privacy Policy

Last Updated: May 2018

NICE Ltd. and its wholly owned subsidiaries (collectively “NICE,” “we,” “us,” and “our”), including inContact, Inc., respect your privacy. The NICE privacy policy (the “NICE Privacy Policy“) explains the accepted privacy practices for NICE’s online services and product offerings at NICE Privacy Policy (the “Services” and the “Website”, respectively). It describes the ways in which your information is collected and used by NICE, and the rights and options available to you with respect to such information. The NICE Privacy Policy incorporates by reference the most current version of the NICE Terms of Use posted on NICE’s Website (“Terms of Use”). For clarification purposes, the NICE subsidiaries which adhere to this Privacy Policy are: Actimize, Inc., Nexidia, Inc., Satmetrix Systems, Inc. and inContact, Inc. (“inContact”).

inContact adheres to the NICE Privacy Policy provided above and, based on the nature of the inContact Services provided ( “Services”) inContact follows additional practices that make up this inContact Privacy Policy(the inContact Privacy Policy). The inContact Privacy Policy can be found at inContact Privacy Policy. inContact provides Services that process your information and the information of your customers (collectively “you” and “your”).


PRIVACY SHIELD

inContact is a covered entity under NICE’s active participation in the EU-U.S. Privacy Shield Framework (“Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from European Union member states to the United States and other locations. inContact, as a covered entity under NICE, has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about Privacy Shield, and to view NICE’s certification, please visit NICE inContact Privacy Shield Participation. inContact Services are operated via servers situated in various geographic areas, including the United States. Your information may be processed in any of these areas as allowed by Privacy Shield and further controlled by individual service agreements. Your use of the Services constitutes consent to processing in any of these areas. inContact accepts full accountability and responsibility for the protection of your information according to applicable privacy legislation, the Privacy Shield, this Privacy Policy and the NICE Privacy Policy including during the course of any onward transfers to third parties.


INFORMATION COLLECTED

Your use of the Services will result in the collection and processing of a variety of information. This may include voice recordings, emails, chat transcripts and other records of your contacts in addition to information about your employees. More detail about the information collected is contained in your service contract.

Your use of the Services is inContact’s legal basis to process the information in accordance with the Services’ capabilities and features. You must not use the Services on information that you do not have a legal basis to process.


USE OF INFORMATION

We will process the information you provide through the Services for the following purposes in addition to those outlined for the individual services in your service contract:

  • To provide the Services and to enable you to use them;
  • To process the information you provide as directed by you;
  • To improve and expand the Services, including to create new services which correspond to the requirements and expectations of the users of the Services and to modify or cancel existing Services and content. The information used for this purpose will not identify you personally;
  • To improve and customize your experience and other users’ experience with the Services;
  • To contact you as and when inContact believes it to be necessary for technical, administrative or security reasons;
  • To analyze and provide statistical information to third parties. This information will not identify you personally;
  • For the orderly and proper operation and development of the Services; or
  • For any other purpose specified in this Privacy Policy and/or in our Terms of Use.


TRANSFER OF INFORMATION TO THIRD PARTIES

inContact will not transfer your information to any third party, except in the following cases or as otherwise outlined in this Privacy Policy:

  • As required to provide the Services and enable you to use the Services and disclosed to you;
  • If inContact reasonably believes that you have breached the Terms of Use, or abused your rights to use any of the Services, or performed any act or omission that inContact reasonably believes to be violating any applicable law, rules, or regulations. inContact may share your information in these cases, with law enforcement and other competent authorities and with any third party as may be required to handle any result of your wrongdoing;
  • If inContact reasonably believes that it is required by law to share or disclose your information in order to prevent, investigate, or take action regarding illegal activities. In addition, to establish or exercise our legal rights or defend against legal claims;
  • As permitted or required by, or in response to lawful requests by applicable local law enforcement agencies or regulatory agencies, or agencies with responsibility to oversee and enforce national security;
  • In any case of dispute, or legal proceeding of any kind between you and inContact, or between you and other users or third parties with respect to, or in relation with the Services;
  • In any case where inContact may reasonably believe that sharing information is necessary to prevent serious damage to your person or property or to the person or property of any third party;
  • If inContact organizes the operation of the Services within a different framework, or through another legal structure or entity, or if inContact is acquired by, or merged with another entity, provided however, that those entities agree to be bound by the provisions of this Privacy Policy;
  • inContact may share information with companies or organizations connected to or affiliated with inContact, such as subsidiaries, sister-companies, parent companies and service providers such as an email service provider to send you emails on our behalf, with the express provision that their use of such information must comply with this policy; or
  • inContact is also entitled to transfer or share anonymous, statistic or aggregative information with companies or organizations connected to inContact, and with suppliers, business partners, advertisers, and every third party, according to inContact’s absolute discretion; however, inContact will not disclose your identity to them, knowingly or deliberately, without receiving your consent.


CHILDREN'S ONLINE PRIVACY INFORMATION

inContact does not knowingly collect information from minors who are under the age of 16 through the Services. If a parent or guardian becomes aware that his or her child has provided us with information without his/her consent, then he or she should contact inContact at the information described below. If we become aware that a child under the age of 16 has provided us with information, we will delete such information to the extent possible. Further, the Children’s Online Privacy Protection Act (“COPPA”) requires parental consent for collection of data from children younger than the age of 13 years old. For tips on protecting children’s privacy online, generally, please view the U.S. Federal Trade Commission (“FTC”) website at COPPA.


COOKIES

In addition to the Nice Cookie policy as part of the NICE Privacy Agreement, found at NICE Privacy Policy, the use of the Services specifically requires the use of cookies, which are stored by your web browser in order to allow inContact to store preferences and enable other functions. These cookies are essential to use the Services.


CUSTOMER PROPRIETARY NETWORK INFORMATION NOTICE

inContact offers communications-related services, including local and long distance service, as well as the provisioning of telecommunications equipment. From time to time, those subsidiaries may need or desire to share your Customer Proprietary Network Information (“CPNI”) with other inContact affiliates and/or with third parties involved in assisting with the offering of the services described above and also to enhance our ability to offer products and services tailored to you. Just as the applicable inContact subsidiary(s) is required to protect your CPNI, so too will these third parties. Under no circumstances will inContact and/or any inContact subsidiary sell your CPNI to third parties, or otherwise disclose your CPNI to third parties for marketing purposes in contravention of this Privacy Policy.

By way of clarification, CPNI comprises of: (i) information about the quantity, technical configuration, type, destination, location, and extent to which you use our communication-related services; and (ii) information contained on your telephone bill concerning the services you receive. That information, when matched to your name, address, and telephone number, is known as CPNI. Examples of CPNI include information typically available from telephone-related details on your monthly bill, technical information, type of service, current telephone charges, long distance and local service billing records, directory assistance charges, usage data, and calling patterns. CPNI does not include subscriber list information, aggregate information, or data not specific to a single customer.

You may examine and correct, if necessary, the CPNI-related personally identifiable information regarding you that is collected and maintained by us in our regular business records. In most cases, this information consists solely of billing and account information. We will correct our records if you make a reasonable showing that any such information we have collected about you is inaccurate. If you wish to examine these records, please contact us in writing at the address listed below. Please give us a reasonable period of time to locate and, if necessary, prepare the information for your review. You will only be permitted to examine records that contain personally identifiable information about your account and no other account.

You have the right to restrict our use of your CPNI by sending a request in writing to: inContact, Inc., Kimm Partridge, Assistant Corporate Secretary, 75 West Towne Ridge Parkway, Tower 1, Sandy, UT 84070. If you deny or restrict your approval for inContact to use your CPNI, you will suffer no effect, now or in the future, on the services provided to you other than our ability to provide you with, or otherwise notify you of, the customized offerings and enhanced services described above.

In the event inContact experiences a privacy breach and CPNI is disclosed to unauthorized persons, federal rules require that such breach be reported to law enforcement. Please be aware that we are not permitted by law to inform customers of the CPNI breach until at least seven (7) days after notification has been sent to law enforcement (which period may be extended if law enforcement shall advise us to withhold such information for a longer period of time).


DATA SECURITY

inContact implements data security systems and procedures to secure the information stored on inContact computer servers. Such systems and procedures reduce the risk of security breaches, but they do not provide absolute security. Therefore, inContact cannot guarantee that the Services are immune to unauthorized access to the information stored therein and to other information security risks.


ACCESS TO PERSONAL INFORMATION

If your information changes, or if you no longer desire to use and access our Services, you may correct, update, or delete/deactivate your information by contacting us as defined in your service contract. inContact accepts requests for information where we are an information processor only from the applicable information controller. We will undertake to respond to your request within 30 days of inContact’s receipt thereof. inContact will make reasonable efforts to accommodate your requests.

We will retain your information for as long as required to provide you Services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and to enforce our agreements.


CHANGES TO THIS PRIVACY POLICY

From time to time, inContact may change the terms of this policy. Changes will take effect once they are posted online and by accessing and/or using the Services after we make any such changes to this Privacy Policy, you are deemed to have accepted such changes. If you do not agree with any of the amended terms, you must avoid any further use of the Services offered by inContact.


INQUIRIES OR CONCERNS?

You may contact inContact by using the ‘contact us’ feature that can be found at Contact Us, and we will do our best to provide a prompt response to your question. In addition, NICE’s Director, Corporate Compliance & Privacy and Data Protection Officer is responsible for overseeing compliance with this Privacy Policy. You can reach this officer by calling him at +972-9-775-3542, or by sending an email to privacy@niceincontact.com.

In order to comply with the Privacy Shield Framework, inContact commits to the resolution of complaints about your privacy and our collection or use of your Information. We have also committed to resolve any complaints pursuant to the Privacy Shield Privacy Principles by European Union citizens, relating to this Privacy Policy and which cannot be resolved directly with inContact, through the JAMS EU-US Privacy Shield Dispute Resolution Framework as our Independent Recourse Mechanism (“IRM”). You may contact JAMS by visiting JAMS for more information or to file a complaint. The services of JAMS are provided to you at no cost.

If you have any questions or complaints regarding this Privacy Policy, please contact us as described above. We will investigate your question, respond to your inquiry, and attempt to resolve any concerns regarding your privacy question. If you do not receive acknowledgement of your complaint or, if your complaint is not satisfactorily addressed by inContact, then please contact JAMS, as described above.

As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. We have registered with the United States Council for International Business to cover the operating costs of the EU DPAs’ dispute resolution panel. inContact is subject to the investigatory and enforcement powers of the FTC.