Privacy notice

Last updated: 28.03.2024

1. Introductory text (always visible)

With this privacy notice we would like to inform you about how we collect, process and secure personal data. The protection of your privacy is of the utmost importance to us, so it goes without saying that we comply with the legal stipulations on data protection.

2. Contact details of responsible party
Placense Ltd
Represented by Dan Gildoni
Yigal Alon St 114
Tel Aviv, 6744320
Israel

E-Mail: [email protected] | website: www.placesense.ai

3. Data Protection Officer
Should you have any questions about our data protection measures, the processing of your data or the protection of your rights as a data subject, you can contact us and our data protection officer as follows:

ePrivacy GmbH
represented by Prof. Dr. Christoph Bauer
Burchardstraße 14, 20095 Hamburg
Germany

E-Mail: [email protected] | website: www.placesense.ai

4. Categories of personal data
Personal data is all information about an identified or identifiable person. This includes the following categories of personal data that we process:

4.1. Data from website visitors, prospects, and clients
In order to serve you the most relevant content, optimize the website and engage with potential and current clients as well as manage communications, Placense may collect the following:
• Your business contact details (such as first and last name, title, job position, company, e-mail address, phone number)
• Your correspondence with us
• Information about your operating system, browser type, Internet Service Provider (ISP), visit to our website and behavior on our website (e.g. clicks & time of clicks), referring pages, destination pages, page and file views
• Online identifiers (such as cookie IDs, IP addresses, advertising IDs)

4.1.1. Cookies and tracking technologies
Placense uses multiple technologies for purposes such as analyzing trends and interaction with our website, storing your preferences, setting online services or advertisement across websites.

One of these technologies is called cookies. A cookie is a small text file sent from a website to your computer or mobile device where it is stored by your web browser. Cookies may store information such as your IP address or other identifier, your browser type, and information about the content you display and interact with on the digital services. By storing such information, cookies can e.g. store your preferences and settings for online services and analyze how you use online services.

Further technologies, such as beacons, gifs, pixels, Page tags or scripts, may be deployed by Placense to better analyze and improve our services. For example, e-mails or images may contain small transparent files to record how recipients or viewers interact with them.

Depending on the settings selected by the user in their internet browser or the choice made when first visiting our website and accepting our consent pop-up, cookies are automatically accepted. However, this setting can be changed and the storage of cookies deactivated or set in such a way that the user is informed as soon as a cookie is set.
If the use of cookies is deactivated, some functions of the website may not be available or may only be available to a limited extent. You can prevent the setting of cookies by our website at any time by means of a corresponding setting in the internet browser or consent pop-up and thus permanently object to the setting of cookies.

Cookies that are already active can be deleted at any time via the settings of your internet browser or other software programs. We may work together with advertising partners who help us to make our online offer more interesting for you. In this case, cookies from partner companies may also be stored on your hard drive when you visit our website (cookies from third parties).

Essentially, Placense deploys two types of cookie categories.

Session cookies are used for the duration of a session and are automatically deleted when the executing browser is closed. They ensure, for example, that video and audio files can be played, that your user input is temporarily stored during the time of entry and thus the user-friendliness is improved.

Persistent cookies remain on your end device after closing the browser. These cookies can, for example, save your user preferences, such as language settings, and analyse user behaviour on our website. Storage duration of persistent cookies corresponds to the respective duration of the individual cookie. Afterwards they are automatically deleted.

4.2. Geolocation data from smartphones
While Placense business clients receive anonymous, aggregated foot traffic statistics for locations and areas, Placense itself receives so-called pseudonymized smartphone geolocation data with the consent of the smartphone user via partner companies. Pseudonymous information include:
• Geolocation of device (latitude, longitude, in some cases also altitude)
• Timestamp
• Device identifier, also referred to as advertising identifier (IDFA, AAID)
• Distinction between foreground/background signal
• Partner company
• Hashed App ID
Placense applies hashing to change device IDs and does not receive additional information (such as name, address, e-mail or phone number) which could potentially allow for an identification of a smartphone owner or user. Still, under the European privacy law GDPR, pseudonymous information is regarded as personal data, as an identification cannot be ruled out. Therefore, Placense includes it within this privacy notice.
To prevent any identification or cross-referencing when providing services and analyses to clients, Placense turns pseudonymized data into anonymous statistics and geo-visualization on an aggregated, anonymous level.

Smartphone users can turn off or adjust location sharing in the device settings:
Android: Settings > Location > choose location sharing preferences or app permissions
iOS: Settings > privacy > location services > choose location sharing preferences

Smartphone users can disable access or reset the advertising ID:
Android: Settings > Google > Ads > toggle on Opt out of Ads Personalization
iOS: Settings > privacy > tracking > toggle off Allow Apps to Request to Track
Important: Once you’ve disabled or reset your advertising ID, Placense will not be able to fulfill specific information requests about data that has already been collected.

Placense does not intend to receive data from children under the age of 16. If you believe that Placense has inadvertently collected data from children under the age of 16, please contact our Data Protection Officer via the contact details mentioned at the top.
4.3. Statistical data provided by Placense partners, clients and others
Placense receives anonymous, non-personal statistics from market research firms, clients or other business partners. This data may include general information such as demographics.

As this anonymous data cannot be linked to individuals, it will not be further addressed in the subsequent chapters.

4.4. Statistical Open Data
Placense collects anonymous, non-personal statistics from diverse sources such as publicly available databases and mapping platforms.

As this anonymous data cannot be linked to individuals, it will not be further addressed in the subsequent chapters.

5. Purposes of processing

5.1. Data from website visitors, prospects, and clients
Placense processes business-related website visitor, prospect and client data to:
• Optimize relevancy of content
• Ensure website quality
• Monitor website performance and statistics across channels
• Serve relevant advertisement across channels
• Dispatching our newsletter
• Process requests, contact form information as well as contracts
• Manage and participate in events, competitions, surveys or applications
• Correspond and interact with website visitors, prospect, clients, partners and others
• Provide and improve services
• Manage and optimize interaction with our platforms
• Manage and participate in events, competitions, surveys or applications

5.2. Geolocation data from smartphones
Placense processes pseudonymous location data from smartphones to create anonymous statistics and geo-visualization for the purposes of applying market research to generate audience insights and/or location-based analytics on an aggregated, anonymous level. Location data is not received if the smartphone user has not provided his consent to the collection and processing for the aforementioned purposes.

Placense provides these anonymous statistics to various types of businesses and organizations, including but not limited to real estate firms, retailers and municipalities. Clients use the data to make smarter decisions based on objective statistics, such as:
• Monthly estimated foot traffic trends in specific areas, stores or locations
• Distribution of catchment areas or visualization of mobility heatmaps
• Popular times and days for an average week
Ultimately, clients use this data to create a better, more sustainable physical world, e.g., to provide more meaningful services or build and optimize properties so they serve the need of most people in surrounding areas.

6. Legal bases
6.1. Data from website visitors, prospects, and clients
Unless Placense specifically asks for consent, we process data of website visitors as well as freemium service and product users based on our legitimate interests (Art. 6 para. 1 lit. f) GDPR) to produce statistics, protect our system against misuse, improve our service and offering, perform marketing of business contacts or correspond with you.

In specific cases, such as sending a newsletter, we ask for consent beforehand. Data processing is thereby then based on consent (Art. 6 para. 1 lit. a) GDPR).

If you contact us to exercise your rights and perform so-called data subject requests, we may store your data to fulfill our legal obligations (Art. 6 para. 1 lit. c) GDPR).
If you’re an existing or future client of Placense, we process your data to initiate or execute a contract with you (Art. 6 para. 1 lit. b) GDPR).

6.2. Geolocation data from smartphones
Placense processing of location data for the purposes outlined above is based on the consent of smartphone users (Art. 6 para. 1 lit. a) GDPR). Without a valid consent (also referred to as opt-in), Placense does not receive location data from its partners, i.e. app publishers and/or data providers, that perform the data collection. The opt-in of a smartphone user is stored in the Consent Management Platform (CMP) of the partner.

If smartphone or app users want to stop location data collection for specific purposes or by specific companies, they can withdraw the consent (also referred to as opt-out) by following the instructions provided by the partner and/or app. This will automatically stop the location data collection by Placense, if the user does not opt-in again at a later point in time. Location data collected before the opt-out, i.e. data collected with a valid consent, will continue to be processed. For more information on how stop any data processing, deletion of data or additional rights, please visit the “your rights” section.

7. No Requirement or Obligation to Provide Data
Unless this is expressly stated, the provision of data to Placense is not required or obligatory.

8. Sources
8.1. Data from website visitors, prospects, and clients
If we do not receive the data from website visitors, prospects or clients themselves -directly when communication or indirectly when interacting with our services, platforms, and website- we receive it from the following sources:
• Conference lists or platforms
• Social networks
• Online searches, websites and databases
• CRM system and integrations
• Specialised B2B contact service providers
• Business contacts

8.2. Geolocation data from smartphones
All pseudonymous location data is, based on a valid consent, collected via app publisher and/or data providers, collectively referred to as partners.

9. Storage periods and locations
Placense stores personal data according to the applicable purposes and regulations:
• If we rely on consent for data processing, at most until consent is revoked;
• if we need the data for the execution of a contract, at most for as long as the respective contractual relationship exists;
• if we use the data on the basis of a legitimate interest, at most for as long as your interest in deletion or anonymisation does not outweigh the data;
• insofar as statutory storage obligations exist, until the end of the storage periods.

Once the storage period ends, the data is irreversibly deleted or anonymized.
Data that is turned into anonymous statistics and geo-visualizations is non-personal, and can thus be stored without a need for deletion.

All pseudonymous location data is stored on secure Google Cloud Platform (GCP) or Amazon Web Services (AWS) servers located in the European Union.

10. Recipients
10.1. Data from website visitors, prospects, and clients

When processing data of website visitors, prospects and clients, we work with the following service providers who have access to the data:
Newsletter and E-Mail Marketing Services
• Hubspot

Webanalytics
• Google Analytics
• Hotjar

Advertising Services
• Facebook Custom Audience
• Facebook Lookalike Audience
• Google Ads
• Google AdSense
• Google Remarketing
• LinkedIn Conversion Tracking
• LinkedIn Website Retargeting

Social Media PlugIns
• Facebook
• YouTube
• LinkedIn

Application Management
• BambooHR

CRM Management
• Hubspot

Consent Management
• Usercentrics

Other Third-Party Services
• ReCaptcha
• Google Fonts

Service optimization and usage tracking
• Mixpanel
• Hotjar
• Pendo

10.2. Geolocation data from smartphones
Placense pseudonymous location data is limited to internal use only, namely, to generate anonymous statistics and geo-visualizations. Clients never receive pseudonymous location data. Clients only receive anonymous, non-personal statistics and geo-visualizations.

To maintain the highest degree of integrity, confidentiality and availability, Placense uses cloud service providers GCP and AWS to store, anonymize and analyze pseudonymous location data. GCP and AWS can thus be considered recipients, even though they do not access or use the data if not required by law.

11. Transfers
Data is mainly being transferred within the European Economic Area.

We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can ensure the careful handling of personal data by means of contractual agreements or other suitable guarantees, such as certifications or proven compliance with international security standards.
In accordance with this, Placense employees based on Israel may need to access EU cloud systems and thereby transfer data to Israel, which the European Commission regards as providing adequate safeguards. “The effect of such a decision is that personal data can flow from the EU (and Norway, Liechtenstein and Iceland) to that third country without any further safeguard being necessary. In others words, transfers to the country in question will be assimilated to intra-EU transmissions of data” (Source).

12. Security
Protecting personal data is our priority. Placense takes appropriate technical and organizational security measures to ensure the ongoing integrity, confidentiality, availability and resilience of our systems and the personal data it holds. We apply, inter alia, 2-factor-authentication, encryption, need to access principles and anti-malware software, as well as different physical access controls. These and other security measures serve the purpose of protecting any personal information against loss, misuse, and unauthorized access, alteration, disclosure, or destruction.

13. Your rights
As a data subject, you have the following rights:
• To request information about the processing of your data, as well as to receive a copy of your personal data. Among other things you may request information on the purposes of the processing, the categories of personal data processed, the recipients of the data (if a transfer is made), the duration of the storage or the criteria for determining the duration;
• To receive personal data relating to you in a structured, common and machine-readable format or to transfer it to another person in charge;
• To correct your data. If your personal data is incomplete, you have the right to complete the data, taking into account the purposes of the processing;
• To have your data deleted or blocked;
• To have the processing restricted;
• To object to the processing of your data;
• To revoke your consent to the processing of your data for the future and
• To complain to the responsible supervisory authority about unauthorised data processing.
You may exercise these rights by sending a request to our Data Protection Officer (contact information at the top of this notice). We strongly recommend contacting our Data Protection Officer (DPO) via e-mail to ensure a response without undue delay.

With respect to location data in particular, you have two options to exercise your rights, whereas both options are not mutually exclusive but can be exercised in parallel.
First, you can exercise your rights by sending a request directly to our partners, i.e. app publishers and/or data providers. In case of questions with respect to this option, please contact our DPO via e-mail.
First, you can exercise your rights by sending a request directly to the Placense DPO, ideally via email.
Please note that we can only fulfill your request if you provide us your advertising ID and if this advertising ID has not been reset. To find your advertising ID, we recommend the following:
Android: Settings 🡪 Google 🡪 Ads 🡪 ID can be found at the bottom
iOS: To view your ID, you need to download either the app “my device ID” by AppsFlyer or the app “My TUNE Device” by TUNE

In specific cases, Placense may require you to provide additional information, such as attaching a copy of your personal ID document to verify your identity.

14. Further information on data protection
Placense LTD participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Placense’s identification number within the framework is 903.

15. Updates of privacy notice
Placense may update this privacy notice from time to time to reflect changes in our processes.
The latest status of this privacy notice is indicated by the data mentioned at the top of the notice. We recommend reviewing this privacy notice on a periodic basis.