RADIUS NETWORKS PRIVACY POLICY

Effective: July 2021

I. INTRODUCTION

Technology is evolving rapidly and promises great benefits to both businesses and individuals (“consumer”).  As technology advances, however, so do concerns about privacy.  A core value at Radius Networks is that when we deploy our technology, it is done in a responsible manner that respects everyone’s privacy and choices. We equally support everyone’s right to:

  • scope and be informed of,
  • have access to,
  • transfer,
  • rectify,
  • opt-out of,
  • restrict,
  • remove,
  • delete, and
  • object to

personal data collected and used. 

We are committed to a privacy framework that is concise; transparent; intelligible; easily accessible; in clear and plain language; and free of charge.  Key elements of our information security and privacy policies are described in the following sections.

II. WHAT PERSONAL DATA DOES RADIUS NETWORKS COLLECT AND PROCESS?

We respect your privacy! 

 That’s why we ask for your permission to collect and process any personal data, which only occurs during a live transaction (“While In Use” or “While Using App” only) and never “Always” or in the background.  

With your consent, personal data is processed 1) to provide access to our sites, services, and products as well as 2) for the purposes of operational needs such as to communicate with you, particularly about any support issues; enhance security; comply with applicable laws; meet contractual agreements; and continuously make improvements to optimize your experiences with us.  As you choose to access our sites, service, or products, we may ask you for the following:

  • Name
  • Contact information (email address, phone number, mailing address)
  • Vehicle information (model, make, color, license plate number)
  • Order information (order ID)
  • Mobile device location data (only while in use / during an open order)
  • Mobile device identifier and platform type (Android, iOS)
  • IP address
  • Preferred payment method

We have not, do not, and will not ask for any sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, health-related data, etc.  

III. WHO IS THE ‘CONTROLLER’ AND WHO IS THE ‘PROCESSOR’?

It’s important to distinguish the two.  Check out how GDPR defines them.

When you engage with us as a direct customer, we are the ‘controller’ and ‘processor’ of your information.  For example, when you purchase a product or service directly from us or our online store, we process the information you provide to fulfill the purchase you made.  

When you engage with us as an indirect customer, the channel in which you engage with us is the ‘controller’ (e.g., merchant, brand, other service providers) of your information and we only act as the ‘processor’ of your information.  For example, when you purchase a product or service from another merchant, brand, or service provider technologies or their online store, they may send your information to us in order to fulfill the purchase you made.  This means that we work closely with your channel of choice to make sure that it understands how we process and protect your information on its behalf. 

IV. IS PERSONAL DATA RETAINED? IF SO, WHY AND HOW LONG?

If and when we retain any personal data, it’s for the following reasons:

  • To enable you to make purchases through our online store and process shipping and handling.
  • To enable you to create and manage a profile and/or account in order to use our sites, services, and products.
  • To communicate with you about the products and services you purchased.
  • To support your preferred channels and technologies tied to our sites, services, and products.
  • To support your preferred/chosen third-party applications (i.e., order fulfillment).
  • To improve our sites, services, and products and communicate any changes/updates. 
  • To help solve any issues when using our sites, services, and products through internal diagnostics/analytics.
  • To generate aggregated and anonymized usage statistics.
  • To support operational needs for the cloud services, such as login security auditing.
  • To detect and prevent fraud.
  • To comply with contractual agreements, regulatory legal obligations, and/or legitimate interests.
  • All tasks related to any of the above.

To clarify further, we do our best to make sure that our processing of your information never negatively affects you.

All personal data collected will not be kept for longer than necessary for the purposes described above.  Data is stripped of personally identifiable information after 30 days.  

V. IS MY PERSONAL DATA SHARED WITH THIRD PARTY SERVICES AND PLATFORMS?

First and foremost, we do not sell any data. 

We may share your information with a limited number of third-party vendors for safekeeping (e.g., hosted infrastructure service providers) and to provide operational and transactional services to you as described throughout this page. Even when we do share any information, we make sure it’s done in a safe manner.  For example, usage statistics are aggregated and anonymized and only de-identified location data is shared with our hosted infrastructure service providers.  It’s also important to note when we don’t share your information.  For example, when leveraging mapping and traffic service providers, personal data is not shared.  Most importantly, all of our third-party vendors have their own information security and privacy policies, similar to ours, designed to safely process and protect information.

VI. IS MY PERSONAL DATA TRANSFERRED INTERNATIONALLY?

Our technology is deployed worldwide and your information may be processed outside of your residential country for the same purposes stated throughout this page. While data protection policies may vary by region, we protect all data equally. We will not transfer personal data outside of the European Union (EU) or the United Kingdom unless the recipient complies with Privacy Shield Principles or is subject to suitable contractual safeguards (e.g., Standard Contractual Clauses) to ensure that processing is in accordance with EU and UK compliance laws.  Please review our international compliance standards below:

Radius Networks complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  As of January 1, 2021, this commitment extends to personal data received from the UK in reliance on Privacy Shield.  Radius Networks has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

All data is hosted within the United States.  

VII. DOES RADIUS NETWORKS USE COOKIES?

We use cookies to make your interactions with our sites easier and more meaningful.  For example, a session cookie may store a unique identifier for each logged-in user / account holder so that when they return to the website, they don’t have to provide the same consent or log-in again (e.g., HTML5 localStorage).  

Nevertheless, it’s always your choice.  Use our cookie consent tool to manage your cookie preferences for our website.  Outside of essential cookies, which are always required for core features and operations, you can choose not to opt-into or opt-out of any functional and advertising cookies at any time. 

VIII. HOW IS MY PERSONAL DATA PROTECTED?

Radius Networks doesn’t own a data center.  However, to avoid mismanagement and misuse of the data under our control, including your personal information, we maintain several organizational and technical security measures.  Below are some examples:

Organizational security measures in place for office spaces include physical security, surveillance and alarm monitoring, background checks as allowed by local laws, and joiners/movers/leavers policies.

Technical security measures include single sign-on, encryption at-rest and in-transit, firewalls, intrusion detection, and industry standard SDLC. Our hosted infrastructure service providers, who protect and process our data, are ISO 27001, 27017, 27018 (Security Management Controls, Cloud Specific Controls, and Personal Data Protection) and SOC 1, 2, 3 (Security, Availability, and Confidentiality) certified. 

As we continue to protect your personal data, you can also make efforts to protect your own personal data by maintaining their accuracy and sharing any necessary updates.

IX. HOW MUCH CONTROL DO I HAVE WHEN SHARING MY PERSONAL DATA?

Our sites, services, and products will always clearly ask for your consent before you share any personal data.  Even after you consent, you can change your mind at any time!  Please keep in mind that declining to share data (including cookies) may result in unavailability of our sites, services, and products. 

As a customer preferred channel / merchant, certain information is optional and you may also choose not to provide any data when creating a Radius Networks account. When using standalone mobile applications, you and your customers have privacy options and controls around what personal information is provided to purchased Radius Networks services and products. You and your customers can always control in-application prompts as well as the settings available on the device(s) being used.

As a Developer integrating Radius Networks services and/or products, you can determine the privacy options made available to your customers. You can also determine what personal data, if any, is shared with the integrated services and/or products. We recommend that developers follow best practices around educating and requesting location permissions from their customers. Your customers can always control how the mobile applications collect information about location data using in-application prompts as well as the settings available on the device(s) being used.  

And, as always, we will honor all contractual safeguards in place.

X. ARE CHILDREN ABLE TO USE RADIUS NETWORKS PRODUCTS/SERVICES?

By using Radius Networks sites, services, and products, you represent that you are of appropriate age as declared by the country where you are from both outside or within the United States.  If you are not of appropriate age, you represent that you have given us your consent to allow any of your minor dependents to use our sites, services, and/or products. 

If you are unsure about what is considered an appropriate age within your country, please check your country’s consent age online or at least start with this list.  If you are still unsure, please feel free to contact us and we will do our best to help.

XI. HOW OFTEN DOES RADIUS NETWORKS UPDATE ITS PRIVACY POLICY?

As the whole world begins to unfold additional and enhanced privacy legislation, region by region, we’ve made a habit of responding to each newly enacted or updated law in a timely manner. This means that our privacy policy is updated more often than regularly, on top of any scheduled audits and improvements.

For example, when the European Union (EU) and the European Economic Area (EEA) enacted the General Data Protection Regulation (GDPR) in 2016, we became compliant with its requirements by the designated due date of May 2018. We also decided to become Privacy Shield certified, which is not required by any law, to better protect your data by enforcing an internationally legal mechanism for safe information transfer between the United States, all EU countries, Switzerland, and the United Kingdom.

More recently, within the United States, the California Consumer Privacy Act (CCPA), as well as the upcoming CPRA, Nevada SB 220 Act, and Maine’s Act to Protect the Privacy of Online Customer Information.  We are fully compliant with their requirements and this privacy policy has been updated accordingly.

XII. IS THERE ANYTHING ELSE I SHOULD KNOW?

  • We do not use any personal data to make automated decisions. 
  • Under certain conditions, it is possible for a customer to have the right to bring about binding arbitration to investigate potential violations.
  • We will cooperate with legitimate authorities requests for personal data, if a warrant or court order is provided and to meet national security needs. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
  • By using our sites, services, and/or products, you acknowledge and agree with our privacy policies.
  • Here’s a snapshot of our consumer data request metrics:

XIII. CONTACT US

We are committed to addressing all verified requests and resolving complaints about our collection or processing of your personal information. Please review this privacy policy, especially your rights, and send all inquiries to privacy@radiusnetworks.com or call (833) 654-0066.  We will respond to you in a timely manner.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.