Openfield PRIVACY POLICY
Last Updated : July 2nd, 2020
Openfield, a french company (“Openfield”, “we”, “us” and/or “our”), is a smart building, and smart venues data science platform. Our products and services (“Products”) include : data connectors, sensor data integration and map integration, data cleaning processing, spatial joins, outlier filtering, path reconstructions, sequence analytics and state of the art Building analytics KPI generation, as well as smart Venue analytics KPI generation, displayed through an intuitive web based portal, and APIs, as well as maintenance, training, and development services related thereto.
At Openfield, we are committed to protecting your privacy and understand your concerns about how information about you (our client and our client’s users) is used and shared. This Privacy Policy explains what Personal Data (as defined below) we collect on our Data analytics and data science Platform (“Platform”), our business user Portal (“Portal”), our Website and all subdomains, openfieldlive.com (“Website”), and through the offering of our Products. This Privacy Policy explains how we use and share that Personal Data and your choices concerning our data practices. Please read this Privacy Policy before using the Website or submitting any Personal Data.
By visiting the Openfield Website and/or providing us with information, you are accepting the practices described in this Privacy Policy.
By providing us with your Personal Data directly (when accessing the Website or using our business Portal), you consent to the processing of your Personal Data as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not access or use the Openfield Website and the Openfield Portal.
We also process personal data in specific use cases for some clients, in which case this data is sent to us indirectly (when using our clients website, apps, or business / operational application). In such case, we gather the consent that you provided to these systems to be used in accordance with the data received. In such case, we respect our clients Privacy Policy. Please reach to privacy@opnf.fr if you have trouble identifying a point of contact at our client’s service center.
Please reach to privacy@opnf.fr if you have trouble identifying a point of contact at our client’s service center.
1. Non-Identifiable Information
- Openfield Website and Openfield Portal: When you interact with Openfield through our Website or the Openfield Portal, we receive and store certain non-identifiable information. Non-identifiable information, which is collected passively using various technologies, cannot be used to specifically identify you. Openfield may store this type of information itself or it may be included in databases owned and maintained by Openfield affiliates, agents or service providers. We may use non-identifiable information to track, for example, the total number of visitors to our Website, the number of visitors to each page of our Website, and the domain names of our visitors’ Internet service providers. It is important to note that no Personal Data is gathered, stored, or used in our collection and usage of Non-identifiable information.
- Site/client provided non-identifiable information: Our platform leverages various Data sources in order to provide advanced analytics to our customers. These data sometimes include: Presence detection sensor, counting sensors, or other data sources that cannot be used to specifically identify you. In some specific use cases, we may leverage WiFi or Beacon infrastructure in order to generate advanced spatial analytics, and generate spatial KPIs such as Counting KPIs per zones. In such case, our processing integrates advance anonymization processing involving :
- A Hash of sensitive information when entering the platform
- A periodic calculation of the KPIs, including state-of-the-art anonymization processing preserving privacy of the positions gathered
- A removal of the hashed data once the KPIs is generated
- This processing strictly respects the guideline provided by the GDPR.
2. Personal Data that We Collect
Openfield Website and Openfield Portal : When you interact with Openfield through our Website or the Openfield Portal, we collect information that, alone or in combination with other information, could be used to identify you (“Personal Data”).
- Automatically Collected Data: We automatically receive and store certain types of information when you interact with our Website. We use « cookies » in order to allow us to determine language preferences and to save form data for your convenience. Most browsers automatically accept cookies as the default setting. You can modify your browser settings by editing your browser options to either (i) reject our cookies or (ii) prompt you before accepting a cookie. However, if a browser does not accept cookies or if you reject a cookie, some portions of our Website services may not function properly. We may use Google Analytics, Hotjar, or other service providers, or our own systems to access automatically collected data.
- Personal Data You Give Us: We receive and store any information you enter on our Website or give us in any other way. When you access the Website, we may collect Personal Data from you through web forms such as name, phone number, email address, country, zip code, and other information pertinent to your request that you choose to provide us. Generally, this information is requested when you are (i) requesting literature, Point of Views, Documentation or other information, (ii) requesting access to the Openfield Portal, (iii) registering for events and webcasts, (iv) requesting information by phone or email. Openfield protects the security of your Personal Data from loss, misuse, unauthorized access or disclosure, alteration, or destruction.
- You can choose not to provide certain information, but then we may not be able to fulfill your request. We use the information that you provide for our internal purposes and for such purposes as providing you with Product information and support, responding to your request(s), communicating with you, etc. as appropriate.
- Automatically Collected Data : In such occurrence, the data collected is provided through our client or partners of our client. We do not collect this data unless we gather in the same time a consent provided by our client or our partners. This data solely concerns Smart Venue type of solution, and may include : user profile and account data, orders (eg. Ticketing orders) or other consumption data, access control transactions, app usage data, marketing campaign data.
3. How We Use Data
We use the Personal Data we collect:
For the Openfield Website and Openfield Portal :
- To authenticate users, provide Website services related to the Products, process transactions, and respond to you requests. For all Website visitors and customers, this use is necessary to provide our Website to you and provide our Website services related to the Products (e.g. provide you Product updates). We process this data to confirm your identity and to ensure that we can lawfully provide you with our Products
- To provide you with up-to-date Product information. We may provide communications by email or post that we think will be of interest to you including notice of Product updates, upcoming events, etc.
- As necessary for certain legitimate business interests from us and our clients, which include the following:
- To customize your user experience on our website, and communication channels
- To better understand how visitors interact with our Website and our Portal and ensure that our Website and Portal is presented in the most effective manner for you, and as part of our efforts to keep our Website, network, and information systems secure.
- To personalize our marketing measures and activities and to personalize our clients marketing measures and activities
- If you ask us to delete your data or to be removed from our marketing lists or our clients marketing lists and we are required to fulfill your request, we will keep basic data to identify you and prevent further unwanted processing.
- For Marketing. We may send you updates and information about our new products and services, upcoming events. Where required by law, we will only send you marketing information if you consent to us doing so at the time you provide us with your Personal Data. When signing up to receive Company or Product information, you may opt out of receiving such marketing information. Additionally, you may opt out of receiving such emails by following the instructions contained in each promotional email we send you. In addition, if at any time you do not wish to receive future marketing communications, please contact us at support@openfieldsolution.com.
- When you register to receive information or otherwise give us Personal Data, Openfield will not share that information with third parties without your permission, other than for the limited exceptions described in the “Sharing and Disclosure” section below. We take various security steps to ensure that your Personal Data is protected from unauthorized disclosure.
For Site/client provided personal data :
- To authenticate users on their customer website, apps, and other authenticated services. We process this data to confirm your/our clients’ customer identity and to ensure that we can lawfully provide them with our clients product/offers. We systematically leverage the consent that were provided to our clients/partners store and perform this action.
- As necessary for certain legitimate business interests from our clients , which include the following:
- To customize the user experience of our clients’ users on their website, and communication channels
- To better understand how visitors interact with their Website, and as part of our efforts to keep the overall Website, network, and information systems secure.
- To personalize our clients marketing measures and activities such as Ticketing event marketing.
- If you ask us to delete your data or to be removed from our clients marketing lists, please contact directly our client’s service center.
- For Marketing. For some clients, we may send our client’s users updates and information about our clients Products and services, upcoming events, acting as a Data processor for them. We will only send marketing information if a consent was provided to us, doing so at the time we were provided with your Personal Data. When signing up to receive our clients marketing information, you may opt out of receiving such marketing information. Additionally, you may opt out of receiving such emails by following the instructions contained in each promotional email that is sent to you. In addition, if at any time you do not wish to receive future marketing communications, please contact our client’s service center.
4. Sharing and Disclosure
We may share your Personal Data and other information with certain third parties in the following circumstances:
- Service Providers: To assist us in providing Products and to operate our business, your Personal Data may be shared with our third-party service providers. These include organizations who provide services in relation to mailing information, maintaining databases, marketing, Information Technology, professional advice. When we employ another company to perform such a service, we provide it with the information as needed to perform the hired-for service(s).
- Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of a service to another provider, your Personal Data and other information may be part of the transferred assets.
- Legal Requirements: If required to do so by law, applicable regulation or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Openfield, (iii) act in urgent circumstances to protect the personal safety of users of the Website or the Products, or the public, or (iv) protect Openfield against legal liability.
- Right of Access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details.
- Right to Rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it.
- Right to Erasure: You may ask us to erase your Personal Data in some circumstances, such as where we no longer need it, or you withdraw your consent (where applicable). Sidewise, we also automate data erasure and data anonymization, depending on the processes involved.
- Right to Restrict Processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it. We will tell you before we lift any restriction on processing.
- Right to Data Portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you/your data. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
- Right to Object: You may ask us at any time to stop processing your Personal Data, and we will do so:
- If we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing; or
- If we are processing your Personal Data for direct marketing.
- Rights in Relation to Automated Decision-making and Profiling: You have the right to be free from decisions based solely on automated processing of your Personal Data, including profiling, unless this is necessary in relation to a contract between you / our end customer and Openfield or you / our end customer provide your explicit consent to this use.
- Right to Withdraw Consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place.
- Right to Lodge a Complaint with the Data Protection Authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns. You may contact us at privacy@opnf.fr to exercise your rights.
- Legitimate Interest. “Legitimate interests” means our interests in conducting our business, managing and delivering the Website and our Products to you or conducting business of our clients and delivering them the output of our product. This Privacy Policy describes when we process your Personal Data and our client’s customer Personal Data for our/his legitimate interests, what these interests are, and your rights. We will not use your Personal Data for activities where the impact on you overrides our/ our client’s interests, unless we have your consent or those activities are otherwise required or permitted by law.
5. Data Retention
We will keep your Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy and our clients Privacy Policy (for the data collected by and for them as a Data Processor) , while we or our client have a legitimate business need to do so in connection with your account , with your consent for us to process and retain your information, or as required by law (e.g., for legal, accounting, or other purposes), whichever is the longer. If none of the above grounds apply, we will delete and dispose of your data in a secure manner according to our data protection policies.
Your Personal Data is stored on secured servers in EU. We take reasonable security steps to ensure that your Personal Data is protected from unauthorized disclosure.
6. Update Your Information
If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us at support@openfieldsolution.com
7. Contact Us
If you have any questions about our Privacy Policy or our data practices, please contact us at privacy@opnf.fr