1. RESPONSIBILITY FOR THE PROCESSING OF YOUR DATA
The purpose of this Policy is to inform you about our privacy practices and to ensure that you understand the purposes for which we collect and process your personal data. The following is a brief summary of the manner and purposes for which we process your personal data.
OpenSignal Limited ("OpenSignal", "we," "us" or "our") is the entity which is responsible for the control and processing of personal data that we collect from you when you use the Services. If you have any questions or concerns about OpenSignal’s use of your personal data, please contact us at firstname.lastname@example.org.
Our mission is to analyze and review the availability, service coverage, performance and signal quality of numerous mobile networks all over the world. We obtain the relevant data by collecting measurements relating to signal reception and quality from users of mobile devices. Where you agree to give us access to your data, we collect data from your mobile device both when you are using ou. app and when it is closed.
2. HOW WE COLLECT AND USE YOUR PERSONAL DATA
- Network performance data. When allowed access to your data, we collect data from your mobile device both when you are using our app and when it is closed.
We take repeated measurements from your device from time to time including location data (which include GPS coordinates or similar information regarding the location of your device), network type, network operator, cellular and Wifi signal strength and quality, and the identifiers of connected cell towers and Wifi routers (including both BSSID and SSID). We also measure how data is flowing, both passively (by monitoring how fast it moves through other apps), and actively (by running a test that downloads or uploads data within our SDK). We do not monitor the content of your data usage. The goal of collecting the above data is to measure the experience you have of wireless networks.
We also collect information from environmental sensors on your device (depending on which ones are integrated in your device), this allows us to measure things such as the device acceleration, orientation and the external atmospheric pressure and light intensity. We also measure some internal device conditions – such as battery temperature and voltage. The goal of collecting this data is to understand how instantaneous device conditions affect experience of mobile networks.
To better understand differences between devices, we collect data on your device hardware such as the model, manufacturer, and manufacturers and models of sub-components (such as the cellular radio) and the capabilities of these components (for example the number of cores on the CPU). Similarly, to understand differences caused by software, we collect information on the mobile platform version used and whether custom ROMs or Android skins are installed. The goal of collecting this data is to understand how device properties affect experience of mobile networks.
When you first use the OpenSignal app a random identification code is generated by our software and allocated to your mobile device and used to identify your device whenever we take measurements. To further help us manage the data, we also collect your public IP address, the device MAC number, the Android serial number. These fields are needed for statistical purposes, for example to understand how much data is contributed by each device.
- Information that you directly provide to us. If you register for our Services, we may ask you to provide certain personal information including, but not limited to, your name, postal address, email address, telephone number, password, your username on a third-party social networking service (such as Facebook, Twitter, etc.), password for use of the Services, date of birth (to ensure you are over 16 and for statistical purposes), and other data. We retain messages you send to us through the Services, and any other data you provide to us. We use this data for our business purposes related to the Service, as further detailed below.
- Information collected or received from third parties. If you register for the Services through your account with third-party social networking services, such as Facebook, Twitter, Twitch or Google, we may receive data about you from such third parties or through a service linked to your account with such services. This information is used in the same way as the data referred to in paragraph (b) above.
- Cookies. When you use the Services, we sometimes send one or more cookies (small text files containing a string of alphanumeric characters) to your computer that uniquely identify your browser and enhance your navigation on our Services. A cookie may also convey information to us about how you use the Service (e.g., the pages you view, the links you click and other actions you take), and allow us or our third-party analytics tools we use to track your usage of the Services. There are at least two different types of cookies: persistent and session cookies. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent use of the Service. Persistent cookies can be removed by following your web browser's directions for removal of cookies. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to notify you when a cookie is being sent. However, some features of the Service may not function properly if cookies are disabled.
- Log file. Log file information is automatically reported by your browser each time you access a web page. When you access or use the Services, our servers may automatically record certain log file information, including but not limited to your web request, IP address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, and pages viewed.
- Clear GIFs/Web Beacons. Clear GIFs (also known as web beacons) allow for the tracking of a user's response to an email or usage of a website in a manner that does not reveal personally identifiable information. We may use clear GIFs or similar technologies to assess responses to emails and usage of the Service. For example, we may use clear GIFs to track when emails are opened and which links are clicked by recipients. You can disable certain abilities of clear GIFs to capture information by blocking cookies.
- Device identifiers. When you access or use the Service using a mobile device, we may access, collect, monitor and/or remotely store one or more "device identifiers," such as a universally unique identifier. Device identifiers are small data files or similar data structures stored on or associated with your device that uniquely identify your device. A device identifier may consist of data stored in connection with the device hardware, operating system or other software, or data sent to the device by us. A device identifier may convey information to us about how you browse and use the Service. A device identifier may remain persistently on your device to enhance your navigation on our Services. Some features of our Services may not function properly if use or availability of device identifiers is impaired or disabled.
- Commercial communications. Insofar as permitted under applicable law, we may use the information we collect or receive to communicate directly with you in relation to the Services or related services we offer. Subject, where necessary, to obtaining your consent to receiving such communications, we may use the information to communicate with you in relation to other services that we and our affiliates offer. For example, we may use the information to send you emails containing newsletters, promotions and special offers. We may also use the information to send you service-related notices (e.g., account verification, technical and security notices).
- Use of certain service-type information. We may use information from cookies, log files, device identifiers, location data, clear GIFs and other tools to: (i) remember information so that you will not have to re-enter it during your visit or the next time you use the Service; (ii) provide custom, personalized content or information to you or others; (iii) monitor the use of the Service; (iv) monitor aggregate metrics, such as total number of visitors, traffic and demographic patterns; (v) diagnose or fix technology problems; (vi) provide advertising to your browser or device; and (vii) conduct research or surveys.
- Use of information with Your Consent. We may use your personal data for any other purpose for which you specifically provide us with your consent.
3. THE PURPOSES FOR WHICH WE USE YOUR PERSONAL DATA
The purposes for which we collect and store your personal data are the following:
- Measurements that we take from the mobile devices of individual network users allow us to create a detailed picture of the service availability, quality and performance of numerous mobile communication networks across the world and over time. We publish some of the statistical data that we generate and we provide it to our customers (such as network operators) to help them understand their own network’s service coverage, performance and signal quality (and those of their competitors). Although the end-product we produce is made up of aggregated anonymized data, the underlying ‘raw data’ which contains personal data of individual users is important for us and our customers for generating statistical data, validating the results, quality control and further analysis;
- Personal data that we receive from you enables us to deliver our Services to you and enables you to use them efficiently;
- Insofar as permitted under applicable law, we use your data to communicate with you in relation to our Services;
- We use data to personalize, test, monitor, improve and upgrade our Services, to meet our legal obligations and the regulatory requirements to which we may be subject, for loss prevention purposes and to protect and enforce our rights and meet our obligations to third parties, and for our internal business purposes, such as compiling and analyzing usage information for general operational, statistical and business purposes.
4. YOUR RESPONSIBILITIES
It is important that the personal data we hold about you is accurate and current. If you provided us with any details of personal data, please keep us informed if such details change.
5. LEGAL BASIS FOR PROCESSING YOUR DATA
We rely on the following lawful basis for the processing of your personal data:
- Our legitimate interests in (among other things) delivering the Services, conducting commercial research, improving and maintaining the Services, personalizing and tailoring content made available to you through the Service, protecting the security or integrity of our databases, protecting our business or reputation, taking precautions against legal liability, dealing with our assets in the event of a business change (see further below), protecting and defending our legal rights or property, or for resolving disputes, investigating and attending to inquiries or complaints with respect to your use of the Services;
- Where relevant, your express consent. If you give your consent for accessing your mobile data to take measurements, you can withdraw it through the personal settings on the OpenSignal app);
- Where relevant, the fulfilment of our contractual obligations to you under our terms and conditions of service; and
- Where relevant, for compliance with legal obligations to which we are subject.
6. HOW WE SHARE YOUR INFORMATION
- Joint Controllers. We share some of the raw measurements that we collect from users’ mobile devices with some of our customers under the terms of data license agreements and data sharing agreements. Some of the data we share with our customers contains personal data such as datasets containing location data of individual users. Our customers are permitted to use the data for the purpose of analyzing it and generating aggregated data relating to the performance of their networks or telecommunications equipment (and competing networks or equipment) and to use aggregated data in their sales activities. Our customers are not permitted to use your personal data to communicate with you or to influence you or to profile or track individual users. They are required to keep your personal data confidential and to use appropriate means to protect it. Our customers have access to data such as location data of users to enable them to analyze the data and create statistical information based on the aggregation of data from numerous users. Our customers that receive such data from us are not permitted to disclose any datasets that contain personal data relating to specific individuals to their own customers or any third parties.
- Service Providers. We may share datasets containing your personal data with third-party service providers that perform services on our behalf in connection with our Services, such as cloud service providers that we may use, or third-party analytical service providers. Where your information is shared with such third parties, we ensure that the third-party service provider will deal with your information only on our behalf and on our written instructions and solely for our benefit (and not for its own benefit).
- Business Change. If we become involved in a merger, consolidation, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution or other transaction, or if the ownership of all or substantially all of our business otherwise changes, we may share or transfer databases containing personal data of users to successor party or parties in connection with such transaction or change in ownership or legal structure.
7. HOW WE PROTECT YOUR INFORMATION
We take certain measures to protect personal data collected through the Service against loss, theft, and unauthorized access, use, disclosure, destruction or modification. These include physical, technological and administrative measures.
8. HOW LONG WE KEEP YOUR INFORMATION
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Personal data (such as user’s location data or the user’s unique identifier which is created on first use of the OpenSignal app) contained in the sets of measurements of mobile network signal performance is held for an unlimited period of time as it is required for the production of statistical data over different periods of time and to compare performance data between different time periods.
Insofar as the data is collected to enable us to recognize you as a user of the Services and to improve the Services provided to you, we will dispose of the data within a reasonable time after you cease to be a registered user of the Services.
9. COUNTRY OF PROCESSING
We operate the Services from the United Kingdom (UK) and our data collection and processing activities take place predominantly in the UK. We store and otherwise process data (including personal data) through third-party cloud service providers and other IT service providers which may be located or which may operate in other countries, including countries which do not guarantee the same level of protection to privacy as the UK. Some of our customers to which we license data (see section 6(a) above) also receive personal data from us for processing in countries outside the UK or the EU. When transferring personal data records from the UK to a country outside the EU which does not provide an adequate level of protection to privacy rights, we put in place appropriate safeguards including data transfer agreements on the terms approved by the EU Commission. We may also obtain your consent for the transfer of your personal data for processing outside the EU.
10. CHILDREN'S PRIVACY
The Service is not directed to children and is intended for use by adults only. We do not knowingly collect personal data from individuals under 16 years of age. If you are under the age of 16, please do not submit any information through the Service and do not provide your consent for the use of your data unless your parent or guardian has approved.
11. THIRD-PARTY SITES AND SERVICES
12. EU PRIVACY RIGHTS
Users based in the European Union have the following legal rights in respect of their information:
- The right to require OpenSignal to confirm whether or not their information is being processed, the purpose of any such processing, the recipients of any information that has been disclosed, the period for which their information is to be stored and whether any automated decision-making processes are used in relation to their information;
- The right to require OpenSignal to rectify inaccurate information without undue delay;
- Where OpenSignal has relied on the ‘consent’ basis for processing that information (see paragraph 8(b) above), the right to withdraw their consent at any time. This right to withdraw consent does not affect the lawfulness of processing based on consent before its withdrawal;
- The right to request the erasure of their information. You can make a request for erasure where:
- the information is no longer necessary in relation to the purpose for which it was collected;
- where the processing of the information is based on the user’s consent (and the other circumstances described in the ‘Legal Basis for Processing Your Data’ and ‘How We Share Your Information’ sections above no longer apply), if the user withdraws his or her consent; or
- where the personal data is processed by OpenSignal solely on the basis of our ‘legitimate interest’ referred to in paragraph 8(a) (and the other legal basis set out in paragraph 8 do not apply), if the user objects to the processing of his or her personal data and there are no overriding legitimate grounds for the processing (such as, for example, where the processing of the data is required to meet statutory obligations or for the defense of legal claims).
Where OpenSignal has disclosed the information of a European Union user to a third party and the user requests the erasure or rectification of the data, OpenSignal will take all reasonable steps to inform the third party of such request;
- The right to require OpenSignal to restrict its processing of a user’s personal data in certain circumstances, such as where the accuracy of that data is disputed or an objection has been raised. In such circumstances, OpenSignal will only process that information with the express consent of the user, or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest;
- Where data is processed based on user’s consent or to fulfil a contractual obligation, the user has the right to receive his or her personal data from OpenSignal in a structured, commonly used and machine-readable format;
- The right to object to the processing of personal data where:
- OpenSignal relies solely on the ‘legitimate interest’ basis for processing that data, in which case we will be legally required to stop processing the user’s information unless we have compelling legitimate grounds for the processing which override the user’s privacy rights and interests; or
- the information is used for direct marketing purposes, in which case we will immediately stop processing the user’s information for such purposes;
- Users have the right to lodge a complaint with the data protection supervisory authority of the EU member state where the user resides.
The above legal rights are subject to various conditions and exceptions including where the data is used for statistical or scientific research purposes and the exercise of the right would prevent such purposes from being attained or would seriously impair their attainment.
13. CALIFORNIA PRIVACY RIGHTS
Under California Civil Code Section 1798.83, if you are a California resident and your business relationship with us is primarily for personal, family or household purposes, you may request certain data regarding our disclosure, if any, of information to third parties for the third parties' direct marketing purposes. To make such a request, please send an email to email@example.com with "Request for California Privacy information" in the subject line. You may make such a request up to once per calendar year. If applicable, we will provide to you via email a list of the categories of information disclosed to third parties for their direct marketing purposes during the immediately-preceding calendar year, along with the third parties' names and addresses. Please note that not all personal data sharing is covered by Section 1798.83's requirements.
This Policy relates to your personal data, i.e., data about you, an individual, from which you can be identified. This Policy therefore does not apply to any data insofar as it is held, processed, disclosed or published in a form which cannot be linked to a living individual (such as anonymized data, or aggregated data which cannot directly or indirectly be used to extract your personal data). We reserve the right to generate anonymized and aggregated data extracted out of any databases containing your personal data and to make use of any such anonymized and aggregated data as we see fit (including publishing such data and sharing it with third parties).
We may update this Policy from time to time, and the updated version of this Policy will be effective upon posting on the OpenSignal Services. Please check this page to review the most up-to-date version of this Policy.
16. QUESTIONS/CONTACTING US
Block 3 3 Angel Square