Privacy and Data Security Policy (Last Updated: 23rd October 2019)
Lifesight provides location intelligence services using the information and location-centric data that we compile about the movement, activities, and places people visit. The following describes our data collection and use practices for the information that we collect and the data we receive from our data partners (such as mobile app publishers and developers) about individuals. It also describes the choices available to you regarding the use of that information and data. This statement doesn’t apply to the data collection and use practices of our clients and partners and the websites, services, and applications that they operate.
Data We Collect
Data You Give Us. When you ask to be contacted or have questions about our products and services and you provide us with your contact information (like your name and email address).
Data We Receive from Others. We receive data that was initially collected (over time and across websites, mobile apps, and devices) by our data partners (such as mobile app publishers and developers, advertising networks and exchanges and other websites and services), which includes:
Ad Data. We receive advertisement requests (to display an advertisement on a website, mobile app or device) along with its associated data, such as a device identifier (like a browser ID or an advertising ID (the operating system-supplied ID meant for advertising use, such as the IDFA and AAID), or another similar identifier), the browser or device type, IP address, app publisher, operating system, location, and other similar device-specific information.
Movement Data. We receive data about the places people go and visit with their mobile devices (if the mobile or other location-aware device is configured to share its location data when the device or a mobile application on the device is in use or when operating in the background). In addition to location, we receive a device identifier and other information about that device (such as the browser or device type, IP address or app publisher, operating system, carrier provider, and other similar device-specific information). We do not receive the phone number or the unique hardware device ID of a mobile device. We identify devices using the advertising ID or a randomly assigned unique identifier (that is created through our own system).
Personal Data: We receive Personal Data during your registration, when you choose to provide it, such as your name and email address. The decision to provide such data is optional.
Data We Receive from Other Sources. We receive data and information from other data sources about places that we use to verify their location, to classify those locations (such as a business, residential parcel, or other point of interest), and to identify the location’s boundaries.
Note about children. We do not knowingly collect personal information from children. If we learn that we have collected personal information of a child under 18, we will take steps to delete such information from our files as soon as possible.
How We Use the Data We Collect
We associate the data and information that we collect with the data and information we receive from others. Our technology contextualizes and aggregates this data. The location intelligence we derive (and infer) from the data and the information we amass is the basis of the services we provide:
- for measurement and reporting services),
- for capturing and understanding the interests, activities, and trends of consumers in the physical world),
- for data analytics and data services (such as for marketing and advertising, trend analysis, or market research), and
- for providing, maintaining, and improving the products and services we offer (and to develop new products and services).
We may use (and store) the data and information we collect and receive on servers that may be located outside the country where you live.
Information We Share with Others
We share the data and information we compile about someone in an aggregated or anonymized way using advertising IDs or another type of anonymous identifier:
- for measurement, statistics, usage reporting, and other data analytics
- To allow third parties to market to you, including through mobile devices and applications
- for industry analysis, demographic profiling, market research and other such purposes
If you don’t want the data that is collected about you to be used for certain purposes, you have options:
You may control how your browser responds to cookies by adjusting the privacy and security settings of your web browser. Further, Do Not Track (“DNT”) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third parties.
Please note that the opt-out choices you select are stored in opt-out cookies only in the browser that you use to visit the opt-out websites, so you should separately set your preferences for other browsers or Devices you may use. For more information on cookie opt-out, please visit this link.
On your mobile devices, you have an option to reset the Advertising IDs (for both Android & iOS).
We honor these “limit” or “opt out” instructions or “flags” by removing recognized Devices from our reporting solutions, on a going forward basis. (We may continue to use information from these Devices for other purposes, such as market research and aggregated customer analytics, but we will not use this information for interest-based advertising purposes.)
Location Settings. If you want to limit or prevent location data from your device from being collected, you can adjust this capability through your mobile device settings.
Additional Opt-out Links
Network Advertising Initiative : http://optout.networkadvertising.org/
Ad Choices (Digital Advertising Alliance) : http://optout.aboutads.info/
Security and Data Retention
We use physical, administrative, and technical safeguards that are designed to preserve the integrity and security of the data we receive; however, we cannot ensure the absolute security of any information or data transmitted to us or that is stored on our services.
We use cloud providers (AWS and GCP) for all our data storage and processing applications.
For example, we use Server-Side Encryption for protecting data at rest in Amazon S3. This encrypts objects before saving it on disks in its data centers and then decrypts it when we download the objects.
We also enforce encryption of data in transit by using HTTPS (TLS) to prevent potential attackers from eavesdropping on or manipulating network traffic using person-in-the-middle or similar attacks. We allow only encrypted connections over HTTPS (TLS) using the aws:SecureTransport condition on Amazon S3 bucket policies.
We generally retain mobile advertising IDs on the following schedule:
(a) we render mobile advertising IDs inactive for interest-based advertising purposes within 120 days,
(b) we continue to use mobile advertising IDs for analytics purposes and other purposes unrelated to interest-based advertising and reporting (for instance, in aggregated form for market research) for up to 24 months (outside of EEA countries and Switzerland) or 13 months (in EEA countries and Switzerland), provided that we may retain them if we have a legal or significant operational or legal need to do so, such as for auditing, corporate record-keeping, compliance, record-keeping, accounting or security and bug-prevention purposes.
If we change our data collection and/or use practices, we will post an updated statement (and a more prominent notice if the changes are significant) with the new practices and when they go into effect. The data and information that we collect are subject to the privacy statement in effect at the time the data and information were collected by us.
General Data Protection Regulation (GDPR)
“Personal Data” in GDPR context means any data that identifies or can identify a particular unique user or device – for instance, names, addresses, cookie identifiers, mobile device identifiers, precise location data and biometric data.
To comply with the GDPR, we provide the below representations and information, which are specific to persons located in EEA countries or Switzerland:
Legal grounds for processing your Personal Data
The legal basis for us processing your Personal Data will typically be because:
- You provided your consent.In order to provide our services that involve use of precise location information related to other Personal Data, (and to store and gain access to information stored on your device such as mobile advertising IDs), we rely on your consent. To obtain this consent, we rely on our own compliance steps and our web and mobile partners’ compliance steps, designed to ensure that consent is collected and passed on to partners, and to ensure that we only facilitate the collection of legally obtained data. We may choose to obtain consent in other cases as well, in which case we will adhere to applicable laws relating to such consent and its withdrawal.
- The processing is in our legitimate interest. We rely on legitimate interest when we use Personal Data to maintain the security of our services, such as to detect fraud or to ensure that bugs are detected and fixed. We also rely on legitimate interest when we use our own customers’ data to communicate with them about our Services.
Some processing of data may be necessary for us to comply with our legal or regulatory obligations.
You can also opt out of Lifesight’s database by submitting your mobile advertising ID at the below link: