This Privacy Policy shall enter into force December 2021
General
We recognise the importance of properly protecting your personal data and processing it in accordance with the data protection laws applicable in all countries where Lebara operates.
Lebara's general practices regarding the use of your personal data, including how we collect, use and share this data with others, are outlined below in this Privacy Policy.
Personal data is any information that can be traced directly or indirectly to you as a person, such as your name, email address, telephone number or date of birth.
Lebara consists of all the business units within the Lebara Group, including Lebara Ltd, Lebara B.V. and its direct and indirect subsidiaries.
What personal data do we process?
We need to receive or collect certain data in order to perform, improve, understand, adapt, support and market our services. This also applies when you request or use our services. The types of data we receive and collect depend on the service you use and how you use it.
We may collect or receive personal data from you as an individual, but also other data that may be personally identifiable in certain circumstances and for various purposes, such as:
|
Information you provide to us:
|
|
|
Personally identifiable data |
Information from which your identity can be traced, such as your full name, date of birth and gender. |
|
Contact details |
Data that enables us to contact you, such as your home address, business address/work address, e-mail address, telephone number. |
|
Payment and billing information |
Data required to process payments made for purchasing services from us, such as billing address, payment details, your bank details and payment card details. |
|
Information we collect:
|
|
|
Know-your-customer and verification data |
Data shared with or obtained from third parties, such as credit reference agencies, fraud prevention agencies, commercially available directories and public sources. |
|
User, equipment and technical data |
Information about your usage activities within our services and our websites, such as your settings, communications, online searches, your browser type and language, browser history, websites visited, location data, your use of mobile applications, type of mobile device, data used, IP address, page views, mouse clicks, access times, addresses of affiliated websites, operating system of your computer. |
|
Managing your account(s) |
Data on customer service communications, top-up history, call and SMS history, transcripts of live chats, your preferences and interests. |
|
Cookies and other website data |
Cookies and similar site data to manage our websites and deliver our online services, also to improve your experience, understand how our services are used, customise our services and retain your choices, such as your language preferences or locations. We may also use cookies to show you relevant content relating to our services. |
For what purposes do we process your personal data and on what legal basis?
We may only process personal data if there is a valid legal reason for doing so. We use your data for the provision of our services that you have requested, in particular:
a) to contact you when necessary;
b) to fulfil orders, transactions or agreements you enter into with us, and to process your payments;
c) to verify your identity, and to check whether you are an authorised user of our services;
d) to help prevent crime and fraud;
e) to generate anonymised market reports and statistical analyses;
f) to send alerts and notifications;
g) to inform you of updates and new features of our services and about new services from us;
We may also use your personal data in connection with the marketing, improvement or development of our products or services, for safety and security reasons, or statutory requirements other than in connection with your contract or request; we will do this on the basis of our legitimate interest or that of a third party, or with your consent.
Cookies and other site data
We collect information based on your visits to our websites and your use of our services to help us gather usage and effectiveness statistics, personalise your experience, tailor our interactions with you, and improve our products and services. We do this by using various technologies, such as scripts, tags, Local Shared Objects (Flash cookies), Local Storage (HTML5) beacons and 'cookies'. We have entered into a processor agreement with these parties to ensure that personal data is only used to provide us with insight into how our website is being used.
A cookie is a small piece of information that a website can send to your browser, which may then be stored on your computer as a tag identifying your computer. While cookies are often only used to measure website usage (such as number of visits and duration of visits) and effectiveness and to enhance ease of navigation or use, and as such are not linked to personal data, they are sometimes also used to personalise the experience of a known website visitor by linking to profile information or user preferences. Over time, this information provides valuable insights to help improve the user experience.
Cookies are generally divided into 'session cookies' and 'persistent cookies'. Session cookies help you navigate the website efficiently and track your progress from page to page, so you are not asked for information you have already provided during the current visit or for information needed to complete a transaction. Session cookies are stored in temporary memory and are deleted when the web browser is closed. Persistent cookies, on the other hand, store user preferences for the current visit and for subsequent visits. They are stored on the hard drive of your device and still work when you restart your browser. For example, we use persistent cookies to record your choice of language and country of residence.
When you visit our websites or online services, you may be able to set your preferences regarding cookies and other similar site data. You do this by using the options provided by your web browser or by Lebara. If a cookie manager has been implemented by Lebara, it will be displayed during your first visit to our website. The use of the cookie preferences does not result in the deletion of cookies already on your device. You can change your cookie settings at any time, including deleting cookies already on your device or in your web browser, usually through 'Settings' or 'Preferences'. Please note that if you disable cookies in your browser or device settings, some of our services may not function properly.
Marketing data
We would like to send you information about our products and services and those of other companies within the Lebara Group that may be of interest to you. Some information may be personalised for you based on the data received about you and your preferences. This allows us to ensure the best customer experience and adequate and efficient marketing. If you have agreed to receive marketing material, you can always opt out later. You have the right to inform us at any time that you are no longer to be contacted for marketing purposes or that we are no longer to provide your data to other members of the Lebara Group.
If you no longer wish to be contacted for marketing purposes, you can always change your preferences within your account under "MyLebara" on our website. You can also contact our customer service department here. You may also unsubscribe by clicking on the unsubscribe link or following the instructions contained in an e-mail or text message sent to you. Please note that while an unsubscribe request is processed immediately, it may take up to 48 hours before it actually takes effect.
Sharing of personal data
As an international company, we may share your data with our subsidiaries around the world and transfer this data to countries where we conduct business in accordance with this Privacy Policy. In the case of Lebara majority-owned subsidiaries, we will only grant access to personal data where it is strictly necessary for the purposes for which such access is granted.
In some cases, Lebara uses suppliers and business partners located in different countries to collect, use, analyse and otherwise process personal data on Lebara's behalf.
Where applicable, Lebara may also share your Personal Data with selected suppliers and business partners to help us provide you with products or services, or to fulfil your requests.
We share your personal information with third parties who assist us in providing our services to you. These services include processing payments or running targeted marketing campaigns and improving and personalising your online experience. These third parties include Ve Global Benelux. Click here to see the privacy policy of Ve to see how your personal data is processed. Personal data is only made available to third parties if such data is required by the third party for the performance of the relevant services. Insofar as such third parties process personal data in the performance of the services in question, they do so in the capacity of a processor for Lebara and Lebara has taken the necessary technical and organisational measures, including the conclusion of a processing agreement, to ensure that your data is processed solely for the aforementioned purposes. The basis for this transfer to third parties acting as processors is Lebara's legitimate interest in being able to outsource certain business activities.
Only with your consent, may Lebara share your personal data with third parties who are not processors of Lebara.
If Lebara decides to sell, buy, merge or otherwise reorganise business operations in a country, personal data may be provided to potential or actual buyers in such a transaction or such data may be received from sellers. Lebara will require appropriate protection of personal data in such transactions.
Please note that in certain circumstances, personal data must be disclosed to government institutions and authorities pursuant to court actions, orders or procedures. These include the tax authorities, investigation services and regulators of the telecommunications market (Netherlands Authority for the Protection of Individuals with regard to the Internal Market and the Telecom Agency) and financial market (Netherlands Authority for the Financial Markets).
We may also share your personal data (or part thereof) to protect the rights or property of Lebara, our business partners, suppliers and customers and others when we have reasonable grounds to believe that such rights or property have been or may be affected.
International transfers of personal data
Due to the international character of Lebara, certain personal data is transferred between different subsidiaries and to third parties in the countries where we do business.
Should the provision of our services require the transfer of personal data to a country outside the European Economic Area, we will only do so with an adequate level of protection of the fundamental rights of the data subjects, ensuring the protection of your personal data in accordance with the GDPR.
We ensure that all subsidiaries and business partners outside the EEA process your personal data in accordance with this Privacy Policy. Where appropriate, Lebara implements EU Commission- approved standard contractual clauses or similar contractual clauses in other jurisdictions.
Number blocking
By default, your number is visible on the screen of the person you are calling. If you do not want your number to be visible you can switch on number blocking. You can find out how to do that here. Then the caller ID is not visible on the phone you are calling.
When you call 112 number blocking does not work. Even if you have screened it, your details are passed on to 112. That is a legal obligation.
Telephonic nuisance
If you are harassed by strangers via your phone, you can ask us to investigate. If it turns out that the complaint is justified and the sender is also a customer of ours, we can ask the sender to stop the behaviour that you find annoying. This is also valid the other way around if you are found to be bothering someone by phone.
How safe are your personal data?
We are committed to protecting your Personal Data and maintaining its accuracy. Lebara takes reasonable physical, administrative and technical security measures to protect your Personal Data from unauthorised access, use and disclosure. For example, we encrypt certain sensitive personal information, such as credit card details, when we transmit such information over the Internet. We also require our suppliers to protect such information from unauthorised access, use and disclosure.
For example, we store your personal data on computer systems with limited access which are located in facilities to which access is also limited and which are fully secured. Lebara thus implements a variety of technical and organisational measures to protect your personal data against destruction, loss, alteration or unauthorised disclosure or access.
If you have a mobile phone subscription with us, you have received a SIM card that is protected with a PIN code and a PUK code. These codes must ensure that no unauthorised person can access the information that you have stored on your phone or make use of your subscription. It is your responsibility to keep the codes secret.
Our employees are thereby bound to secrecy and must comply with our instructions aimed at the adequate protection of your data.
Please note that communication via the internet is not always secure, even when encrypted. We are not responsible for unauthorised access to or loss of personal data beyond our control.
You are responsible for the security of your personal data, such as your login details or your personal data that you share with us via the internet.
However, it is possible that something goes wrong with the protection of your personal data and there is a data leak. If necessary, we will report such a data breach to the Dutch Data Protection Authority.
How long do we retain your personal data?
We will not retain personal data longer than necessary to fulfil the purposes for which it is processed, including providing our services to you, ensuring the security of our processing to comply with legal and regulatory obligations (e.g. audits, administration and statutory retention periods), handling disputes and for the establishment and exercise of or defence against legal claims.
Data required for our accounting will be kept for seven years.
Your privacy rights
The data protection legislation (the "GDPR") grants the following rights to persons whose personal data we process:
i) the right to ask whether data relating to you is being processed and, if so, to have access to it;
ii) the right to request the rectification and erasure of such data;
iii) the right to object to or request the restriction of processing;
iv) the right to withdraw consent to the processing, if the processing is based on your consent;
v) the right to have your data received by or transferred to an organisation designated by you, in a structured, commonly used and machine-readable form;
vi) depending on your country of residence, the right to lodge a complaint with a data protection supervisory authority. In the Netherlands, this is the Dutch Data Protection Authority in The Hague (www.autoriteitpersoonsgegevens.nl).
Please note that the rights granted to you may be limited or superseded by applicable law and by Lebara's obligations under laws and regulations. Some Personal Data is also needed to provide our services to you.
Depending on the service you use, you can change some of your personal data within your account under "My Lebara" on our website and, in case of Lebara mobile applications, in the application settings.
Requests should be sent to [email protected] We will assess your requests in accordance with the General Data Protection Regulation (''GDPR'').
Data of children
Unless otherwise indicated, our websites, products and services are not intended for use by children. We do not knowingly collect personal data from users under the age of 16.
Any personal data relating to a child under the age of 16 should be provided to us only with the consent of their parent or guardian.
Links to third-party websites
In order for you to interact with other websites (not Lebara websites) on which you may have an account (such as social media sites), we may provide links or embed third party applications that allow you to register, login or post content to our websites.
Your use of these links and applications is subject to the privacy policies of the third parties. You should familiarise yourself with the third-party websites' privacy policies before using the links or applications. Lebara is not responsible for the privacy practices or the content of such other websites.
The right to lodge a complaint
If you feel that our processing of your personal data does not comply with applicable data protection laws, you can file a complaint:
- Directly with Lebara by sending an e-mail to: [email protected]
- In the Netherlands with the Dutch Data Protection Authority in The Hague (www.autoriteitpersoonsgegevens.nl).
- With the competent data protection authority. The names and contact details of the data protection authorities of countries other than the Netherlands but in the European Union can be found here .
Changes to our Privacy Policy
We may update this Privacy Policy from time to time. When we make changes to this Privacy Policy, we will add a new date at the top of this Privacy Policy. If we make material changes to the Privacy Policy that affect your rights, we will notify you by means of a service announcement in your account, on our website or by sending an email to your primary email address, and as otherwise required by applicable law.
Contact us
Questions regarding this Privacy Policy or Lebara's handling of your personal data can be directed to the Group Data Protection Officer (DPO) via our customer service portal. Please send an e-mail to: [email protected]
Or contact us in writing:
Lebara
DPO
Import Building 7th Floor, 2 Clove Crescent, London E14 2BE
Top up
MyLebara
