Effective date: 2022-08-07
When we talk about “SMIITY,” “we,” “our,” or “us” in this policy, we are referring to SMITICITY – SMART CITY SOLUTIONS, LDA, the company which develops the Apps. When we talk about the “Application(s)” or “App(s)” in this policy, we are referring to our web and mobile tools and platforms. Our Apps are currently available for use via a web browser and applications specific to your desktop or mobile device.
Our website, mobile properties and relates applications are part of SMIITY, which is owned and operated by SMITICITY – SMART CITY SOLUTIONS, LDA. Under “How you can contact us” you will find more details about us.
SMIITY is a set of applications that provides local and contextual information to citizens and tourists. Our service includes Events, Points of Interest, News, Social Media, Trails, Media and content that is collected from our Customers and other public sources. The sources are always publicly displayed within the applications.
By visiting SMIITY’s website, smiity.com, any of its subdomains, or using a SMIITY application on a mobile phone, tablet, or similar device (a “Device”) or in connection with other sites or services, you are accepting the practices described herein.
1. What information we collect from you
1.1. PERSONAL INFORMATION
We receive and store any information you enter on our applications or give us in any other way. This includes information that can identify you (“personal information”), including your first and last name and email addresses, username and password, and billing information (such as your credit card number, cardholder name, and card expiration date). You can choose not to provide information to us, but in general some information about you is required in order for you to receive relevant content and enjoy other benefits of being a registered member. For example, only registered members are able to like content, change the applications language, control the proximity notifications and filter content by location. In addition, some information is also required in order for you to ask us a question or initiate other transactions on our site.
1.2. CUSTOMER DATA
Content and information submitted by users to the App is referred to in this policy as “Customer Data”. As further explained below, Customer Data is controlled by us or other third party for whom we have developed the Product (the “Customer”). Where SMIITY collects or processes Customer Data, it does so on behalf of the Customer and SMIITY. Here are some examples of Customer Data: name, pictures, videos and other types of files. A user may also choose to enter information into their profile, such as first and last name, a photo, an e-mail address and a phone number.
If you install or access one of our products and create a user account, you are a “user,” as further described in the User Terms of Service. If you are using the Products by invitation of a Customer, whether that Customer is your employer, another organization, or an individual, that Customer determines its own policies regarding storage, access, modification, deletion, sharing, and retention of Customer Data which may apply to your use of the Products.
1.3. INFORMATION FROM OTHER SOURCES
We also may periodically obtain both personal and non-personal information about you from affiliated entities, business partners, customers and other independent third-party sources and add it to other information about you.
For example, if you visit SMIITY by “clicking through” from a site operated by one of our business partners, and you have registered with that partner, then information about you that you have provided to that partner may be shared with us, such as contact information and demographic information.
As another example, if you access third party services, such as social media services, through our applications or before coming to our applications, we may collect information such as your user name, password, and other information made available to us through those services.
We will work with our existing partners and potential future partners to improve and personalize your use of our applications in accordance with the practices outlined in this section and Policy.
By using a social media network to login, these will provide us with information that you have chosen to make available pursuant to your social network privacy settings. That information may include your name, profile picture, gender, friend lists and any other information you have chosen to make available.
You may choose to turn off by logging into your social network and disabling SMIITY from your apps.
1.4. AUTOMATIC INFORMATION
We automatically collect some information from your computer or mobile device when you visit SMIITY. Our goal in collecting this automatic information is to help us understand the interests and preferences of our users and customize your user experience.
1.4.1. Log data
When you use the Products our servers automatically record information, including information that your browser sends whenever you visit a website or your mobile app sends when you are using it. This log data may include your Internet Protocol address, the address of the web page you visited before using the Product, your browser type and settings, the date and time of your use of the Products, information about your browser configuration and plug-ins, language preferences, and cookie data.
1.4.2. Device information
We may collect information about the device you are using the Products on, including what type of device it is, what operating system you are using, device settings, application IDs, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you are using and its settings.
Precise GPS location from mobile devices is collected only with your permission. WiFi and IP addresses received from your browser or device may be used to determine approximate location. We may use the location information collected from your Device or photos to enhance your use of the Application by providing you with relevant content.
Cookies are small text files sent by us to your computer and from your computer or mobile device to us each time you visit our website or use our desktop application. They are unique to your account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.
Some cookies are associated with your account and personal information in order to remember that you are logged in and which products you are logged into. Other cookies are not tied to your account but are unique and allow us to carry out site analytics and customization, among other similar things. If you access the Products through your browser, you can manage your cookie settings there but if you disable some or all cookies you may not be able to use the Products.
SMIITY sets and accesses our own cookies on the domains operated by SMIITY and its corporate affiliates. In addition, we use third parties like Google Analytics for website analytics. You may opt-out of third party cookies from Google Analytics on its website. We do not currently recognize or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance.
2. How we use information
We use your information to provide and improve the Products.
1. Customer Data
SMIITY may access and use Customer Data as reasonably necessary and in accordance with Customer’s instructions to (a) provide, maintain and improve the Products; (b) to prevent or address service, security, technical issues or at a Customer’s request in connection with customer support matters; (c) as required by law or as permitted by the Data Request Policy and (d) as set forth in our agreement with the Customer or as expressly permitted in writing by the Customer.
2. Other information
We use other kinds of information in providing the Products. Specifically:
- To understand and improve our Products. We carry out research and analyze trends to better understand how users are using the Products and improve them.
- To communicate with you by:
- Responding to your requests. If you contact us with a problem or question, we will use your information to respond.
- Billing and account management. We use account data to administer accounts and keep track of billing and payments.
- Investigating and preventing bad stuff from happening. We work hard to keep the Products secure and to prevent abuse and fraud.
This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable user or Customer of the Products.
3. Disclosure of Data
SMIITY doesn’t share or disclose Customer Data with third parties, except in times when you contact SMIITY to help resolve an issue. In order to help resolve the issue and given our relationship with our Customer, we may share your concern with our Customer.
We may disclose personal information that we collect, or you provide:
3.1. Disclosure for Law Enforcement
Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities.
3.2. Business Transaction
If we or our subsidiaries are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.
3.3. Other cases
We may disclose your information also:
- to our subsidiaries and affiliates;
- to contractors, service providers, and other third parties we use to support our business;
- to fulfill the purpose for which you provide it;
- for the purpose of including your company’s logo on our website;
- for any other purpose disclosed by us when you provide the information;
- with your consent in any other cases;
- if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others.
4. Security of Data
SMIITY takes security seriously. We take various steps to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store, and the current state of technology.
4.1. Network Protection
In addition to sophisticated system monitoring and logging, we have implemented two-factor authentication for all server access across our production environment. Firewalls are configured according to industry best practices and unnecessary ports are blocked by configuration with AWS Security Groups.
4.2. Host Management
We perform automated vulnerability scans on our production hosts and remediate any findings that present a risk to our environment. We enforce screen lockouts and the usage of full disk encryption for company laptops.
5. Your Data Protection Rights Under General Data Protection Regulation (GDPR)
If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR.
We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at firstname.lastname@example.org.
In certain circumstances, you have the following data protection rights:
- the right to access, update or to delete the information we have on you;
- the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;
- the right to object. You have the right to object to our processing of your Personal Data;
- the right of restriction. You have the right to request that we restrict the processing of your personal information;
- the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format;
- the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information;
Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not be able to provide the Service without some necessary data.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
6. Transfer of Data
Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside Portugal and choose to provide information to us, please note that we transfer the data, including Personal Data, to Portugal and process it there.
7. Deleting your account
To delete your account, please contact us at email@example.com. Please include your Name and Email and we will reply as soon as possible.
8. Service Providers
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
10. Behavioral Remarketing
11. Links to Other Sites
12. Children’s Privacy
Our Services are not intended for use by children under the age of 18 (“Child” or “Children”). We do not knowingly collect personally identifiable information from Children under 18. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.
©2023 SMIITY. All rights reserved.
Last updated: August 7, 2023.