Please click on the country selector for your home country and chosen language to review the privacy policies and disclosures for your service.

 

PROTECTING YOUR PRIVACY – OUR COMMITMENT

Tata Communications respects your privacy and is committed to ensuring appropriate protections are in place for your personal data. We seek to comply with all currently applicable legislation regarding the protection, security and confidentiality of personal data. In this Privacy Policy (the “Policy”), we describe how we collect, use, disclose and protect personal data. We also outline the rights you may have in respect of your personal data held by us. The Policy relates to your personal data that we may process through your use of the Wifi Hotspot service available in your Jaguar Land Rover ("JLR") vehicle (the "Services").

This Policy is provided in a layered format, so you can click through to the specific areas set out below that may be of most interest to you.

  1. TATA COMMUNICATIONS AND YOUR PRIVACY
  2. HOW TO CONTACT US
  3. INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT
  4. HOW DO WE USE THE PERSONAL DATA WE COLLECT AND WHAT IS THE LEGAL BASIS FOR THIS USE?
  5. WHEN DO WE SHARE THE PERSONAL DATA WE COLLECT
  6. INTERNATIONAL TRANSFER OF PERSONAL DATA
  7. SECURITY
  8. WHAT RIGHTS DO I HAVE IN RELATION TO MY PERSONAL DATA?
  9. HOW LONG WILL YOU RETAIN MY PERSONAL DATA 
  10. CHANGES TO THIS POLICY

 

1. TATA COMMUNICATIONS AND YOUR PRIVACY

Protecting your privacy is important to us and is a responsibility that we take very seriously.

Who are we? Tata Communications Ltd. is the controller of and responsible for the Services. References to "we", “our," or "us" in this Policy refer to this company who is responsible for processing your personal data.

Additional information on our personal data practices may be provided in contractual agreements, supplemental privacy statements, or notices provided to you prior to or at the time of collection of your personal data.

Your use of our Services, and any dispute over privacy, is subject to this Policy, our Terms of Service (which are incorporated by reference into this Policy) and any written contract for services between you and us or any person who provides you with access to our Services.

 

2. HOW TO CONTACT US

For any questions about this privacy policy and our data protection practices or to exercise any rights you may have in relation to your personal data under applicable law, you may email us at the following address: legalcompliance@tatacommunications.com or use our self-service portal available address. Our postal address for any questions is:

Legal Compliance – Data Protection and Privacy
Tata Communications (America) Inc.
2355 Dulles Corner Boulevard
Suite 700
Herndon, VA 20171
USA

 

3. INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We may collect or receive from JLR different types of personal data based on your use of our Services. The following is an overview of the categories of information that we might collect or receive:

  • Account Information:

    • Contact Information that allows us to communicate with you. We obtain this information when you order or register to receive any of our Services. We collect or received information from you when you sign up for our Services, create an online account, make a purchase, request details or a call back, submit a technical, customer or billing support request, participate in a contest or survey, provide us with feedback or otherwise contact us. The type of information that we collect depends on your interaction with us or JLR, but may include, your name, address, telephone number (business or personal), email address, postal/billing address (business or residential), and any other relevant information such as proof of ID or residence.

    • Billing Information related to your commercial and financial relationship such as the services we provide to you, the telephone numbers you call and text, your Internet usage, your payment history, your credit history, your credit card numbers, social security number, security codes and your service history.

  • Technical & Usage Information related to the Services we provide to you, including information about how you use our Services. Some examples include:

    • Equipment Data: Information that relates to and identifies the equipment on our networks that you may use or interface with. Information might include such as equipment type, device identifiers, device status, serial numbers, settings, configuration and software type.

    • Network Performance & Usage: Information about the operation of the equipment, services and applications you use on our networks. Examples of this might include wireless device location and type, [where a call was made from and to as well as its date, time, duration and cost, the number of text messages sent and received, voice minutes used, calling and texting records,] bandwidth used. We also collect information like transmission rates and delays, data associated with remote monitoring services and security characteristics, and information about your use of our interconnected voice over internet protocol (VoIP) services (including services purchased offline).

    • Location, direction and journey information: this will be collected based on any connected device, such as your vehicle, you may use our Services on. It includes your ZIP/postal code and street address, as well as the whereabouts of your Vehicle. Location Information is generated when your Vehicle communicates with cell towers, Wi-Fi routers or access points and/or with other technologies. Any connected device that you own or which is otherwise linked to your Vehicle will also generate such information that will then be associated with you.

  • We may collect the above personal data in the course of providing Services to you or to someone who has provided you with access to our Services. We may obtain this information in a number of ways, for example:

    • directly from you: for example, when you contact us for a technical enquiry.

    • automatically: when personal data is generated through your use of our Services.

    • from third party sources: We sometimes collect the above categories of personal data about you from trusted third parties, in connection with Services that we provide to you or propose to provide to you, where appropriate and to the extent we have a justified basis to do so. These include, JLR as your vehicle manufacturer ,KYC/fraud-prevention agencies such as [Jumeo], business directories, credit check reference/vetting agencies and connected network providers.

 

4. HOW DO WE USE THE PERSONAL DATA WE COLLECT?

We set out below some of the ways in which we process personal data:

  • Giving you access to the Services:

    Manage your application and determine your eligibility to be given access to our Services. This includes taking action regarding illegal activities, KYC/fraud, threats to our property or personnel and violations of our Terms of Service and/or applicable law and also to meet our legal and regulatory obligations.


  • Providing you the requested Services:

    This includes communicating with you and providing you with the Services requested,


  • Manage accounts and help you managing your account:

    This includes communicating with you about your use of our Services, responding to your inquiries, providing any information that you request, addressing technical support tickets, and providing customer service support.


  • Processing payments & invoicing:

    Obtain and process payments, this includes taking action against fraudulent activities and complying with our legal and regulatory obligations.


  • Protecting the integrity of our network:

    Keep things secure, protect your personal data against any loss, damage, theft or unauthorized access, prevent crime and fraud, prosecute offenders and protect national security.


  • Managing our network:

    Manage our network and your use of our network. This includes managing the flows of data going through our network to ensure the best possible quality of Service is available to you.


  • Research and developments of our Services:

    Improve our (and third party partner) Services and develop new ones with the help of statistics on the usage of our Services.


  • Marketing related activities:

    Send you information about our Services. Where we rely on your consent for these activities, you have the right to withdraw such consent at any time by contacting us at the contact details set out in this Policy.


  • Respond to request from relevant authorities and regulatory requirements:

    We can use your personal data to respond to request from law enforcement authorities or other public authorities. This may require us to disclose your contact details and/or information about your usage of our Services to such authorities or to block, intercept or otherwise interfere with your use of our Services and any personal information generated by the usage.

 

5. WHAT IS THE JUSTIFICATION FOR THIS USE?

In the EU, our justification (or legal basis) for processing your personal data will vary depending on the information itself, our relationship with the subject of the personal data, the Service being provided, the specific legal and regulatory requirements of the country in which the Services is being provided or the personal data processed as well as many other factors. It is difficult to provide an exhaustive list however we have endeavoured to provide an indicative guide below:

  • In order to engage in transactions with you, suppliers and business partners, to communicate with you and to process payments and to give you access to the Services, we need to process information about you as necessary to enter into or perform a contract with you.

  • We process personal data for marketing and sales activities based on your consent where required and so indicated on our sites or at the time your personal data is collected, or further to our legitimate interest to market and promote our products and services or to improve or develop them.

  • We rely on our legitimate interests to process information in order to analyse, develop, improve and optimise our Services, and to maintain the security and integrity of our network and systems. We also have a legitimate interest in using your personal data in connection with legal claims, compliance, regulatory and investigative purposes as necessary.

  • Because applicable laws, regulations or the public interest requires us to, such as to comply with legal processes, law enforcement or regulatory authorities or to assist in the prevention, detection or prosecution of crime.

Relying on our legitimate interests
We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests, which we have described above. You can obtain information on any of our balancing tests by contacting us using the details set out in this Policy.

 

6. WHEN DO WE SHARE THE PERSONAL DATA WE COLLECT

We may share or disclose your personal data as necessary for the purposes described above and as further detailed below:

  • Affiliates. We may disclose the information we collect from you to our subsidiaries. Our subsidiaries may use your information for the purposes indicated in this document, including, to market their products and services to you. In processing your personal data, our affiliates follow practices at least as protective as those described on this Policy. A list of our affiliates is available .

  • Integration of our services. Our Services are offered through JLR. Therefore, we will need to share your personal data with them to assist us in providing the Services to you. We also may share your personal data with companies that are system integrators, JLR retailers, network partners , in order to provide you with the Services Third-Party Service Providers. We employ other companies and individuals to perform functions that are necessary for the provision of the Services or for the purposes described above. Examples include: sending communications, processing payments, assessing credit and compliance risks via [Jumeo] to give you access to our Services, analysing data,, conducting customer relationship management, network partners, , contractors or agents, who perform functions on our behalf. These third parties include other carriers or providers that we may disclose personal data to where necessary to provide our Services or fulfil your requests or orders, , service/order fulfilment, customer service, and credit card processing, among others. These third-party service providers have access to personal data needed to perform their functions but may not use it for other purposes where they process your personal data on our behalf. Whenever we share personal data with third parties, we take steps to ensure that third party contracts contain appropriate protections for your personal data.

  • Business Transfers. If we are acquired by or merge with another company, or if substantially all of our assets are transferred to another company (which may include as part of bankruptcy proceedings), we may transfer your personal data to the other company. We may also need to disclose your personal data before any such acquisition or merger, for example to our advisers and any prospective purchaser's adviser.

  • Legal Protection and in Response to Legal Process. We may disclose the information we collect from you in order to comply with applicable law, judicial proceedings, court orders or other legal, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to government requests, including government authorities outside of your country of residence, for national security and/or law enforcement purposes. As noted above, the personal data we collect from you may be shared with government authorities or law enforcement officials if required for the purposes above, or if required for the legal protection of our commercial, financial, legal, reputational or other legitimate interests in compliance with the applicable laws. Personal data shall only be provided when we in good faith believe we are obliged to do so in accordance with the law or there are compelling reasons of public interest for us to do so.

  • Sharing Aggregated and De-Identified Information. We may use your personal data to create aggregated and anonymised information which we may share with third parties. Nobody can identify you from that anonymised information. In other circumstances we may pseudonymise your personal data before sharing it with a third party so that we can reassociate you with the information once it has been processed and returned to us. Whilst the third party will not be able to identify you from the pseudonymised information, we will still be able to. We treat pseudonymised data as though it were personal data and ensure the same level of protection for it when sharing with third parties.

 

7. INTERNATIONAL TRANSFER OF PERSONAL DATA

Tata Communications may transfer personal data across national borders. In doing so, your personal data may be transferred to and processed by other Tata Communications entities and/or unrelated third parties.

All Tata Communications entities have signed an intra-group agreement applicable to transfer of personal data outside of the EU. This agreement is based on the EU Commission standard contractual clauses (and which therefore contractually impose a standard of protection for the personal data that is equivalent to that offered within the EU). This way we ensure that adequate protections are in place for the security of your personal data when we transfer it to one of our affiliates, wherever they may be located in the world.

When we share your personal data with third parties unrelated to the Tata Communications Group, we require all such third parties to respect the security of that personal data and to treat it in accordance with applicable data protection laws. Where we engage third-party service providers to process your personal data on our behalf, we do not allow them to use that personal data for their own purposes and only permit them to process it for our own specified purposes and in accordance with our instructions. When initiating such processor relationships, we will ensure that adequate protections are in place for your personal data using the data transfer mechanism most appropriate to the personal data and the countries within or to which the personal data may be transferred.  This mechanism may include: the use of the EU approved contractual clauses; ensuring that the recipient has implemented EU approved Binding Corporate Rules governing transfer or personal data; or (in the US) is Privacy Shield Certified; or confirming that the country in which the recipient is located has been formally confirmed as providing adequate protections for personal data by the EU.

 

8. WHAT RIGHTS DO I HAVE IN RELATION TO MY PERSONAL DATA?

Under the law of many countries, you have certain rights in relation to your personal data that is held by us and we respect and observe these rights. Such rights may include the rights to: ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to, and to ask us to share (port) your personal data to another person, such as another provider or telecommunications services.

In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping

To exercise any of these rights, or to obtain other information, you can get in touch with us, see contact details above. If you have unresolved concerns, you may have the right to complain to your relevant national data protection authority. Please do contact us before making such a complaint however as we would appreciate the opportunity to investigate and address your concerns first.

 

9. HOW LONG WILL YOU RETAIN MY PERSONAL DATA

We retain personal data for as long as and/or for no longer than we are permitted to do by applicable law, regulation, tax or accounting practice or the terms of any governmental telecoms licences to which we may be subject. We also delete personal data in accordance with any contractual obligations that we may be subject to.

Where maximum or minimum data retention periods are not otherwise stipulated, we determine appropriate retention period for the personal data by considering: the amount, nature and sensitivity of the personal data contained in the records;  the potential risk of harm from unauthorised use or disclosure of personal data; the purposes for which we process the personal data and whether we may be able achieve those purposes through other means.

 

10. CHANGES TO THIS POLICY

We may make changes to this Policy from time to time. To ensure that you are always aware of how we use your personal data we will update the online version of this Policy from time to time to reflect any changes to our use of your personal data. We may also make changes to comply with changes in applicable law or regulatory requirements. Where it is practicable, we will notify you by other means prior to changes materially affecting you such as by posting a notice on our sites or sending you a notification. However, we encourage you to review this Policy periodically to be informed of any changes to how we use your personal data. This Policy was last amended on [date].