Effective Date: 06/22/2016
Skyhook is a member of the Network Advertising Initiative (NAI) and complies with the NAI Code of Conduct, including its requirements as to transparency, notice and user control. In addition, as described below, Skyhook complies with the U.S. – E.U. Safe Harbor framework and the U.S. - Swiss Safe Harbor framework regarding the collection, use, and retention of personal data from EU member countries and Switzerland.
Location Determination: Skyhook offers a software (SDK) and cloud-based (API) technology platform that may be used to calculate the approximate geographic location of a device. See http://www.skyhookwireless.com/products/precision-location. The Skyhook geolocation technology determines the location of a device by interfacing with Global Navigation Satellite Systems (such as GPS), utilizing the IP address of the device, and by scanning for nearby Wi-Fi access points and cell towers visible to the device. This information is then processed on the device or on Skyhook’s servers to calculate and return the approximate geolocation (i.e., latitude/longitude) of the device.
Geofencing: Skyhook also offers on-device software that may be used to determine a device’s proximity to nearby points of interest, or whether a device has entered or exited a pre-defined geographic perimeter. See http://www.skyhookwireless.com/products/context-accelerator. For example, an application developer may use Skyhook software to understand when a user is in proximity of a coffee shop, in order to deliver a relevant coupon, advertisement or different user experience.
Location-Based Personas and Attribution: Skyhook also offers data services to application developers, publishers, and advertisers that segment the interests or demographics of device users into defined profiles based on anonymous geolocation data. See http://www.skyhookwireless.com/products/personas-for-adtech. The Skyhook technology will infer demographic information (such as gender, age, etc.) based on a device user’s presumed home census block and will infer interests and behaviors (apparel shopper, coffee drinker, business traveler) based on the venues a user visits over time. For example, if geolocation data collected or received from a partner suggests that a device has visited multiple auto dealerships in the past month, the Skyhook technology may characterize the device user as an auto buying intender. This information may be used to help partners better understand their users, to target users with more relevant experiences or advertisements, and to measure the efficacy of advertising campaigns or offers.
Location Information: When Skyhook’s geolocation platform is requested to provide a location result (e.g., to calculate a latitude/longitude), we may collect radio signal information that is provided or generated, including for example, location results, GPS coordinates, the MAC address of wireless routers (an alphanumeric code that is unique to that hardware device), the Received Signal Strength Indicator (a measurement of the strength of the access point’s signal at the time it is received by the mobile device), the cell ID of nearby cell towers, the IP address of the requesting device, UUID’s and Received Signal Strength Indicator for Bluetooth and associated Bluetooth data. When available, the Skyhook technology may also collect information about the device manufacturer, model, OS, version, and SDK version.
All geolocation data is collected anonymously in a form that does not personally identify or track a user. In some cases, a third party application may also allow users to elect to determine the device’s location to a greater degree of precision by entering a street address. The street address is not linked to a device or a user.
For Context-Enabled Devices: In implementations of the Skyhook technology that include our geofencing and personification services, in addition to the geolocation information above, Skyhook may also collect other attributes and information about the device, including:
Information from Partners: From time to time, Skyhook may also receive information from our partners, which are usually mobile advertising networks and application developers/publishers. These partners may deliver advertising onto your mobile device and, through them, we may receive geolocation information (latitude/longitude) obtained from advertising impressions, including a unique identifier or device ID (IDFA for iOS, the Android ID for Android devices or a hashed partner ID), a time stamp, and in some cases, an IP address.
In general, Skyhook uses the information collected in order to operate, maintain and deliver our Services. In particular, with respect to de-identified geolocation signal information (such as Wi-Fi access point data and cell tower data that is not associated with any particular device ID), we may use such information:
When geolocation information (i.e., a latitude/longitude) is associated with a particular unique identifier or Device ID and time information, Skyhook may also use the collected information:
Skyhook requires all clients and third parties using the Skyhook location and context services to provide notice regarding data collection and use, and to obtain all consents or permissions required, including without limitation any data such party collects, uses, and/or discloses from its users, the provision of such data to Skyhook, and the other party’s use of such data.
Skyhook also provides users to directly opt-out from Skyhook’s services as follows:
Location Information: For users who do not want any location data to be collected, the application, device, or operating system provides controls for disabling all location services. This choice may limit the functionality of the device or installed applications
Device ID: If you wish to opt out of the Skyhook’s use of your Device ID to assist our partners with identifying your demographic information and interest segments for purposes of providing you with targeted ads, you may opt-out by clicking here. If you choose to opt out your Device ID(s), Skyhook will delete any collected data about this Device ID from Skyhook database, and quarantine the device ID so that Skyhook does not collect any data about this Device ID in the future or return or share any information about the Device ID to API or SDK requests.
Skyhook also respects platform-level controls and restrictions, so that if you disable targeted advertising through controls offered by the application and/or through the iOS or Android “Limit Ad Tracking” or “Opt out of interest-based advertising” settings, we will abide fully by those setting. More information on how to access these settings is provided on the Skyhook opt out page, which can be accessed by clicking here. If a user chooses the “Limit Ad Tracking” or “Opt out of interest-based advertising” settings on iOS or Android, Skyhook will quarantine the device ID so that Skyhook does not collect any data about this device ID and will not return or share any information about the Device ID in response to API or SDK requests, instead returning an error code when the device ID has been opted out. Skyhook will also delete any encrypted device identified data from the opted-out user’s device.
MAC Addresses: If you wish to opt out of Skyhook’s use of your MAC address to provide location, you may opt-out by clicking here. If you choose to opt out, Skyhook will (if applicable) delete the positioned record for that MAC address from the Skyhook database and will blacklist that MAC address so that we will not process or use that MAC address information in the future.
IP Addresses: If you wish to opt out of Skyhook’s use of your IP Address, you may opt-out by clicking here. If you choose to opt out, Skyhook will (if applicable) remove the positioned record for that IP address from the Skyhook database and will blacklist that IP address so that we will not process or use that IP address information in the future.
Data on Device: Skyhook may store an encrypted local cache of all Wi-Fi access points and cell towers in a surrounding area on the device to allow the device’s location to be determined without connecting to our servers. A temporary encrypted history of scanned Wi-Fi access points and cell towers nearby may also be kept in memory on the user’s device and later transmitted to our servers. A maximum of 100 historic scans will be retained on device. This encrypted cache information will be deleted from the device the next time the Skyhook technology connects to the Skyhook servers, when the application terminates, or when the device is turned off.
Data Retention: For all device identified data (i.e., location history that is associated with a unique Device ID), Skyhook will retain such data for up to twelve (12) months. After that time, some of the information we have (such as anonymous location logs) may be aggregated and anonymized for statistical purposes and stored indefinitely. Other anonymous location data that is not associated with any unique identifier, device ID or any other personally identifiable information may be stored indefinitely and used for purposes of improving and maintaining our location service.
Data Security: Skyhook is committed to protecting the security of information that is collected by its technology. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of all information.
A. Information Collection
As part of operating our Websites and My.Skyhook portal, we collect the following information:
B. Use of Information
Skyhook may use the information it collects on its web properties to:
C. User Access and Choice
D. Links to Third Party Sites
The Skyhook Website offers publicly accessible blogs. Users should be aware that any information provided in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog, contact us at firstname.lastname@example.org.
Section 3 above described the ways in which Skyhook uses information collected by our products to create, enhance, deliver, market and sell our services. In addition to those uses described above, Skyhook may share all information that we collect:
The Skyhook technology, services and website are not developed or intended for persons under 13 years of age. We do not knowingly solicit or collect any personally identifiable information including from children under the age of 13, nor do we knowingly market our Services to children under the age of 13.
Skyhook complies with the U.S. – E.U. Safe Harbor framework and the U.S. - Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Skyhook has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Skyhook’s certification, please visit http://www.export.gov/safeharbor/.
If you have any questions or concerns regarding privacy using the Skyhook technology, please send a detailed message to: email@example.com or contact us at the following address:
Skyhook Wireless, Inc.
41 Farnsworth St.
Boston, MA 02210
Attn: General Counsel
We will make every effort to resolve your concerns.