Skip to main content

Privacy Policy - Apps & Connectivity Assistant

This Privacy Policy applies to use of the Opensignal (“Opensignal,” “we,” “us,” or “our”) mobile application and data we collect through, mobile applications operated by one of our partners (each, a “Partner”) who has implemented our Software Development Kit, or “SDK.”

The purpose of this Policy is to inform you about our privacy practices and to ensure that you understand the purposes for which we collect and process personal data, how we look after your personal data, and inform you of your privacy rights.

 

1. WHO WE ARE

Opensignal works with the global telecom ecosystem to help it understand and improve network speeds and network coverage for consumers like you. We provide application performance analytics and connectivity insights to our Partners while helping companies optimize networks in the areas that need it most. Opensignal takes great pride in providing a service that benefits many as we work toward our vision of advancing connectivity for all.

When you opt-in to allowing Opensignal to collect network performance readings from your device, we work with our Partners and companies in the telecom ecosystem to provide you with a better network and application experience. We rely on your choice and consent to initiate any transfer of data (and you can withdraw consent and opt-out at any time through the application). Our mobile application Partners support us entering into this relationship with you by facilitating our disclosure and consent process. We do not collect anything that directly identifies you or your mobile handset. We aggregate or depersonalize all data prior to sharing with our customers.

This Privacy Policy describes how we, Opensignal, collect, use, and share the data that you consent for us to collect, including personal data, when you opt in to allow us access to data in connection with the network performance experienced through a mobile application operated by one of our Partners.

As a company whose livelihood depends on data and its proper treatment, Opensignal takes data privacy and security very seriously. As such we have taken steps to go well beyond basic privacy and data protection requirements.

We request your consent to collect information relating to the network performance your device experiences, which may include certain types of personal data described below, in order to measure the performance, availability and/or signal quality of communication networks (the “Opensignal Services”).

Opensignal is the controller or joint controller and, as applicable, is responsible for the collection, control and processing of personal data that we collect from your device. If you have any questions or concerns about Opensignal’s use of your personal data, including any requests to exercise your legal rights, please contact us at [email protected].

IF YOU HAVE RIGHTS AS A RESIDENT OF COLORADO, CONNECTICUT, OR VIRGINIA, PLEASE SEE YOUR DATA SUBJECT RIGHTS IN SECTION 9. IF YOU HAVE RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT, PLEASE SEE THE CCPA SUPPLEMENT BELOW IN SECTION 10. IF YOU HAVE RIGHTS AS A RESIDENT OF NEVADA, PLEASE SEE YOUR NEVADA PRIVACY RIGHTS IN SECTION 11.
 

2. MOBILE APPLICATIONS

At Opensignal, we use mobile network experience measurements to publish independent reports and insights on the real-world mobile network experience of everyday users worldwide. We obtain the relevant data by collecting measurements relating to signal reception and quality from mobile devices. The Opensignal mobile application and our Partner’s mobile applications (each, a “Mobile Application”) enable us to request your consent to our data collection. If you consent to initiate our collection of data, we may collect data from your mobile device when you are using a Mobile Application and/or when it is running in the background pertaining to network and wireless device experience.
 

WHAT DATA WE COLLECT FROM YOU AND HOW WE COLLECT AND USE THAT DATA

The different kinds of personal data we may collect includes location data, device data and usage data as described further below.

The purpose of collecting limited device data is to measure the experience that devices have on wireless networks. If consent has been granted, we take measurements from devices from time to time including location data (which include GPS coordinates or similar information regarding the location of a network reading taken from your device), network type, network operator, cellular and Wifi signal strength and quality, IP address, and the identifiers of connected cell towers and Wifi routers (including both BSSID and SSID). Location readings are not tied to a device identifier such as a mobile handset MAC or IMEI, which we do not collect, and are instead the locations of network experience readings for purposes such as building general heatmaps of good and poor performance. We measure the performance of the data connection including the speed, responsiveness and reliability along with the total amount of data transferred.

We collect information from environmental sensors on devices (depending on which ones are integrated in the device), which allows us to measure things such as the device acceleration, orientation and the external atmospheric pressure and light intensity. We also measure some internal device conditions – such as battery temperature and voltage. The goal of collecting this data is to understand how instantaneous device conditions may affect the experience of wireless networks. To better understand differences between devices, we collect data on device hardware such as the model, manufacturer, and manufacturers and models of sub-components (such as the cellular radio) and the capabilities of these components (for example the number of cores on the CPU). Similarly, to understand differences caused by software, we collect information on the mobile platform version used and whether custom ROMs or Android skins are installed, as well as the operating system. The goal of collecting this data is to understand how device properties affect the experience of wireless networks.

When a Mobile Application containing our SDK is installed and consent is provided, an identification code (“Resettable ID”) is randomly generated by our software and allocated to that installation instance rather than the device when we take measurements. A different and unique Resettable ID will be generated by each Mobile Application on a particular device. New installations of the same Mobile Application will also generate new unique Resettable IDs. Resettable IDs are random, unrelated to each other, specific to Opensignal, and not shared externally. To further help us manage the data, we also collect IP addresses, as these may indicate which telecom carrier network is being accessed and is impacting your experience.

We prevent user identification; we do not collect name, email address, phone number, social media ID, contact list, Mobile Advertising ID, mobile handset MAC/IMEI, or anything else which directly identifies an individual or their specific device. For the avoidance of doubt, we also do not collect any special categories of personal data about you as defined in GDPR. We aggregate or depersonalize all data prior to sharing with our customers.
 

THE PURPOSES FOR WHICH WE USE YOUR DATA

The purposes for which we collect, store, and then aggregate or depersonalize personal data for external use are the following:

We do not use the measurements we take from mobile devices for any individualized user identification or individualized user tracking. Measurements that we take from the mobile devices of individual network users allow us to measure the performance of a carrier and the service availability, quality and performance of numerous communication networks across the world and over time. For example, we use data to improve wireless networks, research market performance, identify aggregate trends in device and network utilization patterns, understand the network-based drivers of subscriber churn and acquisition, and design effective network performance communication campaigns. Furthermore, we use data for the purpose of providing aggregated telecommunications network flow share, market share and other market analysis, using proprietary algorithms generating observations of market behavior, activations and deactivations across the telecom infrastructure. We publish some of the aggregated or depersonalized statistical data that we generate and we provide it to our customers (such as network operators) to help them understand, communicate and optimize their own network’s service coverage, performance and signal quality (and those of their competitors). We also create aggregated or depersonalized information.

We use data to test, monitor, improve or upgrade the Mobile Applications or SDKs, to meet our legal obligations and the regulatory requirements to which we may be subject, for loss prevention purposes and to protect and enforce our rights and meet our obligations to third parties, and for our internal business purposes, such as compiling and analyzing usage information for general operational, statistical and business purposes.

Our Customers and Partners are not permitted to use our data to identify the mobile applications or publishers that our data has been received from. We collect data from various mobile applications, and our reports, data, and documentation do not reveal which mobile applications the source data was collected from. We do not publicly disclose our Partners without their permission.

3. LEGAL BASIS FOR PROCESSING YOUR DATA

We collect and process personal data based on your express consent. If consent is provided, it can be withdrawn via measures provided by the Mobile Application, such as through the personal settings menu in the Mobile Application (but that will not affect the lawfulness of any processing carried out before you withdraw your consent). In respect of any personal data collected from devices with your consent we also rely on our legitimate interest in conducting our business and in carrying out statistical and scientific research work and in providing analytical data to our clients and improving global connectivity for users like you.
 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

Opensignal participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Opensignal’s identification number within the framework is 1263.

4. HOW WE SHARE PERSONAL INFORMATION

  1. Service Providers. We may share datasets containing personal data as part of private contracts we have with third-party service providers that perform services on our behalf in connection with the Opensignal Services, such as cloud service providers for storage and the processing required for depersonalization. Where this information is shared with such third parties, we obligate the third-party service provider to manage the information only on our behalf and solely for our benefit (and not for its own benefit).
     
  2. Business Change. If we become involved in a merger, consolidation, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution or other transaction, or if the ownership of all or substantially all of our business otherwise changes, we may share or transfer databases containing personal data to successor party or parties in connection with such transaction or change in ownership or legal structure.
     
  3. Necessary Disclosure. Regardless of the choices you make regarding your information and to the extent permitted or required by applicable law, we may disclose information about you to third parties to: (i) enforce or apply the terms and conditions of the Opensignal Services; (ii) comply with laws, subpoenas, warrants, court orders, legal processes or requests of government or law enforcement officials; (iii) protect our rights, reputation, safety or property, or that of our users or others; (iv) protect against legal liability; (v) establish or exercise our rights to defend against legal claims; or (vi) investigate, prevent or take action regarding known or suspected illegal activities; fraud; our rights, reputation, safety or property, or those of our users or others; violation of the Terms of Use, our policies or agreements; or as otherwise required by law.
     
  4. Subsidiaries and affiliates. We may share the data that we collect from users’ mobile devices with the Opensignal subsidiaries and affiliates, with the purpose of bringing together complementary data on consumer experience, network performance, and subscriber behavior.
     

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

5. HOW WE PROTECT PERSONAL INFORMATION

We take appropriate measures to protect personal data collected through the Opensignal Services against loss, theft, and unauthorized access, use, disclosure, destruction or modification. These include physical, technological, contractual, and administrative measures.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure, accurate, complete, or current. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.
 

6. HOW LONG WE KEEP PERSONAL INFORMATION

Any personal data which may be contained in the sets of measurements of mobile network signal performance described above is only retained for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which we process personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
 

7. COUNTRY OF PROCESSING

We operate globally. The collection of data from devices takes place in the country where the device is used. We store and otherwise process data (including personal data) through third party cloud service providers who offer a range of global storage location options. We store personal data records predominantly through third-party cloud service providers on servers located in the United States of America. When transferring personal data records to a country which does not provide an adequate level of protection to privacy rights, we put in place appropriate safeguards including data transfer agreements.
 

8. CHILDREN'S PRIVACY

The Opensignal Service is not directed to children and is intended for use by adults only. We do not knowingly solicit or collect personal data from individuals under 18 years of age. If you are under the age of 18, please do not submit any information through the Opensignal Service and do not provide your consent for the use of your data.
 

9. DATA SUBJECT RIGHTS

Data subjects may have the following legal rights depending on applicable law in respect of their personal data that we process:

  1. The right to require Opensignal to confirm whether or not your information is being processed, the purpose of any such processing, the recipients of any information that has been disclosed, the period for which your information is to be stored and whether any automated decision-making processes are used in relation to your information;
     
  2. The right to require access to the personal data and to require Opensignal to rectify inaccurate information;
     
  3. Where Opensignal has relied on the ‘consent’ basis for processing that information, the right to withdraw your consent at any time. This right to withdraw consent does not affect the lawfulness of processing based on consent before its withdrawal;
     
  4. The right to request the erasure of their information. You can make a request for erasure where:
    1. the information is no longer necessary in relation to the purpose for which it was collected;
    2. where the processing of the information is based on your consent (and the other circumstances described in the ‘Legal Basis for Processing Your Data’ and ‘How We Share Personal Information’ sections above no longer apply), if you withdraw your consent; or
    3. where the personal data is processed by Opensignal solely on the basis of our ‘legitimate interest’, if you withdraw your consent for the processing of your data and you object to the processing of your personal data and there are no overriding legitimate grounds for the processing (such as, for example, the achievement of the purpose of using your data for statistical or scientific research purposes or where the processing of the data is required to meet statutory obligations or for the defense of legal claims).

Where Opensignal has disclosed your information of a data subject to a third party and you request the erasure or rectification of the data, Opensignal will take any steps required under relevant laws to inform the third party of such request.

  1. The right to require Opensignal to restrict its processing of your personal data in certain circumstances, such as where the accuracy of that data is disputed or an objection has been raised. In such circumstances, Opensignal will only process that information with your express consent, or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest;
     
  2. Where data is processed based on your consent or to fulfill a contractual obligation provided for by law, you have the right to receive your personal data from Opensignal in a structured, commonly used and machine-readable format;
     
  3. The right to object to the processing of personal data where:
    a.Opensignal relies solely on the ‘legitimate interest’ basis for processing that data, in which case we will be legally required to stop processing your information unless we have compelling legitimate grounds for the processing which override your privacy rights and interests; or
    b.the information is used for direct marketing purposes, in which case we will immediately stop processing your information for such purposes.
     
  4. You have the right to lodge a complaint with the UK’s Information Commissioner’s Office (www.ico.org.uk) or in some cases with the data protection supervisory authority or regulator of the jurisdiction where you reside. We would, however, appreciate the chance to deal with your concerns before you approach the authority or regulator, so please contact us in the first instance.
  5. You have the right to ask that we transfer the personal information you gave us to another organization, or to you, in certain circumstances.

The above legal rights are subject to various conditions and exceptions including where the data is used for statistical or scientific research purposes and the exercise of the right would prevent such purposes from being attained or would seriously impair their attainment. In addition, there are, consistent with relevant laws, limitations on our ability to honor requests to exercise these rights for data that cannot be linked to a verified request, such as where data has been de-personalized.

To exercise these rights, please call us at +44 0845 834 0987 or email us at [email protected].   You may be entitled, in accordance with applicable law, to appeal a refusal to take action on your request; to do so, please see any applicable instructions in our response to your request. We will aim to respond to any request within one month. Please note that we cannot fulfill requests to know the specific pieces of personal information that we may have collected about you. In order to disclose the specific pieces of personal information that we may have collected about you, we would have to verify your identity to a reasonably high degree of certainty. Given the limited amount of information that we collect about you, we do not maintain enough data points to verify your identity to the reasonably high degree of certainty required by relevant law.

Our data processing activities do not include the sale of personal data, the use of personal data for targeting advertising, or the use of personal data for profiling in furtherance of decisions that produce legal or similarly significant effects, although we may disclose aggregated or depersonalized data with external sources, as described above. As a result, we do not honor rights to opt out of these practices in jurisdictions that recognize such rights.

You can also authorize another person, called an agent, to exercise your rights on your behalf. You must provide the authorized agent written and signed permission to act on your behalf. We may deny requests from an authorized agent who does not submit proof that he or she has been authorized to act on your behalf. Furthermore, we may require you to verify your identity directly with us. We may also require you to directly confirm with us that you have provided the authorized agent permission to submit a request on your behalf. An authorized agent can make a request on your behalf by either calling us at +44 0845 834 0987 or by emailing us at [email protected].

We may not discriminate against you because you exercised any of your data subject rights, although some of the functionality and features available on the service may change or no longer be available to you. Any differences in the services are related to the value provided.
 

10. SUPPLEMENT FOR CALIFORNIA RESIDENTS

You will not need to create an account to exercise your rights. California residents have the right to:

  • Delete. To exercise this right, you must provide a verifiable consumer request by either calling us at +44 0845 834 0987 or by emailing us at [email protected].
  • Know. You may request that, for personal information we disclose, we provide you the categories of personal information that we have collected about you, the categories of sources from which the personal information was collected, the business or commercial purpose for collecting personal information, if applicable, the categories of third parties with whom we share personal information. To exercise this right, you must provide a verifiable consumer request by either calling us at +44 0845 834 0987 or by emailing us at [email protected].
  • Access. You may request that, for personal information we disclose, the categories of personal information that we have collected about you, the categories of personal information that we have disclosed about you for a business purpose, and the categories of third parties to whom each category of personal information was disclosed. To exercise this right, you must provide a verifiable consumer request by either calling us at +44 0845 834 0987, or by emailing us at [email protected].
  • Opt out of sale. We do not sell your personal information within the meaning of the California Consumer Privacy Act of 2018 (“CCPA”). Under the CCPA, “sell” means sell, rent, release, disclose, disseminate, make available, transfer, or otherwise communicate orally, in writing, or by electronic or other means a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration. The law contains exceptions to this definition which may limit how we respond to a request by you. To exercise this right to opt out, you may call us at +44 0845 834 0987 or email us at [email protected]. We do not have actual knowledge that we sell the personal information of minors under 18 years of age, and minors under the age of 18 may not use the Opensignal Services.

In addition, there are, consistent with relevant laws, limitations on our ability to honor requests to exercise these rights for data that cannot be linked to a verified request, such as where data has been depersonalized, or whether there are other relevant exceptions under California law.

We do not provide a right to limit our use of sensitive personal information, because in the event that we collect certain sensitive personal information, we do not use it to infer characteristics such that we would be required to provide a right to limit.

To the extent that anything in this Section 10 conflicts with this Privacy Policy, this Section 10 shall govern.

The categories of California consumers’ personal data we may have collected are listed above in the Section – HOW WE COLLECT AND USE YOUR DATA. We may disclose the following categories of data to our customers, although personal information is aggregated or depersonalized before it is shared: (1) Location, (2) Identifiers such as IP address, and (3) Internet or other electronic network activity information, all of which we have collected from your mobile device. We may collect the categories we’ve previously identified (which include GPS coordinates or similar information), network type, network operator, cellular and Wifi signal strength and quality, and the identifiers of connected cell towers and Wifi routers (including both BSSID and SSID). We also measure how data is flowing, both passively (by monitoring how fast it moves through other Mobile Applications), and actively (by running a test that downloads or uploads data within our SDK). We do not monitor the content of your data usage. The goal of collecting the above data is to measure the experience you have of wireless networks. We also collect information from environmental sensors on your device (depending on which ones are integrated in your device), this allows us to measure things such as the device acceleration, orientation and the external atmospheric pressure and light intensity. We also measure some internal device conditions – such as battery temperature and voltage. The goal of collecting this data is to understand how instantaneous device conditions affect the experience of wireless networks.

To better understand differences between devices, we collect data on your device hardware such as the model, manufacturer, and manufacturers and models of sub-components (such as the cellular radio) and the capabilities of these components (for example the number of cores on the CPU). Similarly, to understand differences caused by software, we collect information on the mobile platform version used and whether custom ROMs or Android skins are installed. The goal of collecting this data is to understand how device properties affect the experience of wireless networks.

When you first use a Mobile Application an identification code (“Resettable ID”), is randomly generated by our software and allocated to that installation instance rather than the device whenever we take measurements. A different and unique Resettable ID will be generated by each Mobile Application on a particular device. New installations of the same Mobile Application will also generate new unique Resettable IDs. Resettable IDs are random, unrelated to each other, specific to Opensignal, and not shared externally. To further help us manage the data, we also collect IP addresses, as these may indicate which telecom carrier network is being accessed and is impacting your experience.

We use this data for the purposes listed above in the Section – THE PURPOSES FOR WHICH WE USE YOUR DATA. Measurements that we take from the mobile devices of individual network users allow us to create a detailed picture of the service availability, quality and performance of numerous communication networks across the world and over time.

We may have shared certain categories of personal data listed in the Section - HOW WE COLLECT AND USE YOUR DATA to the third parties listed in the Section - HOW WE SHARE PERSONAL INFORMATION for a business purpose and in order to provide the Opensignal Services. We may have shared the following categories of personal information: (1) Location, (2) Identifiers, such as IP addresses, and (3) Internet or other electronic network activity information, all of which we have collected from your mobile device. We may have shared the following categories of personal data with the following third parties or may do so in the following instances:

  1. Service Providers. We may share datasets containing personal data with third-party service providers that perform services on our behalf in connection with the Opensignal Services, such as cloud service providers for storage and the processing required for depersonalization. Where this information is shared with such third parties, we obligate the third-party service provider to manage the information only on our behalf, and on our written instructions and solely for our benefit (and not for its own benefit).
  2. Business Change. If we become involved in a merger, consolidation, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution or other transaction, or if the ownership of all or substantially all of our business otherwise changes, we may share or transfer databases containing personal data to successor party or parties in connection with such transaction or change in ownership or legal structure.
  3. Necessary Disclosure. Regardless of the choices you make regarding your information and to the extent permitted or required by applicable law, we may disclose information about you to third parties to: (i) enforce or apply the terms and conditions of the Opensignal Services; (ii) comply with laws, subpoenas, warrants, court orders, legal processes or requests of government or law enforcement officials; (iii) protect our rights, reputation, safety or property, or that of our users or others; (iv) protect against legal liability; (v) establish or exercise our rights to defend against legal claims; or (vi) investigate, prevent or take action regarding known or suspected illegal activities; fraud; our rights, reputation, safety or property, or those of our users or others; violation of the Terms of Use, our policies or agreements; or as otherwise required by law.
  4. Subsidiaries and affiliates. We may share the data that we collect from users’ mobile devices with the Opensignal subsidiaries and affiliates, with the purpose of bringing together complementary data on consumer experience, network performance, and subscriber behavior.
     

Shine the Light Notice

Section 1798.83 of the California Civil Code permits California residents to request from a business, with whom the California resident has an established business relationship, certain information about the types of personal information the business has shared with third parties for those third parties’ direct marketing purposes, and the names and addresses of the third parties with whom the business has shared such information during the immediately preceding calendar year. You may make one request each year by emailing us at [email protected] with "Request for California Privacy information" in the subject line, or by writing us at the address listed at the end of this Policy.

11. YOUR NEVADA PRIVACY RIGHTS

Senate Bill No. 220 (May 29, 2019) amends Chapter 603A of the Nevada Revised Statutes to permit a Nevada consumer to direct an operator of an internet website or online service to refrain from making any sale of any covered information the operator has collected or will collect about that consumer. You may submit a request pursuant to this directive by emailing us at [email protected]. We will provide further information about how we verify the authenticity of the request and your identity.

12. AGGREGATED OR DEPERSONALIZED INFORMATION

We may share aggregated or depersonalized data relating to users of the Opensignal Services with affiliated or unaffiliated third parties for any purpose.

13. CHANGES TO THE PRIVACY POLICY

We may update this Policy from time to time, and the updated version of this Policy will be effective upon posting on the Opensignal website. Please check this page to review the most up-to-date version of this Policy.
 

14. QUESTIONS / CONTACTING US

If you want to exercise your rights under paragraphs 9, 10 or 11 of our Privacy Policy, please email [email protected] with "Data Subject Request" in the subject line, or contact us by mail addressed to:

Opensignal Limited

7 Bell Yard,

London, WC2A 2JR

United Kingdom
 

15. EU LOCAL REPRESENTATIVE

In compliance with Article 27 of GDPR, Opensignal has designated Ametros Group Ltd as EU Local Representative:

Ametros Limited

Unit 3D - North Point House - North Point Business Park

New Mallow Road

Cork – Ireland
 
Last revised date: 16 January 2024