First Orion UK Limited (company number 09929064) of 11th Floor Lewins Mead, Whitefriars, Bristol, BS1 2NT (“First Orion”, or “we”, or “our” or “us”), is a business dedicated to using technology and data to give consumers tools to recognise and manage calls they receive. Your privacy is a priority for us, and we are committed to safeguarding it.
For the General Data Protection Regulation 2018 First Orion is the data controller.
Our App includes features to register for the Telephone Preference Service (“TPS”), provide information about unknown callers, send unwanted callers to voice mail, automatically send known scammers to voice mail, perform telephone number lookups about complaint activity, and make complaints about nuisance and illegal calls to the relevant authorities via the TPS.
What information we collect and how we may use it
First Orion is committed to helping consumers avoid nuisance and illegal call activity. To do this, we collect anonymised data about your calls, and use that in a crowd powered data engine to identify such activity.
We also provide you with the ability to report nuisance and illegal calls to the relevant regulators via the TPS, supporting enforcement activity. You will be able to register for the TPS, as you will not be able to file complaints to the TPS unless you meet the registration requirements of the TPS. The TPS may requires your telephone number, your email address, and your postcode. This data is shared with the TPS securely.
The personal data First Orion collects is relevant to your interaction with us when you use the App. This information includes the telephone number, the dates, times and durations of calls made to your phone so the various features you have chosen, such as sending calls to voicemail, can be provided. We also collect information as to whether the caller was in your contact list, but WE DO NOT take contact information from your device. All information is used to improve the functionality of our App. All of your personal data is stored in an anonymised and aggregated form with other user’s data, meaning that your data cannot be traced back to you.
If you voluntarily choose to provide complaint information which may include personal information, this information may be provided to the TPS, Information Commissioner’s Officer (“ICO”), Ofcom and ActionFraud to aid in their enforcement activities. We may also use anonymised complaint information to better understand trends and improve the functionality of our App.
To enable support activity, we may request personal data as part of this process, such as your name, phone number, email address, and information relating to the inquiry or support issue to allow us to respond effectively.
Our Legal Basis for Processing
The below table shows a list of processes as part of the TPS Protect service and the legal basis and type of data used in the process.
|Description of Processing Purpose||Legal Basis||Type of Data|
|TPS Protect allows users to easily register for the TPS. Your registration information is then passed to the TPS.||· Contract
· Legitimate Interest
|· Information provided for TPS registration.|
|TPS Protect allows users to file a complaint on a nuisance call. This may be passed to a relevant regulatory authority (TPS, ICO).||· Contract
· Legitimate Interest
|· Information provided through complaints|
|To identify and assign a Trust Score and category to a potential offender number. Use of app features such as Block List/Approved List.||· Legitimate Interests||· Information provided through complaints.
· Anonymised and aggregated call information including telephone numbers, call duration, date & time.
· Whether a number is on your contacts (Note: we do not use your contact list).
|To assist you in any support & troubleshooting activities.||· Legitimate Interests||· Any information provided by you during support & troubleshooting activities.|
When we disclose your information
To help regulators or agencies such as the ICO, Ofcom and ActionFraud in their enforcement activities, your personal data may be shared with them, and they are responsible to safeguard it. Complaint data provided through TPS Protect is processed securely to the TPS via MIQ Solutions. Registration data provided through TPS Protect is processed securely to the TPS via Acxiom.
At times, we may be required by law to disclose your personal data. We may also disclose information about you if we determine that for national security, law enforcement, or other issues of public importance, disclosure is necessary. If First Orion is involved in a business transaction, such as a merger, acquisition or sale of all or a portion of its assets, your personal data will likely be among the business assets transferred. You will be notified via prominent notice on our Website, and within the App, of such change in ownership as well as any choices you may have regarding your personal information.
Where we store your personal data
All information you provide to us is stored on our secure servers. These are hosted in Amazon Web Services (AWS) in Ireland. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website or our App, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our App and/or our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long do we hold your data for?
The limited personal information you voluntarily provide for TPS registration within TPS Protect is shared with the TPS. First Orion holds this limited personal information provided for your TPS registration information for 48 hours, provided subject to satisfactory processing by the TPS via Acxiom.
The personal information for complaints is stored for three months on our secure servers to assist us in identifying nuisance and fraudulent calls and may support the TPS, ICO, Ofcom and ActionFraud in their enforcement activities.
Any personal information provided in tickets during support activity process is retained for three months, and then deleted.
How we protect your personal information
First Orion takes precautions — including administrative, technical, and physical measures — to safeguard your personal data against loss, theft, and misuse, as well as unauthorised access, disclosure, alteration, and destruction.
We do not knowingly collect personal information from children. We will delete the information as soon as possible after we become aware that we have that information.
Cookies and other technologies
The following table shows the cookies we use.
If you prefer not to enable cookies, certain features of our Website may not be available once cookies are disabled.
First Orion may gather certain information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.
We use this information, which does not identify individual users, to analyse trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base.
In addition, we may use pixel tags — tiny graphic images — to tell us what parts of our Website users have visited or to measure the effectiveness of searches Website users perform on our site.
Pixel tags also enable us to send email messages in a format Website users can read, and they tell us whether emails have been opened to ensure that we’re sending only messages that are of interest to our Website users.
You have the right to contact First Orion with inquiries or complaints. In addition to access and choice rights provided to you in TPS Protect, you have the right to learn whether First Orion has personal data about you, and to correct, amend or delete that personal information when it is inaccurate subject to other limitations as defined by law. To exercise these rights, you may contact First Orion UK by email at firstname.lastname@example.org or by mail at the address below. First Orion may ask for verification of your identification and seeks to comply in thirty days.
First Orion complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. First Orion has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. To view First Orion’s certification, please visit https://www.privacyshiled.gov. If you have an unresolved concern that First Orion has not addressed to your satisfaction, you may also submit a complaint to the U.S. Direct & Marketing Association (U.S. DMA) , First Orion’s independent third-party dispute resolution provider, at https://thedma.org/shield-complaint-form . First Orion’s Privacy Shield policy can be viewed at http://firstorion.com/privacy-shield-policy/ .
or writing to us at:
First Orion UK Limited.
Attention: Legal Team
3 Waterhouse Square, 138 Holborn, London EC1N 2S