East Texas Advanced Communications Services

Privacy Policy

Introduction

East Texas Advanced Communications Services, Inc. referred to as “ACS”, developed and adopted this Privacy and Security Policy to describe our privacy values and guide our processing of personal information. By purchasing, subscribing to, or utilizing the ACS products or services, or registering to attend, attending and/or participating in any ACS-sponsored events or other events in which ACS participates, you agree to be bound by the terms and conditions of this Privacy Policy.

The obligations and responsibilities set out in this Privacy Policy are applicable to ACS and its personnel, in addition to any other applicable policies or agreements entered into with ACS and any applicable laws and/or regulations.

Scope

ACS respects the privacy of its customers, partners, agents, subscribers, suppliers, sub-processors (“Clients”) and other individuals with whom ACS has business interactions.

This policy applies to personally identifiable information regardless of format. For example, the policy applies to computerized records and electronic information as well as paper-based files.

It is also applicable to all personally identifiable information that is collected, stored, maintained or processed by ACS. The concepts enumerated in this policy will guide ACS’s expectations of its Clients and/or contractors to whom ACS transfers and relies on for processing of personally identifiable information.

Data Processor

ACS provides the technology platform for hosted or “cloud” unified communications as a service offerings (UCaaS) as well as premise-based PBX solution (collectively, the “Services”). These Services merely act as a conduit for data transmitted by third parties and the end users of our Services (“Subscribers”). ACS processes personal information that is controlled by or originated from other companies, such as our Clients or other business partners. ACS also processes personal information in the course of providing support for ACS communications products such as telephone equipment (“Products”). ACS shall protect the personal information, comply with all applicable laws that regulate the processing of such personal information, and process the information only as authorized by the data controller and the data subject as appropriate. Accordingly, ACS relies on guidance and direction of the Client (as the data controller), who determines the purposes of processing such personal information. In some cases, ACS may collect and process personal information for our own business purposes and shall comply with the applicable privacy laws concerning ACS processing.

In providing its Services, ACS relies on various Sub-processors.  

Below is a list of ACS Sub-processors, where personal data may be processed in order to enable the use of features and ancillary services offered with ACS Products and Services.

What Information We Collect or Process

ACS processes and in certain situations collects personal information as needed to deliver its Products and Services and manage its business. When collecting personal information, ACS does so in a reasonable and lawful manner.

The types of information and the purposes for which ACS collects or processes personal information may include:

Indirect End User Phone Contact Information (Personally Identifiable Information or “PII”)

ACS acts as a data processor with regard to indirect end user personally identifiable information and our Clients act as the data controller of such data. In the course of ACS’s processing and protection of such data, ACS will endeavor to use such data in conformity with the data controller’s instructions.

Clients

ACS uses such personally identifiable information only for relevant, appropriate, and customary purposes. ACS will not share or disclose personal information for purposes other than as described herein. “Clients” include ACS customers, partners, agents, subscribers, suppliers, sub-processors and contractors.

Business Contact Information

ACS may collect and use personal information about individual contacts of Clients and others who access ACS public websites, knowledge bases, forums, ticket systems, or provide personal information through other means. Such information may include but is not limited to account information, first/last name, company name, title, and responsibilities, work email address, work mailing address, telephone numbers, login information, device identifiers, as well as additional information provided by such individuals in the course of receiving Products and Services from ACS and/or requesting information about ACS. We will use such information for the purposes of providing Products and Services, support, conducting data analytics and product assessments and related activities, and providing information regarding ACS Products and Services.

Customer Proprietary Network Information (CPNI)

Customer Proprietary Network Information (CPNI) may include information regarding quantity, destination, technical configuration, location, and amount of use and related billing information of telecommunications, interconnected and/or non-interconnected Voice over Internet Protocol (VoIP) services. This may include but is not limited to the phone numbers that you call or send messages to (or the phone numbers that you receive these calls and messages from) through our Products and Services. The date, time and duration of the calls may also be collected.

ACS provides Products and Services that are primarily for the benefit of Clients and Subscribers in that ACS transmits, routers, switches or caches information. These Products and Services merely act as a conduit for data transmitted by third parties and Subscribers.

ACS does not determine the purposes and means of processing this personal information. Except for Subscriber data provided by the Client (the Subscribers service provider) for which ACS is merely providing a conduit for transmission, the subscribed services are of such a nature that, in most instances, ACS requires and collects only essential CPNI and billing information; and opting out or declining to provide the requested data may hinder the provision or delivery of subscribed Services. However, for CPNI data that is collected by ACS that is not subject to the control of others, ACS shall obtain consent from the Subscriber or other owner of such data for the processing of this data.

ACS collects CPNI in the course of providing technical support. This data may pertain to Clients of ACS or Subscribers (eg: end users of ACS’s direct Clients). This data may include IP address, telephone number, email address, call detail records, call recordings and other information sufficient to identify an individual end user.

Indirect End User’s CPNI

ACS acts as a data processor with regard to indirect end user (Subscriber) personal information and our Clients act as the data controller of such data. ACS’s access and use of such information are governed by contractual agreements with our business customers, who retain primary responsibility for obtaining necessary consents from their end users.

Direct End User’s CPNI

ACS typically collects and processes direct end user (eg: Clients, vendors, and partners) personal information for the purposes of providing Products and Services, support, conducting data analytics and managing product performance.

Messaging, Voicemail, Video and Media Files

ACS provides Products and Services that facilitate the recording and storage of audio and video by way of features such as but not limited to voicemail, call and conference recording. Users may elect to store or record personal information within these resources at their discretion.

Anonymized, Non-Identifying Voice and Traffic Data

ACS may use anonymized, non-identifying data collected from use of our ACS Products and Services. This anonymized, non-identifying data may be used to enhance such items, but is not limited to, voice activation, improving traffic analysis algorithms and techniques, and recognition algorithms. This processing is executed under applicable terms and supports ACS’s legitimate interests in tuning, maintaining and enhancing these Products and Services.

Cookies

ACS websites may use cookies to collect certain kinds of personal information about Subscribers or users of its Products, Services or websites. For more information on how ACS uses cookies and choices available to Subscribers and users please refer Cookies.

How We Collect Information

We collect information in various ways, including the following:

When you use one of our Products or Services, ACS collects, and stores certain information that you provide directly. We also collect information about your use of the Products and Services.

Cookies

A cookie (also known as an HTTP cookie, web cookie, or browser cookie) is a small piece of data sent from a website and stored in a user’s web browser while the user is browsing that website. Every time the user loads the website, the browser sends the cookie back to the server to notify the website of the user’s previous activity. Cookies were designed to be a reliable mechanism for websites to remember useful information (such as items in a shopping cart) or to record the user’s browsing activity (including clicking particular or specific buttons, logging in or recording which pages were visited by the user as far back as months or years ago).

Utilization of Cookies

A visit to a page on www.acstyler.com may generate the following types of cookie(s):

Anonymous Analytics Cookies

Every time a user visits an ACS website, software provided by another organization (such as Google Analytics) generates an ‘anonymous analytics cookie’. These cookies can tell us whether you have visited the site before. Your browser will inform us if you have these cookies and, if you don’t, our website generates new ones. This allows ACS to track how many individual users we have and how often they visit the site. Unless you are signed in to www.acstyler.com or any other applicable ACS websites, we cannot use these cookies to identify individuals. We use these cookies to gather statistics: for example, the number of visits to a page. If you are logged in to the ACS website, we will also be provided the details you gave to us for this, such as but not limited to your username and email address.

Registration Cookies

When you register with an ACS website, such as www.acstyler.com, ACS generates cookies that inform us whether you are signed in or not. Our servers use these cookies to determine which account you are signed in with and whether you are allowed access to a particular Product or Service.

Advertising (Ad) Cookies

These cookies allow ACS to know whether you’ve seen a specific ad or the type of ad, and for how long you have viewed it. We also utilize cookies to help us direct targeted advertising.

Other Third-Party Cookies

ACS does not use third-party cookies on their websites.

How To Turn Cookies Off

It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a specific website. Most modern browsers allow you to change your cookie settings. You can usually find these settings in the ‘options’ or ‘preferences’ menu of your browser. To understand these settings, you can use the ‘Help’ option in your browser for more details. It is solely your responsibility to stop cookies in your browser if desired.

Note: If you block the use of cookies, then this will limit the service that we are able to provide to you and may affect your visitor/user experience.

Other Passive Site Tracking

Websites may also utilize Internet Protocol (IP) addresses and log files to identify network and server concerns and problems. ACS also utilizes web beacons and other passive tracking mechanisms to perform standard website traffic analysis in a similar manner to how we utilize cookies.

Credit Card Information

ACS only collects credit card information in order to bill for purchased or subscribed to Products and Services. ACS utilizes third-party credit card payment processing agents (where these agents are required to implement reasonable and appropriate measures to protect and secure this information from loss or misuse) solely for the purpose of processing payments for those Products and Services purchased or subscribed to. These payment processors use of your personal information is governed by their privacy policies, as well as adhering to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of major credit card brands.

Vendors, Suppliers and Contractors

ACS may collect personal information about individuals who are employed by our suppliers and vendors. This business contact and payment information are strictly used to administer existing and future business arrangements.

How We Use the Information We Collect

We use your information primarily and as necessary to provide you with the various ACS Products and Services, including but not limited to one or more of the following ways: to create your accounts and allow use of our Products, to provide technical support and respond to Client inquiries, to prevent fraud or potentially illegal activities, for legal compliance purposes, including regulatory reporting, investigation of allegations of wrongdoing, and the management and defense of legal claims and actions, and compliance with subpoenas, court orders, and other legal obligations, to enforce our other agreements with you, to notify Clients and/or Subscribers of application updates, and to inform Clients and/or Subscribers about new products or promotional offers.

Marketing Materials

If you provide us with your email address or other business contact information to enable us to provide communications and information to you, we may use the information for providing such communications including the delivery of press releases and other ACS marketing materials. You may request to no longer receive ACS marketing communications by following the “unsubscribe” instructions in emails from ACS or by sending a request to the contact identified below.

In the rare and unlikely event that ACS wishes to use an individual’s personal information for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals, ACS will seek consent in advance as required by applicable law.

Sharing Your Information

We may disclose or report information that individually identifies Clients, Subscribers or devices in certain circumstances, such as:
(i) if we have a good faith belief that we are required to disclose the information in response to a valid legal process (for example, a court order, search warrant or subpoena, or to defend or respond to legal actions, and as otherwise authorized by law, or in response to lawful requests by public authorities, including to meet national security or law enforcement requirements); (ii) to satisfy applicable laws, (iii) if we believe that the Products and Services are being used in an unauthorized, unlawful or abusive manner, such as to commit a crime, including to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction, (iv) if we have a good faith belief that there is an emergency that poses a threat to the health or safety of a person or the general public, (v) in order to protect the rights or property of ACS, including enforcement of our Intellectual Property Rights and terms of the Agreement(s), and (vi) for all other purposes with your consent. We may also provide your information to third party companies to perform services on our behalf, including but not limited to payment processing, data analysis, message delivery, hosting services, customer service, and marketing.

If ACS enters into or is conducting preliminary steps which might lead to a merger, acquisition or sale of all or a portion of its assets or business, Client and Subscriber information, including personal information, may be disclosed in due diligence subject to reasonable confidentiality provisions and will also be transferred as part of or in connection with the transaction as necessary.

Information Disclosure

Internal Disclosure

In general, personal information may be shared within ACS, where legally permitted for reasonable and appropriate corporate purposes. However, even within ACS, we restrict access to personal information to those employees, agents, or contractors who need access to carry out their assigned functions.

External Disclosure

ACS uses vendors and partners for a variety of business purposes, such as to help us develop, deploy and invoice for the various Products and Services we provide. We share information with those vendors and partners when it is necessary for them to perform work on our behalf.

ACS requires that these vendors and partners protect the customer information we provide to them and limit their use of such information to their respective processing activity. ACS will only transfer or provide direct access to personal information covered by this policy to third parties that have made a commitment to respect the privacy rights of the data subject; limit processing of personal information to comply with data controller instructions; and provide ACS contractual assurances that they will provide at least the same level of privacy protection as is required by applicable privacy laws.

Security of Your Information

We implement security measures we believe are reasonable to protect your information. These safeguards include reasonable administrative, technical and physical measures to safeguard the confidentiality and security of personal information against anticipated threats and unauthorized access to personal information.  It is important that you protect and maintain the security of your account and you need to immediately notify us of any unauthorized use of your account. Remember, no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot and do not guarantee its absolute security.

Retention of Data

Personal information collected by ACS will be retained for as long as necessary and legally permitted for the purposes for which it was collected, to provide you with Products and Services, enforce our legal agreements and policies and to conduct our legitimate business interests or where otherwise required by law.

Data Integrity

ACS employs reasonable means to keep personal information accurate, complete, and current, as needed for the purposes for which it was collected.

How to Access and Update Your Information

We generally provide individuals with an opportunity to examine their own personal information, confirm the accuracy and completeness of their personal information, and have their personal information updated, if appropriate.

The ability of an individual to access his or her personal information is not unlimited, however. An individual’s ability to access personal information may be limited, for example, where (i) the burden or expense of providing access would be unreasonable or disproportionate to the risks to the individual’s privacy, (ii) the information should not be disclosed due to legal or security reasons or to protect confidential commercial information; or (iii) providing access would compromise the privacy of another person.


If you have created a user profile on a portal, you may also access and revise the personal information in your user profile when you log into your account.


Individuals who wish to access or update their personal information not accessible via a portal should direct such communications to etacs@acstyler.com.

Third-Party Websites, Plugins or Widgets

ACS websites, Products and/or Services may include social network or other third-party plugins and widgets not operated by us. Accessing these links to other sites is done at your own option and is not part of any ACS’s offerings. ACS has no control over and assumes no responsibility for the content, privacy policies or practices of any third-party sites or services. We strongly advise you to review each privacy policy provided at the respective site.

Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is United States legislation that provides data privacy and security provisions for safeguarding medical information. Subscriber acknowledges and agrees that unless the ACS Products and Services description expressly states otherwise, the Products and Services do not comply with the requirements of the Health Insurance Portability and Accountability Act, as amended, and its implemented regulations. Unless the Products and Services description expressly states otherwise or ACS has entered into a Business Associate Agreement with the Subscriber allowing it, Subscriber agrees that it will not use the Products and Services to create, receive, transmit, maintain, store, use, disclose, or otherwise cause the Products and Services to handle Protected Health Information (“PHI”) as defined under HIPAA. Subscriber retains complete and full responsibility to ensure that the Products and Services are only applied to use-case scenarios where the Products and Services do provide the necessary level of security and privacy protections. SUBSCRIBER’S AGREEMENT TO THIS PROVISION IS A MATERIAL CONDITION OF MAKING THE PRODUCTS AND SERVICES AVAILABLE TO SUBSCRIBER. In addition to any indemnity requirements in these Terms, Subscriber shall indemnify, defend and hold harmless Company, Company Affiliates and all of the directors, officers, managers, partners, employees, agents, representatives, heirs, successors and assigns of Company and each of Company’s Affiliates against all actions, claims, losses, penalties, fines, assessments, administrative costs, credit protection costs, damages and expenses (including reasonable attorneys’ fees) arising out of Subscriber’s violation of the provisions of this section, caused in whole or in part by any act or omission of Subscriber, or of anyone employed by or acting as a subcontractor, representative or agent of Subscriber. Any limitation on liability set forth in the terms of the Basic Services Agreement or any other agreement between Company or its Affiliates and Subscriber shall not apply to Subscriber’s liability under this provision.

California Privacy Rights

The California Data Protection Act (Cal. Civ. Code §§ 1798.83), also known as S.B. 27 “Shine the Light Law”, applies to a business that owns or retains California residents’ personal information and, requires such business to disclose to its California customers, upon request, the identity of any third parties to whom the business has disclosed personal information within the previous calendar year, along with the type of personal information disclosed, for the third-parties’ direct marketing purposes.

A business subject to California Business and Professions Code Section 22581 and the Privacy Rights for California Minors in the Digital World Act (Cal. Bus. & Prof. Code §§ 22580-22582) must allow California residents under age 18 who are registered users of online sites, services or applications to request and obtain removal or other forms of anonymization of content or information they have publicly posted. Your request should include a detailed description of the specific content or information to be so removed.

Our Products and Services do not address anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we take steps to remove that information from our servers.


If you are a California resident and would like to make such a request, email or contact us at etacs@acstyler.com. 

ACS Services and Artificial Intelligence

ACS leverages proprietary and trusted third-party AI technologies to provide services and features to our Clients. These include AI intelligence features such as conversational intelligence, productivity and efficiency enhancements for the workplace, as well as sales and usage intelligence. For example, ACS can generate summaries and highlights from recorded calls, and create action items and next steps, providing a seamless experience for call participants. For our events-focused services, ACS leverages AI to assist event hosts in creating descriptions of the events and organizing questions and answers.

Artificial Intelligence

ACS is committed to an AI program that supports and develops trustworthy AI. Below are the core ACS principles for trustworthy AI and how we align with each:

  • Safe: At ACS we believe AI-enabled systems should not endanger human life, property, privacy, or the environment.

  • Secure: AI-enabled systems should maintain confidentiality, integrity, and availability through protection mechanisms that prevent unauthorized access and use.

  • Transparent: Information about AI-enabled systems and their outputs should be available to users interacting with the systems.

  • Explainable and Interpretable: AI-enabled systems should enable the provision of information that describes how they function.

  • Privacy enhanced: AI-enabled systems should be developed and used in compliance with privacy laws and ACS privacy policies.

  • Fair: Development and use of AI-enabled systems at ACS should consider equality and equity by addressing issues such as harmful bias and discrimination.

AI Models and Customer Data

ACS may use proprietary and/or third-party AI models to provide ACS’s AI features. ACS AI uses:

  • Natural Language Processing - ACS’s AI is built using NLP (Natural Language Processing) to analyze the conversations that you have with customers—in real-time. NLP then processes the incoming conversation data to accurately capture and transcribe it, word-for-word, into an easy-to-read format.

  • Machine learning - Built-in machine learning helps ACS AI improve over time. The more your organization uses ACS AI, the more it learns from your conversations—and the more accurate it gets when transcribing. 

Third-Party Vendors

We contract only with third-party service providers that provide equivalent levels of data protection and security as we provide. We do not permit our third-party vendors to use Client or Subscriber data to train or improve the third-party’s AI underlying models.  This includes AI functionalities or features, such as analyzing the transcript of a recorded call to generate a sentiment (tone, attitude) analysis.

Automated Decision-Making and Human Review

ACS AI products are designed to include human review of outputs for accuracy, and customers should not use outcomes or metrics generated by the service to make decisions, for instance, concerning employment, creditworthiness, buying decisions or insurability. Any high-risk information produced from AI should be validated.

Security

ACS is committed to security and maintains technical, organizational, and contractual safeguards to protect customers’ data processed by our services, including with AI capabilities. We apply the same security requirements for our AI products as we do for all our Products and Services.

ACS’s approach to AI and security focuses on these tenets:

  • AI use restrictions by ACS personnel as governed by internal policies

  • Training model secure design restrictions to ensure separation of Client-level data and security from potential data poisoning attempts

  • Operational security for access and management of the AI models

ACS’s AI use requirements and restrictions cover proper licensing of AI solutions, what types of data may be used as inputs, scope of usage for AI system outputs internally, and use of source code from generative AI systems. With respect to training model restrictions, ACS’s AI systems development standards set forth restrictions around AI model training, including data used for training, proper recordkeeping, storage, and access restrictions. Furthermore, ACS implements operational security for access to and management of backend resources to prevent access to data by unauthorized personnel or modifications without permission.

Shared Responsibilities

Implementation of AI is a shared responsibility with our customers. While ACS has based the development of our services on the core principles for trustworthy AI as described above, customers also share a responsibility to use the products safely and securely, and to ensure human oversight into how the services are being used within their organization.

Responsible Disclosure Guidelines

At ACS, we value the security and privacy of our Clients’ and Subscribers’ data and systems. We believe in fostering a collaborative environment where ethical hackers and security researchers can help us identify and address potential vulnerabilities in our products and services. We appreciate the contributions made by the security community to enhance the security of our offerings. If you have discovered a security vulnerability in any of our systems, we encourage you to report it to us responsibly, following the guidelines outlined in this Responsible Disclosure Statement.

  • Report the Vulnerability: If you believe you have found a security vulnerability in any of ACS's Products, Services, or systems, please promptly report it to our dedicated security team by sending an email to etacs@acstyler.com.

  • Provide Sufficient Information: When submitting a vulnerability report, please include all relevant details that would help us reproduce and understand the issue. This may include, but is not limited to, the affected Product or Service, a detailed description of the vulnerability, and any proof-of-concept or steps to reproduce the vulnerability.

  • Act in Good Faith: We request that you make every effort to avoid any actions that could harm ACS or our users. Only perform actions that are necessary to identify and report a vulnerability, and refrain from accessing, modifying, or deleting data without explicit permission.

  • Keep Information Confidential: We understand the importance of responsible disclosure. Therefore, we ask you to keep any information related to the reported vulnerability confidential until we have acknowledged and resolved the issue. We will make every effort to address the vulnerability in a timely manner.

  • No Unauthorized Disclosure: Do not share any information about the vulnerability or any personal data you may have accessed during your investigation with any third parties.

  • No Exploitation or Disclosure: Do not exploit or disclose the vulnerability to others before it has been resolved. Allow us a reasonable amount of time to investigate and remediate the issue.

  • Non-Destruction of Data: Do not delete or modify any data you may have encountered during your investigation. Only access the minimum amount of data necessary to demonstrate the vulnerability.

What You Can Expect From Us

  • Acknowledgement: Once we receive your vulnerability report, we will acknowledge its receipt within a reasonable time frame.

  • Investigation: Our security team will conduct a thorough investigation of the reported vulnerability to validate its existence and impact.

  • Communication: We will keep you informed about the progress of our investigation and the steps we are taking to address the reported vulnerability.

  • Resolution: If the vulnerability is confirmed, we will work diligently to develop and deploy an appropriate solution within a reasonable timeframe.

  • Recognition: ACS appreciates the importance of your contribution to our security efforts. If you are the first person to report a specific vulnerability and it is confirmed, we may recognize your contribution at our discretion.

Legal Considerations

ACS acknowledges that, in some jurisdictions, vulnerability research and reporting may be subject to legal restrictions. We commit to handling all reports in good faith and will not initiate legal action against you if you comply with the guidelines mentioned in this Responsible Disclosure Statement.

By reporting a vulnerability to ACS, you agree to comply with the guidelines outlined in this statement and acknowledge that ACS reserves the right to update or modify this statement at any time.

Thank you for your commitment to responsible disclosure and your dedication to helping us improve the security of our products and services. We appreciate your cooperation.

Changes to Our Privacy Policy

ACS reserves the right to change this Privacy Policy at our discretion subject to business or legal requirements. You are advised to review and check this Privacy Policy from time to time and particularly before you provide personal information to ACS. Changes to this Privacy Policy are effective when they are posted on this webpage. By continuing to use our Products and/or Services you are agreeing to be bound by any changes or revisions made to this privacy policy.

Contacting Us

If you have any questions, comments, or concerns regarding our Privacy Policy or practices, please contact us at:

ACS
15390 CR 343
Tyler, TX 75708

Email: etacs@acstyler.com 

 

Google Limited Use Policy

We adhere to Google OAuth API Scopes to safeguard your data. Our requests for access are limited to Google-approved application types, and any data we collect is solely for the purpose of enhancing your user experience and improving our features. Your data is not shared without your explicit consent, except when necessary for security, legal compliance, or during company transitions, with your prior approval. Your data is only accessed by humans when required for security or legal reasons or with your explicit permission. We do not sell or misuse your data for advertising, credit assessment, or lending purposes. Our team is dedicated to upholding these principles and maintains robust security measures, including annual security assessments. Your data security is our top priority.

Any use and sharing of information obtained from Google APIs to other applications are subject to Google API Services User Data Policy, including the Limited Use requirements.