Last Revised: Jan 2019
A Note About Children. We do not intentionally gather Personal Data from visitors who are under the age of 13. If a child under 13 submits Personal Data to Company and we learn that the Personal Data is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Data from a child under 13, please contact us at firstname.lastname@example.org.
The GDPR (European Law)
Types of Data We Collect. “Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data. “Anonymous Data” means data that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data and Anonymous Data, as described below.
Information We Collect and How We Collect It
We obtain a variety of information (collectively the “Information”) from trusted third-party data partners such as mobile application developers. We collect this Information primarily through Software development Kits (SDK’s) that are embedded with mobile apps or APIs, which are interfaces through which these app developers can provide us with information about their users. We collect the following Information from these apps:
In addition to the above we may also receive
We use this Site Data to improve our website user experience and for our commercial purposes, such as marketing, analytics and research. This Site Data may be correlated with more personal information such as name or email address.
Information Collected via Technology. We collect interest and behavioral data about mobile devices that are tied to each device’s Advertising ID. Using proprietary technologies and algorithms, the company processes each set of data associated with an Advertising ID to create an assumed profile (“Profile”) of the User of the mobile device. (“User”). Each profile is only associated with the Advertising ID of a mobile device, and is not linked to a particular, identifiable individual. Our mobile SDK may be incorporated into the code of the mobile apps of certain Customers who are licensees of the SDK technology. The SDK allows the collection of interest and behavioral information about mobile devices in a manner and for purposes similar to those described above. The company provides its Customers with Targeting Segments, which are groups of Profiles that meet certain criteria (“Services”), as explained below. These Targeting Segments are used to send advertisements that are intended to meet the perceived interests of the Users of the devices identified in a specific Targeting Segment.
Users have the ability to opt-out from receiving interest-based advertising derived from the data collected by the company. Nikaza adheres to the applicable industry self-regulatory programs, principles, and guidance published by the Digital Advertising Alliance (DAA), the Interactive Advertising Bureau (IAB) and the Network Advertising Initiative (NAI).
When Nikaza licenses the Nikaza SDK to app publishers, we require these app publishers to provide a clear, meaningful, and prominent notice to Users regarding the collection and use of anonymous data from the app and from the User’s mobile device, and to obtain consent from Users for this data collection, when applicable.
The collected information includes information about a User’s mobile device such as operating system, hardware version, device settings, language settings, telecommunications carriers, IP address, coarse geographic location derived from IP address, device Advertising ID, and installed application IDs. It may also include information about the User’s use of the mobile device, interaction with certain mobile apps installed on the device or with advertisements sent to the device, time zone, applications installed on the device, or advertisement served to the device.
We also obtain information from external sources, such as third party data providers or other application owners, for example a database that would link advertising IDs and a customers CRM data set.
We may also collect certain demographic information (age, gender, general geolocation information) and information about User behavior when using a Customer’s mobile application. When we do not have certain demographic information, we may infer it or model it from other information about Users.
If a User has enabled “location tracking” in an application, we may receive certain precise location information about the device.
When providing mobile location analytics reporting services to a brick and mortar business, we may collect MAC addresses from WiFi enabled devices that come into the reach of our proprietary IoT sensor. This occurs only when a device’s WiFi is turned on. The MAC address is a unique identifier assigned to every mobile device. It is not the device’s mobile number. The MAC address identifies the make of the device, such as Samsung or Apple, but it does not reveal other information about the device nor its owner. We also capture the signal strength from the device to estimate the distance between the device and WiFi and sensor.
The MAC address is hashed for privacy before it’s recorded. Once it is hashed, the hash value cannot be translated back to the original MAC address to identify the device from which it was obtained. This information is retained in our databases for only as long as reasonably necessary for business purposes.
The company analyzes this information to create anonymous and aggregated reports that are then shared with the business customer. Reports prepared for a retail business customer might contain information such as how many people visited the store, the dwell time, which part of the store they visited, and how often they returned. This information may be used to reduce wait times at check-out, optimize store layouts, and understand consumer shopping patterns.
Consent. Our Partners and customers are responsible for providing Users with their own privacy notice, and obtaining consent to the collection and use of User Data where applicable. Nikaza requires that customers who implement the Nikaza SDK obtain consent from the users with their own privacy notice.
Use of Your Personal Data
General Use. Personal Data you submit to us via our website is used either to respond to requests that you make, or to aid us in serving you better. We use your Personal Data in the following ways: provide services and Improve the quality of experience when you interact with our Partners.
Compliance with Laws. We treat information that we obtain through providing our Services in accordance with all applicable laws and regulations, including the rules and regulations issued by the Federal Communications Commission.
Third Party Service Providers. We may share your Personal Data with third party service providers to provide you with the Services that we offer, to conduct quality assurance testing, and/or to provide other services to the Company. These third party service providers are required not to use your Personal Data other than to provide the services requested by Company.
Partners. We may share your Personal Data with our Partners with whom you have had one (1) or more interactions to provide you with an improved quality of experience when you interact with those Partners and for future marketing purposes from those Partners.
Your Choices Regarding Your Information. You have several choices regarding the use of information on our Services:
If you want to end all targeting on a mobile device immediately, you can turn on “Limit Ad Tracking” in your device settings. To limit Ad Track on an Apple device, see instructions at: https://support.apple.com/en-us/HT202074. To limit Ad Tracking on an Android device, see instructions at: https://support.google.com/ads/answer/2662922.
Please note, however, that opting-out will not block general advertisements that are sent at random, and not tied to the perceived interest of the User of a particular device.
We recommend physical store locations implementing our IoT solutions for data analytics to participate in the Mobile Location Analytics Code of Conduct developed by the Future of Privacy Forum. This code requires transparency and choice for mobile location analytics service providers. If you would like to exclude your WiFi-enabled device from being included in mobile location analytics reporting by companies who participate in this Code of Conduct, you can opt out at any time.
Security of Your Personal Data. The Company is committed to protecting the security of your Personal Data. We use a variety of industry-standard security technologies and procedures to help protect your Personal Data from unauthorized access, use, or disclosure. However no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while Company uses reasonable efforts to protect your Personal Data, Company cannot guarantee its absolute security. Further, while we attempt to ensure the integrity and security of personal data, we cannot guarantee that our security measures will prevent third-parties such as hackers from illegally obtaining access to personal data. We do not warrant or represent that personal data about you will be protected against, loss, misuse, or alteration by third parties.
Information Retention Information we collect is retained indefinitely provided that we will comply with the opt-out procedures described above, and will likewise comply with our representations regarding Information collected from devices located in EEA countries (and Switzerland).