Privacy-policy

Updated effective January 1, 2024
At echoesafrica, we are committed to honoring the privacy of our customers and visitors to our website. We recognize the importance to you, our website customer or visitor (“you”), of maintaining an appropriate level of privacy and security for the personal information we collect from you through this website. We store your data safely and handle it with the utmost care and in accordance with applicable law.

The following policy governs the use of the site www.echoesafrica.com as well as the services offered by echoesafrica, including our gathering, use and disclosure practices with respect to your information that is collected by us or provided by you on and through this website. By accessing or using our site, you acknowledge that you have read and accepted the practices, procedures and terms and conditions of this policy and any other terms of use or policies posted by us. Please note that this privacy statement applies only to this site and not to the websites of our advertisers or of other companies or organizations to which we link. All references to “echoesafrica” throughout this policy statement include, unless otherwise stated, all echoesafrica affiliate companies, successors and assigns. By using echoesafrica’S website and services, you consent to the use of personal data and other information in accordance with the terms of this Privacy Policy.

Policy Revisions
We may, from time to time, change this privacy policy with or without notice. If you have any questions regarding this privacy policy, you may email us at: support@echoesafrica.com.
GDPR

echoesafrica complies with all data privacy laws and directives, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
Since our customers integrate our products in their software applications, we don’t interact with their end users directly. When customers do share end user information with us, we always handle the data in accordance with data protection regulations, including the GDPR. We don’t use that data for any purposes other than specifically issued by the customer who provides the data, or to the extent required under law.

You’ll encounter the terms “controller” and “processor” in this policy. By “controller”, we mean the company that an individual (“data subject”) provides their personal data to. The controller determines the purpose for the personal data and is responsible for the correct handling of the data subject’s data. By “processor”, we mean the company that provides part of the services to the controller, and needs specific personal data in control of the controller in order to do so.
Depending on your relationship with echoesafrica, we may both be a controller and a processor. When echoesafrica processes the contents of communications provided by a customer, as between echoesafrica and the customer, generally echoesafrica is a processor. When echoesafrica processes communications metadata, echoesafrica is a processor in many respects, but may act as a controller in others. When echoesafrica processes your personal data that you have provided to us through our portal or otherwise, echoesafrica is acting as a controller. When echoesafrica is acting as a controller or a processor, it always ensures that the parties we work with adhere to GDPR. Additionally, we ensure that another party will not use the data you have entrusted to us for any other purpose than delivering the services you have purchased.

GDPR Data Protection Rights

echoesafrica would like to make sure you are fully aware of all of your data protection rights. Under GDPR, every applicable user is entitled to the following:
• The right to be informed – you have the right to request that we inform you of what data is being collected, how it’s used, how long it’s kept and whether it will be shared with third parties.
• The right to access – you have the right to request copies of your personal data. We may charge you a small fee for this service.
• The right to rectification – you have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
• The right to erasure – you have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing – you have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing – you have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability – you have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• The rights in relation to automated decision making and profiling – you have the right not to be subject to a decision based solely on automated processing.

If you make a request to exercise any of your applicable GDPR rights, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: regulatory@echoesafrica.com

CCPA Data Protection RightsThe California Consumer Privacy Act (“CCPA”) provides California residents with specific rights regarding their personal information. This section describes CCPA rights and explains how to exercise those rights.
• The right to access
• The right to opt out of the sale of personal information
• The right to deletion of a consumer’s personal information
• The right of data portability
• The right not to be discriminated against for exercising rights under the CCPA

If you would like to exercise any of these rights, please contact us at our email: support@echoesafrica.com
Only you, or someone legally authorized to act on your behalf (this includes an authorized agent), may make a verifiable consumer request (“request”) related to your personal information. You may only make a request for access or data portability twice within a 12-month period. An authorized agent making a request on your behalf must provide us with written authorization providing the agent with the ability to make a CCPA request signed by you. Additionally, you will need to verify your identity directly with us. Please note that this authorized agent requirement is not applicable when the authorized agent has a power of attorney. The request must: (1) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and (2) describes your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Any disclosures we provide will cover the 12-month period preceding receipt of the request. We will provide a response to a request within forty-five (45) days of its receipt. If we reasonably require an extension of time, we will notify you within the first forty-five (45) day period and such extension will not exceed an additional forty-five (45) days. We will not discriminate against you for exercising any of your CCPA rights. Any personal information provided to us for verification and fraud-prevention purposes will only be used for that purpose and such information will be deleted as soon as practical after processing of your request. We will not sell (as defined under the CCPA) California resident personal information we collect.

What Kinds of Information Does echoesafrica Collect and Use?
Generally
We only ask for personal data when we need it for business purposes or to provide you with relevant information. You generally have the opportunity to agree to the collection, use, disclosure and sharing of the information you’ve provided. That applies whether you’re browsing our website, where you can manage your cookie preferences.

Visiting Our Website
Except as otherwise provided in this policy or in other written documentation or policies that may be provided to you regarding the services or website, the only personal data that we collect about visitors to our website is that which is provided to us voluntarily by you. “Personal data” is information that tells us specifically who you are, such as your name, street address, email address, billing address, social security number, credit card number, other service account information, and certain other financial information. In general, you can visit our website without telling us who you are or revealing any personal data about yourself. Our Web servers may use “Cookies” (described below) to collect information about visitors such as your domain name, host from which you access the Internet, the IP address of your computer, and your browser software and operating system. This information may be aggregated to measure such things as the number of visits, average time spent on the site, number of pages viewed, and methods by which our site was found. echoesafrica may use such information to evaluate the use of our site and to continuously improve the content and services being provided.

Using Our Web Site Services
When you use our online services by accessing your account information, ordering a service or making a payment on-line, requesting product or service information, or sending us email, we will ask you to provide personal data to us. Except as otherwise provided in this policy, when you supply information about yourself for such specific purposes, we use the information for that purpose and to manage the internal operations and security of our website consistent with the terms of use and policies established from time to time governing this site. As further described herein, such purpose may involve the disclosure of such information to unaffiliated companies or vendors where necessary to and for the limited purpose of processing your request, processing a transaction authorized by you or providing you with products or services.

Customer Proprietary Network Information (“CPNI”)
We also want you to be aware that certain information related to your telecommunications services account with us such as to whom, where and when you make calls is CPNI. CPNI is protected by specific federal laws and regulations and as such we are fully committed to comply with such laws and regulations, both through our website and in all other respects. Without your consent, we will only share or disclose your CPNI (i) to market to you services or products among the categories of services or products you currently subscribe, (ii) to initiate, render, bill and collect our telecommunications services, (ii) to protect you or other carriers from illegal or fraudulent use of, or subscription to, our services or to protect our rights or property, (iii) to provide your call location information in certain specified emergency situations, and (iv) for other legally permissible purposes.

Call Recording
echoesafrica operates a telephone system which is capable of recording conversations for the achievement of various proper and lawful purposes, including (i) quality monitoring, (ii) training, (iii) compliance and (iv) safeguarding purposes. Calls, incoming or outgoing, may be recorded, retained and/or collected.

All calls, incoming and/or outgoing to and/or from echoesafrica, can be recorded. Under normal circumstances, a call will not be retrieved or monitored unless:
1. It is necessary to investigate a complaint;
2. It is part of a management quality check that our standards are being met;
3. It provides assurance of echoesafrica quality standards and policies.
4. There is a threat to the health and safety of staff and/or visitors and/or customers and/or vendors and/or for the prevention and/or detection of a crime;
5. It is necessary to check compliance with regulatory procedures;
6. It will aid echoesafrica employees in call handling through use in training and coaching our staff;
7. It is for safeguarding purposes; or
8. It is for helping to protect employees from abusive or nuisance calls.

Personal data collected in the course of recording activities will be processed fairly and lawfully in accordance with the relevant legislation, including GDPR. Data collected shall be:
1. Adequate, relevant and not excessive;
2. Used for the purpose(s) stated in this policy only and not used for any other purposes;
3. Accessible only to managerial and/or senior staff such as our CEO, COO, legal department, accountants and specifically authorized IT representatives.
4. Handled and managed confidentially;
5. Kept and/or stored securely; and
6. Not kept for longer than necessary and will be securely destroyed once the issue(s) in question have been resolved and/or there is no further legal obligation.

Where possible, we will inform the caller and/or the receiver of the call that the call will be monitored/recorded for quality/training purposes so that they have the opportunity to consent by continuing with the call or hanging up.

By continuing a call and/or accepting the current policy you freely and unconditionally consent that when receiving a call from echoesafrica and/or when you are calling echoesafrica, the call may be monitored or recorded for the purpose(s) stated in this policy.

Who Has Access to This Information?
Except as set forth in this policy or unless we specifically disclose it to you at the time of collection or subsequently obtain your approval, we will not make any personal data that is gathered on our site available to unaffiliated organizations for commercial purposes unrelated to the business of echoesafrica. Certain federal, state and local laws or government regulations may require us to disclose personal data about you. In these circumstances, we will use reasonable efforts to disclose only the information required by law, subpoena or court order to be disclosed.

For example, here’s why and with whom we may share your personal data:
• Telecom operators and other communications and communications-related services providers for proper routing and connectivity.
• Third party service and technology providers who perform necessary actions on our behalf, such as payment processor and hosting service providers.
• echoesafrica affiliates, successors and assigns. All echoesafrica affiliates follow this Privacy Policy.
• Where we are legally obligated to do so.
• To protect the confidentiality or security of your personal data or other records.
• To our attorneys, accountants and regulators.
• We don’t sell information to third parties for advertising, but we do use your personal data to inform our direct marketing efforts, such as through Google Adwords. We may also share aggregate anonymized data relating to the transactions on the site and use of our services for marketing, research and other purposes.
Cookies

Our site may make use of cookies (or a similar technology) to better manage our sites and to assist us in providing you with tailored information and services. A cookie is a tiny element of data that a website can send to your browser, which is stored on your hard drive so that we can do things such as better serve you as you navigate through our site or when you return. You may set your browser to notify you or decline the receipt of a cookie; however, certain features of our sites or services may not function properly or be available if your browser is configured to disable cookies.

E-Mail
echoesafrica’S policy is not to read or disclose private e-mail communications that are transmitted using echoesafrica services except to respond, if directed to us, or as required to operate the service, as set forth in the terms of use and policies established from time to time governing the service, or for other legally permissible purposes.

Security
echoesafrica maintains physical, electronic and procedural safeguards designed to protect the confidentiality of personal data provided by you on and through our website. For example, unique passwords or user identifications are required to access a number of our website services. In addition to requiring the use of a unique password or user identification, all payments processed through our website require certain personal data provided by you to be sent in a “Secure Session” using Secure Socket Layer encryption technology. This technology is designed to encrypt—or scramble—your financial or credit card account information to help prevent unauthorized parties from reading it. We seek to regularly test and update our technology to help protect your personal data. However, such precautions do not guarantee that our website is invulnerable to all security breaches. echoesafrica makes no warranty, guarantee, or representation that use of our website is protected from all viruses, security threats or other vulnerabilities and that your information will always be secure. When doing business with others, such as advertisers to whom you can link from our site, you should consider the separate security and privacy policies of those other sites.

Your Use of Passwords or User Identifications
Except as specifically permitted by this privacy policy or other instructions regarding the online services you may not, and will ensure that you do not, lend, give, or otherwise disclose any passwords or user identifications to any unauthorized person, or permit any unauthorized person to use your accounts or related passwords or user identifications. Any loss of control of passwords or user identifications may result in the loss of control over personal data. You will be responsible for any actions taken on your behalf or any person using your passwords or user identifications. If passwords or user identifications have been compromised for any reason, then you should immediately change such password or user identification or notify us so that we may issue a new password or user identification.

Discussion Areas
This site may provide discussion areas so that customers and visitors can communicate freely and share ideas. Please remember that any information that is disclosed in these areas becomes public information and you should exercise caution when disclosing such information. These discussion areas may be monitored by us or law enforcement officials as appropriate occasionally in order to enhance the safety and respect for all of our customers and visitors, and off-topic, unlawful or otherwise inappropriate content of materials of which we become aware may or may not be removed from the site during the course of such monitoring. However, echoesafrica is not responsible for any information posted or remaining on these discussion areas.

Links to Other Sites
For the convenience of our visitors and customers, this website may contain links to other sites. While we generally try to link only to sites that share similar high standards and respect for privacy, we have no responsibility or liability for the content, products or services offered, independent actions, or the privacy and security practices employed by these other independent sites. We encourage you to ask questions and review the applicable privacy policies before disclosing information to third parties on these independent sites.

Updates or Revisions to Personally Identifiable Information
Your use of certain of our online services may permit you to update personal data from our database by accessing our website. If you remove certain information from your account, we will only retain copies of such information as are necessary for us to comply with governmental orders, resolve disputes, troubleshoot problems, enforce any agreement you have entered into with us and as otherwise reasonably necessary.

If You Do Not Wish to Disclose Your Information
Even though we collect your data to conduct business, your data stays your own. You stay in control of your personal data and can at any time choose what you want us do with it. You can at any time:

Change your cookie settings.
When you visit our website for the first time, you can decide to accept all cookies or accept specific cookies using your browser tools or deny all our cookies. You can always change your preferences in your browser settings.
Withdraw consent to our processing of your data.

If for whatever reason you no longer want us to use your personal data, you’re free to change your mind. We will always comply with your request, unless we’re legally required to keep your data. Which basically means that if there is any legal dispute, about for example outstanding invoices, we can keep your information until it’s resolved.

Control and review your data.
You can always view, amend, delete, and transfer your personal data. If you want to edit your information, you can do so on our portal where you can find an overview of your personal data. When you choose to delete your personal data, we hold the right to hold onto anonymised and aggregated data. If we do so, nothing will be able to identify you as a person in any way. If we’re required to retain your information for legal reasons, we will let you know in response to your request.
Object to and restrict the processing of data.

When your personal data is being processed to fulfill a legitimate interest to us, such as marketing, you’re able to object and unsubscribe by sending an email to legal@echoesafrica.com. You can always exercise your right to restrict processing, and we’ll make sure to process your data in the way you specify. We will assess each request on a case-by-case basis according to the rules set out by the GDPR. If we override your request, we need to demonstrate that we have compelling grounds to do so, or that there’s a legal claim which allows us to retain personal data. If you don’t agree with how we’ve handled your request, you can file a complaint with the authority related to the member state you live or work in, or the country in which the suspected infringement has taken place.

Children’s Privacy
We do not intend for this site to be used by children under the age of 13, nor do we seek to collect information about children under the age of 13. If you are under the age of 13, please do not provide us with information and promptly exit this site. We encourage parents or legal guardians to talk with their children about the potential risks of providing information over the Internet.