United States Privacy Statement (“US Privacy Policy”)

Introduction/Scope: All users of US Applications in the United States.

1. Introduction

CloseComms Ltd (“We” or “Us” or “Our” or “CloseComms”) is the developer of a portfolio of Wi-Fi applications and (“the Apps” or, individually, “the App.”). We provide App user, with valuable services, in particular Wi-Fi connectivity (“the Services”). Please read this Privacy Policy, as well as our respective App Terms of Use, carefully and in their entirety before using this App. By agreeing to this Privacy Policy, you confirm you are over 13 years old.

Our sponsors and our business partners may have co-branded these applications (“Business Partners”). Each of them will have their own privacy policies, but CloseComms is independent. Please review the terms and conditions as well as privacy policies of our Business Partners closely before you proceed. If there are any conflicts between this Privacy Policy and the privacy policy of any of our business partners, the terms of this Privacy Policy will prevail for CloseComms.

This Privacy Policy describes the information CloseComms collects from you when you download an App in our portfolio to your phone or other Internet-connected device and when you use the Services available through the App, and describes what may happen to that information.

This policy only applies to the App for any operating system platform or device on which it is installed. If you leave the App via a link or otherwise and go to a third-party website, you will be subject to the privacy policy of that website, and we do not accept any responsibility or liability for those policies.

This Privacy Policy is incorporated into, and part of, the App Terms of Use.

2. GDPR Principles

The following principles are complied with when processing personal data:

  •  Data is processed fairly and lawfully
  • Data is processed only for specified and lawful purposes
  • Processed data is adequate, relevant and not excessive
  • Processed data is accurate and, where necessary, kept up to date
  • Data is not kept longer than necessary
  • Data is processed in accordance with an individual’s consent and rights
  • Data is kept secure
  • Data is not transferred to countries outside of the European Economic Area (EEA) without adequate protection

3. Lawful Basis of Processing Data

The lawful basis of processing of data will always be determined prior to any data being processed. The laws for processing personal data under the GDPR are as follows:

  • Consent – the individual has given their Consent to the processing of their personal data.
  • Contractual – processing of personal data is necessary for the performance of a contract to which the individual is a party, or for CloseComms to take pre-contractual steps at the request of the individual.
  • Legal Obligation – processing of personal data is necessary for compliance with a legal obligation to which CloseComms is subject.
  • Legitimate Interests – processing of personal data is necessary under the Legitimate Interests of CloseComms or a Third Party, unless these interests are overridden by the individual’s interest or fundamental rights.
  • Public Task – processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
  • Vital Interests – processing of personal data is necessary to protect the vital interests of the individual or another individual.

CloseComms processes personal data under one, or more, of the following Lawful Bases:

  • Consent
  • Contractual
  • Legal Obligation
  • Legitimate Interest

4. Information We Collect, How We Collect It, and How Long We Collect It

4.1. Information collected through our Apps

When you download and use our apps, you will be asked to give permission for Location-based Services. We automatically collect certain information connected to your Wi-Fi enabled device.

Information we collect when you join the Wi-Fi or use the app:

  • Device MAC address
  • Device model
  • Device Brand
  • Operating System
  • Locale
  • Time Zone
  • Unique User App ID
  • IP address
  • Wi-Fi Signal strength to access point
  • Signal strength to Bluetooth beacon
  • Latitude & Longitude
  • Whether or not Location, Bluetooth, and Notifications have been enabled on the device
  • Phone number (if not using Android or iOS apps)
  • Email address (if not using Android or iOS apps)
  • MAC address of access point you first connected to

If your phone or other Internet-connected device is equipped with Global Positioning System (GPS), we may obtain, access, or use such GPS information for the provision of our Services. We collect your geolocation data from your device only after you explicitly give your permission for us to do this through the prompts appearing in the App.

If connecting via the Android or iOS app, we do not need your telephone number and email address. Therefore, we do not collect your phone number or email address, unless you optionally, and explicitly, provide it when if you leave store feedback within the app. If, however, you are connecting with an alternative device (e.g. laptop) then we do ask you for these details.

Information we collect about your Location:

  • Your location while using the App (optional) – if you give your consent, we obtain your location only while you’re using the App so that we can show you within the App the participating Subway restaurants nearest to your location, but you will not get any offers or discounts until you allow ‘Always’ permission.
  • Your location even when you’re not using the App (optional) – if you give your consent, we use a low-power mechanism to occasionally obtain your location when the App is in the background which does not strongly drain the battery of your device. We use this to send you offers and discounts based on your location, such as when you visit our stores and other locations of interest.
4.2. Information you provide directly through our App

CloseComms may make interactive features such as games available through the App, which may include public leaderboards. To be added to such a leaderboard with your game score you may choose to go public and provide us with information such as a pseudonym, an online identifier, or your name. Your public information includes said pseudonym or name and metadata provided with it. CloseComms may disseminate this information, meaning it will be visible to other users. When you share information or content like your pseudonym or name, you should think carefully about what you are making public.

Information you may choose to provide directly through the app:

  • Feedback
  • Store rating
  • Phone number
  • Email address
4.3. Information collected through our website

CloseComms’ website can be found at https://closecomms.com (“Website”). If you come to our Website, we use Google Analytics to aid us in providing you with information and in continuing to improve upon the provision and maintenance of such Services.

We or third party or other service providers may use cookies, web beacons, or similar technologies on your computer. You may block or delete cookies and controls to opt out of such data collection through your web browser settings. However, adjusting your browser settings and choices regarding such technologies may impact your experience with our Website and Services available through it, if any.

You may also use our contact information on the Website to contact us through a medium on your side (telephone, email, or postal service) and provide us with any information you wish to share through the medium of your choosing.

4.4. Information collected from social media platforms

You can enjoy additional benefits in the App by optionally signing-in via social media platform integrations. If you choose to do so, we collect the following additional information according to the social media platform you choose to sign-in with:

  • First name
  • Last name
  • Social display name
  • Email address
  • Gender
  • Approximate age
  • Photo URL
  • Provider of Social Media
  • Game high score

You can withdraw your consent for sharing this information at any time by signing-out of the App. We never post to, or comment in your social media account.

4.5. Data retention and data location

We will retain your information for as long as is necessary to provide you with Services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may also retain and use your information to make promotional offers to you as described, unless you have opted out of receiving such communications.

Data is stored on servers in accordance with local regulations. All personally identifiable information is deleted from our servers after 13 months. The data that we collect from you may be transferred to, and stored at, a destination outside the USA. It may also be processed by staff operating outside the USA who work for us or for one of our suppliers.

5. What We Do Not Collect

5.1. Personal information of children under 13

Our Application and Services, as well as our Website, are not designed to attract individuals under the age of 13. We do not collect or store any personal information, even in aggregate, about children under the age of 13. If we discover we have received any information from a child under the age of 13 in violation of this policy, we will delete that information immediately. If you believe that CloseComms has any information from or about anyone under the age of 13, please contact us at the contact points specified below.

6. How We Use The Information We Collect

We will use your information

  • To serve you advertising
  • To facilitate the use of our Wi-Fi network
  • To communicate with you via push notifications if you have permitted them
  • To enable you to participate in loyalty programs, offers, and other location-based services (e.g. to play games or music, through our business partners’ venues).
  • To provide technical support and to respond to your enquiries
  • To communicate about new features of the Service
  • To prevent fraud or illegal activities
  • To comply with any legal obligations
  • To improve the Service and your experience
  • To provide embedded social media services
  • To determine demographics without sharing details thereof

7. How and To What Extent We Disclose Information to Third Parties

7.1 Business partners

Your information is aggregated and shared with our Business Partners. We do not provide any personally identifiable information to any other third parties for any reason, except as outlined below in 7.2.

We do so to provide insights about customer behaviors based on the collection of GPS and Wi-Fi location. Your information is analyzed and processed to create anonymous aggregate reports before sharing. For example, reports are created to detail how many people visited a store, and the gender percentage, if such information is available. This information is used to improve the experience of the Services.

We share the following non-aggregated data with our business partners:

  • Device MAC address
  • Device model
  • Device Brand
  • Operating System
  • Locale
  • Time Zone
  • Unique User App ID
  • IP address
  • Wi-Fi Signal strength to access point
  • Signal strength to Bluetooth beacon
  • Latitude & Longitude
  • Whether or not Location, Bluetooth, and Notifications have been enabled on the device
  • Customer feedback and store rating
  • Phone number
  • Email address
  • First name
  • Last name
  • Social display name
  • Gender
  • Approximate age
  • Photo URL
  • Provider of Social Media
  • Game high score
7.2 Vendors

Except as described in this Privacy Policy, we will not share your personal information unless it is necessary to provide you with a Service, fulfil a transaction you have requested, or in other circumstances with your consent. We will disclose your information to trusted third parties acting on our behalf or under our instructions, including for purposes relating to the provision, operation, maintenance, administration, promotion, improvement, and oversight of our Apps, Services, or to fulfil your requests for information or Services.

We share information collected through our Apps (Section A), information you provide directly through our Apps (Section B), and information collected from social media platforms (Section D) with our hosting vendor/s and our infrastructure support vendor/s. At present they are:

7.3 Legal compliance obligations

We may disclose your personal information, including location and GPS data, in response to legal process (for example, a court order, search warrant, or subpoena) or requests from law enforcement authorities; in other circumstances in which we believe the sites, our Services or Website are being or has been used in violation of our App Terms of Use, applicable law or otherwise in the commission of a crime; when we have a good faith belief that there is an emergency that poses a threat to the safety of you or another person; when necessary to protect the rights or property of CloseComms or third parties; or to prevent fraud.

7.4 Purchase or sale

In the event that we are involved in a bankruptcy, merger, acquisition, reorganization or sale of assets, your information may be sold or transferred as part of that transaction.

8. Your Choices

8.1 Opt-out

With regard to geolocation, you may at any time opt out from further allowing CloseComms to access location data by adjusting your permissions in your mobile device. With regard to push notifications, you may at any time opt out from further allowing CloseComms Lab to send you push notifications by adjusting your permissions in your mobile device.

8.2. Discontinuance and deinstallation

You may stop using the Service at any time by discontinuing the App and uninstalling it.

9. Protecting Your Personal Information

We maintain safeguards designed to protect the information that we collect about you against accidental or unauthorized access or disclosure. However, protecting your information is a shared responsibility. We protect your personal information according to industry standard. We cannot control how third parties choose to use your personal information. You can protect your information by notifying us immediately of any suspicious activity.

10. Individual Rights

As a data subject, you have the following rights under the GDPR, which this Policy and Our use of personal data have been designed to uphold:

  • The right to be informed about Our collection and use of personal data;
  • The right of access to the personal data We hold about you (see section 11);
  • The right to rectification if any personal data We hold about you is inaccurate or incomplete (please contact Us using the details in section 12);
  • The right to be forgotten – i.e. the right to ask Us to delete any personal data We hold about you (We only hold your personal data for a limited time, as explained in section 6 but if you would like Us to delete it sooner, please contact Us using the details in section 12);
  • The right to restrict (i.e. prevent) the processing of your personal data;
  • The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
  • The right to object to Us using your personal data for particular purposes; and
  • Rights with respect to automated decision making and profiling.

If you have any cause for complaint about Our use of your personal data, please contact Us using the details provided in section 14 and We will do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.

For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.

Individuals (‘Data Subjects’) have the right to obtain:

  • Confirmation that their data is being processed
  • Access to their personal data
  • Other supplementary information (mostly the information provided in privacy notices)
  • Given a description of the personal data, the reasons it is being processed, and whether it will be given to any other organisations or people;
  • Given a copy of the information comprising the data; and given details of the source of the data (where this is available).

How do individuals (‘Data Subjects’) submit requests for their information?

The information CloseComms Ltd hold is available upon request by contacting info@closecomms.com.

Individuals can also request their data is updated and/or deleted at any time, unless CloseComms Ltd needs to retain it for legitimate business or legal purposes, by submitting a request to this email address.

11. Responding to Subject Data Access Requests

CloseComms Ltd may ask the individual to verify their identity before their request is actioned.

CloseComms Ltd has the right to ask the individual for enough information to judge whether the person making the request is the individual to whom the personal data relates. This is to avoid personal data about one individual being sent to another, accidentally or as a result of deception.

CloseComms Ltd has the right to ask for information that is reasonably needed to find the personal data covered by the request. If no personal information about the individual is held, they will be informed.

If data processing is outsourced, subject access requests may be sent to the third party to respond.

CloseComms Ltd will refer to the Company’s GDPR Data Register to locate all the information held on the individual and liaise with the CloseComms Ltd Departments and/or Third Parties concerned in order to collate all the information.

Information will be provided within at least one month of receiving the request. Where requests are complex or numerous, CloseComms Ltd has the right to extend the deadline for providing the information to three months. However, a response to the request explaining why the extension is necessary, will be sent within one month.

Data Access Requests that are manifestly unfounded or excessive can be refused or a charge be made. If a request is refused, the individual will be informed as to why and advised that they have the right to complain to the ICO and to a judicial remedy. The refusal will be made without undue delay and at the latest, within one month.

Information will be provided free of charge.

12. How to Contact Us

If you have any questions regarding this Policy, or are required to contact by the terms of this Policy, or if there are any privacy-related errors you wish to correct, please contact us by any of the following methods:

  • By the information on our CloseComms representatives as listed on our Website Contact page: https://closecomms.com/contact/ (please note “Privacy” in your subject line if choosing written communication)
  • By email to: privacy@closecomms.com
  • By writing us to: CloseComms Ltd, Bridge Building, 1a Godfrey Road, Newport, Gwent, Wales, UK, NP20 4NX

This US Privacy Policy was last revised on June 21st, 2018.