Privacy Policy

INPIXON INFORMATION COLLECTION PRACTICES

VERSION DATE: February 14, 2020

Thank you for your interest in Inpixon, our products, company and people. As a user, partner, client or customer, we want you to understand our personal information practices. In this Privacy Policy, you will find information about how we collect, use and disclose personal information through our websites, business activities, applications and sensors, and your choices regarding the use of your personal information. This privacy policy discloses the privacy practices for inpixon.com and the Inpixon family of websites including inpixon.com, jibestream.com, localitysystems.com, and shoom.com (the “Sites”). You should also note that this privacy policy discloses our privacy practices for the Inpixon family of products provided on behalf of our customers who make use of these products (including but not limited to such products that make use of sensors to passively detect the position of devices which may be carried by persons (together the “Inpixon IPA Products”)).  Please see the section entitled ‘About the Inpixon IPA Products’ below for more information.

For the purposes of the General Data Protection Regulation 2016/679 (the “GDPR”) and other laws globally, Inpixon, including its subsidiaries (collectively, “Inpixon”, “we”, “us” or “our”) is the controller and the sole owner of personal information collected by this site.  Personal information collected via the Inpixon IPA Products will be controlled independently by Inpixon and our customers.  This privacy policy applies only to personal information collected by this site and by Inpixon through the Inpixon IPA Products. 

The term “personal information” as used in this privacy policy shall mean any information (including “personal data” as that term may be defined) that enables us to identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to you.

If you have questions about this policy, or the manner in which we collect, use or otherwise process your personal information, please contact us using the contact details below, directing your inquiry to our designated privacy officer whose title is Executive Vice President of IT Operations:

By email: info@inpixon.com 

By post: 2479 E. Bayshore Rd, Ste 195, Palo Alto, CA 94303

By telephone:  +1 (408) 702-2167 

The following information is covered:

  • An overview of the Inpixon IPA Products.
  • What personal information is collected from you through the site, and automatically via the Inpixon IPA Products, how it is used and with whom it may be shared.
  • What choices are available to you regarding the use of your personal information.
  • International data subject rights.
  • The security procedures in place to protect the misuse of your information.
  • How you can correct any inaccuracies in the information.

About the Inpixon IPA Products

An overview of the Inpixon IPA Products

Inpixon provides a range of geolocation analytics products via its Indoor Positioning Analytics Platform (the “IPA Platform”) to its customers. Certain of these products provide indoor positioning data with respect to devices, some of which may be carried by persons, the purpose of which is to allow Inpixon’s customers to better understand, monitor and analyse the status of visitors/employees on their premises. 

The Inpixon IPA Products utilize mobile device data gathered by the IPA Platform, which passively collects mobile device transmissions via sensors strategically placed throughout the customer’s venue or premises which listen for Radio Frequency (RF) signals (including WiFi, Bluetooth, cellular, or Ultra-Wide Band (UWB))  generated by mobile devices in the vicinity.   These transmissions are collected and analysed in near real time to provide key insights to venue operators and premises owners.

These Inpixon IPA Products may be used to enable venue operators to better understand visitor presence, visitor dwell time, visitor return dynamics, as well as visitor journey through a venue.  These are valuable insights to customers from a general venue management perspective (to track customer traffic and footfall, etc.), and from a security perspective, allowing venue operators to assess security threats in real-time by recognising that a potentially malicious visitor has returned to a venue and tracking that visitor via their device, for example.  Certain Inpixon IPA Products further allow venue operators to combine the geolocation capabilities provided by the Inpixon IPA Platform with their existing CCTV and video management systems. 

Certain Inpixon IPA Products are intended primarily for high security government premises or within private enterprises with security concerns.  These products enable government and enterprise customers to monitor the radio frequency environment on their premises and are designed to allow users the ability to monitor the location of cell phones, laptops, wearables, accessories, etc. spatially within their premises using the receiving strength of the radio transmissions from each source.   These products can be used to identify, tag and alert users based on device position within various designated zones throughout a premises.  This can be useful, for example, to alert the user that an unknown and potentially harmful device is on the premises.

Alerting you to the fact that Inpixon IPA Products are in use

Subject to applicable laws, if you visit a premises or venue (e.g. a department store, airport, sports stadium, concert venue etc.), our customers may alert you to the fact that one of the Inpixon IPA Products is in use by clear signage posted around the venue.  This signage will direct you to the venue operator’s privacy policy and will outline their privacy practices in relation to your personal information collected.  The venue operator’s privacy policy should direct you to our privacy policy. 

Whilst Inpixon supports our customer’s obligations to accommodate privacy rights in accordance with applicable laws, as an independent controller, our customers are solely responsible for complying with their obligations under applicable laws and for providing appropriate transparency and privacy controls.

What information do we collect from our site visitors and customers?

We use different methods to collect personal information from and about you including:

  • Information you give us. You may give us your personal information including name, company name, email address, telephone number, postal address and billing details by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal information you provide when you ask us about, or apply for, our products or services; subscribe to our services or publications; request marketing to be sent to you, or give us some feedback.
  • Information we collect on the site. As you interact with our site, we may collect technical data about your equipment, browsing actions and patterns. We collect this information by using cookies, server logs and other similar technologies. Please see our Cookie Policy at https://inpixon.com/privacy/cookies for further details.

When you first access our site from certain jurisdictions (including the European Union), you will receive a message advising you that cookies and similar technologies are in use.  By clicking “accept cookies”, you signify that you understand and agree to the use of these technologies, as described in our Cookie Policy.  For more information about our practices in this area, please see our Cookie Policy linked in the footer of our site.

  • Information we collect via the Inpixon IPA Products.   The primary data that is collected and stored by each of the Inpixon IPA Products is limited to MAC address data emitted by devices as individuals move through a customer’s venue or premises.  Further to MAC address data, the Inpixon IPA Products generate the following categories of personal information:  visualization of routes taken, return frequency data, arrival time, visit history, real time geolocation of devices, historic location data, time spent in each zone and zone violations. In order to make such information as anonymous as possible, we provide customers the option to pseudonymize MAC address information collected through the Inpixon IPA Products by assigning each MAC address within the Inpixon IPA Platform a randomly generated identifier.

How do we process information collected from our customers?

We will process information that we collect from you for the following purposes as is necessary for the performance of a contract between you and us (including our product sales agreements) or to answer questions or take steps at your request prior to entering into a contract:

  • To allow you to request a demo of our products and services;
  • To provide our services;
  • To assist you in completing a transaction with us;
  • To prepare and process invoices;
  • To notify you about changes to our services; and
  • To respond to queries or requests and to provide services and technical and sales support.

We will process information we collect for the following purposes as is reasonably necessary in our legitimate business interests, or where you have given your informed consent to such processing if required by applicable law (such consent may be withdrawn at any time):

  • To respond to you regarding the reason you contacted us;
  • To monitor and protect the security of our information, systems and network;
  • For internal business intelligence purposes, to conduct research, product development and enhancement;
  • To administer our site and for troubleshooting, data analysis, testing, research and statistical analysis;
  • To create products and services that might meet your needs;
  • To inform you of changes made to our site and other services;
  • To allow you to download our resources;
  • To conduct marketing and commercial activities and to market relevant offers and promotions to you;
  • To ensure that content from our site is presented most effectively for you and your computer;
  • To display content based on your interests;
  • Enable you to search information on our site;
  • Assess your needs and interests in order to better tailor offers and/or advertising; and
  • Improve our site.

How do we process information collected via the Inpixon IPA Products?

We will process information collected via the Inpixon IPA Products as is reasonably necessary in the legitimate interests of third parties, namely:

  • Our customers (by assisting venue operators and enterprises to keep their venues and premises safe, and to track visitor footfall and traffic in order to optimize venue use);
  • Those visiting or employed to work at our customers’ venues or premises (again, to help our customers maintain a safe and secure environment for visitors and employees); and
  • The general public (by assisting our customers with the general prevention of crime in the often large venues in which the Inpixon IPA Products are used (e.g. airports, train stations and large shopping malls) and assisting high security venues maintain security).

Sharing your information

We may share information we collect with the parties set out below for the purposes set out in this policy:

  • Our customers to which we provide the Inpixon IPA Products;
  • A member of our group;
  • Our professional advisors such as auditors, accountants and lawyers, etc.; and
  • Companies that provide services to help us with our business activities, such as data storage, maintenance services, database management, web analytics, payment processing, mailing and shipping services.

We will only transfer your information we collect from you to trusted third parties, including our affiliates, who provide sufficient guarantees in respect of the technical and organisational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.

We do not allow our third-party service providers to use the information we collect for their own purposes and only permit them to process that information for specified purposes and in accordance with our instructions.

We may also disclose information we collect to third parties:

  • in the event that we sell or buy any business or assets, in which case we may disclose information we collect to the prospective seller or buyer of such business or assets;
  • if Inpixon or substantially all of its assets are acquired by a third party, in which case information held by it about its customers may be one of the transferred assets; or
  • if we are under a duty to disclose or share information we collect in order to comply with any legal obligation, any request from law enforcement or governmental organisations, or in order to enforce or apply our terms and other agreements; or to protect the rights, property, or safety of Inpixon, our customers, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction.

We are headquartered in the United States of America, and also operate offices in Canada and India. Your personal information will be accessed by us or transferred to us in these countries and will be accessed by our employees in those countries. If you are visiting our site from outside these countries, be aware that your personal information will be transferred to, stored, and processed in these countries where our servers are located, and our central database is operated.  By using our site, you acknowledge this transfer of your personal information.

Where required by applicable laws, we will take appropriate measures to ensure adequate protection of your personal information when transferred internationally and, if necessary, seek your prior consent.  For instance, if you are located in the European Economic Area (“EEA”), we may store your personal information as described in this policy outside the EEA.  Where we transfer EEA personal information to a third party located in a country not recognized by the European Commission, or another relevant body, as ensuring an adequate level of protection, we will take appropriate steps, such as implementing Standard Contractual Clauses recognized by the EU Commission, to safeguard such personal information.

Marketing

Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy. We will generally ask for your consent to receive marketing communications in line with the applicable law when you first provide your personal information.

How long do we keep your personal information?

We will store your personal information, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the personal information is processed. We use your personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically and reasonably feasible to remove it. Otherwise, we will seek to delete your personal information within a reasonable timeframe upon request.

Your access to and control over information

In certain circumstances, and subject to applicable laws, for example if you are an EU resident, you may have the following rights in relation to your personal information:

  • Request access to your personal information. You may have the right to request confirmation from us as to whether we process your personal information and to request access to any personal information we hold about you as well as related data, including the purposes for processing the personal information, the recipients or categories of recipients with whom the personal information has been shared, where possible, the period for which the personal information will be stored, the source of the personal information, and the existence of any automated decision making.
  • Request correction of your personal information. You may have the right to obtain without undue delay the rectification of any inaccurate personal information we hold about you.  To the extent required by applicable laws, any correction requests will be communicated to each recipient of your personal information.
  • Request erasure of your personal information. You may have the right to request that personal information held about you is deleted.  To the extent required by applicable laws, any erasure requests will be communicated to each recipient of your personal information.
  • Request restriction of processing your personal information. You may have the right to prevent or restrict processing of your personal information.  To the extent required by applicable laws, any restriction of processing requests will be communicated to each recipient of your personal information.
  • Request transfer of your personal information. You may have the right to request transfer of your personal information directly to a third party where this is technically feasible.
  • Right to object. You may have the right to object to the processing of your personal information when you have legitimate reasons to do so.
  • Right to withdraw consent. Where processing is based on consent, you may have the right to withdraw such consent.  In some cases, if you withdraw your consent to use of your personal information, we may not be in a position to continue to provide our services or products to you.
  • Opt-out. You may opt out of any future contacts from us at any time.

You can do the above at any time by contacting us via our general inquiry email at info@inpixon.com:

We aim to respond to requests made by you within one (1) month, but may extend that period by two (2) further months where necessary. 

If you are based in the European Union, where you believe that we have not complied with our obligation under this privacy policy or European data protection law, you have the right to make a complaint to an EU Supervisory Authority, such as the UK’s Information Commissioner’s Office.

Privacy rights for residents of California only

The California Consumer Privacy Act of 2018 (“CCPA”) provides “consumers” (California residents) with specific rights regarding their “personal information”.  This section describes your CCPA rights and explains how to exercise those rights.

During the past twelve (12) months, we have collected the following categories of information from the listed sources, used it for the listed business purposes and shared it with the listed categories of third parties.  The categories of information include information we collect from our customers, partners and website visitors, and any other person that interacts with us either online or offline.  Not all information is collected about all individuals.

Category of information collected

Source

Business purposes* for use

Categories of third parties receiving information

Identifiers (name, email address, telephone number, postal address and other personal or electronic identifiers)

Individuals submitting information to us.

Information we may receive from third-party marketing and data partners.

Performing services for you.

Advertising customization.

Auditing relating to transactions.

Service providers (including those listed under the heading entitled ‘Sharing your personal information’).

Affiliated companies.

Government regulators.

Law enforcement.

Strategically aligned businesses.

Sensitive information (billing details)

Individuals submitting information to us.

Performing services for you.

Service providers (including those listed under the heading entitled ‘Sharing your personal information’).

Affiliated companies.

Government regulators.

Law enforcement.

Commercial information (transaction history, products/services purchased, obtained or considered and product preferences)

Individuals submitting information to us.

Information we automatically collect from website visitors.

Performing services for you.

Advertising customization.

Auditing relating to transactions.

Internal research and development.

Service providers (including those listed under the heading entitled ‘Sharing your personal information’).

Affiliated companies.

Government regulators.

Law enforcement.

Strategically aligned businesses.

Internet or other electronic network activity the operating system used and the domain name of your internet service provider, information about your visit, including pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page)

Information we passively collect from devices, which may be carried by persons and employees visiting customer venues and premises.

Information we automatically collect from website visitors.

Information we may receive from third-party marketing and data partners.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.

Service providers (including those listed under the heading entitled ‘Sharing your personal information’).

Affiliated companies.

Government regulators.

Law enforcement.

Strategically aligned businesses.

Geolocation

Information we passively collect from visitors and employees visiting customer venues and premises.

Information we automatically collect from website visitors.

Information we may receive from third-party marketing and data partners.

Advertising customization.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.

Service providers (including those listed under the heading entitled ‘Sharing your personal information’).

Affiliated companies.

Government regulators.

Law enforcement.

Inferences from the above (preferences, characteristics, behavior, attitudes and abilities, etc.)

Information we passively collect from visitors and employees visiting customer venues and premises.

Internal analytics.

Information we may receive from third-party marketing and data partners.

Advertising customization.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.

Service providers (including those listed under the heading entitled ‘Sharing your personal information’).

Affiliated companies.

Government regulators.

Law enforcement.

*The business purposes also include those listed under the headings entitled ‘How do we process personal information collected from our customers?’ and ‘How do we process personal information collected via the Inpixon IPA Products?’.

Sale of personal information

In the preceding twelve (12) months, Inpixon may have sold the following categories of personal information to our customers using the Inpixon IPA Products in their venues. Except as described below, Inpixon does not provide personal information gathered by the Inpixon IPA Products to non-customer third parties:

  • Identifiers
  • Internet or other electronic network activity;
  • Geolocation; and
  • Inferences from the above.

Sharing of personal information with service providers

Inpixon may from time to time share personal information collected from users of its website (including internet or other electronic network activity) with one or more service providers for the purpose of receiving analytical information relating to web site usage.  For the purposes of the CCPA, this will constitute a ‘sale’ of personal information.

Your rights and choices

As of January 1, 2020, if you are a verified California resident, you have the right to obtain certain information about our collection and use of personal information over the past twelve (12) months, including:

  • The categories of personal information we collect;
  • The categories of sources of personal information we collect;
  • Our business purpose for collecting or sharing that personal information;
  • The categories of third parties with whom we share that personal information;
  • The specific personal information we have collected about you over the past twelve (12) months;
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • the categories of personal information sold and the category of third party recipients; and
    • list of the categories of personal information that we disclosed for a business purpose.

You have the right to request that we do not sell personal information about you, and to request that we delete (and direct our service providers to delete) your personal information subject to certain exceptions. 

Personal information sales opt-out and opt-in rights

If you are sixteen (16) years of age or older, you have the right to direct us to not sell your personal information at any time (the "right to opt-out"). We do not sell the personal information of individuals we actually know are less than sixteen (16) years of age.  To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following page: https://www.jibestream.com/ccpa.

Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales.

Exercising your rights

You can exercise any of these rights by contacting us using the contact details set out above or you may submit a request to us by visiting the following page: https://www.jibestream.com/ccpa.  You may make a request up to twice within a twelve (12) month period.  You may also call us on the following toll free telephone number:  1-800-563-8065.

We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and we will use that information only for that purpose. We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm that the personal information relates to you.

Response timing and format

We will endeavour to respond within forty-five (45) days of receipt of your request, but if we require more time (up to an additional forty-five (45) days) we will notify you of the reason and extension period in writing.

Where you request a copy of your personal information, we will endeavour to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy.  Any disclosures we provide will only cover the twelve (12) month period preceding the receipt of you verified request.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We will not discriminate against you as a result of your exercise of any of these rights.

Security

We take precautions to protect your information. When you submit sensitive information via the site, your information is protected both online and offline.

Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the address of the web page.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personal information. The computers/servers in which we store personal information are kept in a secure environment.

Links

This site contains links to other sites maintained by third parties. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personal information.

Updates

Our Privacy Policy may change from time to time and all updates will be posted on this page.  The most recent version of this policy is reflected by the version date located at the top of this policy.   If you feel that we are not abiding by this privacy policy, please contact us via email at info@inpixon.com.