Euclid Services Privacy Statement
We are engineers, so we are excited about providing real benefits for retailers and their shoppers through the use of technology and data. But we are also shoppers, so we understand concerns about privacy. Our core belief is that we can provide valuable insights to our clients while respecting and protecting individual privacy. To do that, we follow three important principles:
- Limited data collection: We do not link any information we collect with the owner of the mobile device, the person using the mobile device, or any content that is being received by or transmitted from the mobile device.
- Only share aggregate and anonymous information: The reports we provide to our clients only include only aggregate and anonymous data.
- Easy opt-out and delete: You can both opt-out and delete data from our service at any time and we will immediately initiate the removal of your phone’s identifier from our databases (removal will be complete within 7 days due to the large data volumes involved).
This privacy statement explains how our service works, what information we collect and how we use it. If you have any questions, please contact us at moc.scitylanadilcue@ycavirp.
What exactly do we collect and why?If you have a Wi-Fi-equipped phone AND Wi-Fi is turned on, Euclid’s sensors collect only the following information: your phone’s unique MAC address, manufacturer code (Apple, Samsung, etc.), signal strength, and, if the device is currently connected to a specific Wi-Fi network, the name of that Wi-Fi network. We then anonymize and analyze this information in order to provide our clients with analytics reports they can use to improve their operations.
How do we collect information?When your Wi-Fi-enabled mobile device is on, it regularly sends “shout-outs” to nearby wireless networks that say the equivalent of “Here I am, Here I am.” All phones, computers, and other Wi-Fi-enabled mobile devices send these signals to introduce themselves to Wi-Fi networks that may be available to them. Included in each shout-out is a unique identifier called a MAC address. This combination of numbers and letters uniquely identifies your specific mobile device. The MAC address is not the same as your telephone number. You can find more general information about MAC addresses on Wikipedia or feel free to contact us if you want a more detailed explanation.
Euclid manufactures sensors that can recognize and transmit to our servers the MAC addresses sensors hear when Wi-Fi-enabled devices near it reach out to nearby wireless networks. Since our clients install these sensors in their stores, we know for each MAC address collected the location of the sensor. Euclid’s sensors passively detect these MAC addresses and encrypt them, then transmit the data to our collection servers. Since our sensors are located within known establishments, we can derive the location of a given MAC address at a specific time, and thus produce useful reports for our clients.
Our technology can also work the same way using a store’s Wi-Fi infrastructure (hotspots) as a sensor.
We require that our clients not use the sensors for any other purpose. Our proprietary software was specially written to limit the sensor’s data collection to only what we need to provide the Euclid Services. At no point is your name, phone number or any information – other than what is described explicitly in this statement – collected by Euclid.
If your data does not contain my name or any other personal information, how is it useful?Our clients use Euclid Services to answer questions like: How many new shoppers did I have today? Last week? Do more people stop and enter the store with one window display vs. another? Answering these questions does not require that we know who you are. We only need to determine that you are a unique person.
This is how we protect your privacy and provide value to our clients. In truth, we are math geeks. Wi-Fi-enabled phones constantly send out signals. Our value is that in our proprietary algorithms, which can weed through all the signals that our sensors hear and find patterns that are useful to our clients. Most of the information we share is in the form of percentages: “23% of your visitors today were unique first-time shoppers” or “42% of the people who entered visited your store for more than 5 minutes,” for example.
With whom do you share information?Your individual device information is never shared. We share reports with our clients that contain anonymous, aggregate analysis based on data collected from the client’s sensor. We even add small quantities of fake data to our reports to prevent data from being linked to any particular person. Clients do not have access to raw data received directly by the sensors, and are contractually prohibited from attempting to re-identify the data in the reports (not that they could anyway).
Euclid does not combine data from multiple retail locations into one report EXCEPT when all the locations in question are owned by the same company (e.g. comparative data from two branches of the same chain). The data remains in aggregate form (e.g. “32% of clients in who visited store x today also visited store y within the last 30 days”). This means that no complete "profile" of your device's hits to our sensors across all locations is ever available to our clients.
Euclid will never sell, rent, or otherwise disclose any information we collect about you to data brokers. Reports received by Euclid’s clients may only be used for the purposes for which the data was collected (as described in this statement).
We only use qualified, respected 3rd-party providers (such as Amazon Web Services) for data exchange, aggregation, and storage, which is necessary to provide Euclid services. Read more about Amazon's security measures.
How do you store data?No data is stored on the sensor. Once collected, it is transferred securely (using SSL) and is anonymized (hashed) before it is stored on Amazon Web Services. Hashed data can not be “reverse engineered” to reveal a device’s MAC address.
This means that anyone who gains access to the database directly from Amazon – authorized or unauthorized – will only see long strings of numbers and letters and would not be able to get any information that could be linked to a back to a mobile device owner.
Is there any way to link data about your device’s physical location back to you?In limited circumstances, yes. If someone already knows both your name and your MAC address, they could potentially legally require that we provide them with information in our database about your mobile device including the locations of the sensors where we recorded your signal. Euclid will only do this if it received sufficient and appropriate legal process or to respond to cases of fraud or abuse.
Can I opt-out and delete the data you have about my MAC address?Yes and Yes. You can easily opt-out by submitting your MAC address here. We will stop saving any information about it in our databases and delete the data we already have associated with it. It may take from a day to a week for the data to be completely flushed out of our systems.
Turning off Wi-Fi on your phone or turning the phone off will stop sensor collection, but you are still advised to visit our site to delete any records we already have. Our goal is to be transparent about the data we collect and how it is used. Please contact us at moc.scitylanadilcue@ycavirp if you have any questions. Our website privacy statement has information specific to euclidanalytics.com (which is entirely distinct from our analytics service offering).
Thanks for reading!
The Euclid Team
Policy active as of May 2, 2013: Edited to (1) Add that Euclid does not share information with data brokers; (2) Eliminate inactive preferred services notice; (3) Eliminate inactive data augmentation feature; and (4) Include data collected using Wi-Fi infrastructure. Review previous policies here.