Last Updated: August 2023
Technology is evolving rapidly and promises great benefits to both businesses and individuals (“consumer”). As technology advances, however, so do concerns about privacy. A core value at Radius Networks (including Runtriz, Inc.) is that when we deploy our technology, it is done in a responsible manner that respects everyone’s privacy and choices. We equally support everyone’s right to:
- scope and be informed of,
- have access to,
- opt-out of,
- delete, and
- object to
personal data collected and used.
We are committed to a privacy framework that is concise; transparent; intelligible; easily accessible; in clear and plain language; and free of charge. Key elements of our information security and privacy policies are described in the following sections.
II. WHAT PERSONAL DATA DOES RADIUS NETWORKS COLLECT AND PROCESS?
We respect your privacy!
That’s why we ask for your permission to collect and process any personal data, which only occurs during a live transaction (“While In Use” or “While Using App” only) and never “Always” or in the background.
With your consent, personal data is processed 1) to provide access to our sites, services, and products as well as 2) for the purposes of operational needs such as to communicate with you, particularly about any support issues; enhance security; comply with applicable laws; meet contractual agreements; and continuously make improvements to optimize your experiences with us. As you choose to access our sites, service, or products, we may ask you for the following:
- Contact information (email address, phone number, mailing address)
- Vehicle information (model, make, color, license plate number)
- Order information (order ID)
- Mobile device location data (only while in use / during an open order)
- Mobile device identifier and platform type (Android, iOS)
- IP address
- Preferred payment method
We have not, do not, and will not ask for any sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, health-related data, etc.
III. WHO IS THE ‘CONTROLLER’ AND WHO IS THE ‘PROCESSOR’?
It’s important to distinguish the two. Check out how GDPR defines them.
When you engage with us as a direct customer, we are the ‘controller’ and ‘processor’ of your information. For example, when you purchase a product or service directly from us or our online store, we process the information you provide to fulfill the purchase you made.
When you engage with us as an indirect customer, the channel in which you engage with us is the ‘controller’ (e.g., merchant, brand, other service providers) of your information and we only act as the ‘processor’ of your information. For example, when you purchase a product or service from another merchant, brand, or service provider technologies or their online store, they may send your information to us in order to fulfill the purchase you made. This means that we work closely with your channel of choice to make sure that it understands how we process and protect your information on its behalf.
IV. IS PERSONAL DATA RETAINED? IF SO, WHY AND HOW LONG?
If and when we retain any personal data, it’s for the following reasons:
- To enable you to make purchases through our online store and process shipping and handling.
- To enable you to create and manage a profile and/or account in order to use our sites, services, and products.
- To communicate with you about the products and services you purchased.
- To support your preferred channels and technologies tied to our sites, services, and products.
- To support your preferred/chosen third-party applications (i.e., order fulfillment).
- To improve our sites, services, and products and communicate any changes/updates.
- To help solve any issues when using our sites, services, and products through internal diagnostics/analytics.
- To generate aggregated and anonymized usage statistics.
- To support operational needs for the cloud services, such as login security auditing.
- To detect and prevent fraud.
- To comply with contractual agreements, regulatory legal obligations, and/or legitimate interests.
- All tasks related to any of the above.
To clarify further, we do our best to make sure that our processing of your information never negatively affects you.
All personal data collected will not be kept for longer than necessary for the purposes described above. Data is stripped of personally identifiable information after 15 days.
V. IS MY PERSONAL DATA SHARED WITH THIRD PARTY SERVICES AND PLATFORMS?
First and foremost, we do not sell any data.
We may share your information with a limited number of third-party vendors for safekeeping (e.g., hosted infrastructure service providers) and to provide operational and transactional services to you as described throughout this page. Even when we do share any information, we make sure it’s done in a safe manner. For example, usage statistics are aggregated and anonymized and only de-identified location data is shared with our hosted infrastructure service providers. It’s also important to note when we don’t share your information. For example, when leveraging mapping and traffic service providers, personal data is not shared. If we share any personal data with a third-party vendor to provide services, we remain liable under the EU-U.S. Data Privacy Framework Principles if they process such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage. Most importantly, all of our third-party vendors have their own information security and privacy policies, similar to ours, designed to safely process and protect information.
VI. IS MY PERSONAL DATA TRANSFERRED INTERNATIONALLY?
Our technology is deployed worldwide and your information may be processed outside of your residential country for the same purposes as described above. While data protection policies may vary by region, we protect all data equally.
All data is hosted within the United States.
Nevertheless, it’s always your choice. Use our cookie consent tool to manage your cookie preferences for our website. Outside of essential cookies, which are always required for core features and operations, you can choose not to opt-into or opt-out of any functional and advertising cookies at any time.
VIII. HOW IS MY PERSONAL DATA PROTECTED?
Radius Networks doesn’t own a data center. However, to avoid mismanagement and misuse of the data under our control, including your personal information, we maintain several organizational and technical security measures. Below are some examples:
Organizational security measures in place for office spaces include physical security, surveillance and alarm monitoring, background checks as allowed by local laws, and joiners/movers/leavers policies.
Technical security measures include single sign-on, encryption at-rest and in-transit, firewalls, intrusion detection, and industry standard SDLC. Our hosted infrastructure service providers, who protect and process our data, are ISO 27001, 27017, 27018 (Security Management Controls, Cloud Specific Controls, and Personal Data Protection) and SOC 1, 2, 3 (Security, Availability, and Confidentiality) certified.
As we continue to protect your personal data, you can also make efforts to protect your own personal data by maintaining their accuracy and sharing any necessary updates.
IX. HOW MUCH CONTROL DO I HAVE WHEN SHARING MY PERSONAL DATA?
Our sites, services, and products will always clearly ask for your consent before you share any personal data. Even after you consent, you can change your mind at any time! Please keep in mind that declining to share data (including cookies) may result in unavailability of our sites, services, and products.
As a customer preferred channel / merchant, certain information is optional and you may also choose not to provide any data when creating a Radius Networks account. When using standalone mobile applications, you and your customers have privacy options and controls around what personal information is provided to purchased Radius Networks services and products. You and your customers can always control in-application prompts as well as the settings available on the device(s) being used.
As a Developer integrating Radius Networks services and/or products, you can determine the privacy options made available to your customers. You can also determine what personal data, if any, is shared with the integrated services and/or products. We recommend that developers follow best practices around educating and requesting location permissions from their customers. Your customers can always control how the mobile applications collect information about location data using in-application prompts as well as the settings available on the device(s) being used.
And, as always, we will honor all contractual safeguards in place.
X. ARE CHILDREN ABLE TO USE RADIUS NETWORKS PRODUCTS/SERVICES?
By using Radius Networks sites, services, and products, you represent that you are of appropriate age as declared by the country where you are from both outside or within the United States. If you are not of appropriate age, you represent that you have given us your consent to allow any of your minor dependents to use our sites, services, and/or products.
If you are unsure about what is considered an appropriate age within your country, please check your country’s consent age online or at least start with this list. If you are still unsure, please feel free to contact us and we will do our best to help.
For example, when the European Union (EU) and the European Economic Area (EEA) enacted the General Data Protection Regulation (GDPR) in 2016, we became compliant with its requirements by the designated due date of May 2018. We also decided to become EU-U.S. Data Privacy Framework Principles certified, which is not required by any law, to better protect your data by enforcing an internationally legal mechanism for safe information transfer between the United States, all EU countries, Switzerland, and the United Kingdom.
Within the United States, we are compliant with the following:
- CCPA/CPRA (California)
- VCDPA (Virginia)
- CPA (Colorado)
- CACPDPOM (Connecticut)
- UCPA (Utah)
- SB220 (Nevada)
- APPOCI (Maine)
XII. IS THERE ANYTHING ELSE I SHOULD KNOW?
- We do not use any personal data to make automated decisions.
- Under certain conditions, it is possible for a customer to have the right to bring about binding arbitration to investigate potential violations.
- We will cooperate with legitimate authorities requests for personal data, if a warrant or court order is provided and to meet national security needs. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
- By using our sites, services, and/or products, you acknowledge and agree with our privacy policies.
- Here’s a snapshot of our consumer data request metrics:
XIII. CONTACT US
We are committed to addressing all verified requests and resolving complaints about our collection or processing of your personal information.
- To confirm or delete your data we may have, please email firstname.lastname@example.org.
- Send all other privacy inquiries to email@example.com.
- If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
If you have any questions or would like to exercise any of your rights under the California Consumer Privacy Laws, please contact us through the form here: https://www.flybuy.com/requests-regarding-personal-information.