Individual Consent for the Cross-Border Transfer and Processing of Personal Data

This Consent for the Cross-Border Transfer and Processing of Personal Data (“Consent”) is intended to comply with the requirements of Articles 6(1)(a), 7, 9(2)(a), 13 and 49(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council, commonly known as the General Data Protection Regulation (“GDPR”)1. In the event of any conflict between the terms of this Consent and any Principal Agreement between Voyant and the undersigned, the terms of this Consent shall control.

Voyant's Data Processing Activities

Contact Information

Voyant Communications, LLC, a Delaware limited liability company

3905 Annapolis Lane, Suite 195

Plymouth, MN 55447
USA
(hereafter, “Voyant” or “we”)

Data Protection Point of Contact

Howard Avner compliance@voyant.com

Purposes for Processing the Personal Data

Voyant will collect, use, store, and disseminate your personal data so that we can fax your documents for you (the “Services”). This might include HTML, files, phone numbers, and other information that helps us fax. Additionally, if you're passing us tags, we record that data as well so that you can retrieve it later.

We also will use your personal data (a) to process your payments and transactions; for example, we store your credit card information (with a third-party processor) so that we can recharge your account, (b) for legal claims, and (c) to comply with any of Voyant’s obligations arising under EU laws or laws of the Member States, or laws of the United States of America.

Bases for Processing the Personal Data

Voyant processes personal data (a) to perform the tasks and services you requested of us, namely helping to send and receive faxes electronically, (b) for legal claims, and (c) to comply with its legal obligations.

Types of Personal Data to Be Processed

In order to provide the Services, Voyant will process your name, email address, payment card information, phone numbers, the documents you fax, and transaction information.

Categories of Recipients of the Personal Data

As part of the Services, Voyant will transmit your faxed document to the phone number you determine. We will also share your personal data with payment processors.

International Data Transfers

In order provide the Services, Voyant transmits your personal data to its servers located in the United States of America.

Retention Periods

Data Type

Retention Period

Payment Card Information

Throughout our relationship with you

Name

Contact Information

Fax Logs

Up to 6 Years

IP Addresses

API Requests

Faxed Documents

Up to 24 Hours*

* Voyant stores faxed documents for the sole purpose of transmitting the document to the phone number you provided. However, Voyant allows its users to opt-in to storing their faxed documents on its systems. In signing the Consent, you are agreeing to not store faxed documents on Voyant’s systems. Default account settings for new users based in the European Union will have this feature disabled. If you are an existing user based in the European Union, you must disable it in your Voyant account settings.

Your Rights:

1. To Access & Correct Your Personal Data

As part of the Service, Voyant provides you with on-line account controls so that you can access and correct your personal data.

2. Your Erasure Right

You may withdraw your consent to allow Voyant to process your data. If you exercise that option, you may also request that we erase personal data that we have about you by cancelling your Voyant account.

3. Withdrawal of Consent

You have the right, at any time, to withdraw your consent to Voyant’s processing of your personal data by cancelling your account.

4. Your Right to Portability

You have the right to receive personal data concerning you, which you have provided to Voyant, in an electronic format. To request a copy of the personal data concerning you that Voyant maintains, please contact compliance@voyant.com.

5. Your Right to Lodge a Complaint

You have the right to lodge a formal complaint about Voyant’s data protection practices with the Data Protection Authority located in your Member State.

Whether Providing Personal Data Is Required and Consequences for Not Providing the Information

Voyant only collects personal data that is necessary to provide the Services. For example, Voyant collects your name, contact information and payment card data to create and fund an account. Voyant collects phone numbers and the documents you provide to transmit them via fax. As a result, if you do not provide a piece of requested personal data, Voyant will not be able to process your payment or transmit a fax for you.

No Automated Decision-Making Or Profiling

Voyant’s Services do not involve any automated-decision making or profiling of its users.

Risks of Transferring Data to Voyant

Unlike the European Union, the United States does not have a single, comprehensive national law that regulates the collection and use of personal data. Instead, the U.S. has a complex approach to regulating specific types of personal data involving laws and administrative rules that: (a) are issued by national and state-level governments, and (b) apply to certain industries such as financial service firms and health care providers. Self-regulatory frameworks also exist in the U.S. that provide guidelines and best practices for handling personal data.

By transferring your personal data to the U.S., you accept that (a) once your data is transferred to the U.S., it will be subject only to the laws and regulations of the United States and its individual states, (b) those laws and regulations do not afford you the same or equivalent rights as those set forth in the GDPR, and (c) your personal data could become involved in litigation in the event legal action is taken against Voyant by third-parties.

To minimize these risks, Voyant:

  1. Provides the rights articulated in this Consent;
  2. Encrypts all fax-related data stored on its systems;
  3. Enforces HTTPS on all API requests and supports TLS v1.2;
  4. Performs internal and external penetration testing and quarterly security vulnerability scans on systems used to support fax services;
  5. Complies with the U.S. Health Insurance Portability and Accountability Act as related to its fax services (“HIPAA”); and
  6. Is a Level 2 PCI 3.2-compliant service provider as related to its fax services.

Grant of Consent

After reading this Consent for the Cross-Border Transfer and Processing of Personal Data and understanding the risks involved in transferring my personal data to Voyant, I hereby give my permission to Voyant to (a) transfer the personal data I provide to Voyant to its systems located in the United States, and (b) process that personal data for the purposes articulated in this document.

1 See also GDPR Rec 32, 40, 42, 43