Privacy Policy: Inloco Engagement Solution

Last update: June 5, 2020

About Inloco

Inloco is an engagement solution offered by Incognia that provides intelligence from geolocation data for client applications, including push notifications to app users at the relevant time according to their location; visit analytics, to generate insights into user location behavior; client app CRM integration, to track behavior patterns and send marketing campaigns contextualized with users' offline habits. Inloco is also capable of creating anonymous population mobility indexes, either for urban planning purposes or to help institutions in the fight against COVID-19, in addition to checking the occupation of physical stores compared to their usual capacity in terms of number of visitors, in order to resume commercial activities safely in the scenario of the COVID-19 crisis. This location technology requires no storage or access to users’ directly identifiable information, ensuring you a non-negotiable right: the right to privacy.

Technology

To offer services, the Inloco solution collects data from mobile devices through a Software Development Kit  installed in client applications. These apps are required to present this Privacy Policy in their own policies, and inform users that some personal data might be collected by our SDK. After users accept their policies, apps will request the needed permissions to use mobile device location functionalities. Once authorized, Inloco starts data collection safely and without identifying users.

With the location functionality active, Inloco’s technology can detect the presence of mobile devices in establishments disassociated from users identity. We do not collect data from visits to sensitive places such as religious temples, hospitals, political parties, places of adult entertainment, and others that might be used to make sensitive inferences.

Location data is then transformed to provide services to users and solutions to businesses: we consolidate collected data into clusters – groups of unidentified users, aggregated by similar location behavior – in order to create metrics about visit flow in stores; generate population mobility metrics; target ads according to device profile; and send relevant app messages through push notification technology.

Privacy and security

Inloco’s technology requires no storage or access to information that is capable of identifying users; and it was developed in a way to prevent access to data that is capable of identifying them indirectly. Inloco does not collect unique static identifiers from mobile devices (IMEI and MAC), associated accounts (email address and telephone number), civil identification data (name, Social Security Number etc.), or sensitive data, including information that reveals ethnicity, religion, political opinion, religious, philosophical, political or union entities membership or data regarding health, sex life, genetics and biometrics.

We use security mechanisms in both data transport and storage, in addition to constantly updating our protection systems. All our requests are made with HTTPS, which is a secure protocol and industry standard.

Data is transferred and stored in encrypted form on the AWS Cloud - data storage in cloud servers is also an industry standard, as it allows for simple ways to gain scalability and security for all kinds of technological services. Incognia stores data for a maximum of  2 years, for the purposes described in this Privacy Policy. Exceptionally, we may retain and use personal data to: (i) fulfill contracts, agreements and policies; (ii) fulfill legal obligations (for instance, if necessary to abide applicable laws); (iii) resolve disputes by court order. Inloco may also store anonymized data for analytics purposes.

To increase data security and privacy, Inloco applies an encryption and hash function on the Mobile Advertising ID, to create new  identifiers for different uses, which are: (i) hashed ID, for single counting and users profiling, which will be aggregated in clusters without the use of Mobile Advertising ID; (ii) encrypted ID, for recovering Mobile Advertising ID in strictly necessary cases, such as legal obligations or guarantee of data subjects’ rights. The encrypted IDs are accessible to a restricted number of employees who have access to the encryption key.

The elimination of the Mobile Advertising ID ends risks associated with data access by any person without the key to decrypt the encrypted ID. Both identifiers that are kept (hashed ID and encrypted ID) are sufficient for all Inloco’s services and do not allow direct identification of data subjects, as well as decreasing risks of the Mobile Advertising ID being used to identify them in the case of integration with awe have detailed all data that is collected through our technology and for which purposes.

 third-party database that contains this ID linked to other personal data, such as email address, SSN etc. Therefore, in case of leakage or improper access of the information collected and processed by Incognia, data subjects will not be directly associated with their personal data, reducing the risk of being physically or morally affected.

Personal data collection

Incognia follows the minimization principle established by the EU General Data Protection Regulation, which states that “personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed” (Art. 5, 1, (c), GDPR). For that reason, and because Inloco is committed to being transparent, 

Category

Description

Purpose

Location

 

 

 

 

GPS

Wi-Fi signals

Bluetooth-LE signals

Telephone signals

Activity (running, walking, driving)[1}

 

 

Targeted advertising and internal communication between apps and users based on relevant places visits. Ex.: Sending notifications to users that visit a specific store

Business intelligence for retail brands. Ex.: Which brands are receiving more visits in each region of the country?

Metrics for advertising and applications’ internal communication. Ex.: How many users have received advertisement A and visited place B?

Media

Clicks

Views

Misclicks

Ads performance metrics. Ex: How many views/clicks had an ad?

Identifier

Advertising identifiers (only stored after hashing with salt or encrypting)

Device identification and unique user counting. Ex.: How many users have visited place X?

Device Data

 

 

 

 

Device models

Operating system

Operating system version

Performance metrics

IP (the last four digits being ignored to lose precision)

Network type (3G, 4G, Wi-fi)

Network Provider

Screen resolution

Installed apps

Manufacturing company

Phone Carrier

Targeted advertising. Ex.: Impacting people from telephone company A

Debugging and monitoring of our SDK to improve its functionalities and the usage of resources (CPU, memory, network, battery etc.)
Market and behavior research. Ex.: How are app X users distributed in the country? What kind of places do they frequent?
Expansion strategies. Ex.: Identifying apps with fast growing user bases.
Network resource optimization. Ex.: For poor internet connection, we reduce the internet usage

App Data

 

Apps session (when is the app opened and how much time does it remain open)

Events defined by apps developers (registration of new user, in-app transactions, visualization of certain areas of the app and use of certain functionalities)

Intelligence about the impact of push notifications communication on the usage of specific app features. Ex.: Places where certain functionalities are used; push campaigns’ impact on the usage of certain functionalities; increase and decrease of recurrence of use

Intelligence about the app usage and understanding push notifications communication effectiveness on the recurrence the the app usage. Ex.: Places where the app is most frequently used; time spent in app

[1] Google Play Services provides to Android devices a way to get this kind of data directly from the operational system, called activity recognition.

Child data

Incognia complies with the Children’s Online Privacy Protection Act (COPPA) from the United States. We do not make partnerships with child and teenage-oriented applications, nor do we offer services for companies that have children and teenagers as target audience. Therefore, we do not intentionally gather personal information from users under 18 years old.

In case you are a parent or guardian and know your child has provided personal data for us, please let us know. If we find out that we have collected personal data from children without the client application having verified their parents or guardians’ consent, we will take the necessary measures to remove this information from our servers and end the partnership with that application, in the case the issue is not permanently solved.

Data sharing

Incognia shares anonymized data with its clients. Therefore, in general, client applications will not have access to your individualized visits history or any data that can re-identify you in a direct or indirect way. The exceptions are described below.

After explicit authorization by the user, Inloco shares contextualized data with client applications through an integration (“Enterprise integration”) with their Customer Relationship Management tools (CRM), which are used by those apps to personalize communication, allowing (i) engagement actions by sending contextualized push notifications, SMS or other means of contact previously authorized by users. A practical example of engagement occurs when Inloco informs a client application that one of its users has visited a business establishment in a certain region (the “context”). By linking the context provided by Inloco to information from its own database, the application can reach the user and send them a discount coupon for that establishment. Integrations with clients’ CRM tools also allow (ii) aggregating context information with other data, under the apps’ responsibility, for historical analysis and relationship activations. For example, a cashback application with Inloco’s technology integrated is capable of understanding that a user is a regular visitor to a certain type of business establishment and therefore can offer them a greater value of cashback, in a personalized way, from the association of the information in its database with the context provided by Inloco. It is important to note that Inloco does not have access to users identification data (name and contact information, for example) - only the applications can access this information to establish a communication channel with their users and deliver products or services that are relevant to their context.

We store data on the AWS Cloud and use a safe protocol to protect the data transfer to our servers in encrypted form.

We integrate with the platforms FireBase and Airship for sending push notifications. In this scenario, we receive from the client applications a user identifier in the push provider (one of the two platforms) and, in the moment we consider opportune for sending a notification, we trigger one of these platforms with the message we want to display and the user identifier that should receive it.

We share clusters (groups of users with similar behaviour) of Mobile Advertising Identifiers with the platforms Adobe DMP and Xandr for optimizing our campaign delivery. In this context, the platforms are data processors, that is, they process data on behalf of Inloco (the "controller"). Therefore, these data cannot be used for other purposes but for delivering advertisements requested by Inloco.

As stated in their Privacy Policies, some of the integrations we make with other platforms characterize international transfer. Firebase services, which are used to send push notifications, are executed at Google’s global infrastructure. For platforms to which we may share advertising identifier clusters, Adobe servers are located in Ireland and Xandr may store data in Singapore, Japan and Brazil, in addition to the USA. 

Inloco x COVID-19

We believe it is possible to contain the advance of the disease without the need for a surveillance policy, and that a technology developed with privacy by design in mind, such as ours, is the safest and most efficient solution to help in the fight against the pandemic.

Therefore, as long as COVID-19 continues to spread, we have decided to make our geolocation technology available for the development of solutions that can assist research bodies, municipalities, governments, health departments and others.

Reinforcing our commitment to privacy, we have detailed the processing of data that may be collected by Inloco to help control the pandemic in our Privacy Policy: Inloco x COVID-19.

Data subjects’ rights

Data processing confirmation

Data subjects have the right to know if any personal information about them is being processed. You may direct a request for the exercise of this right to the client with whom you have a direct relationship or by submitting us a request to dpo@incognia.com.

Access your own personal information

Data subjects have the right to know which personal data of theirs is being collected by our technology, as well as to request a copy of any collected information. You may direct a request for the exercise of this right to the client with whom you have a direct relationship or by submitting us a request to dpo@incognia.com

Information on data sharing

Data subjects have the right to know if their personal data is being shared, and with whom. This information can be observed in the previous section “Data sharing”, in which we explain how and why we share data with our clients. However, if you want to know in more detail through which applications your personal data is collected by Inloco’s technology, you may check the Privacy Policies of the apps installed in your device, as our clients are contractually required to make express reference to the use of our technology. Since we are a third party in the relationship between apps and users, we cannot expose our clients due to confidentiality issues provided for in contracts and required by those companies.

Opt-out

In order to have control over their own personal information, data subjects have the right to withdraw or refuse consent for certain actions to be carried out at any time. To exercise this right, you may submit a request by clicking here: Do Not Sell My Personal Information. Incognia only uses personal information - Mobile Advertising ID and current location - provided in the opt-out request to review and comply with it. Once you opt-out, Incognia will not only end your personal data sales, but also interrupt data collection from your device. You may change your mind and opt back in by sending us a new request to dpo@incognia.com.

Anti-discrimination clause

Data subjects have the right to equal service and price, even when they exercise privacy rights. Inloco encourages personal data subjects’ control over their data and users will not be harmed morally or financially for the exercise of rights. However, providing personal data is a requirement necessary for the performance of services and functionalities offered by Inloco, as detailed in the “Personal data collection” section, meaning that if you opt-out, we will no longer be able to deliver you targeted advertising and contextualized communication based on the locations you visit. 

Privacy Policy amendments

We may update and change the terms of this Privacy Policy from time to time. On our website, you will always find the latest version of the terms. If you prefer, we can also notify you via email every time the Privacy Policy changes. To receive these notifications, please send an email to us at dpo@incognia.com

Contact us

If you have any questions, comments or suggestions, please contact our Data Protection Officer by sending an email to dpo@incognia.com.