This policy explains how we use any personal information that you provide to us through our website, app or that we might collect on behalf of our customers. As privacy is a moving field, we may change this policy. We will post any changes on this page, so please check back frequently. The controller for the content we collect is STRATACACHE Oy, Lemminkäisenkatu 14, 20520 Turku, Finland. STRATACACHE Oy is part of the STRATACACHE group of companies. We have appointed a Data Privacy Officer which you can reach at email@example.com or by sending a letter addressed to Data Privacy Officer at the address above.
What does Walkbase do?
We provide services to other companies in order to help them understand and interact with their visitors. If you are visiting this page because you have been informed by one of our customers that your information might be collected at their location, you probably want to skip to Walkbase Analytics Privacy Description which describes that service.
Information we collect
Information you provide to us
You may provide information to us using a contact form on this website, by phone call or email. This may include information like your name, email, phone number.
Information we collect about you
We may collect information about your device and your actions when you visit the website or use our products.
Information others share with us
We may receive information about you from our customer in order for you to use our service. This may include your email, your name and your phone number.
[ More about collection ]
Information we collect about you
When you interact with our website and web application we may log things like which operating system, browser, network address (IP) you are using and sometimes your location (based on your IP).
Information other’s share with us
We may receive personal information about you from other providers which you have given them permission to share with us. This includes things like your email to allow you to log in to our system, your name to help identify you and your actions in the system or your phone number to allow us to contact you.
How we use the information we collect
If you provide us your information, we intend to only use it for the purposes you provided it. For example, if you have provided your details to allow us to contact you or reply to a question, we will only use the information for that purpose.
If you are browsing the website, we will collect and anonymize your information in order for us to understand how people browse and use our webpage. If you use the Walkbase Dashboard, we use the information to identify you in order to give access to the product. We also collect information about your user experience in order to improve the product. We also store usage activity for security and auditing purposes.
Information we share
We will not share information with anyone outside of the STRATACACHE family of companies unless legally required to do so and with the following third party service providers
- Google, we use Google Analytics to help us understand who visits our website and how they interact with it.
- Sentry, we use Sentry to help track down errors in the Walkbase products.
Security and transfer of data
We follow industry standards in order to protect your personal information when processing, transferring, and storing your personal information including encryption and hashing. We limit access to your personal data to a minimum required and keep your personal data only as necessary to perform our legitimate business interests.
We have dedicated data centers in the EU and in the US which serves each region independently. Other regions are served by the US data center.
[ More about security and transfer of data ]
Depending on the information, we utilise various technologies to ensure it is always protected. For example, transfers between your browser and our server is protected using modern encryption standards (TLS) and when we store your password we hash it using bcrypt.
We may transfer some of the information to third party providers which operate outside of the EEA. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data.
Access to data and your right to correct and delete it
If you wish to exercise your rights to get a copy of your data, correct it or delete it, please contact firstname.lastname@example.org.
[ More about your rights ]
Under the General Data Protection Regulation (GDPR) and similar laws, you have the right to:
- Know if your data is being processed
- Know what information is being processed and obtain a copy of it
- Correct any inaccurate information we may hold which
- Ask that we delete any information we hold about you
- Ask that we restrict processing of your information
You can contact us and ask for any of the above using email@example.com, the contact details of the company or the DPO as listed above. You can learn more about your rights at ico.co.uk or from your local Data Protection Authority.
Retention and deletion of data
We retain your personal information only as long as is necessary to provide the service. You can ask to close your account by contacting us at firstname.lastname@example.org or the details above, and we will delete your personal information on request.
We may retain personal information for an additional period as is required under applicable laws, for legal, tax, or regulatory reasons, or for legitimate and lawful business purposes.
Last updated 12 of June 2018
Walkbase Analytics Privacy Description
This document outlines the privacy concerns related to data collection and processing for Walkbase Analytics.
What is Walkbase Analytics?
Walkbase Analytics is a data processing and analytics solution supplied by the Finnish company STRATACACHE Oy (also Walkbase, a STRATACACHE company). We collect and process data on our customer’s behalf to provide them with a better understanding of the visitors in their physical locations. In most cases, for the purpose of data protection law our customer will be the data controller and we are the processor. If you are unsure, you are welcome to contact us and we will help as best we can or direct you to the controller.
What information do we collect?
Walkbase collects location data and footfall. The location data consists of an identifier, timestamp and location.
An anonymized identifier derived from the MAC address of the wireless device.
The time and date when the wireless device was observed.
A location context of when the wireless device when it was active. For example “Store A” or “Section B in Store A”.
A simple count of how many people have entered the site, as measured by sensors at the sites entrances.
What information do we process?
To collect the above described data, we process and aggregate the following data without storing it.
We generate an anonymized identifier from the MAC address of wireless devices, collected from either a Wi-Fi or Bluetooth device. The original MAC address is discarded after the anonymized identifier is generated and only the anonymized identifier is stored. The anonymisation process is a one way process and converts the identifier from a unique one to a non-unique one which cannot be reversed to the original MAC.
How do we protect the data?
We have designed our systems to keep as little information as possible and we always store it on encrypted storage with limited access. All communication is done using encrypted channels. We use our private hardware and all access and activity on them is logged and audited.
How will we use the data?
We use the data to provide aggregated reports of the movement and behavior of the wireless devices. These reports are in the form of 15 devices was seen in Location A between time X and Y, 7 of these has been seen at least once during the last month. We will not try to identify individual devices or persons, nor provide the ability to do so to any of our customers. We do not provide details about individual for less than 5 devices at any time.
How long do we store data?
The duration depends on what type of information it concerns. We don’t store data longer than necessary and irreversibly delete it when we have produced the aggregated statistics. We only store the aggregated statistics while we have a business relation with the owner of the data.
The original MAC address is only kept a very short while, generally less than 60 seconds, before being anonymized. An exception to this is that in the case of an opt-out, then the opt-out is stored indefinitely. In this case we do not store any location information about the opted-out MAC address only the timestamp of when it was opted out.
anonymized location data
The anonymized data is stored at most for as long as we have an active contract with the customer. In some cases, depending on the agreement with the customer it might be stored for a shorter time, refer to the data policy of the customer for which we process data.
How can I remove data collected about me?
It is not possible to retroactively remove aggregated data for any device (individual) as we don’t store a link between the original and the anonymized identifier. You can opt-out from any further processing by going to http://www.privacysig.org/opt-out which will prevent any further collection of data from the opted-out device.
Is the data sold or transferred to a third party?
No. While we regularly share aggregated data with our customers we do not share any of the data described above unless legally required.
Can I get a copy of my data?
It is not possible to request a copy of your data. We do not store any identifying data and have no way of figuring out what data belongs to you.
Please contact us if you have any questions at email@example.com
Last updated 23rd of May 2018