Note that this page is a supplement to the Cisco Privacy Statement. In order to understand the data collection and use practices relevant for a particular site or solution, you should read both the Cisco Privacy Statement and any applicable supplement.
When you sign up to use Cisco Spark (the "Service"), we collect personal information about you, including your name, email address, and profile picture ("Registration Information"), in addition to a password ("Authentication Information"). We may also collect the name of your employer. If your registration includes Spark Call, we may collect additional Registration Information, including your desk phone number, directory extension, direct line, SIP identifier, and voicemail box number. We may also collect additional Authentication Information, including your voicemail PIN and device activation codes.
We use Registration Information to enroll you in the Service, to display your identity to other users, to notify you about features and updates, to understand how the Service is used, and to make improvements to the Service and other Cisco products and services. If you sign up for the Service using your work email address, your Registration Information will be visible to other users who have the same email domain.
When you invite other users to join the Service by providing us with their email addresses, we retain those email addresses.
We collect and retain personal information and other information you upload, provide, or create while using the Service (“User-Generated Information”), including information related to:
We use this information to provide you with the Service, which includes a persistent history of your interactions with other users. You should be aware that all messages and content you share in a room, including personal information about you or others, will be available to all other participants in that room, including participants who join the room after you share messages or content.
If you choose to enable optional location-sharing, we will collect your geographic location (latitude, longitude, and city) when you send a message or share content in a room. We collect this information so that it can be shared with other users in the room.
If you use the Service on your mobile device, upon sign-up you will have the option of sharing your calendar and/or contacts with the Service mobile application. This calendar and contact information is accessed only by the application locally on your mobile device and is not shared with Cisco unless and until:
The Service supports integrations with third-party services and applications. If you choose to add an integration, the third-party may share information and content associated with your third-party service or application account with us. We do not receive or store your passwords for these third-party services or applications, although we do store authentication tokens associated with them.
Our servers automatically record certain information when you use the Service, including your IP address, user agent identifier, operating system type and version, and client version ("Host Information"). If you use the Service with Spark Phone OS or Spark Room OS, we collect the MAC address of your desk phone or video endpoint. We also automatically record information about your usage of the Service, including actions taken, date and time, frequency, duration, quantity, quality, network connectivity, and performance information related to logins, clicks, messages, contacts, content shared, calls, use of video and screen sharing, meetings, voicemail, and other feature usage information ("Usage Information"). We use Host Information and Usage Information to understand how the Service is used, to diagnose problems, to respond to customer support requests, to conduct analytics and aggregate statistical analysis, and to improve the Service and other Cisco products and services.
When you use the "Send Feedback" feature of the Service or, choose to send a problem report from a device running the Spark Phone OS, or choose to send logs from a device running Spark Room OS, logs of your activity are automatically shared with us so that we can provide technical support and make product improvements. In some cases, you may be offered the option to send logs at the end of a specific call following a call failure or a low call rating within the Service. If you select the "Send Call Reports Automatically" option under Settings, your activity logs will be shared with us at the end of each call. These logs record information about the participants, date, time, duration, and quality related to your activities with the Service, as well as hashes (one-way encrypted versions) of messages you've sent or received. If your device is paired with a device running the Spark Room OS, the activity logs from the paired device will also be shared with us. These logs may pertain to other users of the paired device besides you. No content or message text that you send or receive is shared with us, unless you choose to include optional screen shots that display messages or content. The logs are stored unencrypted on your device and, together with screen shots, are sent to us using transport encryption (see next section). Your employer has the ability to share logs with us on demand from any device it administers running Spark Phone OS or Spark Room OS, or from any Spark Hybrid Services deployment that it administers.
The Service uses different kinds of encryption to protect different kinds of data in transit and in storage.
End-to-end encryption is used to protect messages and content that you share on the Service. Just prior to sending a message from your client, it is encrypted on your device. (If you have opted to share your location information, that information is also encrypted.) Messages remain encrypted until they are received by other users, where they are decrypted on those user's devices. The same process is used for content that you share, with one difference: content of certain types (PDFs and Microsoft Word documents and presentations) is briefly decrypted between you and the recipient so that it can be "transcoded" for display in a room. The results of the transcoding are also encrypted. For example, if you upload a slide presentation into a room, it will first be encrypted on your device. When we receive the presentation on our server, we will briefly decrypt it and send it to a third party, Box.net, where individual thumbnail images of each slide will be generated. Box.net will send the thumbnails and presentation back to us and will not store them. We will then encrypt the thumbnails and presentation and send them to the other users in the room. All content, transcoded content, and messages are stored on our servers in encrypted form. Push notifications sent to Android users via the Google Cloud Messaging service are end-to-end encrypted; notifications sent to iOS users via the Apple Push Notification Service may not be. Messages and content associated with integrations are encrypted within the Service and decrypted at the border with the third-party supporting the integration.
Media encryption is used to protect the audio, video, screen sharing data, and voicemails that you transmit during a call. When you make a call, media is encrypted from your device to our servers. It is decrypted on our servers so that we can manage the call. It is re-encrypted before being sent to the other participants on the call unless they are connected via the public telephone network or do not support encryption. We do not store any call audio, video, or screen sharing data on our servers. Voicemails are encrypted from your device to our servers, decrypted to be prepared for storage, and re-encrypted in storage on our servers.
Transport encryption (also known as HTTPS) is used to protect all connections to and from the Service other than voice/video calls. When you register for the Service, send messages, share content, connect with third-party services or applications via integrations, send logs or screen shots to provide us with feedback, or otherwise connect to our service, we always use transport encryption.
As described above, messages, location information, content, and voicemails are stored on our servers in encrypted form, as are passwords and voicemail PINs. All other Registration Information, Authentication Information, User-Generated Information, Host Information, and Usage Information is stored on our servers in unencrypted form.
The Service makes use of Cisco Intelligent Proximity features to pair your mobile device with select Cisco voice and video endpoints. See the Cisco Proximity Supplement for information about data collection associated with Cisco Intelligent Proximity features. You can turn Proximity Features off by visiting the Settings tab in your mobile client.
The Service makes use of a number of features available on mobile device and web browser platforms to support a full-featured collaboration experience. Depending on which mobile or browser platform you use and which Service features you use, your application may request or automatically obtain some or all of the following permissions:
When you use the Service in your web browser, we use cookies, local storage, and other browser storage technologies to ensure that you can stay logged into the Service until you choose to log out and to improve the performance of the Service. These technologies may store Registration Information, Host Information, and/or Usage Information. Cookies are always sent using transport encryption.
You can update your name, profile picture, password, voicemail PIN, and email communications preferences at any time using the Service menu options. If your employer subscribes to the Service and includes your account in that subscription, this updating capability may be disabled.
Unencrypted messages may be shared with third-party services and applications that you choose to integrate with and with the Apple Push Notification Service, but not with any other third parties. We may share other User-Generated information, Registration Information, Host Information, and/or Usage Information with service providers, contractors or other third parties to assist us with providing and improving the Service. The data shared may include aggregate statistics or individualized data. All sharing of information is carried out consistent with the Cisco Privacy Statement. We do not rent or sell your information.
If your employer subscribes to the Service directly, we may share any or all of the information described in this statement with them. If your employer subscribes to the Service through a Cisco partner, we may share aggregate Host and/or Usage Information about employees’ use of the Service with the partner. Employers have the option of disabling this information-sharing with Cisco partners. If a partner chooses to provide customer support for the Service, any or all of the information described in this statement may be shared with the partner.
When you use the Service, you are subject to the Cisco SaaS Terms of Service.