We use cookies to give you the most personalized experience possible on our website, and to collect information about how visitors use our site. If you continue without changing your settings, we’ll assume that you’re ok with receiving cookies from the XMedius website. You can disable cookies in your browser settings at any time, but please note that parts of the site will not work properly if you disable cookies.

For more information on how we use cookies, read our privacy policy.
CLOSE X

Privacy policy

XMedius Solutions Inc. and its affiliates (collectively “XMedius“) respect the privacy of your personal information and is committed to protecting it and using it solely for the purpose for which it was collected.

  1. SCOPE AND APPLICATION
  2. WHY WE COLLECT INFORMATION
  3. WHAT INFORMATION WE COLLECT AND HOW IS IT STORED
  4. HOW IS THE INFORMATION COMMUNICATED
  5. SECURITY
  6. HYPERLINKS AND THIRD PARTIES
  7. COOKIES
  8. GENERAL INFORMATION AND HOW TO EXERCISE YOUR RIGHTS

 

1.    SCOPE AND APPLICATION

The term “personal information” means information that specifically identifies any individual, such as name, date of birth and email address, and any other information that is required by applicable law to be treated as “personal information”.

This Privacy Policy governs the collection, usage and storage of information obtained from the users through the use of (i) the interface or web application XMediusFAX®; (ii) the interface or web application XMediusSENDSECURE®; (iii) our software solutions; or (iv) any other service or solution developed by XMedius (collectively hereinafter the “Interface“). This Privacy Policy applies to all information collected by XMedius through the Interface.

The Interface offers on-premises and/or cloud services relating, among other things, to the transmission of faxes and secure file sharing (the “XMedius Cloud Services”).

This Privacy Policy applies to both the services offered by XMedius through the Interface and/or XMedius Cloud Services (collectively the “Services”). By contracting for and/or using the Services, you accept to be bound by the terms of this Privacy Policy.

XMedius reserves the right to change its Privacy Policy at any time without prior notification. The current version of the Privacy Policy is available on the Interface and indicates its effective date. If the changes to the Privacy Policy are significant in privacy risk, , we will notify 30 days prior to those changes being effective by email or by posting a prominent notice on the landing page of the Interface. You will be deemed to have accepted these changes if you continue to use the Interface after any such changes. You are encouraged to periodically check our Privacy Policy.

Kindly note that a specific privacy policy applies to your access to and use of XMedius Cloud Services available on xmedius.com (USA node), xmedius.eu (European Node) and xmedius.ca (Canadian Node).

 

2.    WHY WE COLLECT INFORMATION

The information is collected and used notably for the following purposes:

  • to render the Services properly, including for managing XMedius Cloud accounts;
  • to address any problems which are brought to our attention, including for the purpose of troubleshooting, supporting, optimizing and investigating security events on XMedius Cloud Services or restoring data loss;
  • to evaluate, optimize and improve the Services;
  • to contact you about the Services;
  • to track Service’s usage and invoice the Services.

 

3.    WHAT INFORMATION WE COLLECT AND HOW IS IT STORED

Hosted in collocation datacenters operated in the USA, France and Canada:

  • Documents and information related to the fax transmissions (including contact phonebooks (name, email addresses, addresses, phone numbers, and gender), documents and metadata), cookies and security tokens;
  • System logs data, which may include IP addresses, MAC addresses, device IDs, unique IDs, network traces, fax metadata, phone numbers, usernames and computer names.

Hosted in public cloud infrastructure operated by third party PaaS, IaaS Cloud provider in the USA, Ireland and Canada:

  • Account management data, including account information, account settings, service usages (including CDRs, invoices and consumption history), user directory (including names, emails, addresses, phone numbers, usernames and password hashes), fax number requests, cookies and security tokens;
  • SendSecure application data, including files, messages, participants information (including names, emails and phone numbers), SendSecure settings, encryption keys, audit trails (including names, emails addresses, filenames and IP addresses), other metadata, cookies and security tokens;
  • System logs data, that may include IP addresses, MAC addresses, device ID, unique IDs, network trace, phone number, username and computer name;

Data pertaining to fax application, account management and SendSecure application will be retained for a period of 90 days after the account termination, after which it will be deleted. System logs data and backup data may be retained for up to 1 year and may be accessed by the cloud infrastructure team.

Hosted application (SaaS) by third parties in the USA:

Support ticketing data, including customer information (name, contact information, email) support ticket messages and support files. Support ticketing data 90 days after the account termination.

  • Billing data, including billing information (name, phone, email, address, etc.), invoices, service usages and, credit card information. Billing data (excluding credit card information) may be kept for up to 7 years after the account termination.

Data may be accessed by relevant personnel, when required for the performance of their functions related to the Services and in accordance with the purposes enunciated in this Privacy Policy.

For its fax service, XMedius make use of Telecommunication service providers (Telco) to send and receive fax calls. As such, fax transmission will be transported through those Telco networks and other required Telco peers to complete fax delivery on the PSTN.

Customers may optionally configure XMedius Cloud Services to integrate with third party services such Google cloud print, Xerox Mobile Print, HP E-print services, ReCaptcha, etc. Concerning the data privacy when using those services, customers must refer their applicable privacy policies.

SendSecure make use of SMS and voice service providers to send two factor authentication codes, while no personal data is transmitted in those messages, the recipient phone number is used as a delivery address.

XMedius Cloud Services may be accessed by various Interfaces and those Interfaces may collect information about you (including username, password, email address, various settings, etc.) and store them locally on your device. Those information will solely be used in accordance with the purposes enunciated in this Privacy Policy.

 

4.    HOW IS THE INFORMATION COMMUNICATED

We never disclose your personal information to anyone outside of XMedius without your consent, except for the following and only if such third party has in place appropriate safeguards that ensure at least the same level of security than ours:

  • our providers whose services have been retained to carry out duties on our behalf (e.g. data processing). XMedius takes the necessary means to ensure that these third-party providers process your information for the sole purpose identified by XMedius;
  • any entity resulting from a merger, a corporation reorganization or change in control of XMedius, in whole or in part;
  • any public authority if the law so requires, to defend our rights, or otherwise in compliance with the law. In the event where XMedius is required to divulge information or to provide a copy of such information to a governmental authority under law or pursuant to a court order, XMedius will attempt to notify you beforehand, to the extent, however, that it is legally authorized to do so.

We do not sell available personal information to third parties. We use collected information exclusively in accordance with this Privacy Policy.

At the exclusion of the metadata, and in such case, for the purposes so designated in section 3 above, we do not monitor the content of correspondence conducted through our Services. Although sent documents are kept on our servers to make them available to you and to the recipient of such documents, we do not access, or give access to, the content of the documents unless we have a reason to believe that there is an infringement of our Terms and Conditions, or only in compliance with such Terms and Conditions. We do not make the content of the documents available to any third party other than the recipient, unless we are required to do so by law.

 

5.    SECURITY

All data is stored on servers with high-security safeguards, protected against misuse and access by unauthorized individuals. We endeavor to maintain appropriate physical, procedural and technical security with respect to our offices and information storage facilities. Any information is only made available to individuals (employees or agents) who require access to such information to carry out their responsibilities.

Unless otherwise agreed upon to in writing and subject to what is otherwise provided in this Privacy Policy, the country which the administrator of the Customer’s Account inputs during the initial setup of the Services determines the storage location for your data: (i) if the main country or region is in the United States of America, the storage location will be in the United States of America; (ii) if the main country or region is located within the European Union territory, the storage location will be in the European Union; and (iii) if the main country or region is in Canada or in any other countries, the storage location will be in Canada.  Furthermore, the data may be handled by third-party service providers of XMedius so as to enable XMedius to adequately render the Services provided that appropriate specific safeguards are set.

For the data stored in our regional nodes operated from Europe, USA and Canada, XMedius will not initiate a customer data transfer outside the designated zone without the explicit consent of the customer. Although, for the purpose of provisioning, billing, supporting, troubleshooting, the relevant personnel located in Canada and Europe may remotely consult and/or transfer information located in USA, Europe and Canada.

While XMedius takes reasonable means to protect your privacy, please be aware that no method of transmitting information over the Internet or storing information is completely secure and thus XMedius cannot guarantee the absolute security of that information during the transmission or storage on its systems or of its subcontractors. XMedius cannot warrant or represent that your information will be protected against, loss, misuse, or alteration by third parties.

 

6.    HYPERLINKS AND THIRD PARTIES

The Interface may incorporate links to third parties’ sites or resources on the Internet for your information. By clicking on such links, you leave the Interface. Any personal information you submit through these sites is subject to such third parties’ privacy policy. XMedius does not exercise any control on the operation of any third parties’ websites or applications and the fact that they are listed on our Interface does not incur XMedius’ liability in any manner.

 

7.    COOKIES

We may use cookies to collect some non-identifiable information regarding your computer or mobile device and your activities in order to help improve the user experience. You can manage your cookie settings directly in your browser, however, be aware that if you disable or remove cookies, some parts of the Services or of the Interface might not work properly.

 

8.    GENERAL INFORMATION AND HOW TO EXERCISE YOUR RIGHTS

You have the following rights with respect to the personal information XMedius collects: (i) right to know and access your personal information collected by XMedius and obtain communications with regard to purposes for which your personal information is processed, (ii) right to update or rectify your personal, (iii) right to erasure of your personal information, (iv) right to object to processing of your personal information by XMedius, (v) right to portability of your personal information.

If you wish to exercise your rights above mentioned, file a complaint or have any questions regarding this Privacy Policy, please contact our privacy officer in the following manner:

Address : 3400, de Maisonneuve Boul. W., Suite 1135, Montreal, QC Canada H3Z 3B8

Phone: +1.514.787.2100

Fax: +1.514.787.2111

Email: privacy@xmedius.com

SendSecure: https://sendsecure.xmedius.com/r/98b1104664ab4cdf9f7d3900f04c2a32

We will do our best to treat your request promptly. Please note that we may sometimes deny your request under relevant laws.

The most up to date version of this policy can be found at: www.xmedius.com/en/privacy-policy/

Last update: 2018-05-22

DOWNLOAD A PDF VERSION