Privacy Policy Statement (SDK Partners)

1. WHO WE ARE

This Privacy Policy describes how we, Opensignal Limited ("Opensignal", "we," "us" or "our"), collect, use, and share your personal data when you allow us access to your data in connection with your use of a mobile application operated by one of our partners (“Partner”).

We request access to your reception data (and some additional data relating to you or your device) in order to measure the availability and signal quality of communication networks (“our Services”). 

Opensignal is responsible for the control and processing of personal data that we collect from your device. If you have any questions or concerns about Opensignal’s use of your personal data, please contact us at [email protected]

The purpose of this Policy is to inform you about our privacy practices and to ensure that you understand the purposes for which we collect and process your personal data. The following is a brief summary of the manner and purposes for which we process your personal data.

Our mission is to analyze and review the availability, service coverage, performance and signal quality of numerous mobile networks all over the world. We obtain the relevant data by collecting measurements relating to signal reception and quality from users of mobile devices.

IF YOU HAVE RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT, PLEASE SEE THE CCPA SUPPLEMENT BELOW IN SECTION 11. IF YOU HAVE RIGHTS AS A RESIDENT OF NEVADA, PLEASE SEE THE YOUR NEVADA PRIVACY RIGHTS SECTION 12 BELOW.
 

2. HOW WE COLLECT AND USE YOUR PERSONAL DATA

When allowed access to your data, we collect data from your mobile device both when you are using our Partner’s app and when it is closed.

We take repeated measurements from your device from time to time including location data (which include GPS coordinates or similar information regarding the location of your device), network type, network operator, cellular and Wifi signal strength and quality, and the identifiers of connected cell towers and Wifi routers (including both BSSID and SSID). We also measure how data is flowing, both passively (by monitoring how fast it moves through other apps), and actively (by running a test that downloads or uploads data within our SDK). We do not monitor the content of your data usage. The goal of collecting the above data is to measure the experience you have of wireless networks.

We also collect information from environmental sensors on your device (depending on which ones are integrated in your device), this allows us to measure things such as the device acceleration, orientation and the external atmospheric pressure and light intensity. We also measure some internal device conditions – such as battery temperature and voltage. The goal of collecting this data is to understand how instantaneous device conditions affect experience of mobile networks.

To better understand differences between devices, we collect data on your device hardware such as the model, manufacturer, and manufacturers and models of sub-components (such as the cellular radio) and the capabilities of these components (for example the number of cores on the CPU). Similarly, to understand differences caused by software, we collect information on the mobile platform version used and whether custom ROMs or Android skins are installed. The goal of collecting this data is to understand how device properties affect experience of mobile networks.

When you first use our Partner’s app a random identification code is generated by our software and allocated to your mobile device and used to identify your device whenever we take measurements. To further help us manage the data, we also collect related IP addresses, the device MAC number, the Android serial number. These fields are needed for statistical purposes, for example to understand how much data is contributed by each device.  

 

3. THE PURPOSES FOR WHICH WE USE YOUR PERSONAL DATA

Measurements that we take from the mobile devices of individual network users allow us to create a detailed picture of the service availability, quality and performance of numerous communication networks across the world and over time. We publish some of the statistical data that we generate and we provide it to our customers (such as network operators) to help them understand their own network’s service coverage, performance and signal quality (and those of their competitors). Although the end-product we produce is made up of aggregated anonymized data, the underlying ‘raw data’ which contains personal data of individual users is important for us and our customers for generating statistical data, validating the results, quality control and further analysis.
 

4. LEGAL BASIS FOR PROCESSING YOUR DATA

We collect and process your personal data based on your express consent. If you give your consent for accessing your device data to take measurements, you can withdraw it through the personal settings on the Partner’s app. In respect of any personal data collected from your device with your consent we also rely on our legitimate interest in conducting our business and in carrying out statistical and scientific research work and in providing analytical data to our clients.
 

5. HOW WE SHARE YOUR INFORMATION

a. Joint and Independent Controllers. We share some of the raw measurements that we collect from users’ mobile devices with some of our customers under the terms of data license agreements and data sharing agreements. Some of the data we share with our customers contains personal data such as datasets containing location data of individual users. Our customers are permitted to use the data for the purpose of analyzing it and generating aggregated data relating to the performance of their networks or telecommunications equipment (and competing networks or equipment) and to use aggregated data in their sales activities. Our customers are not permitted to use your personal data to communicate with you or to influence you or to profile or track individual users. They are required to keep your personal data confidential and to use appropriate means to protect it. Our customers have access to data such as location data of users to enable them to analyze the data and create statistical information based on the aggregation of data from numerous users. Our customers that receive such data from us are not permitted to disclose any datasets that contain personal data relating to specific individuals to their own customers or any third parties.  

b. Our Partner. We obtain access to data from your mobile device through software incorporated in our Partner’s mobile application which you download onto your device. However, we do not share with our Partner any of the data we collect from your device.   

c. Service Providers. We may share datasets containing your personal data with third-party service providers that perform services on our behalf in connection with our Services, such as cloud service providers we may use or third-party analytical service providers.  Where your information is shared with such third parties, we ensure that the third-party service provider will deal with your information only on our behalf and on our written instructions and solely for our benefit (and not for its own benefit).

d. Business Change. If we become involved in a merger, consolidation, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution or other transaction, or if the ownership of all or substantially all of our business otherwise changes, we may share or transfer databases containing personal data of users to successor party or parties in connection with such transaction or change in ownership or legal structure.

e. Necessary Disclosure. Regardless of the choices you make regarding your information and to the extent permitted or required by applicable law, we may disclose information about you to third parties to: (i) enforce or apply the terms and conditions of our Services; (ii) comply with laws, subpoenas, warrants, court orders, legal processes or requests of government or law enforcement officials; (iii) protect our rights, reputation, safety or property, or that of our users or others; (iv) protect against legal liability; (v) establish or exercise our rights to defend against legal claims; or (vi) investigate, prevent or take action regarding known or suspected illegal activities; fraud; our rights, reputation, safety or property, or those of our users or others; violation of the Terms of Use, our policies or agreements; or as otherwise required by law.


6. HOW WE PROTECT YOUR INFORMATION

We take certain measures to protect personal data collected through the Service against loss, theft, and unauthorized access, use, disclosure, destruction or modification. These include physical, technological and administrative measures.
 

7. HOW LONG WE KEEP YOUR INFORMATION

Personal data (such as user’s location data or the user’s unique identifier which is created on first use of our Partner’s app) contained in the sets of measurements of mobile network signal performance is held for an unlimited period of time as it is required for the production of statistical data over different periods of time and to compare performance data between different time periods.
 

8. COUNTRY OF PROCESSING

We operate from the United Kingdom (UK). The collection of data from your device takes place in the country where you use the device. We store and otherwise process data (including personal data) through third party cloud service providers and other IT service providers which may be located or which may operate in other countries, including countries which do not guarantee the same level of protection to privacy as the UK. We store personal data records predominantly through third-party cloud service providers on servers located in the United States of America. Some of our customers to which we license data (see section 5(a) above) also receive personal data from us for processing in countries outside the UK or the EU. When transferring personal data records from the UK to a country outside the EU which does not provide an adequate level of protection to privacy rights, we put in place appropriate safeguards including data transfer agreements on the terms approved by the EU Commission.
 

9. CHILDREN'S PRIVACY

The Service is not directed to children and is intended for use by adults only. We do not knowingly collect personal data from individuals under 16 years of age. If you are under the age of 16, please do not submit any information through the Service and do not provide your consent for the use of your data unless your parent or guardian has approved.

 

10. DATA SUBJECT RIGHTS

Data subjects have the following legal rights in respect of their personal data that we process:

a. The right to require Opensignal to confirm whether or not your information is being processed, the purpose of any such processing, the recipients of any information that has been disclosed, the period for which your information is to be stored and whether any automated decision-making processes are used in relation to your information;

b. The right to require access to the personal data and to require Opensignal to rectify inaccurate information without undue delay;

c. Where Opensignal has relied on the ‘consent’ basis for processing that information (see paragraph 4 above), the right to withdraw your consent at any time. This right to withdraw consent does not affect the lawfulness of processing based on consent before its withdrawal;

d. The right to request the erasure of your information. You can make a request for erasure where:

i. the information is no longer necessary in relation to the purpose for which it was collected;

ii. where the processing of the information is based on your consent (and the other circumstances described in the ‘Legal Basis for Processing Your Data’ and ‘How We Share Your Information’ sections above no longer apply), if you withdraw your consent; or

iii. where the personal data is processed by Opensignal solely on the basis of our ‘legitimate interest’ referred to in paragraph 4 (), if you withdraw your consent for the processing of your data and you object to the processing of your personal data and there are no overriding legitimate grounds for the processing (such as, for example, the achievement of the purpose of using your data for statistical or scientific research purposes or where the processing of the data is required to meet statutory obligations or for the defense of legal claims).

Where Opensignal has disclosed your information of a data subject to a third party and you request the erasure or rectification of the data, Opensignal will take all reasonable steps to inform the third party of such request;

e. The right to require Opensignal to restrict its processing of your personal data in certain circumstances, such as where the accuracy of that data is disputed or an objection has been raised. In such circumstances, Opensignal will only process that information with your express consent, or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest;

f.  Where data is processed based on your consent or to fulfil a contractual obligation, you have the right to receive your personal data from Opensignal in a structured, commonly used and machine-readable format;

g. The right to object to the processing of personal data where:

  1. Opensignal relies solely on the ‘legitimate interest’ basis for processing that data, in which case we will be legally required to stop processing your information unless we have compelling legitimate grounds for the processing which override your privacy rights and interests; or
  2. the information is used for direct marketing purposes, in which case we will immediately stop processing your information for such purposes;

h. You have the right to lodge a complaint with the UK’s Information Commissioner’s Office or in some cases with the data protection supervisory authority of the EU member state where you reside.

The above legal rights are subject to various conditions and exceptions including where the data is used for statistical or scientific research purposes and the exercise of the right would prevent such purposes from being attained or would seriously impair their attainment.
 

11. SUPPLEMENT FOR CALIFORNIA RESIDENTS

You will not need to create an account to exercise your rights. California residents have the right to:

  • Request that we delete personal information about you that we may have collected.  To exercise this right, you must provide a verifiable consumer request by either calling us at +44 0845 834 0987 or by emailing us at [email protected]
     
  • Request that, for personal information that we have collected in the preceding 12 months, we disclose, free of charge (unless your requests are manifestly unfounded or excessive), the categories of personal information that we have collected about you, the categories of sources from which the personal information was collected, the business or commercial purpose for collecting or selling personal information, the categories of third parties with whom we share personal information. To exercise this right, you must provide a verifiable consumer request by either calling us at +44 0845 834 0987 or by emailing us at [email protected]
     
  • Request that, for personal information that we have sold or disclosed for a business purpose in the preceding 12 months, we disclose, free of charge (unless your requests are manifestly unfounded or excessive), the categories of personal information that we have collected about you, the categories of personal information that we have sold about you, the categories of third parties to whom each category of personal information was sold, the categories of personal information that we have disclosed about you for a business purpose, and the categories of third parties to whom each category of personal information was disclosed. To exercise this right, you must provide a verifiable consumer request by either calling us at +44 0845 834 0987, or by emailing us at [email protected]
     
  • Direct us, at any time, not to sell your personal information. We may sell your personal information within the meaning of the California Consumer Privacy Act of 2018 (“CCPA”). Under the CCPA, “sell” means sell, rent, release, disclose, disseminate, make available, transfer, or otherwise communicate orally, in writing, or by electronic or other means a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration. The law contains exceptions to this definition which may limit how we respond to your direction. To exercise this right to opt out, you may call us at +44 0845 834 0987 or email us at [email protected] We do not have actual knowledge that we sell the personal information of minors under 16 years of age, and minors under the age of 16 may not use the Opensignal Services.‚Äč

You can also authorize another person, called an agent, to exercise your rights on your behalf. You must provide the authorized agent written and signed permission to act on your behalf. We may deny requests from an authorized agent who does not submit proof that he or she has been authorized to act on your behalf. Furthermore, we may require you to verify your identity directly with us. We may also require you to directly confirm with us that you have provided the authorized agent permission to submit a request on your behalf. An authorized agent can make a request on your behalf by either calling us at +44 0845 834 0987 or by emailing us at [email protected]

Please note that we cannot fulfill requests to know the specific pieces of personal information that we may have collected about you. In order to disclose the specific pieces of personal information that we may have collected about you, we would have to verify your identity to a reasonably high degree of certainty. Given the limited amount of information that we collect about you, we do not maintain enough data points to verify your identity to the reasonably high degree of certainty required by the CCPA.

Additionally, before we can fulfill your request to delete your personal information noted above, we must verify your identity. We will require you to provide us with your app installation ID and any other information reasonably necessary in order to verify your identity. We will match this information to the personal information we maintain.

We may not discriminate against you because you exercised any of your rights under the CCPA.

To the extent that anything in this Section 11 conflicts with this Privacy Policy Statement, this Section 11 shall govern.

The categories of California consumers’ personal data we may have collected in the past 12 months are listed above in Section 2 – How we collect and use your personal data. Within the past 12 months we may have sold or shared the following categories of personal information: (1) Location, (2) Identifiers, and (3) Internet or other electronic network activity information, all of which we have collected from your mobile device. In reference to Section 2, we may collect the categories we’ve previously identified (which include GPS coordinates or similar information regarding the location of your device), network type, network operator, cellular and Wifi signal strength and quality, and the identifiers of connected cell towers and Wifi routers (including both BSSID and SSID). We also measure how data is flowing, both passively (by monitoring how fast it moves through other apps), and actively (by running a test that downloads or uploads data within our SDK). We do not monitor the content of your data usage. The goal of collecting the above data is to measure the experience you have of wireless networks. We also collect information from environmental sensors on your device (depending on which ones are integrated in your device), this allows us to measure things such as the device acceleration, orientation and the external atmospheric pressure and light intensity. We also measure some internal device conditions – such as battery temperature and voltage. The goal of collecting this data is to understand how instantaneous device conditions affect experience of mobile networks.

As detailed in Section 2, to better understand differences between devices, we collect data on your device hardware such as the model, manufacturer, and manufacturers and models of sub-components (such as the cellular radio) and the capabilities of these components (for example the number of cores on the CPU). Similarly, to understand differences caused by software, we collect information on the mobile platform version used and whether custom ROMs or Android skins are installed. The goal of collecting this data is to understand how device properties affect experience of mobile networks.

When you first use our Partner’s app a random identification code is generated by our software and allocated to your mobile device and used to identify your device whenever we take measurements. To further help us manage the data, we also collect related IP addresses, the device MAC number, the Android serial number. These fields are needed for statistical purposes, for example to understand how much data is contributed by each device. 

We use this data for the purposes listed above in Section 3 – THE PURPOSES FOR WHICH WE USE YOUR PERSONAL DATA. Measurements that we take from the mobile devices of individual network users allow us to create a detailed picture of the service availability, quality and performance of numerous communication networks across the world and over time.

We may have shared or sold certain categories of personal data listed in Section 2 - HOW WE COLLECT AND USE YOUR PERSONAL DATA to the third parties listed in Section 5 - HOW WE SHARE YOUR INFORMATION for a business purpose and in order to provide our Services in the past 12 months. Within the past 12 months we may have sold or shared the following categories of personal information: (1) Location, (2) Identifiers, and (3) Internet or other electronic network activity information, all of which we have collected from your mobile device. We may have shared or sold the following categories of personal data with the following third parties:

  1. Joint and Independent Controllers. We share some of the raw measurements that we collect from users’ mobile devices with some of our customers such as network operators under the terms of data license agreements and data sharing agreements. Some of the data we share with our customers contains personal data such as datasets containing location data of individual users. Our customers are permitted to use the data for the purpose of analyzing it and generating aggregated data relating to the performance of their networks or telecommunications equipment (and competing networks or equipment) and to use aggregated data in their sales activities. Our customers are not permitted to use your personal data to communicate with you or to influence you or to profile or track individual users. They are required to keep your personal data confidential and to use appropriate means to protect it. Our customers have access to data such as location data of users to enable them to analyze the data and create statistical information based on the aggregation of data from numerous users. Our customers that receive such data from us are not permitted to disclose any datasets that contain personal data relating to specific individuals to their own customers or any third parties. 
     
  2. Our Partner. We obtain access to data from your mobile device through software incorporated in our Partner’s (such as analytics providers) mobile application which you download onto your device. However, we do not share with our Partner any of the data we collect from your device.   
     
  3. Service Providers. We may share datasets containing your personal data with third-party service providers such as cloud service providers or third-party analytical services providers that perform services on our behalf in connection with our Services. Where your information is shared with such third parties, we ensure that the third-party service provider will deal with your information only on our behalf and on our written instructions and solely for our benefit (and not for its own benefit).
     
  4. Business Change. If we become involved in a merger, consolidation, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution or other transaction, or if the ownership of all or substantially all of our business otherwise changes, we may share or transfer databases containing personal data of users to successor party or parties in connection with such transaction or change in ownership or legal structure.
     
  5. Necessary Disclosure. Regardless of the choices you make regarding your information and to the extent permitted or required by applicable law, we may disclose information about you to third parties to: (i) enforce or apply the terms and conditions of our Services; (ii) comply with laws, subpoenas, warrants, court orders, legal processes or requests of government or law enforcement officials; (iii) protect our rights, reputation, safety or property, or that of our users or others; (iv) protect against legal liability; (v) establish or exercise our rights to defend against legal claims; or (vi) investigate, prevent or take action regarding known or suspected illegal activities; fraud; our rights, reputation, safety or property, or those of our users or others; violation of the Terms of Use, our policies or agreements; or as otherwise required by law.
     

Information Collected from Other Websites and Mobile Applications and Do Not Track Policy

Your browser or device may offer you a “Do Not Track” option, which allows you to signal to operators of websites, web applications, mobile applications, and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and/or across different websites or applications. The Opensignal Services do not support Do Not Track requests at this time, which means that we or our analytics providers or other third parties with which we are working may collect information about your online activity both during and after your use of our Services. If at any time you would like to opt out of online tracking or behavioral advertising, please contact us at [email protected].
 

Shine the Light Notice

Section 1798.83 of the California Civil Code permits California residents to request from a business, with whom the California resident has an established business relationship, certain information about the types of personal information the business has shared with third parties for those third parties’ direct marketing purposes, and the names and addresses of the third parties with whom the business has shared such information during the immediately preceding calendar year. You may make one request each year by emailing us at [email protected] with "Request for California Privacy information" in the subject line, or by writing us at the address listed at the end of the Opensignal Privacy Policy. 
 

12. YOUR NEVADA PRIVACY RIGHTS

Senate Bill No. 220 (May 29, 2019) amends Chapter 603A of the Nevada Revised Statutes to permit a Nevada consumer to direct an operator of an internet website or online service to refrain from making any sale of any covered information the operator has collected or will collect about that consumer. You may submit a request pursuant to this directive by emailing us at [email protected]. We will provide further information about how we verify the authenticity of the request and your identity.
 

13. AGGREGATED INFORMATION

We may share aggregated, anonymized/deidentified data relating to users of our Services with affiliated or unaffiliated third parties. 
 

14. CHANGES TO THE PRIVACY POLICY

We may update this Policy from time to time, and the updated version of this Policy will be effective upon posting on the Opensignal Services. We will provide notice to you if these changes are material and, where required by applicable law, we will obtain your consent. Please check this page to review the most up-to-date version of this Policy.
 

15. QUESTIONS / CONTACTING US

If you want to exercise your rights under paragraphs 10/11 of our privacy policy, please email [email protected] with “Data Subject Request” in the subject line, or contact us by mail addressed to:

Opensignal Limited
1st Floor
Block 3 3 Angel Square
London
United Kingdom
EC1V 1NY