Help Center

GDPR 2018

Privacy – The Basics
You’re the owner of the stored data within your account (dashboard).
As SpotOn’s client you’re the owner of the data you store within your dashboard. As are you responsible for the things you do within the dashboard. Your customer’s data is private. Make sure your account is protected by a strong password to prevent unauthorized access. This also goes for the file that is stored on your device when exporting this data. You can protect this file with a password too. SpotOn is not responsible for the way its clients treat their data.

SpotOn does not provide any information, that is stored in the dashboard, to third parties.

SpotOn provides the security of the hard- and software
The hard- and software’s security is provided by SpotOn. Updates will be applied automatically. The hardware will only be updated if the hardware is connected to the internet.

Login & imported data
SpotOn’s client are fully responsible for the login details of their account(s). This also applies to data that collected externally and imported into the dashboard.

GDPR
Rights as described within the GDRP:
Right to view stored data
You can request a printout of the data about you that’s been stored. The owner of the WiFi-network that’s been used can access this data. They also have the option to delete this data.

Right to delete your stored data
The owner of the WiFi-network can delete your data. You can also use our new opt-out tool to request a permanent data-wipe.

Right of objection
You can object to the use of your personal data and ask for this information to be removed. Contact the owner of the WiFi-network that you’ve used or request a permanent data-wipe with our opt-out tool.

Right of data transfer
You can export the data that’s been stored in the dashboard. This also allows you to copy this data to another party.

Right to limit data-usage
You have to right to limit or deny the use of your personal data when this data is incorrect or used unlawfully.

Viewing/Deleting data
If you want to know what data is stored about you or if you wish for this data to be deleted, please contact the owner of the WiFi-network you’ve used. They have direct access to their dashboards in which your profile is stored. They’re also able to delete your profile from their database (dashboard).

You also have the option to contact us directly and request a permanent deletion of your profile. This can be done with our opt-out tool. Once you submit the request, we’ll delete your data within two weeks.

When you suspect a minor (under the age of 16y) has shared their data with one of SpotOn’s client, please contact the owner of the WiFi-network to delete this data. You can also contact us directly. The data will be deleted immediately.

Data: storage & processing
Social Media Profile
To use SpotOn’s Social WiFi service, you are required to login. One of the options to login is by using your social media account (Facebook, Twitter, Instagram & Google Plus). The public information will be collected and stored. Before the connection is made, you’ll also need accept the privacy and/or general terms & conditions of the platform itself (i.e. Instagram).

E-mail address
An other method to connect to SpotOn’s Social WiFi service, is by logging using your e-mail address. The data that will be stored, depends on the data you provide. This can be (one of) the following; first name, last name, gender, date of birth, country and e-mail address.

Device data
When connecting to SpotOn’s Social WiFi service, certain details about the device used will be stored. The MAC-address is technically necessary to establish a working connection (make it possible for the hardware involved to communicate with each other). In addition, the OS version (Operation System), the number of connections and the date and time of the last connection will be stored.

Overview
Connecting to SpotOn’s Social Wifi service can be done using the following platforms:

• Facebook
• Google Plus
• Instagram
• Twitter
• E-mail address

Depending on the platform that’s used to connect to SpotOn’s Social Wifi service, the following data can be stored:

• Social media profile; public data
• First and last name
• Date of birth
• Gender
• Residence
• E-mail address
• Postal code
• Country
• MAC-address
• The device’s OS version (Operating System)
• Date and time of the connection

Purpose of data-usage
For what purposes will your data be used by Spoton or it’s clients?

• Making a (Social) WiFi-connection possible.
• SpotOn to its clients: for sending information, newsletters, promotions and (update)news. Don’t want to receive these e-mails anymore? You can opt-out by using the provided option at the bottom of each e-mail that is sent.
• For improving and securing SpotOn’s service.
• For improving user-experience with SpotOn’s service.
• The stored data can be used by SpotOn’s clients. Sending promotions, coupons, e-mails and customer-analytics. The extent to which this is used, depends on SpotOn’s client.
• SpotOn takes appropriate measures (technical and organizational) to secure and protect the data against unauthorized use and loss.
• SpotOn has access to its client’s account(dashboard) and hardware (router(s)). This access is used exclusively by SpotOn’s staff and is required to assist its client. It’s also required to provide security and protection.
• SpotOn does not use the data stored in the dashboard (data of customers of SpotOn’s clients).
• Changing the dashboard’s and/or router’s settings will only be done with the owner’s permission.
• Access to the hardware is necessary to guarantee its safety. SpotOn keeps the hardware secured and up-to-date by applying updates. These are supplies remotely and can only be applied if the hardware is connected to the internet. When you reset the hardware manually, we can no longer manage it. This means that we can no longer guarantee the hardware’s safety. Effectively this means the hardware needs to be replaced.

Modifications
The new GDPR legislation, effectively starting May 25th 2018, has led us to modify a few things. Under the guise of transparency, we’d like to share the most relevant changes with our clients.

• As SpotOn’s client you’re responsible for the processing agreement. We understand creating such a document can be difficult and time consuming. Therefor we’ve done this for you. An e-mail with instructions will be send to all our clients.
• Active dashboard-sessions will be disconnected faster than before to counteract unauthorized use.
• The connection to SpotOn’s Social WiFi service will not be established without the user’s permission. The user’s permission is stored to demonstrate this when needed, as written in the new GDPR legislation.
• GDPR awareness. SpotOn’s staff is fully informed about the new GDPR legislation.
• Customers of SpotOn’s clients can contact SpotOn directly to request insight and/or deletion of their data. For deleting data, please follow these instructions.
  • SpotOn’s clients have access to their customer’s data through their dashboards. A data-export and/or screenshot of the relevant profile can be shown to its customers when requested. SpotOn’s clients will also be able to delete these profiles from their dashboards themselves .
• The policy concerning clientdata is more strict than before. Things like the use of flash-drives, home computers and other external hardware are now bound to strict rules.
• Signing out from the mail-list has been made easier and is presented in each e-mail that was sent using the dashboard.
• SpotOn informed all its clients about the changes that the GDPR legislation enforces. In addition the website has been updated with with GDPR relevant information for SpotOn’s clients as well as customers of its clients.