PRIVACY POLICY
This privacy policy (“ Policy Policy ”) constitutes an annex to and integral part of the Corporate
Sales Agreement /Service Level Agreement / Service Order Form / Customer Service Order Form
(the “ Agreement ”) as executed between Wateen Telecom Limited (“ Wateen ”) of the one part and
______________(the “ Customer ”) of the other part;
This Privacy Policy describes Wateen’s policies and procedures on the collection, use and
disclosure of the Customer’s information when it uses the Services (defined hereinbelow).
Wateen uses the Customer’s personal data to provide and improve the Services.
By using the Services, the Customer agrees to the collection and use of information in accordance
with this Privacy Policy.
The legal basis for processing personal data is the consent granted at the start of the commercial,
or professional relationship and/or the conclusion of the contract that brings Wateen and the
Customer together.
1
The obligations and responsibilities set out in the Privacy Policy are in addition to any other
applicable policies or agreements entered into with Wateen and any applicable laws and / or
regulations.
1.
INTERPRETATION AND DEFINITIONS
1.1
Except as otherwise herein expressly provided, the following terms shall have the meanings
set forth below:
1.1.1 For the purposes of this Privacy Policy:
i)
Account means a unique account created for the Customer to access the Services or
parts of the Service.
ii)
Cookies are small files that are placed on the Customer’s computer, mobile device or
any other Device by a website, containing the details of your browsing history on that
website among its many uses.
iii)
Device means any Customer device that can access the Services such as a computer, a
cell phone or a digital tablet.
iv)
Personal Data means information associated with an individual or organization,
relating to its private, public and professional identification and as defined under Clause
2.1.1 hereunder.
v)
Service(s) refers to the provision of bandwidth connectivity, VPN, voice and data, and
TV media feed provided by Wateen to the Customer or any other services provided by
Wateen to the Customer.
vi)
Service Provider means any natural or legal person who processes the data on behalf
of Wateen. It refers to third-party companies or individuals employed by Wateen to
facilitate the Services, to provide the Services on behalf of Wateen, to perform ancillary
services related to the Service or to assist Wateen in analyzing how the Service is used.
vii)
Usage Data refers to data collected automatically, either generated by the use of the
Services or from the Service infrastructure itself (for example, the duration of a page
visit).
viii) Customer means a client accessing or using the Services, or any other legal entity on
behalf of which such party is accessing or using the Services, as applicable.
2
2.
COLLECTION AND USE OF PERSONAL DATA
2.1
Types of Data Collected
PERSONAL DATA
2.1.1 While using Wateen’s Services, Wateen may ask the Customer to provide Wateen with
certain personally identifiable information that can be used to contact or identify the
Customer. Personally identifiable information may include, but is not limited to:
i)
Email address
ii)
First name and last name
iii)
Phone number
iv)
Computerized National Identification Card Number (CNIC) number
v)
Biometric and geolocation metadata
vi)
Geolocation, Address, State, Province, ZIP/Postal code, City
vii)
Usage Data
(the “ Personal Data ”)
2.1.2 Wateen may also use the Personal Data to provide the Customer with the Services it has
ordered, including for purposes of billing and customer support. For voice services, Wateen
may transmit the phone number of and the physical location the Customer entered for its
Device to route and complete the call to the appropriate emergency call center.
2.1.3 Wateen may also access the phone numbers that the Customer dials in order to complete
and bill the Customer for calls, and Wateen will transmit that information to other carriers
or Service Providers as necessary to complete the Customer’s calls and comply with
applicable laws.
2.2
Usage Data
2.2.1 Usage Data is collected automatically when using the Services.
3
2.2.2 Usage Data may include information such as the Customer’s Device's Internet Protocol
address (e.g. IP address), browser type, browser version, the pages that the Customer visits,
the time and date of the Customer’s visit, the time spent on those pages, unique Device
identifiers and other diagnostic data.
2.2.3 When the Customer accesses the Services by or through a Device, Wateen may collect
certain information automatically, including, but not limited to, the type of Device the
Customer uses, the Customer’s Device unique ID, the IP address of the Customer’s Device,
Customer’s operating system, the type of Internet browser the Customer uses, unique
Device identifiers and other diagnostic data.
2.2.4 Wateen may also collect information that the Customer’s browser sends whenever the
Customer uses its Service or when the Customer accesses the Service by or through a
Device.
2.3
Tracking Technologies and Cookies
2.3.1 Wateen uses Cookies and similar tracking technologies to track the activity on its Service
and store certain information. Tracking technologies used are beacons, tags, and scripts to
collect and track information and to improve and analyze Wateen’s Services.
The technologies Wateen uses may include:
i)
Cookies or Browser Cookies. The Customer can instruct its browser to refuse all
Cookies or to indicate when a Cookie is being sent. However, if the Customer does not
accept Cookies, the Customer may not be able to use some parts of Wateen’s Services.
Unless the Customer has adjusted its browser setting so that it will refuse Cookies,
Wateen’s Services may use Cookies.
ii)
Web Beacons. Certain sections of Wateen’s Services and emails may contain small
electronic files known as web beacons (also referred to as clear gifs, pixel tags, and
single-pixel gifs) that for example permit, Wateen to count users who have visited those
pages or opened an email and for other related website statistics (for example, recording
the popularity of a certain section and verifying system and server integrity).
4
2.3.2 Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on the
Customer’s personal computer or Device when the Customer goes offline, while Session
Cookies are deleted as soon as the Customer closes its web browser.
3.
USE OF PERSONAL DATA
3.1.1 Wateen may use Personal Data for the following purposes:
i)
To provide and maintain its Services, such as monitoring the usage of its Services.
ii)
To manage the Customer’s Account, such as the Customer’s registration as a user of
the Services. The Personal Data the Customer provides to Wateen can give the
Customer access to different functionalities of the Services that are available to the
Customer as a registered user.
iii)
For the performance of a contract including the development, compliance and
execution of an agreement for the products, items or Services that the Customer may
have purchased from Wateen.
iv)
To contact the Customer through email, telephone calls, SMS, or other equivalent
forms of electronic communication, such as a mobile or Device’s application's push
notifications regarding updates or informative communications related to the
functionalities, products or Services, including the security updates, when necessary or
reasonable for their implementation.
v)
To provide the Customer with news, special offers and general information about
events and other additional services which Wateen offers that are similar to those that
the Customer has already purchased or enquired about unless the Customer has opted
not to receive such information.
vi)
To manage the Customer’s requests: To attend and manage the Customer’s requests to
Wateen.
vii)
For other purposes: Wateen may use the Customer’s information for other purposes,
such as data analysis, identifying usage trends, determining the effectiveness of our
promotional campaigns and to evaluate and improve its Services, products, marketing
and Customer experience.
3.1.2 Wateen may share the Customer’s Personal Data in the following situations:
i)
With Service Providers: Wateen may share the Customer’s Personal Data with other
Service Providers to monitor and analyze the use of Services and to contact the
Customer.
ii)
With Regulatory Bodies and Law Enforcement Agencies: Under certain circumstances
and subject to the Pakistan Telecommunication Authority (the “PTA” ),
5
the Federal Investigation Agency (the “ FIA ”) and Court orders, Wateen may be
required to disclose Personal Data of the Customer if required to do so by law or in
response to valid requests by public authorities (e.g. a court or a government agency).
iii)
With the Customer’s consent: Wateen may disclose the Customer’s Personal Data for
any other purpose with the Customer’s consent.
4.
RETENTION OF PERSONAL DATA
4.1 The period during which Personal Data is stored and preserved varies according to the
purpose for which the information is processed.
4.2 Wateen will retain the Customer’s Personal Data for only as long as is necessary for the
purposes set out in this Privacy Policy. Wateen will retain and use the Customer’s Personal
Data only to the extent necessary to comply with Wateen’s legal obligations (for example, if
Wateen is required to retain the Customer’s Personal Data to comply with applicable laws),
resolve disputes, and enforce Wateen’s legal agreements and policies.
4.3 Wateen will also retain Usage Data for internal analysis purposes. Usage Data is generally
retained for a shorter period of time, except when this data is used to strengthen the security
or to improve the functionality of Wateen’s Services, or Wateen is legally obligated to retain
this data for longer time periods.
5.
TRANSFER OF PERSONAL DATA
5.1 The Customer’s information, including Personal Data, is processed at Wateen's operating
offices and in any other places where the parties involved in the processing are located. It
means that this information may be transferred to — and maintained on — computers located
outside of Customer’s province, Pakistan or other governmental jurisdiction where the data
protection laws may differ than those from the Customer’s jurisdiction.
5.2 The Customer’s consent to this Privacy Policy followed by its’ submission of such
information represents the Customer’s agreement to that transfer.
6
5.3 Wateen will take all steps reasonably necessary to ensure that the Customer’s Personal Data
is treated securely and in accordance with this Privacy Policy and no transfer of the
Customer’s Personal Data will take place to an organization or a country unless there are
adequate controls in place including the security of the Customer’s Personal Data and other
personal information.
5.4 Accessing Services through VPN
5.4.1 The Customer shall not access or use the Services by means of any mechanism or
technology which conceals the Customer’s actual geo-location or provides incorrect details
of the Customer’s location (for example, use of a virtual private network (VPN) to access
TIL Services, proxy server).
5.4.2 Wateen shall not be responsible or liable for any collection, storage or processing of the
Customer’s Personal Data if the Customer uses any mechanism or technology to access or
use the Services which conceals the Customer’s actual geo-location.
6.
DELETION OF THE CUSTOMER’S PERSONAL DATA
6.1
The Customer has the right to delete or request that Wateen assist in deleting the Personal
Data which Wateen has collected about the Customer.
6.2
The Customer may also contact Wateen to request access to, correct, or delete any Personal
Data that the Customer has provided to Wateen. Please note, however, that Wateen may
retain certain information when it has a legal obligation or lawful basis to do so.
7.
DISCLOSURE OF PERSONAL DATA
7.1
Business Transactions
If Wateen is involved in a merger, acquisition or asset sale, the Customer’s Personal Data
may be transferred to a new business entity. Wateen will provide notice before the
Customer’s Personal Data is transferred and becomes subject to a different Privacy Policy.
7
7.2
Law enforcement
Under certain circumstances, Wateen may be required to disclose the Customer’s
Personal Data if required to do so by law or in response to valid requests by public
authorities (e.g. a court or a government agency).
7.3
Other legal requirements
Wateen may disclose the Customer’s Personal Data without notice in the good faith
belief that such action is necessary to:
i)
Comply with a legal obligation,
ii)
Protect and defend the rights or property of Wateen,
iii)
Prevent or investigate possible wrongdoing in connection with the Services,
iv)
Protect the personal safety of other users of the Services or the public,
v)
Protect against legal liability,
7.4
Security of Personal Data
7.4.1 When Wateen collects and stores information on Wateen systems as described in this
Privacy Policy, it applies reasonable and appropriate administrative, physical, and
technical safeguards to detect and prevent unauthorized access, disclosure, use, and loss of
Personal Data. These safeguards include the monitoring and audit of Wateen’s IT
infrastructure, encryption of files in transit and at rest, strong password policies, limiting
access of Personal Data to personnel with a legitimate business purpose, and where
applicable, data protection training for Wateen personnel.
7.4.2 However, when Customers choose to host Wateen’s products within their own networks,
Personal Data is wholly under the control of the Customer and subject to their individual
security practices.
7.4.3 In the event that Wateen discovers or reasonably suspects that there has been unauthorized
access, disclosure, use, loss, or other processing of the Customer’s Personal Data or user
generated information (a “ Security Incident ”), Wateen will notify the Customer by email
address within a reasonable period of time.
8
7.4.4 The security of the Customer’s Personal Data is important to Wateen, but no method of
electronic storage is 100% secure. While Wateen’s safeguards offer a reasonable and
appropriate level of protection to information that Wateen processes, it does not warrant or
guarantee that data Wateen processes will never be affected by a Security Incident.
8.
CHANGES TO THIS PRIVACY POLICY
Wateen reserves the right to make readjustments or changes to this Privacy Policy at any
time.
9.
CONTACT US
In case of any questions pertaining to this Privacy Policy, please contact:
  • By email: info@wateen.com
    9