Effective: September 2023
Last Updated: September 2023
CSG Systems International, Inc.
CSG Systems International, Inc. and our affiliated companies and subsidiaries respect your right to privacy. This Privacy Notice explains who we are, how we collect, disclose and use personal information about you, the user of the CSG website acting on behalf of yourself or the business entity you represent (“you”, “your”, or “yourself”), and how you can exercise your privacy rights.
You can access specific topics on this Privacy Notice by clicking on the relevant links below:
CSG is a leading business support solutions provider and trusted partner, offering business support solutions, revenue management, customer experience, and digital monetization solutions.
This Privacy Notice covers CSG Systems International, Inc. and its corporate affiliates and subsidiaries, including CSG Systems, Inc., Intec Billing, Inc., Independent Technology Systems Limited and Intec Billing Ireland Ltd (collectively, “CSG” or “we”); this Privacy Notice does not cover CSG Forte Payments, Inc., which is subject to its own privacy notice and practices. For a full list of our global operating companies, please click here. This Privacy Notice applies to personal information that we collect through our website at csgi.com (“Site”), from your use of CSG’s systems, applications, and services (except where we are acting as a processor/service provider as described below), from you at sales or promotional events, or from third parties for marketing or other purposes (the “Services”). If you have any questions or concerns about our use of your personal information, please contact us using the contact details provided at the bottom of this Privacy Notice.
For the purposes of this Privacy Notice, CSG is a controller (i.e., responsible party) for the personal information practices described in this Privacy Notice. Additionally, this Privacy Notice does not apply to the extent we process personal information in the role of a processor or service provider (as applicable) on behalf of our business customers. For detailed privacy information about where a CSG business customer or a customer affiliate who uses the services is the controller or business (as applicable), please contact the respective business customer directly. We are not responsible for the privacy or data security practices of our business customers, which may differ from those set forth in this Privacy Notice.
In connection with the provision of specific Services, we may provide additional “just-in-time” disclosures or additional information about our data processing practices. These notices may supplement this Privacy Notice or clarify CSG’s privacy practices in the circumstances described or may provide you with additional choices about how CSG processes your personal information.
For the avoidance of doubt, this Privacy Notice applies to all users across the world. Some users, including those who are in the European Union, European Economic Area, the United Kingdom (“EU/EEA/UK”), Brazil, South Africa, and/or certain states in the United States may have additional rights depending on where they are located, which are also described in this Privacy Notice.
PERSONAL INFORMATION COLLECTED
Personal information (i.e., personal data or similar term(s) under applicable law) generally refers to any information that can be linked to an identified or identifiable person.
The personal information that we may collect about you, or have collected about you in the past twelve months, varies depending on the context of our interactions with you. This broadly falls into the following categories:
Information That You Provide Voluntarily
We may collect the following information directly from you acting in your professional capacity:
- Basic Information: name and contact information (e.g., mailing address, email address, telephone number), date of birth, job title and responsibilities, company, trade association information, and any other personal information that you submit to us during the course of conducting business with us.
- Registration Information: information required to fulfill requests to receive newsletters, download or subscribe to content, and register for conferences.
- Marketing Information: information gathered from your participation in trade shows, seminars, and conferences, as well as credentials, product or service interests, and preferences or other information submitted to us for marketing purposes.
- Compliance Information: government identifiers and eligibility data.
- Financial Information: billing and account information.
If you are applying for a position at CSG or a CSG affiliate, our collection and processing of your personal information can be found on our Job Applicant Privacy Notice.
When you visit our Site or use our Services, we may collect certain information automatically from your device. Specifically, we or third parties we work with automatically collect certain information using technologies such as cookies, web beacons, clear GIF, pixels, internet tags, web server logs, and other data collection tools. This includes information, such as your IP address, device type, unique device identification numbers, browser-type, geographic location, and other technical information. We may also collect information about how your device has interacted with our Site or our Services, including the pages accessed and links clicked.
Collecting this information enables us to better understand the visitors who come to our Site or use our Services, where they come from, and what content on our Site or connected to our Services is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Site and our Services to our visitors and customers.
Some of this information may be collected using cookies and similar tracking technology, as explained in the Cookies Section below.
Information That We Obtain From Third-Party Sources
From time to time, we may receive personal information about you from third-party sources (including from companies that also provide marketing lead information and/or your employer to the extent your organization is acting as our customer).
USE OF YOUR INFORMATION
The information listed above is collected for the following purposes, as applicable:
For everyday business purposes, such as account management, contract management, website administration, corporate governance, and reporting obligations.
To respond to your requests or provide you with information about our Services.
To communicate with you about the Services.
To provide support, personalize, maintain, and enhance the Services and the Site.
To comply with and enforce applicable legal requirements, agreements, and policies.
To develop and improve our marketing activities, including identifying new customer opportunities, sending marketing communications, and displaying personalized advertisements and content.
To prevent, detect, identify, investigate, respond, and protect against potential or actual claims, liabilities, prohibited behavior, and criminal activity.
For other business purposes such as data analysis, identifying usage trends, determining the effectiveness of our Services, and to enhance, customize, and improve our features, products, and Services.
To perform other activities consistent with this Privacy Notice.
DISCLOSURES OF PERSONAL INFORMATION
We may disclose, or in the past twelve months have disclosed, your personal information to the following categories of recipients:
Affiliated Companies. We may disclose personal information with companies that are affiliated with us (for example, companies that control, are controlled by, or are under common control with us). We may also disclose information that is collected between websites that we, or our affiliates, control.
Organizations that Provide Services. We may disclose your personal information with companies that perform services for us, such as fulfilling orders, delivering packages, sending postal mail and emails, facilitating electronic communication with you, analyzing customer data, providing marketing assistance, investigating fraudulent activity, conducting customer surveys, and providing customer service. We may also disclose your personal information with third parties described below in the Cookies Section.
Potential Buyers. We may transfer your personal information to a successor entity upon a merger, consolidation, or other corporate reorganization, to a purchaser of all or a portion of our assets, or pursuant to a financing arrangement or co-promotional agreement. Any successor entity shall be bound by terms and conditions reasonably similar to this Privacy Notice.
Social Media Platforms and Networks. Some of our websites have features such as, plugins, widgets, or and other tools made available by third parties that may result in information being collected or shared between us and the third party. The third party’s use of your information is not governed by this Privacy Notice. You may have the right to opt out of our use of these technologies, as further described in this Privacy Notice.
Other Parties. We may disclose your personal information with other parties to comply with a legal obligation; to protect the legal rights of (or otherwise participate in a legal process pertaining to) our company, our employees, our agents, our clients, and our affiliates, to protect the safety and security of our visitors, or to protect against fraud; or with your consent.
LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, in most instances, we collect personal information from you based on the following legal grounds:
With Your Consent. If we request your specific consent to process personal information (such as when you provide your personal information to join our mailing list), then provision of your consent is voluntary, and you have the right to withdraw your consent at any time.
When Pursuing Legitimate Interests. We process your personal information for our legitimate interests and those of third parties as further described in this Privacy Notice. As a Business-to-Business organization, we typically collect and process limited personal information about customer contacts and individuals acting in their professional capacity as part of our overall effort to reduce the privacy impact on individuals.
To Perform a Contract With You. We will process your personal information when processing your personal information is necessary for the execution or performance of a contract with you (such as when you provide your personal information to acquire one of our solutions or services).
When We Have Legal Obligations. We will process your personal information when we have a legal obligation to do so, for example, if we are responding to a legal process or an enforceable government request.
Consequences of Not Providing Personal Information
You are not required to provide all of the personal information defined in this Privacy Notice in order to use our Site or to interact with us offline. If you do not provide certain personal information, however, certain functionality will not be available to you, and we may not be able to respond to your requests, perform a transaction with you, or provide you with marketing that we believe you would find valuable.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the How to Contact Us Section below.
SECURITY OF YOUR PERSONAL INFORMATION
We use appropriate technical and organizational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
INTERNATIONAL DATA TRANSFERS
Your personal information may be transferred to, and processed in, countries other than the country in which you live. These countries may have data protection laws that are different to the laws of your country. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice.
If we transmit personal information across national boundaries, we take reasonable steps do so in compliance with any national laws that govern the cross-border transfer of information, including laws in Brazil, the EU, and/or the UK. For example, we have taken steps to facilitate the transfer of personal information that we receive about residents of the European Union, Switzerland, and the United Kingdom. These steps include implementing the EU-US. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework (the “Data Privacy Framework”), the Standard Contractual Clauses (approved by the European Commission and Swiss authorities) and UK Addendum to the Standard Contractual Clauses (approved by the UK authorities) where required for the transfer of personal information.
Depending on your location, our standard contractual clauses can be provided to you on request. We have implemented similar appropriate safeguards with our third‑party service providers and partners and further details can be provided upon request.
Data Privacy Framework
CSG has certified its compliance with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework as set forth by the US Department of Commerce with respect to personal information concerning individuals from the EEA and the UK. Please see our Data Privacy Framework Notice to learn more.
If there is any conflict between the terms in this Privacy Notice and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern.
How long we retain your personal information depends on the context in which, and purposes for which, we collected it. We generally retain personal information for as long as necessary for achieving the purposes for which it was collected or processed, unless a different retention period is required by applicable law, including the retention periods required under the GDPR and CCPA.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
YOUR DATA PROTECTION RIGHTS
Depending on where you live and the types of personal information at issue, you may have certain rights with respect to your personal information. For example, under local applicable laws, including those in the EU/EEA/UK, Brazil, South Africa, and/or certain states in the United States (e.g., California) you may have the rights listed below. Please note that many of these rights are subject to exceptions and limitations. For example, certain laws generally do not apply to information that you provide to us while acting in your professional capacity (e.g., California).
Right to rectification. You have the right to request that we correct or supplement any inaccurate or incomplete personal information we process about you.
Right to erasure/deletion (i.e., right to be forgotten). You have the right to request that we delete your personal information or as applicable anonymize your personal information.
Right of access. You have the right to know whether your personal information is being processed, and, where that is the case, to request access to, including a copy of, the personal information undergoing processing.
The right to know that data processing exists. You have the right to request confirmation on how personal information is stored, in what way, and for what purpose.
The right to anonymization. You have the right to request that we anonymize unnecessary or excessive personal information.
Right to data portability. You have the right to request that we provide the personal information which you provided to us in a structured, commonly used, and machine-readable format; and you have the right to transmit such personal information to another entity.
Right to withdraw your consent. Where our processing is based on your consent, you have the right to withdraw such consent at any time. Withdrawing your consent will not affect the lawfulness of the processing we conducted prior to your withdrawal.
Right to restriction of processing. You have the right to request that we restrict the processing of your personal information.
Right to object. You have the right to object to our processing of your personal information.
Email marketing. You have the right to opt out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt out of other forms of marketing (such as postal marketing or telemarketing), please contact us at the link provided below.
Right to prohibit the selling or sharing of personal information. With regard to your right to prohibit the “selling” or “sharing” of personal information, we allow certain third-party advertising companies to collect information about your activity on our Site via cookies, as described below in the Cookies Section. This activity may be considered a “sale” or “share” under the CCPA, as those terms are broadly defined by the CCPA. California residents can choose to opt out of the “sale” or “share” (i.e., Do Not Sell or Share My Personal Information) of their personal information to third parties by following the instructions in the Cookies Section below.
The right to request further information. You have the right to request more information about the public and private entities with which we have shared personal information and information about the possibility of withholding consent and the consequences of such decision.
The right to opt out of the use of automated decision‑making technology. You have the right to opt out and, if applicable, request a review of automated decisions that affect your interests.
You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. This information can be found under the How to Contact Us Section below.
If you choose to assert any of these rights under applicable laws, we will respond within the time period prescribed by applicable law. Please note that many of the above rights are subject to exceptions and limitations. If we are not able to provide the requested information or make the change you requested, then you will be provided with the reasons for such decisions. Under local law, you may be entitled to lodge a complaint with your local data protection authority.
Your rights and our responses will vary based on your state or country of residency. Please note that you may be located in a jurisdiction where we are not obligated, or are unable, to fulfill a request. In such a case, your request may not be fulfilled.
We do not discriminate against individuals who exercise any of their rights described in this Privacy Notice. However, CSG may require use of your personal information to provide access to the Services. Therefore, when you exercise your deletion right, in particular, you may lose access to certain aspects of the Services that require your personal information.
Rights Request and Verification Process
Only you, or a person registered with the applicable government entity, where required (e.g., California), and that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a twelve-month period. The verifiable consumer request must:
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Our verification process may also include a request for additional information to confirm your identity or your authorized agent’s identity (such as your name, email address, and date of birth) or to obtain proof that you have given your authorized agent permission to act on your behalf. If our verification process is successful, then we will respond to your request within the time and in the manner required by applicable law. If we cannot validate the identity of you and/or your authorized agent or obtain proof that you have given your authorized agent permission to act on your behalf, then we will attempt to contact you to inform you.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the twelve-month period preceding the verifiable consumer request’s receipt. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically by electronic mail communication.
If you designate an authorized agent to submit requests to exercise certain privacy rights on your behalf, then we will require verification that you provided the authorized agent permission to make a request on your behalf. You must provide us with a copy of the signed permission you have given to the authorized agent to submit the request on your behalf and verify your own identity directly with us. If you are an authorized agent submitting a request on behalf of an individual, you must attach a copy of the following information to the request:
A completed Authorized Agent Designation Form indicating that you have authorization to act on the individual’s behalf.
If you are a business, proof that you are registered with the applicable government entity, to conduct business in your jurisdiction, including the Secretary of State of California.
COMMERCIALLY RECOGNIZED OPT OUT SIGNAL
CSG generally recognizes commercially recognized opt-out preference signals (i.e., Global Privacy Controls). Recognition of this signal applies only to the specific device and/or browser that communicates the signal and does not cross over to all devices/browsers you use to access the Services.
INFORMATION RELATED TO CHILDREN
We do not knowingly collect or solicit personal information from anyone under the age of 18 or the applicable age of majority in the country in which you are located. If you are under 18, please do not use the Site or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us personal information, please go to [email protected].
LINKED THIRD PARTY SITES
We may provide links to other third party websites through the Services solely as a convenience to you. However, such linking does not mean, and should not be interpreted to mean, that CSG endorses, is affiliated with, or makes any representations concerning such third party websites. CSG neither reviews, controls, nor is responsible for these third party websites or any content therein. By using such links, you will leave the Services. If you decide to access any of the third party websites linked to the Services, you do so entirely at your own risk. CSG shall not be liable for any consequences arising from use of any third party websites to which the Services link.
UPDATES TO THIS PRIVACY NOTICE
We may update this Privacy Notice from time to time in response to changing legal, technical, or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws.
You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.
FOR OUR SUPPLIERS
Our suppliers that are personal information processors may access a security breach notification form here.
HOW TO CONTACT US
If you have any questions or concerns about our use of your personal information or you would like to exercise your rights in relation to your personal information, or if you wish to lodge a complaint about our privacy practices, please contact our Global Privacy Department at:
CSG, Attn: Global Privacy Lead
169 Inverness Dr W
Englewood, CO 80112
Our EU Representative
If you are located in the European Union (“EU”) and have any questions or comments about this Privacy Notice, any issue relating to your personal information, or if you would like us to update your preferences, you may contact our EU representative. Please include your name and the name of the business to which your request refers.
Intec Billing Ireland Limited
Marin House, IDA Business Park
Our UK Representative
If you are located in the United Kingdom (“UK”) and have any questions or comments about this Privacy Notice, any issue relating to your personal information, or if you would like us to update your preferences, you may contact our UK representative. Please include your name and the name of the business to which your request refers.
Independent Technology Systems Limited
Albion House, Cherlsey Road