Among other things, we bind our partners to ensure:
- Proper disclosures relating to the collection of location data
- User opt-in consent for the collection of location data from mobile devices
- Respecting mobile device users’ choices and device settings
In addition, we require that our customers only process location data received from us in compliance with applicable privacy laws, industry standards, and their own privacy policies.
Last Updated: March 21, 2021
Market Service, Inc. dba Thasos, is a New York corporation with offices at: 310 East Shore Road, Suite 309, Great Neck, NY (“Thasos”). We are committed to protecting and respecting privacy and the protection of information that may be used to identify you directly or indirectly (“Personal Data”). This Statement explains our approach with respect to data we receive from our partners, such as mobile application (“App”) developers and publishers, data aggregation services, and providers of location-supporting technologies (the “Partners”). The technologies utilized by the Partners interact with mobile devices in the physical world through Apps, GPS, mobile device Bluetooth connections, and Wi-Fi connections. In this Statement, we also provide information on some of the methods available to individual users of mobile devices (“you” or “user”) to limit the collection of data from or about their mobile devices by the Partners.
- How Does Thasos Obtain Data And What Data Do We Obtain?
Though practically-speaking all of the data that we source from our partners is anonymized and obfuscated when received, some of the data we receive may constitute Personal Data under applicable laws.
The data provided by the Partners may include:
- IDFA and/or advertising identifier (“Advertising ID”), or an obfuscated version of same.
- Location of the mobile device expressed as the latitude, altitude, and longitude of the mobile device
- Mobile device operating system and operating system version
- Mobile device make and model
- The App’s Publisher ID
- GPS horizontal and vertical accuracy value
- If the App was in active use or in the background when data was collected
- The speed at which the device was traveling
- If the device is connected to a WiFi or cellular network
- WiFi SSID (network name) or BSSID (MAC address for the router)
To be sure, the data provided by our Partners does not include data that directly identifies you.
- What Do We Do With Partner-Provided Data And For What Purposes Is It Used?
We analyze and contextualize the data provided by our Partners for the purpose of providing foot traffic, visitation and people-based movement measurements for accurate location intelligence to our clients. This location intelligence can be used for investing purposes, advertising, audience segmentation, people-based movement analytics, improving business decision-making by better understanding of customer movement patterns, assisting municipalities in urban planning by enhanced understanding of movement patterns, or similar purposes. The data may also be used for the purpose of improving and analyzing the various services provided by us.
- In What Ways Can I Control the Collection of Mobile Device Data?
Data Collected Through Apps
All major mobile device operating systems enable the users of mobile devices to control the types of data collected in and through Apps.
iOS: Apple instructions on how to control iOS device location settings can be found here: https://support.apple.com/en-us/HT203033. Apple instructions on how to limit ad tracking on iOS devices can be found here: https://support.apple.com/en-us/HT202074. For other privacy-related settings on iOS, please go to Settings from your mobile device’s home screen, and select “Privacy.”
Android: Android instructions on how to control device location settings can be found here: https://support.google.com/nexus/answer/6179507?hl=en&ref_topic=6179522. Android instructions on how to limit ad tracking on Android devices can be found here: https://support.google.com/nexus/answer/3118621?hl=en.
Data Collected Via Bluetooth
All major mobile device operating systems enable the users of mobile devices to disable Bluetooth from functioning.
iOS: You can disable Bluetooth by going to “Settings” from your Device’s home screen; select “Bluetooth”; and turn Bluetooth off.
Android: You can disable Bluetooth by going to the Settings app, then “Wireless and networks,” where you can disable Bluetooth.
- How Does Thasos Disclose the Partner-Provided Data to Third Parties?
We may disclose the data provided by the Partners with third parties such as advertising networks, advertising publishers, and advertisers, research companies, data brokers, financial institutions, data analytics platforms, in accordance with the terms of the agreements, and only for the purposes of performing such agreements, that we have in place with such third parties. Such disclosures do not include any data that can directly identify a user of a mobile device, such as a name, mobile phone number, or an email address.
We may also disclose data provided by our Partners to:
- Our service providers, such as data storage providers;
- Public authorities, such as law enforcement, if we are legally required to do so or if we need to protect our rights or the rights of third parties; and
- Our subsidiaries and affiliates; or a subsequent owner, co-owner or operator of our services and their advisors in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets, or in connection with bankruptcy proceedings, or other corporate reorganization.
- How Do I Check Whether Thasos Has the Advertising ID of My Mobile Device and Can I Block It From Further Use by Thasos?
You can find your mobile device’s Advertising ID on iOS by going to Settings, General, and by clicking on “About”, and on Android by going to Settings, then selecting “Ads”. You can email Thasos at [email protected], including the Advertising ID in your email, and request the blocking of the Advertising ID from further use or disclosure by Thasos. If we have that Advertising ID, once we have blocked the Advertising ID, you will receive a confirmation email from us. Please bear in mind that the blocking of the Advertising ID by Thasos following your request to that effect will not have an impact on any uses or disclosures that have already taken place. If you choose to reset your mobile device’s Advertising ID, you will have to request blocking of the Advertising ID from further use or disclosure by Thasos once again. Please also bear in mind that any additional devices you may possess have other Advertising IDs. Finally, please be aware that the use of any of the measures enlisted in this Statement does not mean that no advertising will be directed at your mobile device.
- Other Rights You Have
We take steps to help ensure that you are able to exercise your rights regarding Personal Data about you in accordance with applicable law. If you would like to access, erase, or object to, or restrict the processing of Personal Data we collect, you may submit a request to [email protected]. We will promptly review all such requests in accordance with applicable laws. Depending on where you live, you may also have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning Personal Data about you. We encourage you to first reach out to us at [email protected]om, so we have an opportunity to address your concerns directly before you do so.
- Transfers of Personal Data
California residents have the following rights with respect to Personal Data we may have collected about them:
(i) Requests to Know
You have the right to request that we disclose:
- The categories of Personal Data we have collected about you;
- The categories of Personal Data about you we have sold or disclosed for a business purpose;
- The categories of sources from which we have collected Personal Data about you;
- The business or commercial purposes for selling or collecting Personal Data about you;
- The categories of Personal Data sold or shared about you, as well as the categories of third parties to whom the Personal Data was sold, by category of Personal Data for each party to whom Personal Data was sold; and
- The specific pieces of Personal Data collected.
You may submit a request to know via email to [email protected]. The delivery of our response may take place electronically or by mail. We are not required to respond to requests to know more than twice in a 12-month period.
(ii) Requests to Delete
You have the right to request that we delete any Personal Data about you that we have collected. Upon receiving a verified request to delete Personal Data, we will do so unless otherwise authorized by law. You may submit a request to delete Personal Data via this form.
(iii) Right to Opt Out of the Sale of Personal Data
You have a right to opt out of the sale of Personal Data. You may, at any time, direct us to not sell Personal Data about you to third parties. If you exercise your right to opt out of the sale of Personal Data about you, we will not sell Personal Data about you. Any Personal Data collected in connection with your request to opt-out of the sale of Personal Data about you will be used only to facilitate that request. You may opt out of the sale of Personal Information about you by emailing us at [email protected].
(iv) Authorized Agents
You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney pursuant to Probate Code sections 4000-4465 may submit a request on your behalf.
(v) Methods for Submitting Consumer Requests and Our Response to Requests
You may submit a request for access and requests to delete Personal Data about you via this form.
Upon receipt of a request, we may ask you for additional information to verify your identity. Any additional information you provide will be used only to verify your identity and not for any other purpose.
We will acknowledge the receipt of your request within ten (10) days of receipt. Subject to our ability to verify your identity, we will respond to your request within 45 days of receipt. In order to protect your privacy and the security of Personal Information about you, we typically verify your request by requesting additional identifying information relating to you and/or you’re your mobile device.
With respect to requests for specific pieces of Personal Data, we have determined that there is a substantial safety and security risk to a person in disclosing the geolocation of a device to another person who (i) is not the actual user of a mobile device with which geolocation data is associated, but (ii) has an interest, whether lawful or unlawful, in gaining access to geolocation data associated with a device and the movement patters of the actual user of the device. Given this risk, and (i) since we do not seek to determine the actual identify of persons that use mobile devices for our business purposes; (ii) we do not collect identifiers such as names, addresses, cellular/mobile phone numbers; and (iii) because we do not wish to collect extensive additional Personal Data for verification purposes, we have concluded that we currently have no reasonable method to verify the identity of the person making the request for purposes of verifying requests for specific geolocation information to a reasonably high degree of certainty. Consequently, we do not provide specific geolocation in response to data subject/consumer requests at this time. We will re-evaluate this determination on a yearly basis.
(vi) Categories of Personal Data the We Have Sold in the Last 12 Months
We have sold the following categories of Personal Data during the last 12 months:
- Geolocation data.
(vii) The Right to Non-Discrimination
You have the right not to be discriminated against for the exercise of your California privacy rights described above
- Children’s Privacy
The data provided by our Partners does not include Personal Data relating to children younger than sixteen (16) years of age.
- Changes to This Statement
From time to time we may change this Statement. You can tell when changes have been made to the Statement by referring to the “Last Updated” legend on top of this page. Please review this Statement regularly to ensure that you are aware of any changes.
- Questions or Concerns?
Should you have any questions regarding this Statement or your privacy, please contact our Data Protection Officer at [email protected]. We will seek to promptly resolve any questions or concerns you may have.