The General Data Protection Regulation (GDPR) has come into effect as of the 25th of May 2018, this act replaces the EU Data Protection Directive of 1995. The act aims to provide more protection of natural person’s data and how it is used by Data Controllers and Data Processors. This statement and policy aims to address the protection of data and user privacy according to the new rules and regulations of GDPR.
The protection of personal data is of the utmost importance to Pointr. According to GDPR, any information relating to an identified or identifiable individual is personal data. If any information on its own or with another set of information can identify an individual, it is personal data. Personal data can include: name, email, phone number, social security number, etc as well as IP address, physical address, behavioral data, location data, biometric data, financial information, and much more.
IP and MAC addresses can be classified as Identifiable data, provided this can be used to determine a natural person’s identity. A device ID (MAC/IP) is not sufficient by itself to make such a connection. A device ID can identify a natural person if the data is reviewed in conjunction with some other form of data not held by Pointr such as CCTV or records of purchases in a specific area.
The table below highlights Pointr’s products and identifies the types of data collected by each as well as how this data is secured/protected.
Product |
Data |
Security Measures |
Pointr SDK |
· user coordinates · timestamp · unique device identifier · beacon battery information · search history |
· secured https communication · Completely randomised device ID · user permission required before location is tracked
|
WiFi analytics - Pointr POP |
· MAC IDs** · timestamp · WIFI signal strength |
· secured https communication · strong MD5 AES one-way data encryption algorithm · POP device resides in secured customer environment |
Pointr Cloud |
· No personal data used – only one-way encrypted data is analyzed |
· secured login · two-factor authentication (optional)
|
Website maps/Kiosk |
· No personal data used – only record general usage stats
|
· secured https communication (read-only) |
**MAC ID’s on iOS 8 and later randomizes MAC addresses already, only if a device connects to the WiFi will its original MAC address be used. Android are potentially looking to implement a similar system in the future.
The description below explains in more detail how data is protected to ensure privacy as well as the process involved in transmitting and gathering it.
When a phone runs an app containing our SDK (software library), it creates a random unique identifier for this device ("device identifier"). The device identifier is globally unique to that smartphone and app; this device identifier does not give away any personally identifiable information or device information such as MAC/IP. It is unique to that particular app running the Pointr SDK (hence, even if our SDK was used in another app on the same device, it would be a different identifier).
1On iOS, users may reset this identifier as they wish by going to phone settings. Pointr follows Apple’s official recommendation for identifying devices utilizing the device identifier method available in the default iOS SDK.
2On Android, Pointr follows best practices from Android known as Instance ID. Which similarly to iOS provides a globally unique device ID that is easily resettable, unique and does not give away any personally identifiable information or device information such as MAC/IP.
When the app starts, the SDK triggers a permission dialog (on iOS and Android) to request permission from user to track their location (while running the app and/or in background). If a user declines this request, no location tracking is carried out. Users may at any time opt in / out of location tracking for the particular app that includes our SDK.
The SDK detects Bluetooth signals and processes them along with phone inertial motion sensors (such as gyroscope and accelerometer) to calculate indoor position of the device (smartphone).
Similarly, the SDK detects GPS signals to calculate the outdoor position of device (smartphone). The SDK uploads this location information to Pointr Cloud, along with Device Identifier.
Through this process, the SDK produces a random device identifier (eg. "ABCD") with timestamp and location (eg. "Device ABCD was at this position at this time") it is important to note:
However, there is a possibility that:
Each WiFi enabled device sends out WiFi signals when searching for a WiFi network, known as "ping"s. Within this ping signal, a device's MAC ID is typically found. (Since iOS 8, iOS devices send out a randomised fake MAC ID instead. Android is also looking into introducing a similar mechanism.)
Pointr’s POP devices sniff the air for WiFi and Bluetooth signals. When it detects WiFi pings, it registers MAC id, signal strength and timestamp. This information is then uploaded to the Pointr Cloud. Using this information, along with the POP device locations (marked on map), it is able to calculate the estimated position for each device detected in real-time.
By default, Pointr Cloud one-way encrypts the MAC ID received to avoid privacy issues using the MD5 AES standard of encryption. Therefore, Pointr Cloud outputs encrypted MAC id's which cannot be resolved back to the original device. On iOS, since devices already sends out randomised MAC id’s, this process is not needed but done anyway.
When a device actively connects to WiFi, it reveals its true MAC ID (even on iOS devices). The POP device also captures this information and uploads to Pointr Cloud. However, as above, Pointr Cloud encrypts these MAC ID's upon receipt hence they stay anonymous in our system.
By default, our web maps and kiosk software do not capture any information about the user. There is no login system either. They only record general usage stats (such as "how many people used Poi search today" or "what is the most frequently searched for product")
We are committed to the protection of personal data and will ensure adequate preventative measures are in place at all times to ensure compliance with the new GDPR rules and regulations. This new regulation entitles data subjects to the following rights:
As Pointr is not a data controller and keeps limited to no personal data, we can confirm compliance and support of the above rights where applicable.
Although high care is taken to protect our systems and databases, no system is 100% secure and it is always possible for an external party to access our database. Given all data is anonymous no personal data would be attained from the data alone. In the event a breach is uncovered, Pointr personnel will follow the data procedures and ensure timely resolution.
Pointr ensures all contractors, consultants and employees agree to uphold Pointr’s privacy policies as well as to protect any personal data.
All projects are hosted on Azure with regional instances ensuring data is not passed outside of the area the data is collected. It is possible for client users to open the Pointr dashboard (where data is converted to visual data and analytics) is stored form abroad, however access to these systems are protected with HTTPS, secure password and optionally multi factor authentication. All activity is logged with activity detail, any unusual behavior triggers alerts and the venue is notified immediately.