IPERA AI – Data Protection (Privacy Statement)
This Privacy Policy (referred to as “the Policy”) explains the privacy practices of IPERA AI, including its subsidiaries and affiliates (collectively referred to as “IPERA AI,” “We,” “Us,” or “Our”). It pertains to the platform (referred to as “the Portal”) that we provide to companies (referred to as “Customers”).
At IPERA AI, we understand the importance of protecting your personal information and how it is used and shared. We assure you that we will only use your personal information in compliance with current data protection laws in your country and this Privacy Policy. This Policy outlines how we intend to maintain the trust you have placed in us by sharing your personal data with us. It applies to all websites we operate, our use of emails, and any other methods we use for collecting information. It includes details on what we collect, why we collect it, how we use the information, what we will not do with it, and what rights you have. Please note that personal data collected through our WiFi service is configured by our customers (who operate the venues where you access the WiFi) through their end-user registration process. Therefore, you should consult their Privacy Policy for full details on the data they are collecting and how they intend to use it.
1. An overview of data protection
1.1. General Information
We appreciate your interest in our website www.ipera.ai (before 01 Jan 2023 our previous domain name and our company web address was www.iperasolutions.com) as well as in our enterprise, products and services. We here at IPERA AI, realize that the protection of your personal sphere is important to you when using our Website or our services. Compliance with legal provisions in regard to data protection is important to us, as well. In addition, it is important to us that you as our customer know at any time when we collect or save your data and what we do with it.
We only ever collect the information We need, including data that will be useful to help Us improve Our services.
Insofar that we process personal data while you are using our Website or our services, we may include other service providers in order to execute individual functions or make offers or provide services or would like to use your data for marketing purposes. In such case we will keep you informed of every detail, especially which data will be processed. We will also tell you how long we intend to save your data or the fixed criteria for the duration of such data storage and the respective legal basis for the processing.
1.2. IPera AI, GDPR Compliance
IPera AI collects and processes the data of IPera Users in compliance with General Data Protection Regulation (GDPR). We recommend reading our Privacy Policy to learn more about your rights as an IPera AI User.
IPera AI also provides tools and guidance that allow IPera AI Users to be compliant with GDPR when providing services to third parties, such as hotels, shopping malls, bars, restaurants and other end-user premises.
You can visit the GDPR website for more information, including the most common questions.
2. Name and contact address of responsible for processing / Who We Are?
This data protection information, within the meaning of the General Data Protection Regulation (GDPR), applies to data processing by:
IPERA MEA FZ LLC
privacy@ipera.ai
3. Contact Data Protection Officer
You can reach our data protection officer under privacy@ipera.ai or our telephone number directed to “+ 971 4 390 16 46”.
4. Collection and Storage of Personal Data as well as Type, Purpose and Legal Basis for its Use
We may automatically collect and process the following data when you access the guest WiFi services offered by our customers at various locations about you:
- When Using IPERA AI Website
- When Using Our WiFi Services at Our Customers’ Venue
- When Using Location Services Data from Mobile Phones
4.1. Data Processing
IPERA AI Portal collects information during your visit to a venue where our Customers are using our Portal.
4.1.1. When Using IPERA AI Website
www.ipera.ai website uses SSL encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller). You can recognize an encrypted connection by the character string https:// and the lock symbol in your browser line.
In case you only visit our website for information, e.g. if you do not register or transfer any other information to us, we only collect such personal data as your browser submits to our server in so-called server log files. In the scope of the server log files the following data is collected:
- IP address
- Date and hour of your request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of your query (actual page)
- Access status/HTTP status code
- Data quantity that was submitted
- The website that sent the query
- Info about a specific product or service
- Operating system and its interface
- Language and version of browser software
This data is exclusively collected to ensure the smooth running of the site in view of stability and security and to improve our offers and then deleted. The legal basis is Art. 6 para. 1 p.1 lit. f GDPR.
Data collected during the use of guest WiFi services will be stored in log files on our systems, but it will not be linked with other personal information of the user. The collection of this data is necessary for the proper display and operation of the website, and users cannot object to it. Once the data is no longer needed for these purposes, it will be deleted. In the case of using the website, this occurs when the user leaves the page and closes their browser. Additionally, cookies will be placed during the visit to our website and analytical services will be used.
4.1.2. When Using Our WiFi Service at Our Customers’ Venue
IPERA AI provides guest wifi analytics to many businesses, such as shopping malls, theme parks, airports, and stores. These services allow customers to access the Internet while they are at the business’s location. From many countries, customers can choose to simply access the Internet or opt into our enhanced WiFi service. For those who do not opt into enhanced WiFi, we only collect limited technical information that does not personally identify the customer. We retain this information for no longer than thirty days. For those who opt into Enhanced WiFi, we collect the customer’s MAC address, contact information, and location history to provide enhanced marketing features. Customers can opt out of Enhanced WiFi anytime and request that we delete their personal information.
When using guest WiFi services provided by our customers at venues, registration is sometimes required. The information provided during registration is sent to us, but the specific categories of information requested are determined by our customers when they create the registration process. Personal information that may be requested includes, for example, full name, address, telephone number, email address, or demographic information such as date of birth, gender, geographic area, and preferences. Additionally, when registering with a social media account, personal information from that account (such as Facebook, Twitter, and LinkedIn) may also be collected, as determined by your privacy settings on that account.
Link to social media via social media plug-ins
(a) Currently, we use the following social media plug-ins: [Facebook and Twitter]. We use the so called two-click solution. If you visit our website, no personal data are forwarded to the plug-in provider at that point. You can recognize the plug-in provider by its mark on the box, its initials, or its logo. We give you the opportunity to directly communicate with the plug-in provider by clicking the button. Only if you click the highlighted box will the plug-in provider be notified that you have accessed its website from our online offering. Furthermore, the data specified in Items 2. to 4. of this statement are transmitted. According to the providers, IP addresses for Facebook are anonymized immediately after data collection. By enabling the plug-in, your personal data are sent to the plug-in provider and stored there (in case of US providers, your data are stored in the US). As the plug-in provider mainly uses cookies to collect data, we recommend deleting all your cookies from your browser’s security settings before clicking the greyed-out box.
Based on Art. 6 Para. 1 Sent 1 lit. f GDPR we use social network plug-ins to publicize our company. The marketing purpose behind this intention is to be considered a legitimate interest as per the GDPR. The provider must ensure compliance with data protection. We integrate these plug-ins using the so called two-click method to protect visitors to our website as best as possible.
(b) We can neither influence what data are collected and how, nor do we know the full extent of the data collection, the purpose of data processing or retention periods. We also have no information about the deletion of the collected data by the plug-in provider.
(c) The plug-in provider stores the data collected about you in user profiles and uses them for advertising and/or to customize their website experience. The purpose of such analyses (even for users who are not logged in) is to display customized advertisements and inform other social network users about your activities on our website. You have a right of objection against creating these user profiles; you must contact the plug-in provider to exercise this right. The plug-ins enable you to interact with social networks and other users so we can improve our offering and your user experience. The legal basis for the use of plug-ins is Art. 6 Para. 1 Sent. 1 lit. f GDPR.
(d) Data are forwarded regardless of whether you have an account at the plug-in provider and are logged in there. If you are logged in to the plug-in provider your data collected on our website are directly allocated to your account at the plug-in provider. If you click the enabled button and, e.g., link the page, the plug-in provider also stores that information in your user account and publicly shares it with your contacts. We recommend to always log out after using a social network, in particular, however, prior to enabling the button, as this enables you to prevent the data from being allocated to your profile at the plug-in provider.
(e) You can find more information about the purpose and scope of the plug-in provider’s data collection and processing in the following privacy statements of said plug-in providers, where you also get more details about your rights and setting options to protect your privacy.
(f) Addresses of the relevant plug-in providers and their privacy statements:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php ; more information about data collection: http://www.facebook.com/help/186325668085084 , http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo . Facebook has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework .
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework .
(a) We use Facebook social media plug-ins on our website to provide you with a more customized user experience. To that end, we use the LIKE or SHARE buttons. This is a Facebook offering.
After clicking the icon, the plug-in informs Facebook—even if you have no Facebook account or are currently not logged in to Facebook—that your browser has opened the relevant page of our Web presence. This information (including your IP address) is submitted by your browser directly to a Facebook server in the US and stored there.
If you are logged in to Facebook, Facebook can directly allocate your visit on our website to your Facebook account. If you interact with the plug-ins, e.g., click the LIKE or SHARE buttons, this information is also directly transmitted to a Facebook server and stored there. In addition, the information is published on Facebook and also displayed to your Facebook friends.
Facebook can use this information for advertising or market research and to customize Facebook pages. To that end, Facebook creates usage, interest and relationship profiles, e.g., to analyze your use of our website with regard to the advertisements shown to you on Facebook, to inform other Facebook-users about your activities on our website and to render further services associated with using Facebook.
(b) If you do not want Facebook to directly allocate the data collected about our Web presence to your Facebook, account you need to log off from Facebook before visiting our website.
(c) For more information about the purpose and scope of the data collection and further processing and use of the data by Facebook and your associated rights and setting options to protect your privacy, please see the privacy statements (https://www.facebook.com/about/privacy/) on Facebook.
(a) Our Internet pages include plug-ins by the short messaging network Twitter Inc. (Twitter). You can recognize the Twitter plug-in (tweet button) by the Twitter logo on our website. Please see here for an overview of tweet buttons (https://about.twitter.com/resources/buttons ).
If you open a page of our Web presence containing such a plug-in, a direct connection is created between your browser and the Twitter server after you click the icon, enabling Twitter to receive the information that you are visiting our website with your IP address. If you click the Twitter “tweet button“ while being logged in to your Twitter account, you can link the content of our pages to your Twitter profile, enabling Twitter to allocate your visit to our website to your user account. We would like to point out that we as the provider of these pages are not informed about the content of the transmitted data or their use by Twitter.
(b) If you do not want Twitter to allocate your visit on our website, log off from your Twitter user account.
(c) For more information, please see Twitter’s privacy statement at (https://twitter.com/privacy)
When using guest WiFi services provided by our customers at venues, some information is collected automatically. This includes, for example, unique device identifiers such as MAC addresses, device type and model, operating system, browser type and language, the browser’s Internet Protocol address, start and stop times of connections, the amount of traffic, the hotspot from which the connection is made, and the reason for logging out.
As IPERA AI collects this data on behalf of its customers, the purpose for collection may vary between customers. Therefore, it is recommended to consult the customer’s privacy policy directly to understand how the collected data is used.
4.1.3. About Location Services Data from Mobile Phone
When you bring a device (the computer, tablet, cellular telephone, smartphone, or other electronic devices) with its WiFi and/or Bluetooth function enabled into a venue where our customers are using IPERA AI Portal, the portal senses the presence of the device, its signal strength, its manufacturer, its geographic location, and a unique identifier known as its Media Access Control (MAC) address. This combination of numbers and letters identifies a specific device to the surrounding WiFi or Bluetooth networks, however, the MAC address does not reveal the device owner’s real-world identity or personal data, so that information is not collected. Any MAC addresses that are collected are immediately de-identified and de-personalized.
We collect and aggregate anonymous data from your device into reports that we prepare on behalf of our customers. These reports are used for various purposes, such as improving venue layouts, determining the timing of promotions and sales, measuring the effects of advertising, and setting staffing levels and venue hours.
We also collect your device’s location data with WiFi enabled devices present at a location by means of relative signal strength for WiFi access points to keep track of your visits to our customers’ venues. This information helps our customers and us improve your experience if you opt-in to receive promotional communications. This allows us to send tailored communications based on your visits and behaviors.
When you submit your details, you will be given the option to opt out of receiving communications from us or our partners. Additionally, each time you are contacted, you will have the opportunity to opt-out. Our website uses cookies to distinguish you from other users. This allows us to provide you with a better experience when browsing our site and helps us to improve it. Please see our cookie policy for more information about the cookies we use and the purposes for which we use them. Please refer to your browser’s help options if you wish to disable cookies.
4.1.4. How We Use the Information We Collect
In cases of onward transfer to third parties of data received pursuant to the GDPR, IPERA AI is potentially liable. Under applicable law, we are considered the “data controller” of the personal data we collect through our website. We are a data controller of all other personal data we obtain in the course of our relationship with our clients, including (1) information you provide through your use of the Enhanced Wi-Fi, including automatically-collected information; and (2) analytics data provided by you directly to us or through our business partners. This means we are responsible for deciding how to collect and use, this data, subject to applicable law. Our contact information appears at the first of this Privacy Policy.
Generally, we use your information to provide services to you and our customers, to maintain and operate our business, and to analyze our performance and business. As third-party data controllers, our customers have access to most of the information we collect on their behalf. Their privacy policies and practices govern their use of information, and our customers may direct us to share information we collect on their behalf with third parties. Please consult their “Privacy Policy” to understand what our customers do with the information they receive from us or collect directly.
We also contract with qualified, respected third-party service providers (also known as “third-party agents”), such as virtual hosting infrastructure providers (e.g., Amazon Web Services), to host our servers and databases and to provide other services to us. We request that our service providers agree not to access or use any information they may have access to while providing services to IPERA AI other than as specified by us and for the purpose for which it was initially collected.
a) Ensuring that content from our site is presented in the most effective manner for you and your computer
b) Collating and aggregating anonymized information for consumer analysis and statistical reporting
c) Associating submitted information and/or additional information and/or device information and/or location information and/or log information to enable analysis by us and the owner or sponsor of any venue at which you use the service in regards to how people move around such venues. In such circumstances, the MAC address of your device is masked to prevent linking data to other sources
d) Contacting you regarding your opinions of our products and services, which may be used for research and analysis to help us improve or modify those products and services
e) Identifying you when you contact or visit us.
f) Dealing with your inquiries and requests
g) Improving the quality, security, and safety of our products and service
h) Carrying out analysis and service improvement
j) When you communicate with us for customer service or other purposes (e.g., by emails, faxes, phone calls, tweets, etc.), we retain such information and our responses to you in your account records
When we process your personal data for our legitimate business interests, we always ensure that we consider and balance any potential impact on you and your rights under data protection laws. If you have any concerns about the processing described above, you have the right to object to this processing. Please review the “Your Rights” section below for more information about your rights.
5. Data Deletion
Except for certain customer personal data that is provided or made available in connection with accessing and using services, data will be securely deleted within six (6) months, sooner if requested when contact to us, within thirty (30) days.
IPera AI will securely delete all copies of customer personal data, unless otherwise required by applicable law, in which case IPera AI will immediately inform the customer in writing of such requirement. Upon the customer’s written request, IPera AI will provide a certificate of deletion within thirty (30) days of such request, certifying that IPera AI has deleted all personal data.
This section does not apply to data that may be kept during the ordinary course of business in email or backup systems. Notwithstanding the foregoing, the customer acknowledges and understands that the premature request to delete Customer Personal Data may result in the inability to provide Services, impact the performance of Services, or the receipt of deliverables. IPera AI shall not be held liable for any performance impact, delays, suspensions, or the inability to satisfy quoted performance or deliverables guarantees in the event that customer requests the premature deletion of the customer’s personal data.
6. Your Rights
In terms of the General Data Protection Regulation (GDPR) may permit us to request that we:
6.1. Provide access to and/or download a copy of certain information we hold about you;
6.2. Prevent the processing of your information for direct-marketing purposes; (including any direct marketing processing based on profiling)
6.3. Update the information that is out of date or incorrect;
6.4. Delete certain information that we are holding about you;
6.5. Restrict the way that we process and disclose certain of your information;
6.6. Revoke your consent for the processing of your information;
Please note, however, that certain information may be exempt from such requests in some circumstances, including needing to continue processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with the information necessary to confirm your identity before responding to your request.
6.7. Please contact us as described in the “Contact Us” section to exercise these rights. In addition to those rights, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very.
7. How Long We Keep Information
The duration of the storage of personal data is based on the respective legal basis, the purpose of processing and – if relevant – on the respective legal retention period (e.g. commercial and tax retention periods).
If personal data is processed on the basis of express consent pursuant to Art. 6 (1) point a GDPR, this data is stored until the data subject revokes his consent.
If there are legal storage periods for data that is processed within the framework of legal or similar obligations on the basis of Art. 6 (1) point b GDPR, this data will be routinely deleted after the expiry of the storage periods if it is no longer necessary for the fulfillment of the contract or the initiation of the contract and/or if we no longer have a justified interest in the further storage.
When processing personal data on the basis of Art. 6 (1) point f GDPR, this data is stored until the data subject exercises his right of objection in accordance with Art. 21 (1) GDPR, unless we can provide compelling grounds for processing worthy of protection which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
If personal data is processed for the purpose of direct marketing on the basis of Art. 6 (1) point f GDPR, this data is stored until the data subject exercises his right of objection pursuant to Art. 21 (2) GDPR.
Unless otherwise stated in the information contained in this declaration on specific processing situations, stored personal data will be deleted if it is no longer necessary for the purposes for which it was collected or otherwise processed.
8. Cookies
Our website uses cookies. Cookies are small files automatically created by your browser and stored on your end user device (notebook, tablet, smartphone, etc.) if you visit our website. Cookies cause no harm on your end user device, contain no viruses, Trojan horses or other malicious software.
Cookies are used for storing information arising in connection with the end user device in question. This does not mean that they give us direct information about your identity.
Cookies are used, on the one hand, to improve your user experience while visiting our website. We may use so called session cookies to detect that you have visited individual pages of our website. These cookies are automatically deleted after you leave our website.
We also use temporary cookies to optimise our user-friendliness; these cookies are stored on your end user device for a certain pre-defined period. If you revisit our website to use our services or to look for information, we can detect automatically that you are a returning visitor to our website and that we have stored your inputs and settings so you do not have to enter them again.
On the other hand, we use cookies to collect statistical data about the use of our website and to optimise our offering for you (see Item 5). These cookies help us to automatically detect that you are a returning visitor when you visit our website again. These cookies are automatically deleted after a pre-defined time.
The data processed by cookies are required for the specified purposes to maintain our legitimate interests and third-party interests according to Art. 6 Para. 1 Sent. 1 lit. f GDPR.
Most browsers automatically accept cookies. You can, however, configure your browser to store no cookies on your computer or to always notify you prior to creating a new cookie. If you fully disable cookies you may not be able to use the entire functionality of our website.
Managing Cookies
You can manage cookie settings by using tools available on most Internet browsers. Instructions for popular browsers are here:
Depending upon which web browser you use, you may be able to adjust your settings to reject or delete cookies. However, choosing to reject cookies may result in the loss of some functionality of our website.
9. Updates to this Privacy Policy
We may modify this Privacy Policy from time to time as our business practices and legal requirements evolve. In the event this Privacy Policy is modified, we will provide notice of the change by posting the updated Privacy Policy to zenreach.com, and we will include the effective date of the update.
If would like to exercise any of these rights, please submit a request at privacy@ipera.ai or visit https://www.ipera.ai . You will be required to verify your identity before we fulfill your request.
Please note that we cannot honor requests with respect to personal information that we process on behalf of our customers as a service provider. For such data, please contact the restaurant, store, or other business for which you would like more information regarding your rights.