This document describes what data we collect from you, our customers, and what we do with that data, in accordance with the new General Data Protection Regulation (GDPR) commencing on 25^th May 2018.

 

This covers all u-mee services, including u-mee Home, Family, Plus & Business.

 

What information/data do you collect?

We collect the following information:

 

1. 1. Personal Details
   When you subscribe to any of our services we require the following information:
   • Name.
   • Address.
   • Contact email address.
   • Contact telephone number.
   • Contact mobile number.
   • Credit/Debit Card details (Number, Name on card, Expiry, CVC)

Should you request number portability then we also collect your ID Card details.

 

1. 2. Equipment Data
   We store the details (serial number, etc) of all the equipment we provide you with (router, TV boxes, etc) that you need in order to access our service(s).
    
2. 3. Telephone Calls & Voicemail
   We record telephone calls made to u-mee, so if you call us we may record your conversation. We naturally also record any voicemail you may leave if we are unable to answer your call.
    
3. 4. CCTV Cameras
   We have installed CCTV cameras within our premises – if you visit our premises you may be recorded.
    
4. 5. Support Tickets
   We use a ‘ticket' system for customer support which records all correspondence between ourselves and our customers as well as relevant notes we may add to assist in resolving the issue.
    
5. 6. Activity Logs
   We store activity logs which include:
   • Telephone data – dates and times of all calls made and received as well as the telephone numbers dialled or received and duration of the calls. If using our telephone app then we also store the dates and times of all logins and logoffs. We do not record or store any actual conversations.
      
   • Internet data – dates and times of all logins and logoffs to our service. Since our fibre service is an 'always on' service, this data will simply reflect the dates/times that you may have disconnected and reconnected the router. We do not store the content of any communication.
      
   • Email data – dates and times of all logins and logoffs to our email server. In most cases this will simply reflect the dates and times you've sent and/or received emails. We do not store any email address of any recipient or sender, nor do we store the content of any email.

1. 7. Traffic Stats & Monitoring
   We record some real-time customer traffic/activity.

 

Why do you collect this data?

 

We need your Personal Details in order to know who you are, where to provide the service(s), where to invoice you, and how to contact you. We naturally need your credit card details in order to take payment(s) for the contracted service(s).

 

Should you require number portability, we need your ID Card details to pass on to your existing telephone provider to prove your identity to them.

 

Equipment Data is required to provision the equipment in order to provide you with the service(s).

 

We store Telephone Calls made to us for training purposes to assist in identifying and improving our customer support. Voicemails are recorded so we can reply to any issues or queries you may have.

 

We record our premises with CCTV Cameras for security purposes.

 

We record all correspondence with you in our Support Tickets system to have a history of previous issues in order to help assist you with any problems you may experience in the future.

 

We have a legal obligation under the Communications (Personal Data and Privacy) Regulations 2006 to store Activity Logs for 12 months. For your information, the storing of these logs is normal practice and, as a legal requirement, is public knowledge, so nothing has changed other than our requirement under the new GDPR to clearly inform you of it.

 

The Traffic Stats & Monitoring are used to generate statistics and, more importantly, to monitor our network for the purposes of security and anomaly detection which allows us to identify any misuse and/or attack on our network.

 

 

Where is this data stored?

 

We store all data, other than your ID Card details, securely on our own servers in our offices in Europort.

 

When you provide us with your credit/debit card details, we immediately relay these details to WorldPay and they store them securely. We then store all your credit/debit card details except the full card number (we only store the last four digits) and the CVC (the last three digits on the back of the card), and WorldPay provide us with an additional token with which only we can reference your card in order to take the necessary monthly payments that you have already authorised. The token cannot be used for any other purposes.

 

We also don't store your ID Card details. These are only required for the number portability process to prove your identity to the company from where your number will be ported and to ensure the correct number is ported.

 

 

How do you protect this data?

 

The security and protection of data is very important to us. We use robust industry-standard security and encryption methods to ensure all data is secure both online and physically.

 

Although we safeguard your data on our infrastructure, we cannot guarantee the security of any information we transmit beyond our network in providing you with your service(s), including Internet traffic, emails and telephone calls.

 

You are responsible for keeping your login details (including your password) to your online portal secure. We strongly recommend you do not disclose them to anyone.

 

 

Who has access to my data?

 

Personal Details, Equipment Data, Telephone Calls and Support Tickets are only accessible by authorised personnel who need access in order to:

 

1. 1. Provide you with the service
2. 2. Provide support and maintenance of your service
3. 3. Improve our customer support
4. 4. Create invoices and provide accounting support

The CCTV Camera recordings are archived and only ever accessed by authorised personnel when necessary in the event of a security breach or incident.

 

The Activity Logs are archived and never accessed again other than if/when required to fulfil any legal obligations that the Regulations provide for.

 

The Traffic Stats & Monitoring data is used by automatic processes to create statistics and/or reports/graphs/etc for monitoring purposes only.

 

 

How long do you keep this data for?

 

It is a legal requirement for us to keep:

• a summary copy of your bills for six financial years from the date of the bill.
• your Personal Details on file while you're one of our customers, and for six financial years after.
• Activity Logs for 12 months.

In other cases we'll store the data for the periods needed for the purposes for which the information was collected or for which it is to be further processed, otherwise we delete it.

 

 

How can I access and update my data?

 

It is important that the information we have on you is always up to date. We provide you with secure access to our online portal via which you can view and modify all your Personal Details and through which we encourage you to keep your data up to date. The portal will also include a history of all telephone calls made from phone line.

 

There is no method to access the remaining data on our Activity Logs nor our Support Tickets. If you would like a copy of the information we hold please send an email to info@u-mee.com including your account number and request the information.

 

We cannot provide you with any copies of any CCTV Camera footage or Telephone Calls. These can be retrieved in the event of a security issue or incident.

 

 

Do you share my data with any third parties?

 

Number porting in Gibraltar is handled by a cloud-based company (as stipulated by the GRA). They are fully GDPR compliant and will use any data received solely for the porting process. Should you request your number to be ported, they will receive your request including your telephone number and ID Card details (if required) to confirm your identity with your current telephone provider. We do not retain or store any of your ID Card details ourselves.

 

We share your name, address and telephone number with the Gibraltar Telephone Directory unless you have opted not to be included in the Directory. Information provided to the Gibraltar Telephone Directory will be made public and can no longer be considered ‘secure'.

 

We may also share your information to comply with legal and regulatory obligations such as with our auditors and with the Gibraltar Regulatory Authority (GRA). These entities will always have strict procedures in accordance with the GDPR.

 

We do not share any personal data we store with any other third party unless legally required to.

 

 

Cookies

 

Our website uses cookies to produce statistics and provide the best experience by remembering what options you've clicked on during your visit. Our cookies do not store any personal information. You can find more information on cookies at https://www.aboutcookies.org/.

 

 

Further Information

 

For further information about the GDPR please visit:

 

https://ec.europa.eu/info/law/law-topic/data-protection_en

 

If you require any further information from us please send us an email to info@u-mee.com.