The General Data Protection Regulations gives data subjects (you) a number of rights, these include:
- The right to be informed about how your personal data is being used,
- The right to get a copy of your data,
- The right to get your data corrected,
- The right to get your data deleted,
- The right to limit how an organisation uses personal data
- The right to data portability
- The rights to object to automated decisions
- The right to complain and report concerns
You can find out more about these rights from the UK Information Commission.
In some instances, not all of these rights are absolute.
XConnect provides services to our customers on the basis of Legitimate Interests of our Customers. To do this, XConnect must conclude that the data we process has minimal privacy impact and that we do not process data in a way that you might not reasonably expect. You can receive more information about our Legitimate Interest Assessment (LIA) by contacting us.
You can also learn more about what a company must do in order to rely on Legitimate Interest through the UK Information Commission.
The services that XConnect provides to our customers are based on our customer’s need for personal data to enable services which you have requested from a company known to you. XConnect does not necessarily know the company (third party) that provides the service to you, but the third party will be responsible for supporting all of your data subject rights.
XConnect does not have the ability to support some of your rights. For example, in some cases we cannot practically limit (at an individual level) how organisation uses data or object to processing because to do so may also prevent the services you wish to receive from enterprises from working. The best way for you to exercise your rights would be through the enterprise that provides you with services or through your telecommunications providers.
XConnect does not obtain personal information from you, hence some of the rights we do not provide you. These include, the right to get your data deleted and the right to data portability.
XConnect does directly support the following rights:
- Your right to be informed, through this privacy notice.
- Your right to get a copy of your data and correct data, through the following section of this policy HOW CAN I ACCESS THE INFORMATION YOU HOLD ABOUT ME?
- The right to complain and report concerns, through contacting XConnect using the HOW TO CONTACT US section of this privacy notice.
- For some of the services that we provide, it may not be possible or necessary to directly support other data subject rights. These will be documented in the Legitimate Interest Assessment (LIA) for each service we provide.
XConnect is a member of the Mobile Ecosystem Forum, Trust Enterprise Messaging Code of Conduct. Along with the other Code of Conduct signatories we ensure that the best privacy practices are maintained for collecting, processing, and transmitting personal data. You can learn more about this Code of Conduct here.