Last updated Jan 6, 2022
Introduction & What this Policy Outlines
Thank you for choosing to be part of our community at InReality, LLC (“Company”, “we”, “us”, or “our”). InReality is committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at privacy@inreality.com.
This Privacy Policy covers the InReality software platform (“InReality” or the “Service”), which includes sensors, cameras and components such as our Safe Space web app as well as our Cloud Platform.
In this Privacy Policy, we seek to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it.
The Service is designed to operate as described in this Privacy Policy, however, our customers who use the Service (“Customers”) in Venues can customize the Service to collect, use and retain information beyond the default settings described below. Therefore, we encourage you to keep this in mind as you review this Privacy Policy and to contact the Venue directly to ask how they have decided to implement the Service.
By using and/or interacting with the Services, you acknowledge you are aware of the terms of this Privacy Policy and your continued use shall be constituted as your consent to our collection, processing, and sharing of information for the purposes set forth herein.
We may change this Privacy Policy from time to time. If we make changes, we will provide notice by revising the date at the top of this policy and posting to our websites and apps, and in some cases, we may provide additional notice (such as via our websites or by sending an email notification to account holders).
What is InReality’s software platform?
InReality, LLC is a data analytics platform company that utilizes sensors (typically either camera vision or radar technology) to collect and collate data for venue marketing and tracking. Our platform processes detailed metrics for the purpose of improving in-venue marketing and sales. Our platform was originally built for retail utilizing cameras and, as such, have been subject to strict legal and public perception challenges. As such, we have always had the utmost respect towards both views on the matter. We designed it to respect the rights and privacy sensitivities of both individuals and businesses while also ensuring the insights necessary to extract value for both. The platform is designed and deployed to comply with the strictest privacy laws such as GDPR and CCPA and is continuously being reviewed and amended according to the latest recommendations by governing bodies.
Glossary of Terms
- Aggregated Data:
- De-identified aggregated metrics: Data that cannot be reasonably used to infer information about or otherwise linked to a particular consumer, computer, or other device, e.g., five percent of the store’s visitors today were seen at some point in the past week
- Anonymized Data:
- De-personalized Data: Data that cannot be reasonably used to infer information about a particular consumer, but that may be associated with a particular computer or device, e.g, a hashed MAC address
- AOI (Area of Interest): A defined area of your venue, such as an entrance or exit, POS (point of sale), digital signage location, interactive promotion, etc.
- API (Application Programming Interface): A standard computer interface that allows users to access data from a system. InReality’s API is the messenger that delivers your requests to our Analytics application, and returns the response (data) back to you
- CCPA: California Consumer Privacy Act
- Data Collected: Any useful information that is tracked by a Sensor and interpreted on the Platform
- GDPR: General Data Protection Regulation
- InReality Online Platform: https://app.inreality.com/v3/
- Personally Identifiable Information (PII): information that specifically identifies you as an individual. Personally Identifiable Information includes identity data (e.g., name or other similar identifiers) and contact data (e.g. address, email address, telephone number)
- Sensor: Any device in a venue that generates data for InReality’s platform
- The Company: InReality, LLC (also referenced: “We”, “Our”, “InReality”)
- Third Party: Any partner or affiliate associated with InReality’s data, and any other persons or group that provide InReality with data or resources
- Venue: one store / location within a Customer’s subscription that contains the AOIs and sensors that generate data
- Aggregated Data:
What Information is Collected and How it is Collected
Data Captured In Venue
InReality, and its Customers, capture data in-venue to provide more information about in-venue behavior and performance through a variety of sensors and other means. By default, all of the data collected is non-personal, meaning that no Personally Identifiable Information (PII) is captured, or stored, but only reports on Anonymized and/or Aggregated data which cannot be connected to any individual. Examples include:
- No PII possible: Sensors are unable to collect any data that would be considered personal data
- Engagement Tracker (Radar Sensor)
- Venue Location
- Location in Venue
- Count
- Dwell Time
- Timestamp
- Product interaction/pick-up (RFID or NFC or Infrared) data
- Venue Location
- Location in Venue
- Product ID
- Count
- Timestamp
- Traffic counting (Infrared, Laser, sensor mats)
- Venue Location
- Location in Venue
- Count
- Timestamp
- Engagement Tracker (Radar Sensor)
- PII possible, but anonymized
- In certain cases, Anonymous Video Analytics (using cameras) are employed to detect individual bodies/faces from a real-time camera feed that is not recorded or stored. Although individual records are created, all data is anonymized. Each body or face is assigned an anonymous ID or tag, and no visual data, including photos or video, is stored at any time. No data can be reasonably used to infer information about a specific visitor.
- Venue Location
- Location in Venue
- Information of Person
- Count
- Body Gesture(s)
- Estimated Age/Age Group
- Estimated Gender
- Estimated Mood
- Dwell Time or Gaze Time
- Timestamp
- In certain cases, Anonymous Video Analytics (using cameras) are employed to detect individual bodies/faces from a real-time camera feed that is not recorded or stored. Although individual records are created, all data is anonymized. Each body or face is assigned an anonymous ID or tag, and no visual data, including photos or video, is stored at any time. No data can be reasonably used to infer information about a specific visitor.
- PII possible, but aggregated
- In other cases, data can be collected from other sensors, such as Mobile Device Detection beacons (or similar). In these situations, no individual information is retained, but rather is aggregated into counts (or ratios) for a period of time (e.g., 15 mins, 1 hour, 1 day, 1 week, etc.). Data is transmitted only in an aggregated manner and no individual records are created or kept (e.g., 120 visitors seen in Venue A on Monday between 2 PM-3 PM).
- Venue Location
- Location in Venue
- Device Identifier
- Count (Max, min, and/or total)
- Dwell Time
- Time Period
- In other cases, data can be collected from other sensors, such as Mobile Device Detection beacons (or similar). In these situations, no individual information is retained, but rather is aggregated into counts (or ratios) for a period of time (e.g., 15 mins, 1 hour, 1 day, 1 week, etc.). Data is transmitted only in an aggregated manner and no individual records are created or kept (e.g., 120 visitors seen in Venue A on Monday between 2 PM-3 PM).
- PII possible, but anonymized & aggregated
- In other cases, data can be collected from various sensors and can be both anonymized and aggregated. This occurs when sensors are used to collectively gain an aggregated list of PII, which is anonymized immediately. This is useful for collecting anonymized data from aggregated data from multiple persons or a group of people that would otherwise show PII. The data for a group of people is aggregated over a given time period and also anonymized so no PII is developed.
- Repeat Visitor
- Employee Exclusion is opt-in (storing image/s): Employees are automatically anonymously tracked so that the data does not count them as separate unique visitors. There must be a distinguishable difference between employees and Customers.
- Repeat Visitor Customer: Sensors may track unique visitors for repeat visits, but this is still anonymized data. We do not store images or specific device IDs and instead use anonymous IDs or tags. We store facial pattern information and look back against that information. That information is still not image-based and cannot be reasonably reverse-engineered or linked to an individual person.
- No PII possible: Sensors are unable to collect any data that would be considered personal data
Data Collected from Third Parties
InReality, and its Customers, collect and transmit data that is relevant to in-venue analytics that can come from Third Parties (Weather, Event Calendar, etc.), other sensor data, or from InReality’s Customers (POS data, Loyalty data, etc.). In most cases, this data is non-PII (Weather or Event). In cases where the information may have PII information, that data is collected, initially stored, and transmitted to InReality by the InReality Customer. InReality considers this data to be given by the Customer with appropriate consent, and InReality will ensure it stores and protects the data appropriately.
- No PII possible
- Weather conditions (High, Low, Conditions)
- Event calendar (Concert, Game, Sale, Marketing Calendar)
- PII Possible (Covered by InReality Customer’s Privacy Policy: they have to notify us to do any deletion/purging)
- Employee Schedule
- POS Data
- Loyalty Data
- No PII possible
Data Collected from the InReality Cloud Platform
InReality may collect PII when you sign up, purchase, or evaluate our products and services at the InReality Cloud Platform. We collect information about you such as your name, Company name, email address, billing address and role/title. We may gather additional information (personal or non-personal) in the future. The purpose of this data is to appropriately create and administer logins to our Cloud Platform by users. This data is used to verify your identity for security reasons, provide you with support and services, and provide you with information about other services and features of our platform. For more information, please reference our InReality Platform (Website and App) Privacy Policy.
Anonymization Clause
- Anonymization is a technique applied to personal data in order to achieve irreversible de-identification. Any personal data obtained through the use of cameras, sensors, or other instruments is collected and processed for anonymity in compliance with the applicable legislation on the retention of data in an identifiable format.
- In order to obtain truly anonymous data, every sensor used by The Customer under The Company’s guidelines will retrieve generic information and immediately delete any non-generic information. Any sensor will not retain any specific information. Information is defined as any piece of knowledge that may be exclusive to 1 individual person or group of persons and may be traced as evidence of proof of said person or group of persons.
- No visual data is captured or stored at any time. Each body or face detected is assigned an anonymized ID or tag. No Personally identifiable information (PII) is collected.
- The Company demonstrates the need to keep personal data in a form which permits identification for no longer than is necessary for the purposes of further processing; The Company defines the necessary time as no longer than required for the API to correctly initiate and evaluate the camera, sensor, or other instrument data. Usually this initiation and evaluation occurs in less than three-hundredths of a second. After such time has passed, all collected data is either deleted or anonymized immediately and unequivocally.
- The Company is accountable for all means that are likely reasonably used for identification by the controllers and third parties.
- The likelihood of risk through anonymisation of data has been assessed and determined to be inherently low by The Company.
- The optimal solution for anonymity is decided on a case-by-case basis, possibly by using a combination of different techniques, while taking into account the practical recommendations developed in this Policy.
How We Protect Data & Individual Privacy
- For camera based analytics, all video processing is performed locally in real time so that images or videos do not need to be recorded or transmitted. No video images are stored locally or transmitted via network to the InReality Cloud Platform.
- All the anonymous audience & engagement measurement data generated by our software is securely encrypted & streamed (SSL / TLS) to our cloud, which only our clients can access via secure log-ins. No PII information, if provided by clients, is available to be downloaded by clients from the InReality Cloud Platform.
- Aggregated anonymous “metadata” (non-PII) information is sent to our Cloud (AWS)
- Wifi & Bluetooth Broadcast Beacons: Collected PII data is never sent over the network or saved in long term storage. When collected, the data is immediately de-personalized in-memory by hashing the PII. This is a one-way process that cannot be reasonably reversed. The original data is discarded, while only the new de-personalized data is sent over the network for further processing on our servers. We cannot reasonably and will not identify the individual persons.
- Camera Images: Camera images are never sent over the network or saved in long term storage. When collected, the image is immediately processed in-memory. The original image is discarded, while only the de-identified aggregated metrics are sent over the network for further processing on our servers. We cannot and will not retrieve the original images or identify individual persons.
How Long Data is Stored
- Any raw data we do collect is kept locally for 30 days and is configurable. After the 30 day period, the raw data is deleted forever. Any raw data we do collect is also kept on the InReality cloud platform for 90 days and is configurable. After the 90 day period, the raw data is deleted forever. The results, metrics, and key insights derived from the raw data on the InReality cloud platform are accessible indefinitely and are configurable.
How We Use and Share the Data
- We use any captured data to provide de-identified aggregated metrics of the movement and behavior of the visitors in a venue. The venue owner or operator will often use this for the purposes of enhancing the user experience, conducting internal audits, optimizing revenue generating activities, and more. A good example of a report we provide is: N number of individuals were seen at Location A between time X and time Y; we have seen a subset of those individual tags in the past and on average the N individuals spent Z minutes at the location.
- All data collected by InReality is anonymised and is not shared with or sold to any other company or persons except as described in this Privacy Policy.
Employee Exclusion Clause
- By default, InReality’s data analytics and platform do not use Employee Exclusion. Employee Exclusion is defined as keeping the data of an individual employee’s facial recognition or other attribute in order to exclude him/her from any KPI (Key Performance Indicators) or other results. If the customer chooses to use Employee Exclusion, then there is an opt-in for each individual employee OR they may choose to use a unique identifier (such as uniform color) to strip their data out anonymously. The form opt-in option allows the individual employee to understand and agree or disagree to opt-in to using InReality’s platform and services.
Consent
- You are not legally obligated to provide us information, and you hereby confirm that providing us information is at your own free will. By using our platform and services, you acknowledge you are aware of the terms of this Privacy Policy and your continued use shall be constituted as your consent to our collection, processing, and sharing of information for the purposes set forth herein. If you do not agree to this Privacy Policy, please do not access or otherwise use our platform or products. We reserve the right, at our discretion, to change this Privacy Policy at any time.
- Consent is not required for consumers who are anonymously tracked by our sensors because it is anonymous information. The consumer gives up certain rights while on public commercial property; if the consumer does not want to be included in the anonymous data, then he/she should not enter the venue.
BIPA Compliance Clause
- BIPA (Biometric Information Privacy Act) has been recently instituted for the State of Illinois. InReality and its data analytics and products successfully comply with BIPA. By anonymizing and aggregating the data we collect, we do not directly or inherently collect or link any medical, financial, government, or other important, unique, confidential, and sensitive data to the users. We also comply with the BIPA duration period. We keep any raw data for no more than 30 days, after which the raw data is deleted forever. We keep raw data on our cloud platform for no more than 90 days, after which the raw data is deleted forever. This time period is less than the 3 year period as stated in BIPA. Also, as stated in BIPA: “‘Biometric identifier’ means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Biometric identifiers do not include…demographic data”. Since all data under InReality’s platform, services, and products is collected for demographic purposes only, InReality successfully complies with all BIPA regulations and therefore does not use any Biometric Identifiers.
- For more information, BIPA may be found online at http://www.ilga.gov/legislation/ilcs/ilcs3.asp?ActID=3004&ChapterID=57
California Privacy Rights
- California Privacy Rights: California Civil Code Section 1798.83 permits our Customers who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@inreality.com. Please note that we are only required to respond to one request per Customer each year.
California Do Not Track Notice
- We do not track consumers over time and across third party websites and therefore do not respond to Do Not Track signals. We do not allow third parties to collect PII about an individual consumer’s online activities over time and across different websites when a consumer uses the Services.
Deletion of Content from California Residents
- If you are a California resident under the age of 18 and a registered user, California Business and Professions Code Section 22581 permits you to remove content or Personal Information you have publicly posted. If you wish to remove such content or Personal Information and you specify which content or Personal Information you wish to be removed, we will do so in accordance with applicable law. Please be aware that after removal you will not be able to restore removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or Personal Information you have posted and that there may be circumstances in which the law does not require us to enable removal of content. This clause does not pertain to anonymized data, since we cannot trace any anonymous data back to individual users.
GDPR
inReality is considered a “data processor” under the guidelines of the GDPR. Our customers are primarily considered to be “data controllers”, and are responsible for meeting additional privacy or consent gathering requirements for their individual use case.
The GDPR specifies that biometric data is to be considered a special category of personal data that can not be used for the purposes of an individual’s identification. inReality uses facial detection, not facial recognition, and does not capture or store images.
An inReality Partner, using Camera Analytics, in October 2019 hired the Grant Thornton firm to perform a GDPR audit. Below were the results.
Mandatory Documents Reviewed | Corresponding GDPR Articles | Descriptions |
---|---|---|
Personal Data | Article 24 | Top-level document for managing privacy on |
Protection Policy | Platform, which defines what is to be achieved and how | |
Privacy Notice | Articles 12, 13, and 14 | Explains in simple words how the Platform processes personal data from the customers, website visitors, and others |
Data Retention Policy | Articles 5, 13, 17, and 30 | Describes the process of deciding how long a particular type of personal data is kept, and how it is securely destroyed. |
Data Subject Consent Form | Articles 6, 7, and 9 | Obtain consent from a data subject to process his/her personal data |
DPIA Register | Article 35 | Record all the results from the Data Protection Impact Assessment. |
Data Breach Response and Notification Procedure | Article 4, 33 and 34 | Describes what to do before, during, and after a data breach |
Data Breach Register | Article 33 | Describes where data breaches will be recorded |
Our Contact Information
- If you have questions or comments about this policy in relation to our venue analytics, you may email us at support@inreality.com.
Why inReality’s Engagement Tracker?
Simplicity
There is no simpler, more cost effective, sensor that provides this depth of insight in the market today
Privacy
Security
Built on industry leading cloud platform providing a secure and manageable way to access your data