Client Services Privacy Notice.

Introduction.

Tangoe likes making complicated things simple and transparent, and so we want to explain how we will use your personal data in a simple and transparent way.

Tangoe is interested in data protection laws because they govern the way we use the personal data (“data”) you give us throughout your time as a user of Tangoe’s services. This Privacy Notice explains how Tangoe uses the data we receive from you, your employer and your organization’s vendors.

Personal data is any information that could be used (directly or indirectly) to identify an individual. That may be anything from a name and address, email address, image or audio recording, IP address, telephone number or any other data that could be used to identify an individual.

We have tried to provide all the information we think you may want to know, but if you have any questions please contact us on dataprotection@tangoe.com.

How will Tangoe use your data?

Tangoe believes in using your data fairly. There should be no surprises.  We will only use your data for the reason for which you or your employer gave it to us, for the delivery and support of agreed services or for legal or regulatory purposes.  It will not be used for other reasons.

We will not keep it longer than we need to and will only share it with people where this is required for the agreed purposes.

What data is collected?

In order to provide the services your organization has contracted Tangoe to provide, certain personal data is required.  Tangoe will only access data that your employer has authorized Tangoe to collect or receive.  Tangoe obtains your data from different sources during the following stages of the service lifecycle;

i.       Contract signature

Certain data is passed to Tangoe to allow the contract to be executed prior to implementation of the services.  This will usually be the contact details of individuals within your legal or procurement department and the contact details for your applicable vendors.

For a full breakdown of the data categories click here.

ii.       On boarding (implementation) and in-life services

Once the contract is signed, Tangoe’s implementation teams will initiate the design and build of the databases and data sharing processes required to provide your services.  This data will be updated, and changes reflected based on information that continues to be provided throughout the duration of the services.  Additionally, Tangoe collects small amounts of personal data whilst delivering the services, such as tickets from helpdesk calls or system user profiles.

For a full breakdown of these data categories, click here.

Note: If you provided data within the sales cycle, via Tangoe websites or marketing events this is managed in line with Tangoe’s Sales and Marketing Privacy Notice.

Where is your data collected?

Tangoe gets your data from a variety of locations and through different media as mutually agreed during the implementation, and bespoke to your organization.

Usually HR information is provided by automated electronic means via an SFTP site. Where possible Tangoe collects your billing data from your vendor’s portal but where your vendor doesn’t offer a portal, alternative data transfer media such as SFTP, emails or CD’s may be used. Tangoe will generate additional personal data during the provision of services such as systems passwords, user IDs and user logs.

Depending on the services you have contracted Tangoe to provide, or your interactions with Tangoe, additional data may be collected, for example if you use our service center we would raise a ticket to track the progress of your requests being actioned.

For a full breakdown of the ways Tangoe can collect data, click here.

Special categories of data

Special data is particularly sensitive personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Tangoe does not require special categories of data to deliver its services. 

How does Tangoe ensure there is a lawful reason to use your data?

Data protection law requires organizations to consider if using data is necessary and lawful.  It is Tangoe’s clients’ obligation to ensure its employees’ data is used lawfully, with fair processing notice and to establish the lawful basis for use of Tangoe’s services. 

Tangoe will only use your data for the provision, improvement and support of the contracted services; or for legal or regulatory purposes.

Who will Tangoe share your data with?

Tangoe understands how important confidentiality and appropriate use of your data is to a trustful working relationship.  As such your data will only be shared where it is appropriate to do so.

During routine service delivery this means that our employees, across all our subsidiaries, are assigned access based on their alignment with your services and their role within this.  Other Tangoe employees may also see limited sections of your data to enable them to fulfil their roles in support of service delivery.

RolePurpose (What do they do?)
Product EngineeringSupport trouble tickets
Customer ServiceDelivery of the contracted services which includes the implementation and routine delivery of services.
IT AdministratorsTo manage the systems and for access requests
Database AdministratorsManage the database systems
Finance TeamTo generate invoices
Compliance TeamFor audit purposes
Tangoe Advisory ServicesFor delivery of advisory services
Data Protection Team & Information SecurityFor data protection, breach or fraud management, monitoring and investigations. To support in responding to data subjects’ rights requests.

Tangoe may contract with third-party vendors and suppliers to perform certain functions on Tangoe’s behalf or to enhance Tangoe’s existing product and service offerings. Additionally, Tangoe may be obliged to disclose data for legal or regulatory purposes. These third parties will have access to data only to the extent necessary to permit them to do their jobs which may include:

  • Tax regulator or equivalent
  • Tangoe’s external auditors
  • Supervisory Authorities, Government or Regulatory bodies
  • Your employers’ telecom vendors and third-party suppliers for expense management, audit and procurement purpose

Tangoe’s third party suppliers which may include:

  • payment processing services
  • systems’ security, penetration testing, fraud monitoring and prevention
  • email, ticketing, survey or group texting platforms
  • subcontractors
  • data receipt, redirection, storage & archiving
  • data hosting centers

Tangoe may disclose data in connection with a reorganization, restructure, merger, sale, or other transfer of assets. Tangoe reserves the right to transfer information, including data, provided that the receiving party contractually agrees to respect your data in a manner that is consistent with Tangoe’s Data Protection Policy and your organization’s data processing agreement.

Tangoe will not sell your data to a third party.

Where will your data be stored and used?

Tangoe is a global organization with a US parent and our central administration is held in the USA. For a full list of Tangoe’s locations please go to www.tangoe.com/locations.

Your key corporate relationship contacts will be held in the USA where it can be viewed, accessed and used by Tangoe employees, and some suppliers to provide the services.

Tangoe’s own software is hosted by third-party providers, all ISO27001 certified. All other third-party cloud providers are certified to a level equivalent to ISO27001/ SOC II/ SSAE18. For the hosting location of your organization’s data please refer to the data processing agreement executed between Tangoe and your organization.

In most instances your data will be accessed by our employees and/or service providers in multiple countries, including some located outside the EU and USA. Where this occurs, and EU data is in scope of the services, Tangoe is required by your employer to enter into a contract called EU Standard Contractual Clauses which protects your data when it leaves the EU.

The employees, subcontractor, advisors and software providers Tangoe use will vary dependent on the services that your organization has requested. Please refer to the applicable data processing agreement for more detail on which subprocessors are used and where they are located.

How is your data used to manage your TEM service?

Tangoe’s operations are structured into departments which use your data to deliver the element of the TEM service for which they are responsible. The below framework depicts a high-level representation of the data required and the standard key stages in TEM delivery. 

Chart showing how personal data is received and processed by Tangoe.

As required by your services, Tangoe will undertake the following Data Processing:

  • collect and use your data directly or from your vendors to provide the services and technical support
  • combine your HR data with your billing data to enable financial and asset management
  • store your data on the service platform/s, email exchange, shared or local drives and support systems
  • validate the data for errors and exceptions managed
  • normalize the format of the data so it can be loaded into the Tangoe software
  • link telephone numbers to ‘friendly names’, upon client’s request
  • access the data based on job roles and permissions to deliver and support the services
  • analyze the data to generate savings opportunities and identify billing errors
  • create and manages back-ups
  • generate reporting or recommendations
  • return and/or delete from our systems in accordance with your contract terms and Tangoe’s retention schedule
  • upload any patch, update, upgrade or new releases to the services
  • use data for testing and QA purposes under the same level of protection offered on production platforms (where authorized by your organization)
  • use the data for legal and regulatory purposes (e.g. audit, accounting and statutory retention terms), resolve disputes, and for the establishment, exercise or defense of legal claims
  • analyze and monitor for business planning, resources and financial management
  • collect user input regarding services and assets
  • automatically track user logins, errors, system changes, access and report generation
  • enable single sign on to Tangoe software
  • anonymize the data for use in management reporting and metrics
  • record calls for quality, training or legal purposes
  • audit or monitor data for quality, compliance or security purposes

How is your data used to manage your other Tangoe services?

Where your organization uses the following Tangoe services, these data uses apply;

TypeRole
Expense ManagementCollection of telecom vendor invoices in both electronic and paper formats, normalization of the data and load to your company’s dedicated Expense Management portal. Allocation of invoices to your company’s supplied allocation codes and production of reporting and payment files.
Inventory ManagementDiscovery and maintenance of your company’s billing inventory (mobile and fixed lines) on telecom vendor invoices with associated reporting.
OptimizationBilling data is analyzed to produce an optimization report which is provided to your organization containing cost saving or efficiency recommendations. Where recommendations are signed off by customer, Tangoe will effect the change with the vendor. Results, savings and management statistics are generated.
Accounts Payable (AP) FileTangoe maintains your organizational hierarchy and asset register in accordance with the information your organization provides, generates an accounts payable (AP) file based on the structure designed for your organization which is sent on in agreed frequency and format, if required.
Procurement & FulfilmentTangoe receive procurement requests either through emails, telephone or directly into the ordering system. The requests take the form of modifications, additions, changes and disconnections of devices and are all logged into the internal ordering tool for action. The request status is monitored and communicated back to the requestor at all stages of the process. Requests go through an approval workflow, and once approved are managed by the fulfilment team who ensure the request is completed. Upon completion of the request, the service ticket is closed on our systems. Performance, management and resource statistics are generated.
Audits and ReportingTangoe conducts an audit of the billing data, identifying billing errors and ensuring compliance with vendor contract terms. Non-conforming items are recorded and reported. Management, savings and statistical reporting is generated.
Audit Dispute ResolutionWhere Tangoe has identified erroneous charges, a dispute process is following which includes recording the identified items, raising then managing a dispute with the applicable vendor, tracking progress and communicating the outcome back to you. Results, savings and management statistics are generated.
Service DeskService requests are received via email or telephone call from your employees to Tangoe’s service desk where they are worked through the applicable process to close. Tickets are used to record the request or issue, and its progression. Performance and resource metrics are generated. Calls to the service desk may be recorded for quality, training and legal purposes.
Tangoe PayPayment of telecom vendor invoices by Tangoe on behalf of your company. Vendor invoices and billing data are used to create electronic payment files and verify payment of charges.
Advisory ServicesAggregated usage and cost data from telecom invoices is used to develop customer benchmarks and baselines against market rates.

Is there any automated decision making?

Automated processing of data does take place however no decisions are made that could have legal or other equally significant impact on an individual without human involvement and consideration taking place.

What happens if you stop using Tangoe’s services?

We hope that our organizations will have a sustained and productive collaboration, however if your services should end for any reason the data would be retained, returned, and deleted in accordance with the terms of your organization’s data processing agreements.

How will Tangoe protect my data?

Tangoe takes the security of your data seriously.  Tangoe has internal policies and appropriate security measures designed to prevent your data from being accidently destroyed, lost, misused or disclosed.  Your data is only accessed by Tangoe employees that have a need-to-know to perform their duties and are subject to a duty of confidentiality.

Where the organization engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organizational measures to ensure the security of data.

Data security is very important to Tangoe and, whilst no security controls can ever be 100% effective, Tangoe is committed to driving strong security measures to protect your data’s security, confidentiality, and integrity.

Tangoe has put in place procedures to deal with any suspected data security breach and will notify your employer, and any applicable regulator, of a data breach, where we are legally required to do so.

Will my data be used for direct marketing?

No.  Tangoe will not use the data you provide for the delivery of services for direct marketing or sales purposes. 

If you have given Tangoe your data during the sales process, via our website or a marketing event, use of that data is covered in Tangoe’s Sales & Marketing Privacy Notice. 

The primary contacts for our clients’ relationships will be sent information pertaining to the services and may be invited to join us at special educational or service events such as Tangoe Live.

What are your rights?

Data protection legislation gives individuals rights.  To find out more about your rights please click here for more guidance on data protection rights or contact your organization’s data protection team.

Changes to this Privacy Notice?

Tangoe keep this Privacy Notice under regular review to make sure it is up to date and accurate, and so we may change this Privacy Notice from time to time.  However, we will not reduce your rights under this Privacy Notice. Updated Privacy Notice’s will be displayed on the Tangoe system and website; the ‘last version date’ tells you when we last updated it.

How to contact Tangoe?

Tangoe US, Inc. together with its’ global affiliated companies (“Tangoe”) is a leading global provider of Technology Expense Management (TEM) and Managed Mobility Services (MMS) solutions to a wide range of global enterprises.  Tangoe helps companies work smarter to drive both bottom-line improvements and top-line growth.  Our head office is 169 Lackawanna Avenue, Parsippany, NJ 07054, USA.  You can find out more about Tangoe, what we do and our organization at www.tangoe.com .

If you have any questions or concerns Tangoe welcomes the opportunity to discuss and help resolve these.  Our Data Protection Team can be contacted on dataprotection@tangoe.com or by post at: Data Protection at Tangoe, 10 Park Square, Milton Park, Abingdon, Oxfordshire OX14 4RR, United Kingdom

In some countries, if you feel that Tangoe has not been able to resolve your data related concern you are entitled to make a complaint to a Supervisory Authority, such as the UK’s Information Commissioner’s Office.

Copyright, Revistion & Ownership

© 2020 Tangoe US., Inc..All rights reserved

No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the prior written permission of Tangoe USA.

Revision History

Version: 2.4

Last Version Date: 01.07.20