Privacy Policy: Inloco x COVID-19

Last update: June 5, 2020

About Inloco

Inloco’s engagement solution provides intelligence from geolocation data for client applications, including push notifications to app users at the relevant time according to their location; visit analytics, to generate insights into user location behavior; client app CRM integration, to track behavior patterns and send marketing campaigns contextualized with users' offline habits. Inloco is also capable of creating anonymous population mobility indexes, either for urban planning purposes or to help institutions in the fight against COVID-19, in addition to checking the occupation of physical stores compared to their usual capacity in terms of number of visitors, in order to resume commercial activities safely in the scenario of the COVID-19 crisis. This location technology requires no storage or access to users’ directly identifiable information, ensuring you a non-negotiable right: the right to privacy.


Technology

To offer services, the Inloco solution collects data from mobile devices through a Software Development Kit  installed in client applications. These apps are required to present this Privacy Policy in their own terms, and inform users that some personal data might be collected by our SDK. After users accept their terms, apps will request the needed permissions to use mobile device location functionalities. Once authorized, Inloco starts data collection safely and without identifying users.

Location data is then transformed to provide services to users and solutions to businesses: we consolidate collected data into clusters – groups of unidentified users, aggregated by similar location behavior – in order to create metrics about visit flow in stores; generate population mobility metrics; target ads according to device profile; and send relevant app messages through push notification technology; and other purposes that can be read in the Privacy Policy regarding our engagement solution, apart from actions related to coronavirus.

In this Policy, we will explain in detail how Inloco will process data for the purpose of helping to fight against the COVID-19 pandemic, the infectious disease caused by the coronavirus that has become a global problem. Here, we will detail each initiative, demonstrating our efforts to respect your privacy, as well as explaining the specific purpose of each data collected, form and duration of the processing, and the responsibilities arising from it, including how you can leave our database, through the opt-out.


Fighting COVID-19

We believe that the use of a geolocation technology developed with privacy by design in mind, such as ours, is the safest and most efficient solution to fight this pandemic.

Because we understand that it is possible to contain the advancement of the coronavirus without the need for a policy of surveillance and violation of privacy by the bodies responsible for controlling the disease, we are developing some solutions in partnership with governments, health secretaries, universities and any other institutions who want to join us in combating the pandemic of COVID-19.

So far, we have developed the following projects:

  • Social Isolation Index
    This index is the main Inloco initiative in the fight against COVID-19, which aims to map risk areas and verify the effectiveness of health measures implemented, from anonymized data. The Index is calculated as the number of users who have not left their place of residence (inferred from our technology) on a given day in relation to the total number of users in that same microregion, municipality or state. Thus, the higher the index, the higher the degree of isolation estimated for that region. We highlight that the Social Isolation Index per state is publicly available to society on our website.
  • Communication with the population via push notifications, through government applications
    We are offering the integration of our Software Development Kit (SDK) with government applications to collect data that can help institutions establish direct communication with the population, by sending informative and educational notifications about social distancing, social isolation and quarantine, and the suspension of establishments' activities.
  • Analysis of visits to hospitals, health posts and essential services
    Using a probabilistic set (HyperLogLog) to make counts of visits with representative accuracy, without storing users’ unique identifiers, we are analyzing the capacity of hospitals and health posts, under exceptional circumstances and in view of the atypical and emergency situation that we are experiencing, in order to avoid overcrowding and allocate patients and health professionals in a distributed and intelligent way. We have decided to collect this data considering that one of the greatest dangers brought by coronavirus is not the severity of its resulting disease, but the speed of transmission and consequent overcrowding of health systems. With the techniques applied, we will know how many devices visit these establishments, but not which ones; this data will be stored separately and deleted by the end of the COVID-19 crisis. In addition, we are collecting visits to locations offering essential services, such as pharmacies and supermarkets, to avoid crowding and distribute consumers.
  • Analysis of visits to physical stores by commercial segment to business reopening
    Through a dashboard, we enable the verification of physical stores visit behavior divided by commercial segment (e.g.: fashion, construction, bars, etc.) at municipal level. In this dashboard, it will be possible to visualize the visit flow to commercial establishments since 01/01/2020, that is, before the beginning of the health crisis in Brazil. Such metrics may contribute to decisions involving the gradual reopening of commercial activities safely. We emphasize that data about visit flow to physical stores is already part of the services offered by Inloco, and that data processing for insights purposes is detailed here.
  • Analysis of physical stores occupation after commercial activity reopening
    With the commercial activities gradually reopening, we will map on a daily basis which physical units of stores have had more than 50% of their usual capacity in terms of number of visitors, and deliver the information through a dashboard to the respective companies. Thus, it will be possible to resume non-essential business activities safely, aiming to mitigate the risks of a new wave of contagion.


Data collection and purposes

Category

Description

Purpose

Location

 

 

 

GPS

Wi-Fi signals

Bluetooth-LE signals

Telephone signals

Activity (running, walking, driving)[1]

Sending of proximity alert to risky locations

Count of visits
Mobility analysis
Sending of educational campaigns

Identifier

 

Advertising ID (stored after the application of hash with salt and encryption functions)

Targeting

Single user count

Performance

Clicks

Misclicks

Views

Campaign performance metrics

Device

 

 

Device model

Operating system

OS version

SDK Performance Metrics

IP (the last 4 digits are ignored to remove accuracy)

Network type (3G, 4G, Wi-Fi)

Network provider

Screen resolution

Debugging and monitoring the SDK

Network resource optimization
Segmentation to exclude information from regions that will not be analyzed

Apps

 

App session (when is the app opened and how much time does it remain opened)

Events defined by the developers of the apps (events such as new user registration, in-app transaction, viewing of certain parts of the application and use of certain features)

App usage intelligence

Evaluation of communication through push notifications

[¹]Google Play Services provides Android devices with a way to get this kind of data directly from the operational system, called activity recognition.

 

Privacy and security

We use security mechanisms in both transport and data storage, in addition to always updating our protection system. All of our requests are made using HTTPS, a safe protocol and industry standard, and the data is stored in encrypted form.

We apply anonymization and pseudonymization techniques - such as hashing and encryption - to the Mobile Advertising Identifiers of our database, resulting in identifiers for different uses, which are: (i) hashed id: for unique counting and creating user profiles, which are aggregated into clusters (groupings based on similarities) without using the original identifier; (ii) encrypted id: for retrieving the original media identifier in strictly necessary cases, such as legal obligations or guarantee of the rights of personal data  subjects. The encrypted id is accessed by a restricted number of employees who have access to the cryptographic key. With these measures, in case of leakage or improper access to the data collected and processed by Incognia, the data subject will not be directly associated with the data, reducing the risk of being physically or morally affected.

Incognia does not collect static unique device identifiers (IMEI and MAC), associated accounts (email address and phone number) or civil identification data (name, ID, SSN).

Exceptionally, our SDK will collect visits to hospitals and health posts (places where we do not count visits for other services), using a probabilistic set (HyperLogLog) to make counts with representative precision, without storing unique identifiers, in order to assist institutions in the allocation of patients and health professionals, avoiding overcrowding. Such information directly related to actions to fight the pandemic will be stored in an environment separate from our main base and immediately excluded at the end of this crisis.

Finally, Incognia follows the American Children's Online Privacy Protection Act (COPPA) privacy standards and does not partner with applications aimed at children and teenagers, nor does it offer services to companies that target those. Therefore, we do not knowingly collect personally identifiable information from children under 18 (eighteen) years of age.


Data storage and retention

The data, used solely for pandemic fight purposes, will be stored on the AWS cloud platform. Cloud storage is the industry standard as it simplifies the operation of the technology, scalability and security of all our services. Incognia's data collection takes place using a secure protocol that uses encryption to protect the data in its transport to our servers.

By contract, the data collected through the integration of our technology with public service applications will be promptly eliminated, both by us and by third parties with whom they are shared, after the end of the COVID-19 crisis.


Data sharing

Incognia's partners in the initiatives to combat the crisis of COVID-19 will not have access to any individualized visit history or to any data that can directly or indirectly identify individuals.

For the scenario of sending push notifications through government applications, we integrate with Firebase and Airship platforms. We receive a user device identifier from the applications on one of these platforms, and at the time we consider it appropriate to send the notification, we trigger the platform with the message we want to send and the user identifier that should receive it. Firebase services run on Google's global infrastructure, configuring international data transfer.

We share clusters - user groupings based on similarities - of identifiers with Xandr platform to optimize our delivery of advertising campaigns related to COVID-19. This data cannot be used for other purposes than the delivery of the ads requested by Incognia. Xandr can store your data in Singapore, Japan and Brazil - which can characterize international transfer -, besides the United States.


Data subjects’ rights

Data processing confirmation

Data subjects have the right to know if any personal information about them is being processed. You may direct a request for the exercise of this right to the client with whom you have a direct relationship or by submitting us a request to dpo@incognia.com.


Access your own personal information

Data subjects have the right to know which personal data of theirs is being collected by our technology, as well as to request a copy of any collected information. You may direct a request for the exercise of this right to the client with whom you have a direct relationship or by submitting us a request to dpo@incognia.com


Information on data sharing

Data subjects have the right to know if their personal data is being shared, and with whom. This information can be observed in the previous section “Data sharing”, in which we explain how and why we share data with our clients. However, if you want to know in more detail through which applications your personal data is collected by Incognia’s technology, you may check the Privacy Policies of the apps installed in your device, as our clients are contractually required to make express reference to the use of our technology. Since we are a third party in the relationship between apps and users, we cannot expose our clients due to confidentiality issues provided for in contracts and required by those companies.


Opt-out

If you do not wish to share data from your device with us, we offer the option to opt-out (revocation of consent and interruption of data collection by Incognia). To start the opt-out process, click here. By performing this procedure, you will be disabling the collection and processing of data from your device made through Incognia technology, which contributes to (i) the monitoring of risk areas; (ii) the implementation of measures capable of avoiding overcrowding of hospitals and other essential services; (iii) research studies on the spread of coronavirus and compliance with recommendations for isolation and social distance and; (iv) direct communication with the population, aiming at greater awareness of the alarming situation we live.

In case you regret, it will always be possible to reactivate our services by sending an e-mail to dpo@incognia.com.


Privacy Policy Amendments

Incognia is working to develop increasingly effective projects to combat the coronavirus. This means that we can update and change the terms of this Privacy Policy. On our website, you will always find the latest version of the terms.

If you prefer, we can still notify you by e-mail every time the Privacy Policy is changed. You just have to sign up by sending an e-mail to dpo@incognia.com.

Finally, we would like to remind you that if you do not agree with our Privacy Policy in the future, you can use the opt-out, as explained in the previous point, by deactivating the data processing of your device by Incognia.


Contact us

If you still have questions, please contact the Data Protection Officer through our communication channel. Incognia encourages comments, questions and suggestions. To contact us, you can send an email to dpo@incognia.com.