INFORMATION SECURITY & PRIVACY POLICIES
Effective: August 24, 2020
Technology is evolving rapidly and promises great benefits to both businesses and individuals (“consumer”). As technology advances, however, so do concerns about privacy. A core value at Radius Networks is that when we deploy our technology, it is done in a responsible manner that respects all consumers’ privacy and their choices. We equally support all consumers’ rights to:
- scope and be informed of,
- have access to,
- generally opt-out of (stop processing),
- specifically opt-out of (stop processing) any automated decision-making with,
- delete, and
- object to
personal data (including cookies) collected and used.
We are also committed to a privacy framework that is concise; transparent; intelligible; easily accessible; in clear and plain language; and free of charge. Key elements of our information security and privacy policies are listed and described in the following sections.
II. WHAT PERSONAL DATA DOES RADIUS NETWORKS COLLECT AND PROCESS?
We respect your privacy! That’s why we collect and process the least amount of personal data we can, and only on your behalf, in order to provide you and your customers with access to our sites, services, and/or products (via applications, APIs, and/or mobile SDKs); for the purposes of operational needs; to communicate with you, particularly about any support issues; enhance security; and continuously make improvements to our sites, services, and products. Most importantly, we collect and process personal data only when necessary; with your and your customers’ approval and consent; and in the execution of mutual agreements or contracts.
The following information may be collected:
- Contact information (email address, phone number, and mailing address)
- Vehicle information (model type, color, and license plate number)
- Customer order information (food and/or services)
- Preferred payment method
- Customer location data
- IP address
- Mobile identifier and its platform type
III. ARE ANY PERSONAL DATA RETAINED? IF SO, WHY ARE PERSONAL DATA RETAINED?
We do our best to practice transient use of all data. If and when we retain any personal data, its for the following purposes:
- Enabling you to create and manage an account to use our sites, services, and/or products.
- Enabling you to make purchases through our online store, to process your orders, and to ship products to you.
- To support your preferred/chosen third-party applications (i.e., order fulfillment).
- To communicate with you or your customers about any changes or updates to our site, service, and products.
- To improve, update, and enhance your experiences with our sites, services, and products (as a merchant and for your customers).
- To help solve any issues when using our site, service, and/or products through internal diagnostics/analytics (as a merchant and for your customers).
- To generate aggregated and anonymized usage statistics.
- To support operational needs for the cloud services, such as login security auditing.
- To detect and prevent fraud.
- To comply with legal obligations.
- All tasks related to any of the above.
All personal data collected will not be kept for longer than necessary for the purposes described above. Application, API, and SDK data (see Section II) are only retained for up to 60 days and then automatically deleted from our systems.
IV. IS MY PERSONAL DATA SHARED WITH THIRD PARTY SERVICES AND PLATFORMS?
First and foremost, we do not sell any data.
We may share account-related data with a limited number of third-party vendors, such as hosted infrastructure service providers, who protect and process them whenever necessary on our behalf in order to provide and improve our operational and transactional services to you and your customers. We may also share aggregated and anonymized usage statistics with other third parties for the same purpose. We only share de-identified location data with our hosted infrastructure service providers. And when leveraging mapping and traffic service providers, personal data are not shared.
Most importantly, all of our third-party vendors have agreed to and implemented information security and privacy regulations similar to our own (i.e., GDPR, CCPA, SB220). If we share your data with any vendor, we remain responsible for it.
V. IS MY PERSONAL DATA TRANSFERRED INTERNATIONALLY?
Our technology is deployed worldwide and your information may be processed outside of your residential country for the same purposes stated in Sections II and III. While data protection policies may vary by region, we protect all data equally (see Section VII).
We will not transfer personal data outside of the European Union (EU) unless the recipient complies with Privacy Shield Principles or is subject to suitable contractual safeguards to ensure that processing is in accordance with EU compliance laws. Please review our international compliance standards below:
Cookies are essential for everyday operations of a website, often used for key performance or functionality. A cookie is a small piece of text that our web server stores on your computer or device, which your browser sends to us when you return to our site. Cookies do not necessarily identify you, if you are merely visiting our site. However, a cookie may store a unique identifier for each logged-in user.
You can always choose not to opt-in for cookies.
VII. HOW IS MY PERSONAL DATA PROTECTED?
To avoid mismanagement and misuse of the data under our control, including your personal data, we maintain several security measures to protect them. Our security measures include single sign-on, encryption, firewalls, secure transfer, and authorized internal access of your personal data. Our hosted infrastructure service providers, who protect and process our data (see Section IV), is ISO 27001, 27017, 27018 (Security Management Controls, Cloud Specific Controls, and Personal Data Protection) and SOC 1, 2, 3 (Security, Availability, and Confidentiality) certified.
As we continue to protect your personal data, you can also make efforts to protect your own personal data by maintaining their accuracy and sharing any necessary updates.
VIII. HOW MUCH CONTROL DO I HAVE WHEN SHARING MY PERSONAL DATA?
Our sites, services, and products will always clearly ask for your consent before you share any personal data. You have every right of refusal to share any personal data (including cookies) when requested/prompted.
- As a Merchant, certain information is optional and you may also choose not to provide any data when creating a Radius Networks account. When using standalone mobile applications, you (and your customers) have privacy options and controls around what personal information is provided to purchased Radius Networks services and products. You (and your customers) can always control how the mobile applications collect information about location data using in-application prompts as well as the settings available on the device(s) being used.
- As a Developer integrating Radius Networks services and/or products, you can determine the privacy options available to your customers. You can also determine what personal data (i.e., personally identifiable information), if any, are shared with the integrated services and/or products. We recommend that developers follow best practices around educating and requesting location permissions from their customers. Your customers can always control how the mobile applications collect information about location data using in-application prompts as well as the settings available on the device(s) being used.
Please keep in mind that declining to share data (including cookies) may result in unavailability of certain sites, services, and/or products provided by Radius Networks. And, as always, we will honor all contractual safeguards in place.
IX. ARE CHILDREN ABLE TO USE RADIUS NETWORKS PRODUCTS/SERVICES?
By using Radius Networks sites, services, and products, you represent that you are of appropriate age from both outside (16+ years old in Europe) or within the United States (18+ years old). If you are not of appropriate age, you represent that you have given us your consent to allow any of your minor dependents to use our sites, services, and/or products.
If you are unsure about what is considered an appropriate age within your country, please check this list.
When the European Union (EU) and the European Economic Area (EEA) enacted the General Data Protection Regulation (GDPR) in 2016, we became compliant with its requirements by the designated due date of May 2018. We also decided to become Privacy Shield certified, which is not required by any law, to better protect your data by enforcing an internationally legal mechanism for safe information transfer between the United States, all EU countries, and Switzerland.
You have our commitment to continue protecting your personal data to the best of our ability. Please also make efforts to protect your own personal data by maintaining their accuracy and sharing any necessary updates.
XI. IS THERE ANYTHING ELSE I SHOULD KNOW?
- We do not use any personal data to make automated decisions, nor for profiling. Only the Cookies you choose to share shape your web experience (see Section VI).
- Under certain conditions, it is possible for a consumer to have the right to bring about binding arbitration to investigate potential violations.
- We will cooperate with Law Enforcement requests for personal data, if a warrant or court order is provided and to meet national security needs. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
- By using our sites, services, and/or products, you acknowledge and agree with our information security and privacy policies.
XII. CONTACT US
If you do not receive timely acknowledgment of your complaint from us or if we have not addressed your complaint to your satisfaction, please consult with our alternative dispute resolution provider by visiting https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. This service is provided to you at no cost.