Privacy Statement
Effective date: August 26, 2019
1.0 Overview
FootfallCam respects and upholds the privacy of every individual. We put in continuous effort in designing a system that not only complies with the current regulations in place but also goes beyond in ensuring the privacy of the individuals visiting your venues. We follow three principles in designing our system:
-
We have no intention of capturing any personal information that is identifiable
-
Any information we collected will be rendered anonymous through pseudonymization
-
Data are kept and processed as statistical data are unable to be identified to any individual
FootfallCam adheres and maintain our compliance to the General Data Protection Regulations (GDPR) and proactively works towards greater personal data protection.
2.0 Data Protection Policy
Pursuant to article 28.3 of Regulation (UE) 2016/679, the processing of personal data handled by FootfallCam is set as below.
2.1 Data Protection Officer
FootfallCam has appointed the Director of Software Architecture as the Data Protection Officer (DPO) who will ensure that all personal data is obtained and processed in a manner that complies with this statement and data protection laws.
2.2 Protection by Design
All IT systems, processes and applications have undergone strict assessments are reviewed in accordance with GDPR requirements. An annual data protection compliance audit will be performed to ensure an adequate level of compliance with data protection laws and GDPR.
2.3 Data Protection Principles
Principle 1: Lawfulness, Fairness and Transparency.
Personal Data will only be collected for one of the purposed specified in the applicable Data Protection regulation and the method of processing that will occur will be thoroughly explained to the Data Subject. By providing Personal Data, Subject consent to the use of data to fulfil the purpose of collection or as requested by Subject.
Principle 2: Purpose Limitation.
Personal Data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible or exceed those purposes.
Principle 3: Data Minimisation.
Personal Data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed and used.
Principle 4: Storage Limitation.
In line with Principle 3, Personal Data shall be kept for no longer than necessary for the purposes outlined to the Subject.
Principle 5: Accuracy.
Personal Data which needs to be stored for a defined period of time as requested must be kept accurate and up to date, thus out of date and redundant data shall not be retained unless specified by Subject.
Principle 6: Integrity & Confidentiality.
Personal Data shall be processed and stored in a manner that ensures appropriate security of data, including protection against unauthorised processing and accidental loss, destruction or damage.
2.4 Subject-Matter of the Processing
All data flow from FootfallCam and throughout the infrastructure undergo strict assessment to comply with standard global data privacy act around the world. All annual data protection compliance audit will be performed on a bi-annually basis to ensure adequate level of compliance with data protection laws.
2.5 Duration of the Processing
All data are processed instantaneously from within the FootfallCam people counter prior to being sent to the FootfallCam server. From the FootfallCam device, all personal data collected are hashed on the counter level and the only result that is sent to the FootfallCam server are processed MAC addresses, as specified in Data Integrity Section 1.2.
3.0 Data Processing
1) What information does FootfallCam collect and why?
When you walk with your mobile device (with its Wi-Fi function enabled) into a retail space that uses our technology, FootfallCam senses the following: the presence of the device, its signal strength, its manufacturer (Apple, Samsung, etc.), and a unique identifier known as its Media Access Control (MAC) address. This combination of numbers and letters identifies a specific device to the surrounding Wi-Fi networks. Because the MAC address does not disclose the device owner's real-world identity nor any other personal data, that information is never collected.
The MAC address is hashed immediately after it is collected, the hash performed is a one-way hash and is irreversible. FootfallCam collects and aggregates only anonymous data from your device into reports for retail clients. These reports are used to improve store layouts, determine shopper engagement, timing for promotions and sales, measure the effects of advertising, and set staffing levels and store hours.
The hashing algorithm for MAC address used is PBKDF2WithHmacSHA256, which is designed for password hashing hence it is a slow algorithm. This is good for password hashing as it reduces the number of passwords by second an attacker could hash when crafting a dictionary attack. Having a salt added to the password reduces the ability to use precomputed hashes for attacks, and means that multiple passwords have to be tested individually, not all at once. The standard recommends a salt length of at least 64 bits. The US National Institute of Standards and Technology recommends a salt length of 128 bits, and FootfallCam is using 256bits in this instance.
FootfallCam is installed downwards facing the ground, our device only tracks the height of an individual entering and leaving the area and is unable to pickup the facial features of the individual. During normal operations, the device will only send purely statistical data to the server, and any data we collected are non-visual and will not be able to be identified with any individuals.
2) How does FootfallCam collect information?
When any Wi-Fi-enabled mobile device (such as a smartphone, tablet, or computer), the WIFI SSID is turned on, it regularly sends signals to announce its presence to nearby wireless networks. FootfallCam can sense when Wi-Fi-enabled devices make a signal. FootfallCam saves the information embedded in the signal, including a device's unique MAC address. FootfallCam promptly hashes the MAC addresses it collects in order to de-personalize the data, and then transmits it to a database. The data is then used to produce the reports for our retail clients. We contractually prohibit downstream recipients from attempting to use the data to identify a particular individual.
The counting of visitors to the site is done purely in the device itself and only the statistics of the visitor count is uploaded and aggregated on the server. This design has in mind the privacy of the visitors to the site and also to optimise the bandwidth of the store's network.
FootfallCam's software was specially written to limit the sensor to collect only the data we need to improve client operations. At no point is your name, phone number, or any other personal information collected.
3) If FootfallCam's data do not contain names or other personal information, how is it useful?
Our clients use the reports that generates to answer questions such as: How many new shoppers did I have this week vs. last week? Do more people stop and enter the store with one window display vs. another? How well did my marketing campaign work? How was the shopper engagement in the store? Answering these questions requires no personal information of any kind. We only need to determine the amount of traffic that came into the store.
4) With whom does FootfallCam share information?
We share information only with our clients--the retailers from whose stores the anonymous data is captured. When FootfallCam provides a third party with an analysis of foot-traffic trends, it never includes device-specific data nor any names of stores included in the analysis. Only aggregated data is used.
We do not sell, rent, or otherwise disclose device-specific information to third parties. By design, FootfallCam's data contains no personal information nor real-world identities of shoppers; none of that data is ever collected.
5) How does FootfallCam store data?
FootfallCam counters record these signals and send them to the cloud. For privacy, every MAC address will be hashed before it is being sent and stored in the server, preventing unauthorized users from accessing to these data. Because shoppers don't need to actually connect to your Wi-Fi network or install a mobile app, you can measure their activity without interrupting their shopping experience.
Hashed data cannot be reverse-engineered by a third party to reveal a device's MAC address. This means that anyone who gains access to the database--authorized or unauthorized--would see only long strings of numbers and letters. They would be unable to get any information that could be linked to a back to a particular mobile device owner. We retain data from individually hashed MAC addresses for 24 months unless we have to keep the information for legal purposes. After 24 months, we only retain data about hashed MAC addresses in aggregate form.
6) How does FootfallCam work with governments and law enforcement?
FootfallCam does not respond to government requests unless we belief in good faith that a response is mandated by law. We require a warrant or court order before disclosing any of the limited amount of device location data that we possess.
7)How does FootfallCam protect consumer privacy?
In an effort to protect consumer privacy, FootfallCam complies with the Mobile Location Analytics Code of Conduct. This code was established as an industry-wide standard for protecting the privacy of consumers when dealing with their mobile device data. It also defines rules of engagement for technology companies like FootfallCam to inform consumers about foot-traffic analysis and provide an easy way to opt out.
8) Can anyone opt out and delete the data FootfallCam has about a particular MAC address?
Yes. You can opt out by submitting your MAC address. FootfallCam will remove any existing data about that MAC address and will collect no further data about that MAC address in the future.
9) How does FootfallCam safeguard information of consumers?
FootfallCam is alert of your personally identifying information and take precautions to protect it. When you have provided us your sensitive information via the website, your information is protected both online and offline. This site does not store any personally identifying information online. Any of the information you have submitted to us via any forms on this website or email is being protected offline. Your personally identification information will only be used by our employees, who needed the information to perform specific job, e.g. billing or customer service. The computers and servers which we store your personally identifiable information are kept in a secure environment.
10) What information are collected for FootfallCam accuracy audits?
After every installation of a FootfallCamTM, it is important that it achieves more than 90% accuracy level. This is ensured through manually verifying the accuracy achieved. This verification process involves recording a short clip of video and manually counting and comparing with the counting data obtained.
As the people counter is installed on the ceiling, the video recorded does not capture the entirety of consumers nor does it recognise facial features of consumers, FootfallCam does not function as a CCTV. FootfallCam only records short moments of video of upwards 30 minutes for the purpose of accuracy audit to compare manual people counting against systematic counting. Afterwards, no videos are captured by the device to assure complete consumer privacy.
4.0 Data Protection
4.1 Storage and Retention of Data Images
FootfallCam do not record nor retain any form of personal data unless requested by the Subject. Subject is given the right to opt-out if they do not wish to save the data. We will only store these personal data if the consent of the user is obtained.
Recorded data will not be retained for longer than necessary in relation to the purposes for which it was originally recorded. All personal data shall be deleted as soon when the purpose of collecting is fulfilled and there is no longer a valid reason to retain. All retained data will be stored securely at all times.
4.2 Access
Access to any retained data e.g. photo images will be restricted to authorized employees. There is strictly no disclosure of data to third parties other than authorized personnel e.g. Police and Service Provider to protect our rights.
4.3 Secure Central Server Protection
-
Watchdogs - Watchdogs are programmed to routinely check all gateways and detect any suspicious activity or multiple failed attempts. If detected, our security staff are immediately alerted.
-
Firewalls - Firewalls are used to prevent unauthorized internet users from accessing FootfallCam servers. Each message entering or leaving the FootfallCam servers are examined and those that do not meet our specified security criteria are automatically blocked.
-
24 Hours Security Monitoring - Our dedicated monitoring team operates 24/7 to ensure that the highest security standard is maintained at all times. An abused account would be suspended immediately and dealt by our security personnel directly.
5.0 Cookies
FootfallCam use browser "cookies" on this site. A cookie is a piece of data stored on a site visitor's hard drive to help us on improving your future access to our site. The cookies we use will not provide any personally identifying information about you or provide us any way to contact you, furthermore, the cookies will not extract any information from your computer. The cookies we use may identify repeat visitors to our site. As say for instance, when we use a cookie to identify you, you would not have to log in a password more than once and therefore saving time for you while accessing our site. Kindly take note that our site does not require any log-in to view it, browser cookies may still be created for non-personally-identifying visit information. Cookies may enable us to track and target the interests of our users thus enhance the experience on our site. Usage of cookie will not linked to any personally identifiable information on our site.
6.0 Google AdWords' Remarketing
FootfallCam utilize Google AdWords' remarketing to advertise advertisement trigger across the Internet. This AdWords remarketing will display relevant ads tailored to you based on parts you have viewed on FootfallCam website by placing a cookie on your machine. This cookie will not in any way to identify you or give access to your computer. The cookie is meant to "This person visited this page, so show them ads relating to that page." Google AdWords Remarketing will allow us to tailor our marketing to better suit your needs and only display ads that are relevant to you.
Visitors may opt-out of Google's use of cookies by visiting Google's Ads Settings page. Alternatively, you may also opt-out of a third party vendor's use of cookies by visiting the Network Advertising Initiative opt-out page.
7.0 Breach Reporting
Any individual who suspects that a Personal Data Breach has occurred must immediately notify us at support b, providing a description of what occurred. Once confirmed that a Breach has occurred, the Data Protection Officer and relevant officers will follow the relevant procedure based on the criticality and quantity of Personal Data involved. We view a Breach in Personal Data as serious offense. Immediate investigation shall commence and notification email will be sent to inform on the commencement of investigation. A full report of the Breach will be generated after the investigation is completed and sent to relevant individuals for report purpose.
8.0 General Data Protection Regulation Compliance
FC - F3D01
General Data Protection Regulation Compliance
Pursuant to article 28.3 of Regulation (UE) 2016/679, the processing of Personal Data as agreed between the Users is set as below.
ARTICLE 1 SUBJECT-MATTER OF THE PROCESSING
All data flow from FootfallCam and throughout the infrastructure undergo strict assessment to comply with standard global data privacy act around the world. All annual data protection compliance audit will be performed on a bi-annually basis to ensure adequate level of compliance with data protection laws.
ARTICLE 2 DURATION OF THE PROCESSING
All data are processed instantaneously from within the FootfallCam people counter prior to being sent to the FootfallCam server. From the FootfallCam device, all personal data collected are hashed on the counter level and the only result that is sent to the FootfallCam server are processed MAC addresses, as specified in Data Integrity
ARTICLE 3 NATURE AND PURPOSE OF THE PROCESSING
FootfallCam uses Wi-Fi counting to measure the metrics more than just the visitors' INs and OUTs by video counting. FootfallCam people counter is a Wi-Fi hotspot itself within a 100-meter radius. Through this, more metrics such as outside traffic, turn in rate, visit duration, returning customer may be measured as referenced in Data Integrity
ARTICLE 5 TYPE OF PERSONAL DATA
There are two types of data collected from people counter which are video counting raw data and Wi-Fi raw data. All personal data that are collected are processed from the FootfallCam device as highlighted in Data Integrity
ARTICLE 6 CATEGORIES OF DATA SUBJECTS
All levels and categories of data subjects and how they are aggregated are specified in Data Integrity
ARTICLE 7 TECHNICAL AND ORGANISATIONAL MEASURES
Corrective measurements are in place for all technical and organizational measures on the failure for data collection as specified in Data Integrity
9.0 Updates and Enquiries
Our Privacy Statement may vary from time to time and all updates will be posted on this page if any changes made. This statement is maintained and reviewed periodically to reflect the updated privacy laws and GDPR compliance. FootfallCam's Data Protection Officer is responsible for accuracy and maintenance of this policy. If you have any questions or enquiries regarding our Privacy Policy, kindly send us an email to [email protected]