RingCentral Video Privacy Notice

Service Attachment
Effective Date: January 25th, 2021

This RingCentral Glip Privacy Notice explains how and why we collect, use and share your personal data through your interaction with the RingCentral Glip Pro or RingCentral Glip Pro+ (collectively “RingCentral Glip” or “Glip”) service. This Notice also describes the data protection rights that may be available to you under applicable data protection law. Information about RingCentral’s collection and processing of personal information in connection with other RingCentral offerings (which are specifically designed for business or educational uses) is available here.
 
Please read this Notice (defined below) carefully.
 
We recommend that you read this Notice in full to ensure you are fully informed.  However, if you only want to access a particular section of this Notice, then you can click on the relevant link below to jump to that section.
QUICK LINKS
 
Key Definitions
 
Account holder” refers to a person with an active RingCentral Video account that enables the person to host meetings and invite others to participate in those meetings.

CCPA” refers to the California Consumer Privacy Act of 2018, a data protection law.

GDPR” refers to the European Union’s General Data Protection Regulation, a data protection law.

“Notice” refers to this RingCentral Video Privacy Notice.

“Personal information” and “personal data” refer to any information or data that identifies or can be identified as pertaining to you or others in your household who share an account or device with you.

“Process” or “processing” refers to anything one might do with data including, without limitation, collection, use, storage, modification, disclosure, or deletion.

“RingCentral”, “we”, “us” and/or “our” refers to RingCentral, Inc. and any of our corporate affiliates. A list of our current corporate affiliates covered by this Notice is available here: https://www.sec.gov/Archives/edgar/data/1384905/000138490520000008/rng-20191231xex211.htm.

“Service” refers to the RingCentral Video service and any associated websites and apps.

A “user” is anyone who uses or accesses the Service, including both account holders and non-account holders.

“You” and “your” refer to individuals using or otherwise interacting with the Service.
Who is responsible for the processing of your personal data?  
 
For users located in the United Kingdom, the Netherlands or Ireland: RingCentral UK Limited, 25 Canada Square, Level 37, London, E14 5LQ, United Kingdom, registered number 06737634 is the controller for the processing of your personal data as described in this Notice.
 
For users located elsewhere in the EU/EEA: RingCentral France SAS, 34 boulevard des Italiens, 75009 Paris, France, registered with the Trade and Companies Register of Paris under number 850 332 149, is the controller for the processing of your personal data as described in this Notice.
 
For U.S. customers and users located in other countries than the countries identified above: RingCentral, Inc., 1209 Orange Street, Wilmington, DE 19801, United States of America, processes your personal information as described in this Notice.

How We Gather Personal Information
 
We may collect personal information from or about you in a variety of ways.
  • We collect your personal information when you actively provide it to us.  For example, users directly give us personal information when signing up for a RingCentral Video account, communicating with RingCentral, responding to surveys, participating in events or promotions, or modifying an account profile. 
  • We may also collect personal information about you when another user actively provides it to us.  For example, if an account holder invites you to a RingCentral Video meeting using the RingCentral Video platform, RingCentral would collect your email address.
  • We may automatically collect personal information from you as you use the RingCentral Video service, including by participating in meetings.
  • You or another user may use the RingCentral Video service to upload, provide, create, or store content (including recordings of conversations), and this “user content” may contain or be associated with your personal information or personal information pertaining to others. As described in more detail below, RingCentral only processes user content as reasonably necessary to provide our services or as required by law.
  • We may receive personal information about you from a business or commercial partner.  For example, we may receive personal information from third-party service providers that you have linked to your use of our service (including social media accounts, single-sign-on services, and scheduling applications), publicly available sources, data enrichment vendors, payment and delivery service vendors, advertising networks, analytics providers, and our business partners.
Categories of Personal Information We Collect and Use
 
We collect the following categories of personal data from or about you in connection with the Service.
RingCentral processes this data to
Category of Data
Examples
For EU/EEA and UK only: Legal basis under GDPR
Provide the Service and communicate with you about the Service when you are our contracting party as an end user who has contracted with us to use the Service
Personal identifiers and contact information
Information that is necessary to establish the connection to and use of non-RingCentral services through integrations or otherwise
Country information
User content, including any information users upload, provide, or create while using the Service or other RingCentral offerings, including recordings.
*Note that RingCentral does not ask users to include sensitive data or special categories of personal data into their content. As a user, you control the content that you provide.
Service Usage Data
Name, username, email address, phone number, IP address, and any other identifiers a user provides when accessing or using the service
Account holders’ usernames and account numbers
Billing name and address for paid services
Social media account information, single-sign-on service tokens, Google/Apple/Microsoft sign in tokens
Your IP address, including information about the country where you are located when requesting the Service
Cloud recordings, transcriptions, chat/instant messages, files, whiteboards, and other information shared while using the Service
IP address, MAC address, other device ID (UDID), device type, operating system type and version, client version, type of camera, device configuration, microphone or speakers, connection type
Traffic data about the communications that take place through our platform, meeting quality data, network monitoring data
Call detail records, such as phone number and duration of call
Fraud data such as blacklist history and security logs
Metadata such as session logs and join & leave time of participants
Log data including Internet Protocol ("IP") address, Internet Service Provider ("ISP"), browser type, referring/exit pages, operating system, date/time stamp, and/or clickstream data
Contract performance (Article 6(1)(b) GDPR)
Respond to requests (such as, for example, for support, troubleshooting when you write us an email or contact us by other means)
Personal identifiers and contact information
Country information
User content, including any information users upload, provide, grant access to or otherwise implement into their request. *Note that users control the content that they provide, and it may include any category of personal information.
Technical data, log data, and service usage data
Payment information
Name, username, email address, phone number, IP address, and any other identifiers a user provides when accessing or using the service
Account holders’ usernames and account numbers
Billing name and address for paid services
Your IP address, including information about the country where you are located when requesting the Service
Files, any content of communication or other information you share with us as part of your request
IP address, MAC address, other device ID (UDID), device type, operating system type and version, client version, type of camera, device configuration, microphone or speakers, connection type
User feedback ratings, internal feature usage analytics, usage logs
Traffic data about the communications that take place through our platform, meeting quality data, network monitoring data
Call detail records, such as phone number and duration of call
Fraud data such as blacklist history and security logs
Metadata such as session logs and join & leave time of participants
Log data including Internet Protocol ("IP") address, Internet Service Provider ("ISP"), browser type, referring/exit pages, operating system, date/time stamp, and/or clickstream data
Billing name, address, and credit card or other payment information 
Taking steps at the request of the sender, if related to a contract (Article 6(1)(b) GDPR), otherwise our legitimate interest to respond to requests (Article 6(1)(f) GDPR)
Market RingCentral products and services to account holders and/or other potential users
Personal identifiers and contact information
Country information
Name, username, email address, phone number, IP address, and any other identifiers a user provides when accessing or using the service
Account holders’ usernames and account numbers
Your IP address, including information about the country where you are located when requesting the Service
Our legitimate interest (Article 6(1)(f) GDPR) in marketing our products and services if you are an existing account holder, or your consent (Article 6(1)(a) GDPR) if you are a potential user
Consent (Article 6(1)(a) GDPR)
Bill account holders who subscribe to paid offerings
Payment information
Billing name, address, and credit card or other payment information
Contract performance (Article 6(1)(b) GDPR)
Improve the Service, optimize your experience using the Services, conduct analytics to improve performance
Service Usage Data
IP address, MAC address, other device ID (UDID), device type, operating system type and version, client version, type of camera, device configuration, microphone or speakers, connection type
User feedback ratings, internal feature usage analytics, usage logs
Traffic data about the communications that take place through our platform, meeting quality data, network monitoring data
Call detail records, such as phone number and duration of call
Metadata such as session logs and join & leave time of participants
Log data including Internet Protocol ("IP ") address, Internet Service Provider ("ISP"), browser type, referring/exit pages, operating system, date/time stamp, and/or clickstream data
Feature usage data such as what features you use and how you use them
Our legitimate interest in making the Service more enjoyable for our users and improving performance (Article 6(1)(f) GDPR)
Evaluate the success of our marketing campaigns
Personal identifiers and contact information
Service Usage Data
IP address, MAC address, other device ID (UDID), device type, operating system type and version, client version, type of camera, device configuration, microphone or speakers, connection type
User feedback ratings, internal feature usage analytics, usage logs
Traffic data about the communications that take place through our platform, meeting quality data, network monitoring data
Call detail records, such as phone number and duration of call
Fraud data such as blacklist history and security logs
Metadata such as session logs and join & leave time of participants
Log data including Internet Protocol ("IP ") address, Internet Service Provider ("ISP"), browser type, referring/exit pages, operating system, date/time stamp, and/or clickstream data
Feature usage data such as what features you use and how you use them
Our legitimate interest in improving the Service and evaluating our marketing campaigns (Article 6(1)(f) GDPR)
Serve you tailored advertising
Personal identifiers and contact information
Country information
Service Usage Data
Name, username, email address, phone number, IP address, and any other identifiers a user provides when accessing or using the service
Account holders’ usernames and account numbers
Information about where you are located when using the Service
IP address, MAC address, other device ID (UDID), device type, operating system type and version, client version, type of camera, device configuration, microphone or speakers, connection type
User feedback ratings, internal feature usage analytics, usage logs
Call detail records, such as phone number and duration of call
Log data including Internet Protocol ("IP ") address, Internet Service Provider ("ISP"), browser type, referring/exit pages, operating system, date/time stamp, and/or clickstream data
Feature usage data such as what features you use and how you use them 
Consent (Article 6(1)(a) GDPR)
Comply with privacy and other laws – including cooperating with law enforcement bodies
Personal identifiers and contact information
Information about use of non-RingCentral services through integrations or otherwise
Country information
User content, including any information users upload, provide, or create while using the RingCentral Video service or other RingCentral offerings, including recordings.
Service Usage Data
Payment information
Name, username, email address, phone number, IP address, and any other identifiers a user provides when accessing or using the service
Account holders’ usernames and account numbers
Billing name and address for paid services
Social media account information, single-sign-on service tokens, Google/Apple/Microsoft sign in tokens
Information about where you are located when using the Service
Cloud recordings, transcriptions, chat/instant messages, files, whiteboards, and other information you share with us while using the Service
IP address, MAC address, other device ID (UDID), device type, operating system type and version, client version, type of camera, device configuration, microphone or speakers, connection type
User feedback ratings, internal feature usage analytics, usage logs
Traffic data about the communications that take place through our platform, meeting quality data, network monitoring data
Call detail records, such as phone number and duration of call
Fraud data such as blacklist history and security logs
Metadata such as session logs and join & leave time of participants
Log data including Internet Protocol ("IP ") address, Internet Service Provider ("ISP"), browser type, referring/exit pages, operating system, date/time stamp, and/or clickstream data
Feature usage data such as what features you use and how you use them
Billing name, address, and credit card or other payment information
Compliance with a legal obligation to which we are subject (Article 6(1)(c) GDPR)
Ensure IT security, business continuity – for example, monitor performance of our data centers and networks
Service Usage Data
IP address, MAC address, other device ID (UDID), device type, operating system type and version, client version, type of camera, device configuration, microphone or speakers, connection type
Traffic data about the communications that take place through our platform, meeting quality data, network monitoring data
Call detail records, such as phone number and duration of call
Fraud data such as blacklist history and security logs
Metadata such as session logs and join & leave time of participants
Log data including Internet Protocol ("IP ") address, Internet Service Provider ("ISP"), browser type, referring/exit pages, operating system, date/time stamp, and/or clickstream data
Our legitimate interest in ensuring IT security (Article 6(1)(f) GDPR)

Recordings: An account holder hosting a meeting may choose to record the session, and if so, the host is responsible for obtaining any required consent from you. RingCentral helps hosts obtain consent from other users by providing visual and audio cues to alert users of a recording.

As with all user content, recordings may contain personal data and may be stored with RingCentral at the request of the meeting host. A meeting host may choose to store a recording of a meeting on the host’s local storage device, not with RingCentral. When a host chooses to do that, RingCentral does not have any control over the recording. Transcripts, which may also contain personal data, are treated the same way as recordings.

RingCentral does not monitor, access or use the recordings or transcripts that a meeting host or customer may choose to store with RingCentral, unless they request us to, for example, to provide technical support and where allowed by law.

Information we collect from third parties:

In specific cases, we collect the names, e-mail addresses, postal addresses and city of residence of individuals from third parties to market our products / services to these individuals. We only collect this information where we have checked that these third parties either have your consent or these third parties are otherwise legally permitted or required to disclose your personal information to us for these purposes. – If you are an EEA/UK data subject, please note: In most cases, you will be provided with more details about how we process your personal information in these situations by the relevant third party. In other cases, we will inform you about how we process your personal information in our first communication to you or within a reasonable time period after obtaining your personal information, if we do not immediately reach out to you.

For our account holders and end users, we may collect personal information about you (Personal identifiers and contact information) from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have based on your consent. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you.

We and our third-party marketing service providers may also use the information customers send to us for our marketing purposes, if this is in accordance with your marketing preferences and applicable law. However, you may opt out of our marketing. For further information, see the "Unsubscribe from our mailing List" section below. – If you are an EEA/UK data subject, please note that this processing is based on our legitimate interest in direct marketing to our existing customers.

Lawful basis for processing personal information (EEA and UK only):

When we collect information from you in connection with offering our Services within the European Economic Area (EEA) or the United Kingdom (UK), our lawful basis for collecting and using the information described above will depend on the information concerned and the specific context in which we collect it.

We will normally collect information from you only where we need the information to perform a contract with you (i.e. to provide the Services), or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect the information in question or we may process your personal information where we have your consent to do so.

If we ask you to provide information to comply with a legal requirement or enter into a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). For example, if you use our Services, the information we collect is set out in our Terms of Use.

To learn more about the specific legal grounds on which we rely for the processing of your personal information in certain use cases, please see the table above (Categories of Personal Information We Collect and Use).

If you have questions about or need further information concerning the lawful basis on which we collect and use your information, please contact us using the contact details provided under the "Contact Us" section below.

Cookies and other tracking technologies

The RingCentral websites also use a technology called “cookies” and similar technologies to collect certain information. A cookie is a piece of computer code that is assigned to your internet browser and stored on your machine when you access our Websites. Our cookies help provide additional functionality to the websites, track the traffic patterns for our websites, and study how our users use and interact with the Services via the internet. For instance, our websites may set a cookie that allows you to access the websites without needing to remember and then enter a password more than once during a visit to the website. Please refer to your web browser’s instruction guide or help section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. If you refuse cookies, some of our Website functions cannot be used. Further information on our use of cookies on the RingCentral websites can be found in our Cookie Policy.

Cookies in the Service
We also use cookies in the Service. As part of our Service, we provide our users with tooltips. Specifically, this includes the technologies and processing operations explained in the table below.

For data subjects within the European Union/European Economic Area:

The legal basis for the processing is Article 6(1)(b) GDPR – the performance of our contract with you.
Technology used
Processing purposes
Processed personal data
Retention period
Technology service provider
Pendo – cookie-based tool
Help you identify new features or existing features within the Service, suggest you respective tooltips and guide you through the Service in the scope and manner set out by our terms of use.
User ID and traits (email address, name, created time, account ID, extension ID, account type, brand, company, device, etc.)
[100 days]
Pendo.io, Inc.

SDK in the Service

A software development kit (“SDK”) is a software package we use in our Service. Typically, SDKs contain an application programming interface (so-called API) which is a piece of computer code that helps us to perform specific programming tasks in our Service or other tasks such as to build or run our Service. The personal data that is processed through these SDKs is either processed by us or by our service providers, such as SDK developers and providers. We have carefully selected these service providers and concluded data processing agreements with them. Specifically, your personal data is processed through SDKs as follows:

1.    Provide you with the Service 

We process your personal data through certain SDKs to provide you with the Service. Specifically, this includes the technologies and processing operations explained in the table below.

For data subjects within the European Union/European Economic Area:

a. The legal basis for the processing is Article 6(1)(b) GDPR – the performance of our contract with you.
b. We process this data as long as necessary for the fulfilment of mutual obligations in connection with our contract for your use of the Service. In addition, we retain your personal data only for the assertion of or defense against legal claims or as required by statutory retention obligations.

Technology used
Processing purposes
Processed personal data
Technology service provider
FileStack SDK
Diagnose the issues reported by the customers in order to provide you with a functioning Service free of errors in the scope and manner set out by our terms of service.
Application logs and diagnostic data, Operating System, username, local IP, email address, version, company name.
Filestack, Inc.
Sentry IO SDK
Track errors in order to provide you with a functioning Service free of errors in the scope and manner set out by our terms of service.
Email address, username,  IP, location
Functional Software, Inc.
AppDynamics SDK
Monitor crashing in order to provide you with a functioning Service free of errors in the scope and manner set out by our terms of service.
App info, device info, carrier IP, locale, network info, timezone, user key (such as RC-62433873031), user sessions (launch app, enter screens, click buttons, etc.), Crash reportNetwork request stats (URL, performance times, content length, errors, etc.).
AppDynamics LLC
Google STUN server SDK
Build the media connection for Voice-over-IP calls; a STUN server helps you to find out your public address which is required to build the media connection in the scope and manner set out by our terms of service.
WebRTC STUN request (client IP information).
Google LLC
PubNub SDK
Inform you with real-time alerts, such as pop-up notifications about items you received in the scope and manner set out by our terms of service, for example: “User XYZ sent you a file.”
Notification events, RingCentral Video meeting status, participant’s status, in meeting status for supporting Switch over.
PubNub Inc.
LaunchDarkly SDK
Automatically load and provide you with new or alternative features in our Service in the scope and manner set out by our terms of service.
User ID (such as RC-62433873031), company ID; feature toggles/flags.
Catamorphic, Co.
WalkMe SDK
Help you to identify new features or existing features within the Service and suggest you respective tooltips in the scope and manner set out by our terms of service.
User ID and traits (email address, name, created time, account ID, extension ID, account type, brand, company, device, etc.).
WalkMe Inc
Segment SDK
Collect and process data for other features that are part of our Service.
Segment is the pipeline for collecting data for connected services or functions that are based on the SDK technology.
App info, device info, carrier IP, locale, network info, timezone, user ID and traits (email address, name, created time, account ID, extension ID, account type, brand,company, device, etc.), user actions (launch app, enter screens, click buttons, receiving notifications, etc.), as necessary for the relevant data-receiving SDK technology.
Segment.io, Inc

2.    Improve the Service

We process your personal data through certain SDKs to learn how you engage with the Service, analyze the usability of the Service, measure the audience reach of certain features and obtain statistical information in order to improve the Service.

Specifically, this includes the technologies and processing operations explained in the table below.

For data subjects within the European Union/European Economic Area:

a. The legal basis for the processing is Article 6(1)(f) GDPR – our legitimate interest in improving our Service. Your interests are not overridden since the processing ultimately honors your interest in a user-friendly solution that serves your needs as a user of our Service.
b. We store this data as long as necessary for the processing purposes indicated below. In addition, we retain your personal data only for the assertion of or defense against legal claims or as required by statutory retention obligations.
c. You have the statutory right to object against such processing on grounds relating to your particular situation, at any time to the processing of your personal data which is based on our legitimate interest. If you execute this right as explained in detail under the Your Privacy Rights section below, we will no longer process your personal data for the relevant purpose, unless we have compelling legal grounds for the processing which override your interests, rights and freedoms or if necessary for the establishment, exercise or defense of legal claims. Please note that, for technical reasons, the SDKs that we use in our legitimate interest form an integral part of the Service. If you do not wish your personal data to be processed by the SDKs that we use in our legitimate interest, please do not use the Service.

Technology used
Processing purposes
Processed personal data
Technology service provider
Firebase Analytics SDK
Track feature usage and monitor app performance, for example, how long to launch the app, how long for search to be performed in order to improve the Service.
App info, device info, carrier IP, locale, network info, timezone, user ID and traits (email address, name, created time, account ID, extension ID, account type, brand, company, device, etc.), user actions (launch app, enter screens, click buttons, receiving notifications, etc.).
Google LLC
Mixpanel SDK
Track feature usage, for example, track number of meetings, how many users are on, version used, app used, preference, in order to improve the Service
App info, device info, carrier IP, locale, network info, timezone, user ID and traits (email address, name, created time, account ID, extension ID, account type, brand, company, device, etc.), user actions (launch app,  enter screens, click buttons, receiving notifications, etc.).
Mixpanel, Inc
AppsFlyer SDK
Track feature usage and track the effectiveness of our marketing campaigns, for example, attribute downloads and generate diagrams in order to improve the Service on the basis of aggregated statistics.
App info, device info, carrier IP, locale, network info, timezone, user ID and traits (email address, name, created time, account ID, extension ID, account type, brand, company, device, etc.), user actions (launch app, enter screens, click buttons, receiving notifications, etc.).
AppsFlyer Inc
Segment SDK
Collect and process data for other features that we use in our legitimate interest.
Segment is the pipeline for collecting data for connected services or functions that are based on the SDK technology.
App info, device info, carrier IP, locale, network info, timezone, user ID and traits (email address, name, created time, account ID, extension ID, account type, brand, company, device, etc.), user actions (launch app, enter screens, click buttons, receiving notifications, etc.), as necessary for the relevant data-receiving SDK technology.
Segment.io, Inc

Sharing and Disclosure of Information to Third Parties
 
We will not rent or sell personal information about you. If we share your personal information in context of specific processing activities to third parties, we have described this accordingly in the respective point of this Notice. In addition, we share your personal information in general as follows:

Processors
All personal information as identified in the "Categories of Personal Information We Collect and Use" section is either processed by us or by our service providers. This includes RingCentral’s worldwide corporate affiliates. A list of our current corporate affiliates is available here https://www.sec.gov/Archives/edgar/data/1384905/000138490520000008/rng-20191231xex211.htm

This also includes external service providers, which we have carefully selected, such as:

  • Business partners, resellers, contractors, vendors, and authorized third party agents, to:
    • Operate, deliver, improve and customize our Services
    • Provide support and technical services;
    • Send marketing and other operational communications related to our Services;
    • Enforce our acceptable use policy;
    • Conduct analytics in order to better the user experience and improve our Services
    • Provide offers and advertisements to account holders based on their interests and interactions with us.
  • Any third parties as part of or in connection with an actual or prospective corporate business transaction, such as a sale, merger, acquisition, joint venture, financing, corporate change, reorganization or insolvency, bankruptcy or receivership.
Third parties
We share your personal information also with other controllers that process this data for their own purposes.

  • Law enforcement agencies, regulatory or governmental bodies, or other third parties. This is based on the necessity to comply with any legal obligation to which we are subject; or on our legitimate interests to protect or defend our rights, interests or property or that of third parties; in order to respond to legal process, or prevent or investigate wrongdoing in connection with the Services;
  • Other third parties with your consent.
Your Privacy Rights
 
Update and Access to your Information:
  
Where we process information collected via our Services for our own account management, billing or marketing purposes and where required by applicable law, we provide individuals with the opportunity to access, review, modify, and delete certain  such information that we process.

Data Subject Rights as Protected by GDPR or CCPA
 
If you are located in the EEA/UK or if you are a California resident, there are certain requests you can make related to personal data about you:
  • Access: You can request more information about the personal data we hold about you. You can request a copy of your personal data.
  • Rectification: If you believe that any personal data we are holding about you is incorrect or incomplete, you can request that we correct or supplement the data. If you are an account holder you can correct some of this information directly by logging into your account. Please contact us as soon as possible if you notice any inaccuracy or incompleteness.
  • Objection: You can let us know that you object to the collection or use of your personal data for certain purposes.
  • Erasure: You can request that we erase some or all of your personal data from our systems. You can also delete some of this information directly by logging into your Service account, if you are an account holder.
  • Restriction of Processing: You can ask us to restrict further processing of your personal data.  (This just means you can ask us to stop using it for what we have been using it for.) This may mean that we have to delete your account.
  • Portability: You can ask for a copy of your personal data in a machine-readable format. You can also request that we transmit the data to someone else where it’s technically possible.
  • Withdrawal of Consent: If you have consented to our use of personal data for a specific purpose, you have the right to change your mind at any time. Any such decision will not affect any processing that has already occurred nor will it affect processing of your personal information conducted in reliance of lawful processing grounds other than consent. Withdrawing your consent may mean your access to the Services will be limited or suspended, and your accounts may be terminated, as applicable. Where you withdraw your consent, but we are using your information because we or a third party have a legitimate interest in doing so, or we have different legal basis for using your information (for example, fulfilling a contract with you), we may continue to process your information, subject to your rights to access and control your information.
  • Right to File Complaint: You have the right to lodge a complaint about RingCentral’s practices with respect to your personal data with the supervisory authority of an EU Member State or the California Attorney General.
As a data subject located in the EEA, you can find further information on your rights and the relevant requirements on the EU Commission’s website at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens.

Sometimes we will not be able to fulfill your request. So, examples of when we will not be able to fulfill your request include: if it prevents us from complying with our regulatory obligations or impacts other legal matters, if we cannot verify your identity, or if it requires extraordinary cost or effort. If any of these arise, we will tell you and give you an explanation
 
To make a request, please submit a ticket through our online portal, or contact our Privacy Team at [email protected]
 
Additional Privacy Rights as a California Resident
 
If you are a California resident, you may have the right to receive a free, yearly accounting of:
  • Information identifying each third-party company to whom we may have disclosed, within the past year, personal information pertaining to you for our own direct marketing purposes; and
  • A description of the categories of personal information disclosed.
You may have the right to know more about personal information that we have collected, disclosed, or sold, including:
  • The categories of personal information that we have collected or shared about you in the preceding 12 months,
  • The categories of sources from which we have collected that information in the preceding 12 months
  • The commercial or business reason(s) we have collected or shared that information,
  • The categories of third parties with whom we have shared or to whom we have sold that information in the preceding 12 months, and
  • Pursuant to a verifiable request, the specific pieces of information that we have collected about you.
Depending on the nature of your request, we may need additional information to verify your identity.
 
To make a request, please submit a ticket through our online portal, or contact our Privacy Team at [email protected]

Unsubscribe from our mailing list

We give you the choice of receiving a variety of information related to our Apps and Services. You can manage your communication preferences through the following methods:
These choices do not apply to service notifications or other required communications that are considered part of certain Apps/Services, which you may receive periodically unless you stop using or cancel the App/Service in accordance with its terms and conditions.

NO AUTOMATED DECISION MAKING

We do not use any decision making based solely on automated processing, including profiling, within the meaning of Article 22 GDPR.

Third Party Sites
 
This Notice does not apply to, nor are we responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Services link, including but not limited to social media sites. The inclusion of a link on the Services does not imply our endorsement of the linked site or service. You should check the privacy notices of those sites before providing your personal information to them.

Blogs and Forums
 
Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas is public and may be read, collected, and used by others who access them and may remain on the public forum indefinitely. To request removal of your personal information from our blog or community forum, you can submit a request through our online portal. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. We encourage all Users to exercise caution when providing personal information in blogs and community forums.

Security
 
Keeping your information secure is important to us. Like all businesses, we cannot guarantee the security of the personal information we collect and process in connection with our Websites, Apps and Services. We have, however, taken certain steps designed to reduce the risk that your personal information will be subject to loss, misuse, unauthorized access, disclosure, alteration or destruction. RingCentral has no control over or responsibility for the security or privacy policies or practices of other sites on the Internet you might visit, interact with, or from which you might buy products or services, even if you visit them using links from our Website.

Data Retention
 
We will retain your personal information for no longer than is necessary to fulfill the purposes for which the information was originally collected unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other legitimate and lawful business purposes.

Where we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it.

International Data Transfers
 
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. Specifically, information collected outside the United States, including in the European Economic Area ("EEA") and the UK, may be transferred to and stored on our servers in the United States, Switzerland, and Netherlands, and potentially in other countries where our group companies and third-party service providers and partners operate. These countries may have data protection laws that are different to the laws in your country (and in some cases, may not be as protective).

For all transfers of personal data from the EU, the UK, and Switzerland, we have taken appropriate safeguards, including adherence to the European Commission approved Standard Contractual Clauses and further supplementary contractual, technical and organizational measures, to ensure that your personal information will remain protected in accordance with this Notice and applicable laws.

RingCentral also continues to comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, the UK, and Switzerland, including the onward transfer liability provisions. RingCentral has self-certified to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. With respect to personal data received or transferred pursuant to these Privacy Shield Frameworks, RingCentral is subject to the regulatory enforcement powers of the US Federal Trade Commission. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Children’s Privacy

You must be at least 16 years old to use the RingCentral Video service. RingCentral does not knowingly provide products or services directly to children under the age of 16, or knowingly collect or solicit personal information from or about children under the age of 16, unless as part of the Covid K-12 program. If you believe that a child under the age of 16 has disclosed personal information to RingCentral outside of the Covid K-12 program, please contact [email protected].

Updates to the Notice

We may update this Notice from time to time in response to changing legal, technical, or business developments. If we make nonmaterial changes to our Notice, we will post those changes on this page in addition to updating the "Last Updated" or effective date at the top of this webpage. If we make material changes, we will notify you more directly, for example by emailing you prior to such material changes taking effect. We encourage you to review this Notice regularly to stay informed of the latest modifications.

Contact Us
 
If you have any questions, comments or concerns about this Notice, please e-mail our data protection officer at [email protected]. Or, you can write to us at:
 
RingCentral, Inc.
Attn: RingCentral Privacy Team
20 Davis Drive,
Belmont, California 94002