Last updated August 5th, 2020
Introduction & What this Policy Outlines
Thank you for choosing to be part of our community at InReality, LLC (“Company”, “we”, “us”, or “our”). InReality is committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at firstname.lastname@example.org.
Introduction & What this Policy Outlines
InReality, LLC is a data analytics platform company that utilizes sensors to develop key insights for venue marketing and tracking. Our platform processes detailed metrics for the purpose of improving venue marketing and sales. InReality Safe Space is our platform that is specifically designed to enhance safety and security in Venues.
ThermalMirror is a device that takes the temperature and other demographic metrics of Visitors. The device is contactless, meaning the Visitor does not have to touch it to use it. ThermalMirror functions with a heat sensor that detects temperature by recognizing and capturing different levels of infrared light. ThermalMirror is not a medical-grade device and has not been approved or reviewed by any medical authority or healthcare regulator. ThermalMirror is merely an indicative testing / non-diagnostic device. Further screening with medical devices are required to validate actual body temperatures. You should consult your own healthcare professionals regarding any potential health issues.
Glossary of Terms
- Aggregated Data: De-identified aggregated metrics: Data that cannot be reasonably used to infer information about or otherwise linked to a particular consumer, computer, or other device, e.g., five percent of the store’s visitors today were seen at some point in the past week
- Anonymized Data: De-personalized Data: Data that cannot be reasonably used to infer information about a particular consumer, but that may be associated with a particular computer or device, e.g, a hashed MAC address or facial pattern identifier
- Cloud Platform: InReality Venue Analytics platform, https://app.inreality.com/v3/
- Sensor Data: Any useful information that is tracked by a sensor as part of the Service and interpreted on the Cloud platform
- Personally Identifiable Information (PII): information that specifically identifies you as an individual. Personally Identifiable Information includes identity data (e.g., name or other similar identifiers) and contact data (e.g. address, email address, telephone number)
- Sensor: Any device that is part of the Service placed in a Venue that generates data
- Venue: each individual location where a Customer has implemented the Service
- Visitors: Individuals that choose to enter a Venue
What Information is Collected and How it is Collected
Data Captured In Venue
- InReality, and its Customers, capture data in Venues to provide more information about Visitor behavior and performance through a variety of sensors and other means. Much, if not all, of the Sensor Data is non-personal, meaning that no Personally Identifiable Information (PII) is captured, or stored, but only reports on Anonymized and/or Aggregated Data which we do not connect to any individual.
InReality’s Safe Space program allows Customers to take temperature and images of Visitors with the ThermalMirror device.
- By default, the ThermalMirror device anonymizes and aggregates any Sensor Data on temperature and facial recognition, so that the data and results are purely generalized data. By default, the ThermalMirror device does not associate any temperature or facial recognition data to a specific user or number ID. By default, the ThermalMirror device does not process any thumbnails, including the facial detection thumbnail. However, the Customer has the option to manually turn this functionality on in order to process thumbnails.
- By default, InReality does not retain any Personally Identifiable Information (PII), which may include name, temperature results, or a picture of the person taking the test.
- However, Customers, in accordance with their own policies and procedures, may elect to record temperature results, images of people taking the test, and/or employees or contractors to satisfy their local and individual needs. Please refer to the Customers’ privacy policies and procedures for more information on their privacy practices.
- The data retention policy for any logs is fully configurable. For retention purposes, we have the ability to push nothing into the cloud, some information to the cloud, or all information to the cloud, depending on Customer preference. All local logs are deleted once they are posted to the cloud. All logs are protected by reasonable access and security controls.
- By default, the Cloud Platform does not retain identification data for specific individuals, such as facial recognition for employee identification. The Customer has the option to manually turn this functionality on in order to simplify access to a Venue or track repeat visits from individuals.
- Individuals may opt-in to create an account with the Service to store images, Personally Identifiable Information (PII) or other data. In addition, Customers may configure the Service to automatically store such information for Visitors.
- Repeat Visitors:Sensors may track unique Visitors for repeat visits, but this is still Anonymized Data. We do not store images and instead use anonymous IDs or tags. We store facial pattern information and look back against that information. That information is still not image-based and cannot be reasonably reverse-engineered or linked to an individual person.
- If you choose to create an account with InReality, then InReality may retain your Personally Identifiable Information (PII) so that it can be easily accessed in the future as you use InReality Safe Space.
Data Collected from Third Parties
- InReality collects and transmits data that is relevant to in-Venue analytics that can come from third parties unaffiliated with us (Weather, Event Calendar, etc.), other sensor data, or from Customers (POS data, Loyalty data, etc.). In most cases, this data is non-PII (Weather or Event). In cases where the information may have PII information, that data is collected, initially stored, and transmitted to InReality by the InReality Customer.
- No Sensor Data is collected by third parties, or shared by InReality with such third parties.
Data Collected from the Cloud Platform
- InReality may collect PII when you sign up, purchase, or evaluate our products and services at the Cloud Platform. We collect information about you such as your name, employer name, email address, billing address. role/title and similar information. The purpose of this data is to appropriately create and administer logins to our Cloud Platform by users. This data is used to verify your identity for security reasons, access control, provide you with support and services, and provide you with information about other services and features of our platform.
- In order to obtain truly anonymous data, every sensor used by the Customer under the Company’s guidelines will retrieve generic information and immediately delete any non-generic information.
- No visual data is captured or stored at any time. Each body or face detected is assigned an anonymized ID or tag. No Personally identifiable information (PII) is collected by us by default.
- The Company keeps Personally identifiable information (PII) in a form which permits identification for no longer than is necessary for the purposes of further processing. The Company defines the necessary time as no longer than required for the software to correctly initiate and evaluate the Sensor Data. Usually this initiation and evaluation occurs in less than three-hundredths of a second. After such time has passed, all Sensor Data is either deleted or anonymized.
How We Protect Data & Individual Privacy
- All the anonymous Sensor Data generated by our Service is streamed through a SSL / TLS secure communication tunnel to our cloud where the data-at-rest is encrypted. Only our Customers can access via secure log-ins.
- Aggregated anonymous “metadata” (non-PII) information is sent to our Cloud Platform
- Wifi & Bluetooth Broadcast Beacons: Collected PII data is never sent over the network or saved in long term storage. When collected, the data is immediately de-personalized in-memory by hashing the PII. This is a one-way process that cannot be reasonably reversed. The original data is discarded, while only the new de-personalized data is sent over the network for further processing on our servers. We cannot reasonably and will not identify the individual persons.
- Camera Images: Camera images are never sent over the network or saved in long term storage. When collected, the image is immediately processed in-memory. The original image is discarded, while only the de-identified aggregated metrics are sent over the network for further processing on our servers. We cannot and will not retrieve the original images or identify individual persons.
Data Retention – How Long Data is Stored
- Any raw data we do collect is kept locally for 30 days and is configurable by the Customer. After the 30 day period, the raw data is deleted forever. Any raw data we do collect is also kept on the Cloud Platform for 90 days and is configurable by the Customer. After the 90 day period, the raw data is deleted by us forever. The results, metrics, and key insights derived from the raw data on the Cloud Platform are accessible indefinitely and are configurable.
- We use Sensor Data to provide de-identified aggregated metrics of the movement and behavior of the Visitors in a Venue. The Venue owner or operator will often use this for the purposes of enhancing the user experience, conducting internal audits, optimizing revenue generating activities, and more. A good example of a report we provide is: N number of individuals were seen at Location A between time X and time Y; we have seen a subset of those individual tags in the past and on average the N individuals spent Z minutes at the location.
- We may aggregate Sensor Data across multiple Customers and report on that data in an anonymized manner.
- Customers may access Sensor Data and Personally Identifiable Information (PII) of their own Visitors.
- Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our data processors. This means that they are not authorized to do anything with your information unless we have instructed them to do so. They are not authorized to share your information with any organization apart from us, and they will hold it securely and retain it for the period we instruct.
- Legal Compliance: We may share your information in response to a legal requirement, applicable law or to protect the legal rights or interests of InReality, our Customers or other parties.
- Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, or in connection with a bankruptcy or reorganization.
- By default, InReality’s data analytics and Cloud Platform do not use Employee Identification. Employee Identification means keeping the data of an individual employee’s facial recognition in order to exclude him/her from any KPI (Key Performance Indicators) or other results. If the Customer chooses to use Employee Identification, then there is an opt-in for each individual employee. This opt-in allows the individual employee to understand and agree or disagree to opt-in to using the Services.
California Privacy Rights
California law provides California residents with specific rights regarding their personal information. The California Consumer Privacy Act of 2018 (“CCPA”) defines “personal information” as information that identifies, relates to, describes, references, or is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. This section describes the rights that California residents have with respect to such personal information and explains how to exercise those rights, subject in all cases to any limitations set forth in the CCPA. Please refer to the sections above for more detail about the types of information collected, the purposes for which and sources from where we collect personal information, and the third parties with whom we share personal information.
California Specific Rights, Choices, and Opt-Outs: The CCPA provides California residents with specific rights regarding their personal information. The subsections that follow describe the rights that you have under CCPA if you are a California resident and explain how you can exercise those rights.
Right to Know About Personal Information Collected, Disclosed, or Sold. You have the right to request that we disclose certain information to you about our collection, use, disclosure, or sale of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Your Right to Know or Delete), and subject to certain limitations described below or set forth in the CCPA, we will disclose such information to you. You have the right to request any or all of the following:
- The categories of personal information we collected about you.
- The categories of sources from which the personal information is collected.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of personal information about you that we have sold or disclosed for a business purposes.
- The categories of third parties to whom the information is sold or disclosed for a business purpose.
- The specific pieces of personal information we collected about you.
- Deletion Request Rights. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Right to Know or Delete), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. However, we may retain personal information that has been de-identified or aggregated. Furthermore, we may deny your deletion request if retaining the information is necessary for us or our service provider(s) in order to perform certain actions set forth under CCPA, such as detecting security incidents and protecting against fraudulent or illegal activity.
Exercising Your Right to Know or Delete. To exercise your right to know or delete, please submit a request to us by either:
- Emailing us at email@example.com
- Calling us at 1.404.383.4075
Only you, or a person or business entity registered with the California Secretary of State that you authorize to act on your behalf (an “authorized agent”), may make the requests set forth above. The request should include your contact information and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. In addition, you should provide sufficient information that allows us to reasonably verify that you are the person about whom we collected the personal information or an authorized representative of that person. For more information about verification, see Response Timing and Format immediately below.
- Response Timing and Format. In order to protect the security of your personal information, we will not honor a request if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. The method used to verify your identity will depend on the type, sensitivity, and value of the information, including the risk of harm to you posed by any authorized access or deletion. Generally speaking, verification will be performed by matching the identifying information provided by you to the personal information that we already have. Any disclosures we provide will only cover the 12-month period preceding our receipt of your request (and will not be made more than twice in a 12-month period). If we cannot comply with a request, or cannot fully comply with a request, the response we provide will also explain the reasons we cannot comply.
- Personal Information Sales. We do not “sell” personal information, as that term is used under the CCPA.
- Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights.
Our Contact Information
- If you have questions or comments about this policy, you may email us at firstname.lastname@example.org.