Last Update: February 17th, 2020

Introduction

This privacy policy (“Privacy Policy”) describes the collection of personal information by ExterNetworks, Inc., a New Jersey corporation (“Company,” “we,” “us”, or “our”) from users (“you”, “your”) of our website at www.externetworks.com, www.extnoc.com, (our “Site”, “Sites”) along with our related websites and services provided by us and on which a link to this Privacy Policy is displayed (collectively, our “Service” or “Services”). This Privacy Policy also describes our use and disclosure of such information. This Privacy Policy is incorporated by reference into our Terms and Conditions at https://www.externetworks.com/terms-conditions/.

This Privacy Policy also describes your rights as a data subject to inquire about your personal information that we process and describes certain rights that you, as the data subject, have regarding this information.

For the purposes of EU and United Kingdom data protection laws ("Data Protection Legislation"), ExterNetworks is a data controller (i.e., the company that is responsible for, and controls the processing of, your personal information).

Please read this Privacy Policy carefully to understand our practices regarding your personal information and how we will use it. By accepting this Privacy Policy and Terms and Conditions, you agree to our collection, storage, use and disclosure of your personal information as described in this Privacy Policy.

Contacting us

If you have any questions or comments about this Privacy Policy, please contact us using the following contact information:

ExterNetworks Inc.
20 Corporate Place South,
Piscataway, NJ 08854
Email: privacy@externetworks.com
Phone: (732) 624-1900

In the EU, please contact us using the following contact information:

ExterNetworks Ltd.
Suite 87, 105 London Street
Reading, RG1 4QD
Berkshire, UK.
Phone: 0118 907 6177

What information do we collect?

We use your personal information to carry out the obligations arising from providing and improving our Services to you. This section describes the types and categories of personal information we may collect, and how we may use that information.

Information you provide us directly

We collect personal information that you provide when you become a customer and use our Services. We use this personal information in a variety of ways, and this personal information includes the following:

  • When you use our services, for example when requesting IT or helpdesk support services, we collect contact information from you such as first name, last name and email address;
  • When you sign contracts, agreements, service orders, statements of work, and other documents, we may collect contact information from you, such as your first and last name, e-mail address, company name, mailing address, and one or more phone numbers;
  • When you make an enquiry using the ‘Contact us’ form on our Site, we ask you for your first name, last name, email address, phone number, and company name and address;
  • When you subscribe to our newsletter, we collect your first name, last name and email address.

Automatically collected information

When you use our Service, some information is collected automatically and is not provided directly by you. For example, when you access our Site, we automatically collect your browser’s Internet Protocol (IP) address, your browser type, the nature of the device from which you are visiting the Site (e.g., a personal computer or a mobile device), the identifier for any handheld or mobile device that you may be using, the web site that you visited immediately prior to accessing our Site, the actions you take on our Site, and the content, features, and activities that you access and participate in on our Site. We also may collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message.

We may collect this information passively in our server logs. We may also collect information passively using technologies such as cookies and clear GIFs (also known as “Web beacons”) as described in the section “Cookies and Similar Technologies” in this Privacy Policy.  We may use passively-collected information to administer, operate, and improve our Site and systems, to improve the effectiveness of advertising on our Service, and to provide advertisements and other content that is tailored to you. If we link or associate any information gathered through passive means with personal information, or if applicable laws require us to treat any information gathered through passive means as personal information, we treat the combined information as personal information under this Privacy Policy. Otherwise, we use and disclose information collected by passive means in aggregate form or otherwise in a non-personally identifiable form.

Cookies and Similar Technologies

The Service uses cookies and similar technologies to distinguish you from other users of the Service. This enables us to provide you with the service specifically linked to your user profile and is required for the Site to function. Cookies are small files that allow for personalization of the Site experience by saving your information such as user ID and other preferences. The service also uses a related technology called local storage which allows preferences and session information to be stored locally on your computer or mobile device.

Also, please be aware that third parties, such as companies displaying advertisements on the Site or the sites or services provided by third parties (“Third-Party Sites”) that may be linked to from the Service, may set cookies or use other means of passively collecting information about your use of their services, Third-Party Sites or content. We do not have access to, or control over, these third-party means of passive data collection. For more information, please refer to our cookie policy at: https://www.externetworks.com/cookie-policy/

Information from other sources

We may receive information about you, including personal information, from third parties, and may combine this information with other personal information we maintain about you. If we do so, this Privacy Policy governs any combined information that we maintain in a personally-identifiable format.

Collection and processing of sensitive information

Throughout the operations of our Services we do not collect or process ‘sensitive information’, defined as data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation. As such, you should not provide any such information as part of any correspondence, or by any other means when you use our Services.

How do we use personal information?

We collect personal information when you interact with our Site and use our Services. We use your personal information for the following purposes:

  • We use your personal information to provide you with IT and helpdesk support services. We use this personal information to verify you are authorized to use our Services and to allow us to respond to your support requests and for other correspondence;
  • We use your personal to enable us to execute contracts, agreements, service orders, statements of work, and other documents;
  • We use you personal information to facilitate billing and invoicing for our Services;
  • If you subscribe to our newsletter, we use you personal information to email our newsletter to you;
  • We link this personal information to data about the way you use our Site and the pages you visit to help enhance, improve, operate, and maintain our Site;
  • To prevent fraudulent use of our Site and Services;
  • To prevent or take action against activities that are, or may be, in violation of our Terms and Conditions or applicable law;
  • We may also use the personal information you provide for direct marketing of our Services to you. We allow you to opt-out from receiving marketing communications from us as described in the “Communication choices” section below, and also at the time you sign up and create an account with the Service. Even if you opt-out, we may continue to send you administrative emails, including, for example, periodic updates to this Privacy Policy;
  • For internal product development purposes to develop new products and services, and to improve existing ones;
  • To maintain a record of our interaction with you, for other administrative purposes, and for any other purposes that we may disclose to you at the point at which we request your personal information, and pursuant to your acceptance of this Privacy Policy;

Legal basis for processing in the EU and the United Kingdom

If you are resident in the EU or the United Kingdom, we need to inform you about the legal basis on which we collect and use your personal information.  In the EU and United Kingdom, the purposes for which we process your personal information are:

  • Where we need to perform the contract we are about to enter into or have entered into with you for the Services;
  • For the purposes of legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  • Where we need to comply with a legal or regulatory obligation in the EU.

The legal basis depends on the category of personal data being processed, and the purpose for that processing. The following table indicates each category of personal data we process, and the legal bases we rely on to do so. Where legitimate interest has been used as the legal basis for processing, the specific legitimate interest we use has been described. Please contact us if you need details about the specific legal basis we are relying on to process your personal data where one or more legal bases has been indicated.

Category of Personal Data

Legal Basis for Processing

Contact information for support services

The performance of a contract and to take steps prior to entering into a contract;
Our legitimate interests, namely, administering the Service, for marketing purposes and communicating with users.

Online Inquiries and Correspondence

Legitimate interest, namely for marketing purposes and to respond to inquiries.

URL, IP addresses, device Information and information about your use of our Site and Services

Our legitimate interests, namely providing, administering and improving the Site and our Services

When do we share personal information?

Except as described in this Privacy Policy, we will not disclose your personal information that we collect on the Service to third parties without your consent. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

  • Service Providers.We may disclose personal information to third-party service providers (e.g., hosting providers, cloud-based email platforms and help desk providers) that assist us in our work. We limit the personal information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such personal information;
  • Business Transfers.Information about our users, including personal information, may be disclosed and otherwise transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of company assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which personal information is transferred to one or more third parties as one of our business assets;
  • To Protect our Interests.We also disclose personal information if we believe that doing so is legally required, or is in our interest to protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights or property of others, or otherwise to help protect the safety or security of our Site and other users of our Services;
  • To Comply with the Law: We may also disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Communication choices

If you receive marketing email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving marketing email from us, and any other promotional communications that we may send to you from time to time (e.g., by postal mail) by sending your request to us by email at privacy@externetworks.com or by writing to us at the address given in the ‘Contacting Us’ section of this policy.

Please be aware that if you opt-out of receiving marketing email from us, it may take up to ten business days for us to process your opt-out request, and you may receive marketing email from us during that period. Additionally, even after you opt-out from receiving marketing messages from us, you will continue to receive administrative and transactional messages from us regarding your use of our Services.

Rights to access

If you wish to access or amend any other personal information we hold about you, you may contact us at privacy@externetworks.com. If you request that we delete your personal information that we use to provide our Services, we will do so within a reasonable period of time, but we may need to retain some of your personal information in order to satisfy our legal obligations, or where we reasonably believe that we have a legitimate reason to do so.

Links to external sites

The Service may contain links to other websites, products, or services that we do not own or operate. The Service also may contain links to Third-Party Sites such as social networking services. If you choose to visit or use any Third-Party Sites or products or services available on or through such Third-Party Sites, please be aware that this Privacy Policy will not apply to your activities or any information you disclose while using those Third-Party Sites or any products or services available on or through such Third-Party Sites. We are not responsible for the privacy practices of these Third-Party Sites or any products or services on or through them. Additionally, please be aware that the Service may contain links to Web sites and services that we operate but that are governed by different privacy policies. We encourage you to carefully review the privacy policies applicable to any website or service you visit other than the Service before providing any personal information on them.

How long do we keep your personal information?

Unless otherwise specifically stated elsewhere in this Privacy Policy, we will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Aggregated and anonymized data that no longer identifies the user of our Services is maintained for the purposes necessary to provide the Services.

EU and United Kingdom privacy rights

If you are located in the EU or the United Kingdom, you have the following Data Subject Access Rights with respect to your personal information that we hold:

  • Right of access. You have the right to access the personal information that we hold about you;
  • Right to rectification.You may have the right to require us to correct any inaccurate or incomplete personal information we hold about you;
  • Right to erasure. In certain circumstances, you may have the right to the erasure of your personal data we hold about you (for example where it is no longer necessary in relation to the purposes for which it was collected or processed);
  • Right to restriction.You may have the right to request that we restrict processing of your personal information in certain circumstances (for example where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of that personal data);
  • Right to portability.In some limited circumstances, you may have the right to portability which allows you to move, copy or transfer personal data from one organization to another;
  • Right to object.You have a right to object to us processing your personal information when the processing is based on legitimate interests and also to stop us from sending you direct marketing;
  • Rights in relation to automated decision making and profiling. You have the right not to be subject to a decision that affects you based solely on automated processing. We do not perform any automated decision making and profiling.

If you wish to exercise one of these rights, please contact us using the information in the
‘Contacting us’ section of this Privacy Policy.

What is our policy on children?

Children’s safety is important to us, and we encourage parents and guardians to take an active interest in the online activities of their children. Our Services are not directed to children under the age of 18, and we do not knowingly collect personal information from children under the age of 18 without obtaining parental consent. If we learn that we have collected personal information from a child under the age of 18 on our Site or through our Services, we will delete that information as quickly as possible. If you believe that we may have collected any such personal information on our Site or through our Services, please notify us at privacy@externetworks.com.

Where do we store and process your personal information?

  • International Transfers: Our servers and data centers are located in the United States. If you choose to use the Service from outside the U.S., then you should know that you are transferring your personal information outside of your region and into the U.S. for storage and processing. By providing your Personal Information to us through your use of the Service, you agree and consent to that transfer, storage, and processing in the U.S. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Service. You should know that each region can have its own privacy and data security laws, some of which may be less stringent as compared to those of your own region.
  • Privacy Shield Notice: We comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information received from European Union countries and Switzerland (the "Privacy Shield"). We have certified that we adhere to the Privacy Principles of notice, choice, and accountability for onward transfer, security, data integrity, purpose limitation, access, and recourse, enforcement, and liability ("Principles"). If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Principles shall govern. In cases of onward transfers of data received pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield, we are potentially liable. To learn more about Privacy Shield, please visit the U.S. Department of Commerce Privacy Shield website: https://www.privacyshield.gov/  . For more information regarding our Privacy Shield certification, please see:https://www.privacyshield.gov/list.

Jurisdiction and Enforcement

  • As part of our participation in the Privacy Shield, we are subject to the investigatory and enforcement powers of the US Federal Trade Commission ("FTC").
  • For European Union residents, you also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
  • In compliance with the EU-US and Swiss-US Privacy Shield Principles, we commit to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this Privacy Policy should first contact us at privacy@externetworks.com.
  • We have further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit JAMS at: https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint.
  • Under certain conditions specified by the Principles, you may also be able to invoke binding arbitration to resolve your complaint.

California privacy disclosures

California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn’t an industry or legal standard for recognizing or honoring DNT signals, we don’t respond to them at this time. We await the result of work by the privacy community and industry to determine when such a response is appropriate and what form it should take.

A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California Customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes, subject to certain exceptions, as defined in California Civil Code Sec. 1798.83. In general, subject to certain exceptions, if the business has made such a disclosure of personal information, upon receipt of a request by a California Customer, the business is required to provide, free of charge, a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were disclosed. California Customers may request further information about our compliance with this law by sending an email to privacy@externetworks.com.

How do we secure your personal information?

To help protect your data, we use commercially reasonable steps to protect the data that we collect, including your personal information. The reasonable steps include protecting this data against accidental loss, unauthorized use, disclosure, and restricting access to personal information by our staff. The Site is hosted by a third-party hosting company that we have determined maintains adequate security controls and utilizes TLS encryption for all internet communication with the Site. We also require all staff that administer and develop the Site follow industry-standard controls, including strong passwords, the use of anti-virus and anti-malware software, disk encryption and other best practices.

We use various 3rd party processors and service providers to enable us to provide our Site and Services, and as part of our vendor due-diligence, we review the security controls these processors and service providers have in place and ensure they meet industry standards appropriate for the type of data we collect.

You should keep in mind, however, that the Site and Services utilizes software, hardware, and networks, which from time to time require maintenance and experience problems beyond our control. Note that no data transmission over the public internet or encryption method can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.

Updates to this Policy

We may occasionally update this Policy. When we do, we will also revise the “last updated” date at the beginning of the Policy. Your continued use of our Service after such changes will be subject to the then-current policy. If we change this Policy in a manner that is material, we will use reasonable efforts to notify you via the contact methods you have provided, prior to applying the change to any personal information that we collected from you prior to the date the change becomes effective. We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and disclose personal information.

Go to Top