At Aislelabs Inc. (“Aislelabs”), protecting your privacy is of utmost importance to us. As technologists, and consumers ourselves, we have engineered our technology to keep your personal information private and confidential while enabling an enhanced in-venue experience. Venue managers have been observing consumer behavior in their venues using various surveys and technologies to provide better services and to reduce operational costs for a long time. Aislelabs is enabling new ways for these venues to analyze in-venue consumer behaviour in an anonymous and less intrusive manner. We believe, our advanced technology will set the stage for the next generation of in-venue experience in a safe and secure fashion.
Privacy by Design
We have designed our products to respect the users' right to privacy from the very beginning. With Privacy by Design as our guiding principle, our approach is to be proactive in embedding privacy protection deep within our technology in a fully transparent and user-centric manner. Privacy is the default setting across all our products, where-in:
- We will not collect and store any Personal Information without your consent (which consent is sometimes collected by the venue manager).
- You can opt-out at any time.
- We use industry standard cryptographic techniques and encryption to further de-identify and protect the data we collect.
What data our Flow product collects and how
As part of our Aislelabs Flow service, sensors in Wi-Fi devices deployed in our clients’ venues (such as malls or airports) that are connected to our service collect the MAC address from Wi-Fi capable devices that come within a certain range of those sensors, such as phones if Wi-Fi is turned on for those phones. The MAC address is a unique identifier for a phone and is different from the phone number. Along with the MAC address, we also record the signal strength to infer the distance of a phone from the sensors in Wi-Fi devices deployed in our clients’ venues that are connected to our service. A MAC address can be used to determine the make of a phone, e.g., Samsung or Apple, but it does not contain any further information about the phone or its owner.
Once a MAC address is recorded by a Wi-Fi device sensor connected to our service, it is further anonymized by the use of industry standard cryptographic techniques before being saved to our databases. These techniques include pseudonymisation and hashing. The anonymization establishes an additional safeguard in protecting the collected data. All MAC address data transferred over the Internet to our Aislelabs services is encrypted.
Aislelabs uses a MAC address to identify when a device enters a venue, how long the device stays within the venue, and if and when the device returns. Information related to a specific MAC address is not shared with the venue client. Rather, Aislelabs provides our venue clients with a summary of aggregated traffic volumes and traffic data.
What data our Connect product collects and how
In addition to the contact information, Aislelabs will collect MAC addresses of end users’ devices, on behalf of our venue clients, to enable the Wi-Fi connection services. Aislelabs also collects the time and approximate location of the device that connects to the Wi-Fi services, which may be provided to the venue client and used to send personalized promotional offers.
Business contact information
In addition to the Personal Information collected in the course of providing our services, as described above, Aislelabs also collects Personal Information about our customers, prospects, and supplier representatives, which may include: name, email address, title, business phone number, time zone, business address, as well as Business information, including but not limited to, IT systems, site details Wi-Fi infrastructure details, network and firewall information, and information of corporate systems.
If you are a user of any Aislelabs services, then Aislelabs collects certain Personal Information from you to create an account and to communicate with you about Aislelabs service-related matters such as support. Specifically, in order to create an Aislelabs services account, you will be required to provide an email address and to create a password for your Aislelabs services account. Optionally, you may also provide your name and the time zone in which you reside. All of the foregoing Personal Information is considered to be “Account Information”. Account Information is used to manage your account, to verify your credentials for logging-in to the Aislelabs services, to communicate with you about your account, to communicate with you about the Aislelabs services, and to verify your eligibility to become a Aislelabs services user in certain circumstances. In addition, Aislelabs may collect usage data associated with your Account, including metadata regarding time of usage and IP address of the user. This usage data is specifically used for trouble shooting and maintain audit logs. Aislelabs uses various third-party cloud services, such as customer relationship management services, to process and store business contact information and communicate with the business representatives.
Who do we share data with
Aislelabs may engage third party providers to perform various services on its behalf. We require that any third parties we share data with follow appropriate security measures.
In particular, Aislelabs transfers data to the third-party service providers described on our Sub-Processors webpage, available here (“Sub-Processors”). By submitting Personal Information or otherwise using the Aislelabs services, you agree to this transfer, storing or processing of your Personal Information in Canada, United States or another jurisdiction listed on our Sub-Processors page. The location where your Personal Information is stored may depend on the contract with our applicable client on whose behalf we are collecting and storing Personal Information.
You acknowledge and agree that your Personal Information may be accessible to law enforcement and governmental agencies in those jurisdictions in which our sub-processors are located pursuant lawful access regimes or court order. We do not respond to government requests unless we have a good faith belief that the response is required by law. We would require a warrant or court order before disclosing the Personal Information we possess.
In addition, we may share Personal Information with your consent.
Finally, we may disclose your Personal Information to third parties without your consent if we have reason to believe that disclosing this Personal Information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. Further, we may disclose Personal Information when we believe in good faith that such disclosure is required by and in accordance with applicable law.
We also reserve the right to access, read, preserve, and disclose any information (including Personal Information) as we reasonably believe is necessary to:
- satisfy any applicable law, regulation, legal process or governmental request; enforce our contracts or user agreement, including investigation of potential violations hereof; and
- detect, prevent, or otherwise address fraud, security or technical issues.
The above may include exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
If our business (or substantially all of our assets) are acquired by a third party, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be made available or otherwise transferred to the new controlling entity, where permitted under applicable law.
Opt out of Wi-Fi tracking
You can opt-out of having your device tracked by Aislelabs Flow through Wi-Fi signals at any time by visiting a web-based form at https://aislelabs.com/privacy/ and providing your device's MAC address. The provided MAC address is stored in our database in encrypted format to ensure we do not collect any further data from your phone advertising the same MAC address. Previously collected data from your device is disassociated from the MAC within 30 days of receiving the request. By opting out, Aislelabs Flow will no longer collect information about your device or its location at any of our client venues.
You can opt-out of having your device tracked by Aislelabs Connect by sending an email to firstname.lastname@example.org or, where applicable, using the self-serve data deletion link provided by the venue utilizing Connect.
Mobile Location Analytics Code of conduct (Aislelabs Flow)
Aislelabs, along with several industry partners, government agencies, and the Future of Privacy forum have proactively put forth an MLA Code of Conduct to protect consumer privacy. Our adherence to the MLA Code of Conduct ensures that for the Aislelabs Flow product:
- We protect and de-personalize all collected device data. You can find information about the specific techniques used in our whitepaper on Building Privacy into Mobile Location Analytics (MLA) Through Privacy by Design.
- All device data shared with clients is further pseudonymised to ensure the data cannot be re-identified by any third party.
- We are participants in industry's central opt-out site, respecting the consumer's choice to completely opt-out of Mobile Location Analytics.
- We are transparent about what device data we collect, what we do with it, how long we retain the data, and who all we share it with.
By using this website http://www.aislelabs.com/ you consent to collection of certain Personal Information. Personal Information collected via this website is kept separate, and never correlated with the anonymized MAC addresses collected by Wi-Fi sensors connected to our services, except for the purposes of opt-out if requested.
You can browse our site anonymously. If you explicitly disclose any Personal Information, e.g., for requesting product information, we will collect information such as name, address, email and phone number which may be used to contact you.
We may also use third parties to collect this anonymous and aggregate information, such as Google Analytics. We may share anonymous or aggregate information about our website visitors with third parties for advertising purposes, such as retargeting, or with other trusted parties that assist us in operating our website or conducting our business.
We may also use third-party ad companies to help provide some of our advertising services. These third parties may place cookies or pixels on your computer and collect data about your online activities across websites or online services when you are logged into the third-party service, including for targeted advertising.
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Residents of the European Economic Area (“EEA”) and the United Kingdom
If you are a resident of the EEA or the United Kingdom, you have certain data protection rights under the EU General Data Protection Regulation (GDPR) and the United Kingdom’s General Data Protection Regulation (UK GDPR). Aislelabs takes reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information (known as “Personal Data” under the GDPR and the UK GDPR).
If you wish to be informed of what Personal Data we hold about you and if you want it to be removed from our systems, please contact us using the contact information set out below. Note that where we act as the data processor on behalf of our customer, you will be required to contact the data controller directly to exercise your rights.
You also have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the EEA or the United Kingdom.
If you are an Aislelabs client (data controller), you agree that transfers of Personal Data will be governed by Aislelabs’ Data Processing Agreement.
Policy and contact information
You have the right to access the Personal Information we hold about you in order to verify the Personal Information we have collected in respect to you and to have a general account of our uses of that Personal Information. Upon receipt of your written request, we will provide you with a copy of your Personal Information, although in certain limited circumstances, and as permitted under law, we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner.
We will make every reasonable effort to keep your Personal Information accurate and up to date, and we will provide you with mechanisms to update, correct, delete or add to your Personal Information as appropriate. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate Personal Information about you enables us to give you better services.
Last Updated: April 21st, 2021