IDT Domestic Telecom, Inc.
Effective as of January 30, 2020
IDT is committed to protecting the privacy of your personal information. Through our Boss Revolution brand we provide consumers with various products and services that let you stay connected to the ones you love.
This Policy applies to the following unless otherwise noted:
- users of our Boss Revolution products and services, including Boss Revolution Pinless, Boss Revolution Mobile, Call Me, International and Domestic Top-Up and E-gift cards (collectively, the “BR Products”) whether purchased through our websites, our apps or at an authorized retailer;
- users and visitors of our Boss Revolution websites, including www.bossrevolution.com, www.bossrevolutionmobile.com, and www.brclubsaves.com (collectively, the “BR Websites”);
- members of any Boss Revolution loyalty or rewards program; and
- users of our Boss Revolution calling application (the “BR App”).
When we use the term “Services” it refers to the BR Products, the BR Websites and the BR App collectively. When we refer to IDT or “us,” or “we,” we’re talking about IDT Domestic Telecom, Inc.
This Policy does not apply to products or services offered by IDT Payment Services, Inc. or IDT Payment Services of NY LLC, including money transfer, domestic bill payment and international bill payment, and to any information collected during transactions for those products and services. The policies and procedures governing your personal information collected during transactions for those products are governed by the IDT Payment Services, Inc. and IDT Payment Services of NY LLC Privacy Statement, which can be found at www.bossrevolution.com/en-us/services/money-transfer.
You should also read the terms of service for each Service that you use, which can be found at the applicable BR Website or in the BR App.
We may update this Policy from time to time and you should review it periodically for changes. Any updated Policy will be posted at the BR Websites and the BR App.
2. Information We Collect
IDT receives and collects both personal and non-identifying information from you when we operate and provide you with the Services, when you install, access or use the Services and when you communicate with us. Personal information means information either on its own or in conjunction with other data that enables a specific person to be identified, but does not include “de-identified,” “anonymous,” or “aggregate” information, which is not otherwise associated with a specific person. Non-identifying information means information that by itself cannot be used to identify a specific person (e.g., ZIP Code).
A. Information You Provide. Depending on the particular Service, you may provide the following personal information:
- email address
- mobile or other phone number
- payment information, including credit or debit card details
- other personal information necessary to verify you and/or your phone number
- other personal information you provide to us for customer support purposes, surveys, sweepstakes or product feedback
B. Information We Collect. Depending on the particular Service, we may automatically collect the following information:
- Boss Revolution security code, password and login credentials
- Service related diagnostic and performance information, including how you use our Services and performance logs
- call records, frequently called numbers, and network traffic data
- messages sent with our Services, including chats, photos, videos and voice messages
- personal, phone or social network contact information
- information about your device, including model, browser, operating system, platform type, application software, mobile network, device identifiers and numbers, and Internet connection speed
- browsing, searching and buying activity
- IP address
- BR Websites visited and websites you come from and go to next
- BR App feature usage and stored content
- certain data on your device, including your contacts, the phone numbers in your mobile address book, favorite lists and other installed apps
- device identification number
- geolocation and device location information if you use our location features
- transactional information when you purchase a BR Product
C. Information Provided by Third Parties. When you install, access or use the Services we may obtain the following information from third party sources:
- credit information from credit reporting agencies
- transactional information when you purchase a BR Product, including receipts or information from app stores or other third parties processing your payment
- aggregate information from outside companies that collect consumer information such as demographic and interest data (examples of this information include gender, age range, sports enthusiast, or pet owner)
- unique marketing and/or device IDs, contact and other marketing lead information from third parties, including from app stores
- users of our Services may provide us with your email address or phone number through the purchase/use of a Service, our refer-a-friend programs, their mobile address book or social networking platforms
- other information from third parties that helps us operate, provide, understand, customize, support and market our Services
3. How We Use Information
We use all the information we collect and receive to help us operate, provide, improve, understand, customize, support, and market our Services. In addition, we use your information for general, operational and administrative purposes, including maintaining your account, authenticating you and contacting you. As used in this Policy, the terms “use,” “using” and “processing” information include using cookies or other similar technologies on a computer/phone/device, subjecting the information to statistical or other analysis and using or handling information in any way, including but not limited to, scanning, collecting, storing, evaluating, aggregating, modifying, deleting, using, combining, disclosing and sharing information among our affiliates both in and outside the United States and to select service providers and vendors.
A. Our Services. We analyze how our customers use our Services and use that information to evaluate and improve our Services, to research, develop, and test new services and features, and to conduct troubleshooting activities. For example:
- we communicate with you about our Services and features and let you know about our terms and policies and other important updates;
- we may target particular advertisements or other content to you based information we have collected or you provided;
- we may digitally scan content stored in the BR App, including without limitation, your user information and message content, and use this information to provide you with targeted information and advertising;
- we use your information to respond to you when you contact us. Our communications with you, including phone conversations, chats and emails, may be monitored and recorded by us for quality assurance or for legal, regulatory or training purposes; and
- we verify accounts and activity, and promote safety and security, such as by investigating suspicious activity or violations of our terms, to ensure our Services are being used legally.
C. Web Analysis. We use certain Google Analytics Advertising Features, including Remarketing and Demographics and Interest Reporting. Google Analytics is a web analysis service provided by Google that allows us to collect data about the traffic on the BR Websites through Google cookies and other identifiers, which enables us, among other things, to create user segments based on demographic or interest data and to deliver relevant advertising. Google utilizes the data collected to track and examine the use of our websites and to prepare reports on the activities and share them with other Google services. Google may use the data collected to contextualize and personalize the ads of its own advertising network. You may be able to opt out of the Google Analytics Advertising Features through your browser ads settings or by visiting Google’s Ads Settings page.
D. BR App. We engage certain service providers and vendors who use mobile software development kits to passively collect information from users of the BR App. We use this data primarily to help us deliver personalized notifications and to identify you in a unique manner across other devices or browsers for the purposes of customizing advertisements or content.
4. How We Share Information
We share all the information we collect and receive with our affiliates, both in and outside the United States, and to select service providers and vendors, to help us operate, provide, improve, understand, customize, support, and market our Services, and for general, operational and administrative purposes, including maintaining your account, authenticating you and contacting you. When we share information with our service providers and vendors, we require them to use your information only in accordance with our instructions and terms or with express permission from you and not to sell your information. In addition, you share your information as you use and communicate through our Services.
A. Information Shared Within the IDT Family of Companies. We share information within the IDT family of companies, including our affiliates both in and outside the United States (collectively, the “IDT Family of Companies”) primarily to operate, provide, support and market our Services. For example, if you purchase a BR Product, then we share your purchase information with various IDT affiliates in order to process your transaction.
C. Special Circumstances. We may share information in certain special circumstances. For example:
- to comply with valid legal process including subpoenas, court orders and search warrants, and as otherwise permitted or required by law;
- to assist law enforcement in cases involving danger of death or serious physical injury to any person or in other emergencies;
- to protect our rights or property, or the safety of our customers or employees;
- to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of our Services and to protect our network, Services, devices and users from such use;
- to advance or defend against complaints or legal claims in court, administrative proceedings and elsewhere;
- to prospective purchasers of all or part of our business or assets;
- to outside auditors, lawyers and regulators; and
- with your consent.
D. Information Shared with Advertising Entities or Social Networks. You may see third-party advertisements on BR Products, the BR Websites and/or the BR App. Some advertisements are chosen by companies that place advertisements on behalf of advertisers. These companies, often called ad servers, may place and access cookies on your device to collect information about your visit. The information they collect from our sites is in a form that does not identify you personally. This information may be combined with similar data obtained from other websites to help our advertisers better reach their targeted audiences. Targeting may be accomplished by tailoring advertising to interests that they infer from your browsing of our sites and your interaction with other websites where these ad servers also are present. If you choose to interact with specific advertisers who advertise on the BR, Products, BR Websites or the BR App, the information you provide to them is subject to the conditions of their specific privacy policies. The BR Websites and BR App also include plug-ins and widgets that may provide information to their associated social networks or entities about the IDT page you visit, even if you do not click on or otherwise interact with the plug-in or widget.
E. When You Share Information. You share your information as you use and communicate through our Services. Your phone number, profile name and photo, and online status may be available to anyone who uses our Services, although you can configure your Services settings to manage certain information available to other users. Users with whom you communicate may store or share your information (including your phone number or messages) with others on and off our Services.
5. Your Rights and How to Limit Sharing Of Information
You have choices about how we use and share your information and there are additional protections that may apply with regard to certain information we collect.
A. Customer Proprietary Network Information (CPNI). CPNI is information made available to us solely by virtue of our relationship with you that relates to the type, quantity, destination, technical configuration, location, and amount of use of the telecommunications and interconnected VoIP services you purchase from us, as well as related billing information. You have a right, and we have a duty, under federal law to protect the confidentiality of your CPNI. We use and share your CPNI within the IDT Family of Companies and with/to their agents, contractors and partners for marketing purposes, including to offer you services that are different from the services you currently purchase from us. If you don’t want your CPNI used for the marketing purposes described above, please notify us online at email@example.com. Unless you notify us, we may use your CPNI as described above and your choice will remain valid until you notify us that you wish to change your selection. Your decision about use of your CPNI will not affect the provision of any Services you currently have with us. Note: this CPNI notice may not apply to residents of certain states, including Arizona.
B. Telemarketing. Federal “Do Not Call” laws allow you to place your phone numbers on the National Do Not Call Registry to prevent telemarketing calls to those numbers. To add your numbers to this list, please call 1-888-382-1222, or visit www.donotcall.gov. Most telemarketing laws allow companies to contact their own customers without consulting the Federal or State Do Not Call lists. If you would like to be removed from IDT’s telemarketing list, please contact us at firstname.lastname@example.org. Please allow 30 days for your telephone number to be removed from any sales programs that are currently underway. Please note that we may still call you regarding your Services and account even if you remove your number from our telemarketing list.
C. Email, Text Messages and Push Notifications. Marketing emails you receive from us will include an unsubscribe feature usually found at the bottom of the email that you may use to opt out of receiving future marketing emails. Marketing text and SMS messages from us also contain an opt-out feature that you can use to prevent future marketing text and SMS messages from us. You may refuse to consent to receive calls and texts from IDT and its affiliates that require your consent, including autodialed, pre-recorded or artificial voice telemarketing calls. You may also withdraw your previously given consent to receive such calls and texts. You can opt out of receiving push notifications from us via the BR App by going to your device “Settings” and clicking on “Notifications,” and then changing those settings for the BR App. Please note that you cannot withdraw your consent to receive certain in-BR App messages from IDT. Your ability to manage some of our Services could be limited if you withdraw your consent to receive text and SMS messages. IDT does not recommend using those Services without authorization to receive such messages.
D. Online Information. You have choices about whether certain information collected on the BR Websites and BR App is used to customize advertising based on predictions generated from your visits over time and across different websites and apps. Similarly, many mobile devices offer controls you can set to limit the advertising use of information collected across mobile apps on your device. Please note that many opt outs use browser cookies or device controls and are specific to the device and browser you are using. If you buy a new computer, change web browsers or devices or delete the cookies on your computer, you may need to opt out again. In addition, ads you receive may still be tailored using other techniques such as publisher, device or browser-enabled targeting. You should check the privacy policies of the products, sites, apps and services you use to learn more about any such techniques and your options. You also can limit the collection of certain website information by deleting or disabling cookies. Most browsers enable you to erase cookies from your computer hard drive, block all cookies, or receive a warning before a cookie is stored. Disabling cookies may prevent you from using specific features on our sites and other websites, such as ordering products or services and maintaining an online account.
6. California Consumers. If you are a resident of California, then the following section also applies to you.
A. Personal Information. Personal information includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. IDT collects, discloses and/or shares the following categories of personal information regarding California residents:
|Categories of Personal Information Collected||Specific Personal Information Collected within Category||Categories of Sources of Personal Information||Is This Info Shared and/or Sold and Categories of to Whom||Business or Commercial Purposes for Collection and Sharing of Personal Information|
|Personal Identifiers and Information, including items listed in subdivision (e) of Section 1798.80 of California Civil Code||name, address, email address, phone number, birthdate, device and marketing identifiers, IP address, payment and financial information, credit/debit card number and details, bank account number and information, personal information necessary to verify you or your account, security code and login credentials, and other personal information you provide||consumer, consumer’s device, automatic collection by IDT, credit reporting companies, financial companies, 3rd party vendors that provide IDT with transactional services, data resellers||Shared – yes
Categories of third parties with whom IDT shares personal information: IDT family of companies, including our affiliates both in and outside the United States; our service providers and vendors to the extent reasonably necessary for them to perform work on our and your behalf (e.g., credit card processors); ad networks; data analytics providers; social networks; law enforcement; prospective purchasers of our business; outside auditors and lawyers; and government entities, agencies and regulators
Sold – no
|To manage our products and services, including to help us operate, provide, evaluate, improve, monitor, customize, bill and support our products and services
To maintain and service your account, including to process orders and payments
To communicate with you about our terms and policies
To verify you, your account activity and your information
To detect, investigate and report fraud, abuse or illegal use of our products and services or customer accounts
To provide customer service
To perform due diligence, credit and fraud prevention checks
To maintain accurate record keeping
To perform product, marketing and organizational analysis
To provide advertising and marketing to our customers
To measure our marketing campaigns and to audit consumer interactions
To comply with regulations and legal requirements
To comply with contractual requirements
For risk management and compliance
For legal advice and defense of claims
For general, operational and administrative purposes
|Commercial information||records of products or services purchased and used, diagnostic and service performance information, call records and other traffic data, credit information from reporting agencies, transactional information, and other purchasing or consuming histories or tendencies||consumer, consumer’s device, automatic collection by IDT, credit reporting companies, financial companies, 3rd party vendors that provide IDT with transactional services, data resellers||Shared – yes
Categories of third parties with whom IDT shares personal information: see list under Personal Identifiers and Information
Sold – no
|Internet or other electronic network activity information||browsing history, search history, messages, personal, phone or social network contact information, device information, device contacts, and information regarding a consumer’s interaction and usage with our websites, apps and advertisements||consumer, consumer’s device, automatic collection by IDT, credit reporting companies, financial companies, 3rd party vendors that provide IDT with transactional services, data resellers||Shared – yes
Categories of third parties with whom IDT shares personal information: see list under Personal Identifiers and Information
Sold – no
|Geolocation data (if use location features)||location of device||consumer, consumer’s device, automatic collection by IDT||Shared – yes
Categories of third parties with whom IDT shares personal information: see list under Personal Identifiers and Information
Sold – no
|Inferences drawn from any of the information above||profile reflecting the consumer’s marketing preferences; aggregate information from third parties||Shared – yes
Categories of third parties with whom IDT shares personal information: IDT family of companies, including our affiliates both in and outside the United States; our vendors and partners to the extent reasonably necessary for them to perform work on our and your behalf (e.g., credit card processors); ad networks; data analytics providers; social networks; and prospective purchasers of our busines
Sold – no
B. Your Rights. As a California resident you have certain additional rights regarding your personal information under the California Consumer Privacy Act of 2018 (“CCPA”).
(i) Right to Know Personal Information Collected—you have the right to request the following from IDT: categories of personal information collected; categories of sources of personal information; business or commercial purpose for collecting or selling your personal information; categories of third parties with whom we share your personal information; and the specific pieces of personal information that we have collected about you.
(ii) Right to Know Personal Information Sold or Disclosed—you have the right to request the following from IDT: categories of personal information collected; categories of personal information sold by IDT; categories of third parties to whom IDT has sold your personal information; and categories of personal information IDT has disclosed for a business purpose.
(iii) Right of No Discrimination—IDT does not discriminate against any California consumer who exercises any of the consumer’s rights under the CCPA. Pursuant to the CCPA, IDT is permitted to charge a consumer a different price or rate and/or provide a different level of service to the consumer if that difference is reasonably related to the value provided to the consumer by the consumer’s data.
(iv) Right of Deletion/Erasure—you have the right to request that IDT delete any personal information that it has collected about you. There are exceptions to this right and IDT does not have to delete your personal information including if necessary to complete a transaction, to provide you with services, to detect fraud, to comply with our legal obligations, and to use internally in a lawful manner compatible with the context in which the personal information was given. In addition, if your personal information is deleted you may not be able to purchase or use our products and services.
(v) Right to Not Sell Personal Information—IDT does not sell your personal information to third parties. Nonetheless, you have the right to request that IDT not sell your personal information should IDT decide in the future to sell personal information to third parties. To exercise this right please go to www.idt.net/ccpa-do-not-sell and complete the form. IDT does not intentionally collect the personal information of a consumer under the age of 16. IDT does not intentionally sell the personal information of a consumer under the age of 16 unless the consumer (if age 13-16) or the consumer’s parent (for consumers under 13) affirmatively authorizes the sale.
C. How to Exercise Your Rights. To exercise your rights to know personal information collected, sold or disclosed, or to exercise your right to delete your personal information, please go to www.idt.net/ccpa-request and complete the form. To exercise your right to opt out of the sale of your personal information please go to www.idt.net/ccpa-do-not-sell and complete the form. In addition, you can exercise your rights by calling the following toll-free number: 888-412-0477
D. Verification of Consumer Requests. In order to comply with a consumer request, IDT must reasonably verify the requestor. A record of each request is made as soon as it is received by our data protection team. IDT will use all reasonable measures to verify the identity of the individual making the request. We will utilize the requested data to ensure that we can verify the requestor’s identity and where we are unable to do so, we may contact you for further information, or ask you to provide evidence of your identity prior to responding to your request. This is to protect your data and rights. If a third party, relative or representative is requesting the data on your behalf, we will verify their authority to act for you and may contact you and them to confirm you and their identity and gain your authorization prior to responding to the request.
E. Responding to Consumer Requests. IDT will attempt to confirm receipt of each request by contacting the requestor either at the email or telephone number submitted, through the consumer’s account or by other electronic means. IDT will attempt to verify each request and if it is able to verify a request will provide a response (if necessary and applicable) within 45 days of the receipt of the request, which time period may be extended by IDT for an additional 45 days. If a delay is necessary, IDT will contact the requestor within the original 45 day period and provide the reasons for the delay. If a request is particularly complex, IDT may take an additional 90 days to respond. IDT may charge a fee or refuse to act on any request that is manifestly unfounded or excessive. All IDT responses shall be in writing and cover the previous 12 month period. Where possible the response shall be sent through the consumer’s account. Otherwise, the response shall be sent by mail or electronically. IDT is not obligated to provide a response to a consumer more than two times in any 12 month period. The CCPA contains certain exemptions and exceptions from the right of deletion and/or the provision of personal information. If one or more of those exemptions or exceptions applies to your request, then we may not be able to act upon your request. Where possible we will inform you of the reasons for not acting upon your request.
F. For More Info. For more information on your rights and our obligations under the CCPA please send an email to email@example.com. For California residents with a disability please send an email to firstname.lastname@example.org for information on how to access this policy in another format.
7. Other Information
A. Keeping Children Safe. IDT does not knowingly market to or collect information from children under the age of 16 without obtaining verifiable parental consent. If you allow a child to use your device or our Services, you should be aware that their information could be collected as described in this Policy. We encourage parents to be involved in the online activities of their children to ensure that no information is collected from a child without parental permission.
B. Security. IDT has technical, organizational and physical safeguards in place to help protect against unauthorized access to, use or disclosure of the information we collect and store. Employees are trained on the importance of protecting privacy and on the proper access to, use and disclosure of customer information. IDT secures information on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. We use Secure Socket Layer (SSL) encrypted protection to protect the personal information transmitted to the BR Websites. The BR Websites and BR App are PCI compliant in connection with your credit card information. Although we work hard to protect your information that we collect and store, no program is 100% secure and we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose that information. IDT maintains security and incident response plans to handle incidents involving unauthorized access to information we collect or store. If you become aware of a security issue, please contact us.
C. Contact Information. If you have questions, concerns or suggestions related to our Policy or our privacy practices you may contact us at:
IDT Domestic Telecom, Inc.
Boss Revolution Product Team
520 Broad Street, 4th floor
Newark, NJ 07102
D. Links to and from non-IDT Websites and Content. The BR Websites and BR App may contain links to non-IDT sites. In addition, IDT or Boss Revolution content may be included on websites that are not associated with IDT. We have no control over these non-IDT sites and are not responsible for the content on these sites or platforms or the privacy policies and practices employed by these sites and platforms. We recommend that you review the policies and practices of the sites you visit.
E. Social Networking. Some of our Services may allow you to participate in blog discussions, message boards, chat rooms, and other forms of social networking and to post reviews. Please be aware that these forums are accessible to others. We urge you to not submit any personal information to these forums because any information you post can be read, collected, shared, or otherwise used by anyone who accesses the forum. IDT is not responsible for the information you choose to submit in these forums. If you post content to information sharing forums, you are doing so by choice and you are providing consent to the disclosure of this information.
F. Changes to this Policy. We reserve the right to make changes to this Policy, so please check back periodically for changes. You will be able to see that changes have been made by checking to see the effective date posted at the beginning of the Policy.
©2020 IDT Domestic Telecom, Inc. All Rights Reserved.