Privacy Policy

Last update: 04/14/2020

About In Loco

In Loco is a technology company that provides intelligence from geolocation data. Our solutions allow mobile applications to deliver more relevant services to their users, such as: (i) address validation without the need for document checks; (ii) contextualized communication between apps and users at the right time and moment; (iii) targeted advertising to services and products available considering the places users visit. Our technology is also capable of (iv) creating anonymous population mobility indexes, either for urban planning purposes or, as we are currently working on, helping institutions in the fight against COVID-19. We believe we can do all this without having to identify you, therefore, ensuring you a non-negotiable right: the right to privacy.

Technology functioning

To offer services, In Loco collects data from mobile devices through a Software Development Kit installed in partner applications. These apps are required to present In Loco’s Privacy Policy on their own terms, and inform users that some personal data might be collected by our SDK. After users accept their terms, apps will request the needed permissions to use mobile device location functionalities. Once authorized, In Loco starts data collection safely and without identifying users.

With the location functionality active, In Loco’s technology can detect the presence of mobile devices in establishments disassociated from users identity. We do not collect data from visits to sensitive places such as religious temples, hospitals, political parties, places of adult entertainment, and others that might be used to make sensitive inferences.

Location data is then transformed in convenience to users and solutions to businesses: we consolidate collected data into clusters – groups of unidentified users, aggregated by similar location behavior – in order to create metrics about visit flow in stores; generate urban mobility metrics to create more efficient models; target ads according to device profile; send relevant app messages through push notification technology; and validate home addresses automatically without the need for documents, if users choose so, as they register on apps that use In Loco’s technology.

Privacy and personal data security

In Loco’s technology was developed in a way to prevent access to information that is capable of reidentifying users. In Loco does not collect unique static identifiers from mobile devices (IMEI and MAC), associated accounts (e-mail address and telephone number), civil identification data (name, “CPF”, RG etc.), or sensitive data - including information that reveals ethnicity, religion, political opinion, religious, philosophical, political or union entities membership or data regarding health, sex life, genetics and biometrics.

We use security mechanisms in both data transport and storage, in addition to constantly updating our protection systems. All our requests are made with HTTPS, which is a safe protocol and industry standard.

Data is transferred and stored in encrypted form on the AWS Cloud - data storage in cloud servers is also an industry standard, as it allows for simple ways to gain scalability and security for all kinds of technological services. In Loco stores data for a maximum of 2 years, for the purposes described in this Privacy Policy. Exceptionally, we may retain and use personal data to: (i) fulfill contracts, agreements and policies; (ii) fulfill legal obligations (for instance, if necessary to abide applicable laws); (iii) resolve disputes by court order. In Loco may also store anonymized data for analytics purposes.

To increase data security and privacy, In Loco applies encryption and hash functions on the Mobile Advertising ID, to create new identifiers for different uses, which are: (i) hashed ID, for single counting and users profiling, which will be aggregated in clusters without the use of Mobile Advertising ID; (ii) encrypted ID, for recovering Mobile Advertising ID in strictly necessary cases, such as legal obligations or guarantee of data subjects’ rights. The encrypted IDs are accessible to a restricted number of employees who have access to the encryption key.

The elimination of the Mobile Advertising ID ends risks associated with data access by any person without the key to decrypt the encrypted ID. Both identifiers that are kept (hashed ID and encrypted ID) are sufficient for all In Loco’s services and do not allow direct identification of data subjects, as well as decreasing risks of the Mobile Advertising ID being used to identify them in the case of integration with a third-party database that contains this ID linked to other personal data, such as e-mail address, “CPF” etc. Therefore, in case of leakage or improper access of the information collected and processed by In Loco, data subjects will not be directly associated with their personal data, reducing the risk of being physically or morally affected.

Personal data collection and purposes

Category

Description

Uses

Location

GPS

Wi-Fi signals

Bluetooth-LE signals

Telefone signals

Activity (running, walking, driving)[1]

Targeted advertising and internal communication with you based on relevant places visits. Ex.: Sending notifications to users that visit a specific store

Metrics for advertising and applications’ internal communication. Ex.: How many users have received advertisement A and visited place B?

Address validation for financial services

Business intelligence for retail brands. Ex.: Which brands are receiving more visits in each region of the country?

Population mobility analysis in cities for urban planning purposes

Media

Clicks

Views

Misclicks

Ads performance metrics. Ex: How many views/clicks had an ad?

Identifier

Advertising identifiers (only stored after hashing with salt or encrypting)

Targeting and unique user counting. Ex.: How many users have viewed ad A? How many users have visited place B?

Device Data

Device models

Operating System

Operating System version

Performance metrics

IP (the last four digits being ignored to lose precision)

Network type (3G, 4G, Wi-fi)

Network Provider

Screen resolution

Installed apps

Manufacturing company

Phone Carrier

SDK debugging and monitoring to improve its functionalities and the usage of resources (CPU, memory, network, battery etc.). Ex.: How many resources is our SDK consuming? Is feature X working as it should?

Fraud control. Ex.: What is the amount of requests from IP address X?

Targeted advertising. Ex.: Impacting people from telephone company A

Network resource optimization. Ex.: Sending lighter ads for a low-resolution or poor internet connection device

Market research. Ex.: How are app X users distributed in the country? What kind of places do they frequent?

Expansion strategies. Ex.: Identifying apps with fast growing user bases

App Data

Age inference

Apps session (when is the app opened and how much time does it remain open)

Events defined by apps developers (registration of new user, in-app transactions, visualization of certain areas of the app and use of certain functionalities)

Blocking the collection of underage users data (< 18)

Intelligence about the impact of push notifications communication on the usage of specific app features. Ex.: Places where certain functionalities are used; push campaigns’ impact on the usage of certain functionalities; increase and decrease of recurrence of use

Intelligence about the app usage and understanding push notifications communication effectiveness on the recurrence the the app usage. Ex.: Places where the app is most frequently used; time spent in app

[1] Google Play Services provides to Android devices a way to get this kind of data directly from the operational system, called activity recognition.

We also receive data from the SSPs (Supply-side platforms) Adtelligent, Airpush, Appodeal, Xandr, Clickky, IronSource, MobFox, PubNative, Smaato, SmartRTB, Tappx and DeCenterAds to send advertising campaigns hired by our clients. SSPs are platforms that provide programmatic media veiculation space in third-party applications. We use this approach to enhance the amount of available spaces in which we can veiculate advertising for our users. Information received in this scenario is related to data from the device and the app that made the advertisement request. This exchange follows a programmatic media industry standard, the OpenRTB protocol. It is important to note that we do not use any location data received by this protocol, as we consider our location technology more precise and reliable. All data received from these platforms follow our security standards and are encrypted.

Child data

In Loco complies with the Children’s Online Privacy Protection Act (COPPA) from the United States. We do not make partnerships with child and teenage-oriented applications, nor do we offer services for companies that have children and teenagers as target audience. Therefore, we do not intentionally gather personal information from users under 18 years old.

In case you are a parent or guardian and know your child has provided personal data for us, please let us know. If we find out that we have collected personal data from children without a partner application having verified their parents or guardians’ consent, we will take the necessary measures to remove this information from our servers and end the partnership with that application, in the case the issue is not permanently solved.

Data sharing and purposes

In general, clients and partners will not have access to your individualized visit history or any data that can reidentify you in a direct or indirect way - the large majority of data shared by In Loco is anonymized. The exceptions are described below.

In case you have agreed to electronic address validation for an app registration through our technology, we will receive from the app an address associated with your device (the “request”) and send a digital proof of address (the “answer”), using inferences made from location data collected from your device. The proof consists of a positive or inconclusive answer from our technology. In the case of an inconclusive answer, we do not send anything else about the user and it is assumed we do not have enough information for an automatic validation. In the case of a positive answer, we send a location count aggregation in a small region from a 100-1150 meters radius around the received address to confirm the answer.

After explicit authorization by the user, Incognia shares contextualized data with partner applications through an integration with their Customer Relationship Management tools (CRM), which are used by those apps to personalize communication, allowing (i) engagement actions by sending contextualized push notifications, SMS or other means of contact previously authorized by users. A practical example of engagement occurs when Incognia informs a partner application that one of its users has visited a business establishment in a certain region (the “context”). By linking the context provided by Incognia to information from its own database, the application can reach the user and send them a discount coupon for that establishment. Integration with partners’ CRM tool also allows (ii) aggregating context information with other data, under the apps’ responsibility, for historical analysis and relationship activations. For example, a cashback application with Incognia’s technology integrated is capable of understanding that a user is a regular visitor to a certain type of business establishment and therefore can offer them a greater value of cashback, in a personalized way, from the association of the information in its database with the context provided by Incognia. It is important to note that Incognia does not have access to users identification data (name and contact information, for example) - only the applications can access this information to establish a communication channel with their users and deliver products or services that are relevant to their context.

We store data on the AWS Cloud and use a safe protocol to protect the data transfer to our servers in encrypted form.

We integrate with the platforms FireBase and Airship for sending push notifications. In this scenario, we receive from the partners’ applications a user identifier in the push provider (one of the two platforms) and, in the moment we consider opportune for sending a notification, we trigger one of these platforms with the message we want to display and the user identifier that should receive it.

We share clusters (groups of users with similar behaviour) of Mobile Advertising Identifiers with the platforms Adobe DMP and Xandr for optimizing our campaign delivery. In this context, the platforms are data processors, that is, they process data on behalf of In Loco (the "controller"). Therefore, these data cannot be used for other purposes but for delivering advertisements requested by In Loco.

As stated in their Privacy Policies, some of the integrations we make with other platforms characterize international transfer. AWS servers, where we store data, are located in the USA. Firebase and Airship services, used to send push notifications, are executed respectively in Google’s global infrastructure, and primarily in the USA. For platforms to which we may share advertising identifier clusters, Adobe servers are located in the USA and Ireland, and Xandr may store data in the USA, Singapore and Japan, in addition to Brazil.

In Loco x COVID-19

We believe it is possible to contain the advance of the disease without the need for a surveillance policy, and that a technology developed with privacy by design in mind, such as In Loco’s, is the safest and most efficient solution to help in the fight against the pandemic.

Therefore, as long as COVID-19 continues to spread, we have decided to make our geolocation technology available for the development of solutions that can assist research bodies, municipalities, governments and health departments.

Reinforcing the public commitment to privacy made by In Loco since its foundation ten years ago, we have detailed the processing of data that may be collected by In Loco to help control the pandemic in our Privacy Policy: In Loco x COVID-19.

Opt-out

Opting-out is the data subject’s right to choose not to share their personal data with companies. We clarify that, by opting-out, you will not uninstall any partner applications that allow In Loco to collect data from your device. By opting out you will disable the collection and processing of data from your device by In Loco’s technology. To start the process of opting-out click here. Nevertheless, if you regret your decision, you can always reactivate our services by sending us an email at dpo@inloco.com.br.

We emphasize that In Loco’s opt-out procedure does not disable advertising on your device. You will still receive ads, though not ads selected based on In Loco’s technology.

The opt-out only disables In Loco’s actions, which means that companies other than In Loco will still collect data from your device. If you want to disable thoroughly the collection of device data associated with your advertising ID, you can change your device settings. Proceed as follows for iOS and Android devices:

iOS:

  • Select "Settings" > "Privacy" > "Advertising"
  • Select "Limit Ad Tracking"

Android:

  • Select "Google Settings" > "Ads"
  • Select "Opt Out of Ads Personalization"

It is also possible for you to reset your advertising ID, generating a new one, and, therefore, avoiding the recognition of your mobile device based on the data history associated with your old advertising ID. To do this, if you have an Android or iOS operating system, you can follow the steps below:

iOS:

  • Select "Settings" > "Privacy" > "Advertising"
  • Select "Reset Advertising Identifier"

Android:

  • Select "Google Settings" > "Ads"
  • Select "Reset Advertising ID"

Privacy Policy amendments

We may update and change the terms of this Privacy Policy from time to time. On our website, you will always find the latest version of the terms. If you prefer, we can also notify you via email every time the Privacy Policy changes. To receive these notifications, please send an email to dpo@inloco.com.br.

Finally, we would like to remind you that if in any future modification you no longer agree with the terms of our Privacy Policy, then you can always opt-out, as explained in the previous section, in order to disable the processing of your device data by In Loco.

Contact us

If you have any questions, comments or suggestions, please contact our Data Protection Officer by sending an email to dpo@inloco.com.br.