Privacy Notice for Euclid
Last Updated: May 17, 2018
Archived Versions: March 19, 2018 – Download PDF
We at Euclid Analytics, Inc. and Euclid Europe Limited (“we”, “us”, “our” or “Euclid”) respect your privacy. This privacy notice (“Privacy Notice”) explains who we are and how we collect, use and share personal information we receive from you in connection with our services (“Services”), which provide marketing and visitor analytics. If you have any questions, please don’t hesitate to contact us as set forth in the “Contacting Us” section at the bottom of this Privacy Notice.
- Who We Are
- What Information We Collect and How We Collect It
- How We Use Your Information
- Who We Share Your Information With
- How You Can Opt Out
- Data Protection Rights:
- Data Storage and Retention
- Legal Basis for Processing Personal Information (EEA End Users and visitors only)
- International Data Transfers
- EU-U.S. Privacy Shield Privacy Shield Framework
- How We Keep Your Personal Information Secure
- Changes to this Privacy Notice
- Contacting Us
Who We Are – back to top
Euclid is a company incorporated under the laws of the State of Delaware, USA and whose principal office is located at 400 Alabama Street, San Francisco, CA 94110. We provide consumer analytics and related services to various partners (“Partners”), that help our Partners provide more personalized marketing campaigns and improve customer satisfaction and loyalty. Our software integrates with Wi-Fi networks located in and around public locations, such as stores, restaurants, supermarkets, malls, and performance venues, etc. (collectively, “Locations”) allowing us to collect certain information broadcast from WiFi enabled mobile devices (like your smartphone) when you move around the Locations (for example, when you enter one of our Partner’s retail stores, restaurants or venues). You can find out more about our Services here.
What Information We Collect and How We Collect It – back to top
The information that we may collect about you broadly falls into the following categories:
Information we collect automatically.
General Visit Information: When you are near a Location’s WiFi network with a WiFi enabled mobile device, the WiFi access points (i.e. the hardware device that allows a WiFi enabled mobile device to connect to a WiFi network) may automatically detect the presence of your mobile device and it’s “MAC Address” (meaning the number that your mobile device automatically broadcasts if the WiFi feature is turned on to help it connect to WiFi Access points). We refer to this information as “General Visit Information”. General Visit Information is collected as your mobile device moves across different Locations that use our technology.
For clarity, this information is automatically collected if your device’s WiFi is enabled – even if you do not actually “connect” to the Location’s WiFi network.
Important Note: As the Service is used across many different Locations for different Partners, we combine General Visit Information from each Location. For example, if you bring your mobile device to your favorite clothing store today that is a Location – and then a popular local restaurant a few days later that is also a Location – we may know that a mobile device was in both locations based on seeing the same MAC Address.
Information you provide voluntarily.
Euclid collects certain “Registration Information” when you “Register” for the Euclid Services, such as your name, email address, gender, age or home zip or postal code.
Registration for the Euclid Services can occur in a number of ways, for example:
When you are in the proximity of a Location and connect to its WiFi network with your WiFi enabled device, you may be asked to provide Registration Information as part of logging-in to the WiFi network (“Log-In”). A Partner may provide you with other opportunities to provide Registration Information, such as when you Register for a Partner customer loyalty program.
For clarity, Registration Information may be collected directly by Euclid or directly by its Partners (or Euclid or any Partner’s services providers) and then passed on to Euclid. Registration Information may also include information from third parties (see the section headed “Information we collect from third party sources” for more information).
You understand and agree that by providing Registration Information to Euclid, you are permitting us to: a) store and access your personal data; b) link your personal data to the MAC address and your location, as offered by your mobile device; and, c) use your Registration Information in such other ways which accord with the terms and conditions herein set forth.
Important Note: Once you first Register for the Euclid Services, we deem you Registered with the Euclid Service in general (meaning – if you Register for the Services with a Partner or at one Location, we treat that as Registration with the Euclid Services across our network (i.e. all Locations and Partners etc.). You will remain Registered with the Euclid Service and we and/or our Partners will continue to collect information as described in this Privacy Notice unless and until you opt out of the Service as explained in the “How You Can Opt Out” section below. Our Partners may also collect additional information. In such case, their own privacy policies may apply.
Information we collect from third party sources.
We may also combine information we collect about you with information we obtain from other sources, such as public databases, joint marketing partners, social media platforms, as well we other third parties. Examples of the information we receive from other sources, include: demographic data, location related data, data regarding your shopping activities, mobile device’s ID, the content you viewed and the action you take while on websites (such as what you clicked on) (“Third Party Data”). If you Log-In to the WiFi network via a third-party service, such as Facebook Login or Google OpenID, we and/or the third party that operates the WiFi network may access the information described in the third-party service’s request for authorization, such as your name, email address, gender, age, and home zip code. Please review your privacy settings with these third-party services to ensure you are sharing the information you wish to share.
How We Use Your Information – back to top
General Visit Information: The General Visit Information is used to help Euclid and its Partners better understand how large groups of people behave. We do this by providing Partners with reports and other analytics products generated from such data. We aggregate and combine your General Visit Information with the General Visit Information of many people across our network. Partners use the reports and other analytics products for a variety of purposes, such as to:
- Improve customer service;
- Improve operation of their facilities;
- Determine timing for promotions and sales;
- Measure the effects of advertising;
- Plan and execute marketing and advertising campaigns;
- Set staffing levels;
- Set store hours; and
- Other business and operational purposes, such as financial and product planning and execution.
Please note, once you are Registered with the Euclid Services your General Visit Information is combined with your Registration Information and Activity Information – and may be disclosed to our Partners – as set forth in the “Registration Information and Activity Information” section below. Such data may also be combined with Third Party Data and used for research and analytics and/or to help serve advertising.
Unless otherwise prohibited by applicable law in certain jurisdictions, the time that you Register with the Euclid Services, we combine Registration Information and Activity Information with General Visit Information from your mobile device that may date back to July 19, 2016, the launch date of the “Euclid Connect” service.
Registration Information and Activity Information: As noted above, once you Register with the Euclid Services, we may combine and associate your Registration Information and Activity Information with your General Visit Information. All such information may be used by our Partners and/or by us for the following purposes:
- So that we and/or our Partners may provide you with more personalized advertising, offers, experiences and features;
- Providing advertising we or they believe is more relevant and tailored to your interests;
- Contacting you with special offers and incentives, where this is in accordance with your marketing preferences;
- Analytics and market research purposes, such as understanding the shopping preference of you and large groups of people (for example, helping our partners understand which people like to go to a restaurant for diner after seeing a movie);
- Fulfilling your requests;
- Assisting our Partners with customer service; and
- Other business and operational purposes, such as financial and product planning and execution.
Other Uses: We also use your information to:
- Help us internally operate and maintain the Euclid Services (such as, for the purposes of fixing malfunctions, testing our security systems, etc.).
- Enhance, improve and further develop the Euclid Services (such as, creating new features or functions, refining the user experience, increasing the technical performance of our services, etc.).
- Provide you with notices relate to your use of the Euclid Services (such as account notifications and legal notices).
Who We Share Your Information With – back to top
Partners: We share information with our Partners (and their service providers acting on their behalf) for the purposes described in the “How We Use Your Information” section above. We do not share information from EU data subjects with Partners.
“Advertising Companies”. We may share information with advertising companies in “hashed” form. Hashing is essentially a way of scrambling the information into a randomized string of numbers and letters. They may use this information for research and analytics. In addition, they may use this information to help serve advertisements based on such models. When used in this manner, your information is combined with the information of many other people.
Service Providers: We may employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you. For example, we may use third parties to provide marketing communications, infrastructure and IT services, provide customer service, and process and administer consumer surveys. In the course of providing such services, these third party providers may have access to your information. A current list of our service providers is available upon request.
Business Transfers: In the event that Euclid is acquired by or merged with a third-party entity or is potentially going to be acquired by or merged with a third party entity, if its substantial assets are acquired by a third party, in any partial or total sale of assets including in the event of bankruptcy, or in any other corporate change, Euclid may transfer or assign the information as part of that actual or potential merger, acquisition, sale, or other change of control. The promises in this Privacy Notice will apply to your data as transferred to the new entity.
How You Can Opt Out – back to top
Opting Out of Online Interest Based Advertising: Euclid adheres to the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles. As provided by these principles, you may elect to opt out of the collection of Activity Information from your device’s browser for interest-based advertising (“IBA”) purposes by Euclid and other companies that participate in the DAA choice tool by visiting here. IBA involves the use of Activity Information to make inferences about your interests to help our clients deliver ads that are more relevant to those interests to this browser and other browsers and devices associated with it. If you choose to opt out of IBA on this browser, data will not be collected from this browser for IBA in apps on this device or associated devices, and data will not be collected on those devices and used on this browser for IBA.
To opt out of the collection of Activity Information from applications on your mobile device for IBA purposes from Euclid and other companies that participate in the DAA’s AppChoices tool, visit here to learn how to download AppChoices. If you choose to opt out of IBA on this device, data will not be collected from apps on this device for IBA on this device or associated devices, and data will not be collected on those devices and used in apps on this device for IBA.
If you elect to opt out, you may still receive ads, but those ads may be less relevant to your interests. In addition, we may still collect Activity Information for other purposes, including analytics. Note that if you delete your cookies, or use a different browser or device, you may need to renew your opt out choices. To control the collection of precise location data from your mobile device, you can use the location data controls that may be available in your device’s settings.
Mobile Location Analytics Opt Out: Euclid complies with the Mobile Location Analytics Code of Conduct. As provided for in the code, you may elect to opt out of associating information about your presence at a location with a device’s MAC Address (meaning General Visit Information as defined in this privacy notice) at: https://smart-places.org/. If you opt out, we will use your device’s MAC Address only to maintain the device’s opt-out status.
Euclid Services Opt Out: If you want to opt out of (i) Euclid’s use, and Euclid’s provision to third parties for their use, of your information for direct marketing purposes; and (ii) Euclid’s collection of Registration Information and Activity Information please click http://go.euclidanalytics.com/euclid-services-opt-out. For clarity, we may still collect and use (except for direct marketing purposes) your MAC Address. For your choices in this regard – please see the “Mobile Location Analytics Code of Conduct” section above). The foregoing includes your opt out rights pursuant to California Civil Code 1798.83.
Data Protection Rights: – back to top
You also have the following data protection rights:
- If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the “Contacting Us” heading below.
- In addition, if you are a resident of the European Economic Area, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the “Contacting Us” heading below.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “Contacting Us” heading below.
- Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here).
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws
Data Storage and Retention – back to top
If you do not Register with the Euclid Services, we will retain General Visit Information for 24 months only after “hashing”. Hashing is essentially a way of scrambling the information into a randomized string of numbers and letters. If you are Registered, General Visit Information, Registration Information and Activity Information is retained for as long as we deem reasonably necessary to continue to provide our services
Legal Basis for Processing Personal Information (EEA End Users and visitors only) – back to top
If you are an individual from the EEA, where we are collecting and using your personal information as a controller, our legal basis for doing so will depend on the personal information concerned and the specific context in which we collect it. However, we normally rely on our legitimate interest to collect personal information from you, except where such interests are overridden by your data protection interests or fundamental rights and freedoms. Where we rely on our (or our Partner’s) legitimate interests to process your personal information, they include the interests described in the sections above headed “How We Use Your Information”. In some cases, we may rely on our consent or have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If you are an individual from the EEA, when you Register with the Euclid Services, we do not combine Registration Information and Activity Information with General Visit Information previously collected from your mobile device.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contacting Us” heading below.
International Data Transfers – back to top
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective). Specifically, our servers are located in the U.S., and our group companies and third party service providers operate around the world. This means that when we collect your personal information we may process it in any of these countries. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice.
EU-U.S. Privacy Shield Privacy Shield Framework – back to top
Euclid Analytics, Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively, “Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from the European Economic Area (“EEA”) and Switzerland.
Euclid has certified that it adheres to the Privacy Shield principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitations, access, and recourse, enforcement and liability. Euclid complies with the Privacy Shield principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions. To learn more about the Privacy Shield program, and to view our certification page, please visit www.privacyshield.gov.
Euclid’s participation in the Privacy Shield applies to all personal data collected from the EEA and Switzerland, respectively through the Euclid Services (described at http://geteuclid.com/products/).
Euclid will endeavor to resolve complaints about your and our collection or use of your personal information. EEA or Swiss citizens with inquiries or complaints regarding our privacy practices should first contact Euclid at firstname.lastname@example.org. Euclid has further committed to refer unresolved privacy complaints to an independent dispute resolution mechanism – the Judicial Arbitration and Mediation Service (“JAMS”). If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Euclid, you may contact JAMS (https://www.jamsadr.com) to file a complaint.
As a last resort and under limited circumstances, EU and Swiss individuals with residual privacy complaints not resolved pursuant to the foregoing mechanisms may invoke a binding arbitration option before the Privacy Shield Panel. For more information regarding the submission of complaints, please see https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint.
Euclid is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
How We Keep Your Personal Information Secure – back to top
We use appropriate administrative, organizational, technical, and physical safeguards to protect the personal information we collect and process about you. The measure we use are designed to provide a level of security appropriate to the risk of processing your personal information and to help ensure that your data is safe, secure, and only available to you and to those you provided authorized access (e.g., your users). Specific measures we use include using secure socket layer protection (which you can look up on your favorite search engine). However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so you should take care in deciding what information you send us in this way.
Changes to this Privacy Notice – back to top
We may update this Privacy Notice from time to time. This Privacy Notice applies to information we collect while that notice is in effect. If there are new material Privacy Notice changes – they apply to information collected after the new Privacy Notice comes into effect (unless we get your consent to have it retroactively apply). The date of the latest version of this Privacy Notice is listed at the top of this notice.
Contacting Us – back to top
If you have any questions regarding our privacy policies, please send us a detailed message to email@example.com or Euclid, Inc. (ATTN: Privacy), 400 Alabama Street, San Francisco, CA 94110. Please write the following in the subject heading: “Privacy Notice Inquiry”.
For EEA Residents
For the purposes of EU data protection legislation, the “data controller” of your personal information is Euclid Analytics, Inc. Euclid has appointed Adam Zagaris to be its representative. You can contact them directly regarding the processing of your personal information by Euclid Analytics, Inc. by email at firstname.lastname@example.org.