This Privacy Policy describes how and when Pole Star France and its subsidiary Pole Star USA Inc. collects, uses and shares your information when you use Pole Star’s NAO Cloud® platform, NAO SDK®, indoor location deployment tools and indoor positioning software, as well as other services provided by Pole Star in connection with same.
Pole Star will collect certain information from its users as described below. Therefore, when using the Service, you consent to the collection, transfer, storage, disclosure and other uses of your information as described in this Privacy Policy, regardless of your location while using the Service.
If you have any questions or comments about this Privacy Policy, please contact our Data Privacy Officer (DPO) at: dpo@polestar.eu
Our Privacy Policy only applies to our Services, we are not responsible for the privacy practices or content of other websites, or third-party services provided through our Service.
API: Application Programming Interface. Software interface enabling software publishers or integrators use services provided by Pole Star software under the terms of this agreement.
Consent: Any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Contract: The contract is an agreement between the parties defining the specifications and obligations of each party.
End-user: The end-user is the person who is going to use the geolocation system through the Customer's application or service.
French Data Protection Act: The French DPA is a French law that regulates the freedom to process personal data, i.e. the freedom to put people on file.
GDPR: The General Data Protection Regulation (GDPR) is a European regulatory text that regulates data processing on an equal footing throughout the European Union. It came into force on 25 May 2018.
Personal data breach: It means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, or otherwise processed.
NAO Cloud®: NAO Cloud® is a platform for setting up geo localized services, in complete autonomy.
NAO Logger®: NAO Logger® is an application allowing the configuration of indoor geolocation.
NAO SDK®: NAO SDK® corresponds to Pole Star's integrated software for indoor geolocation.
NAO® Suite: NAO® Suite corresponds to all products and services provided by Pole Star.
SDK: A geolocation SDK is a code snippet provided to application or services publishers by geolocation technology specialists. Application publishers integrate these SDKs into the code of their software mobile applications. It was designed around the following objectives: to strengthen the rights of individuals and to make data processors accountable.
Third Party: ‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
User/Customer: The User/Customer is the person, the company that wishes to integrate our geolocation solution.
Pole Star is a public limited company with a board of directors established in TOULOUSE (31100), the head office is located at 11 RUE PAULIN TALABOT, 31100 TOULOUSE and represented by its current CEO, Mr. Christian Carle.
The data controller is the technical director, Mr. Jean Baptiste Prost, in charge of the processing of personal data.
The company Pole Star acts on behalf of its users within the framework of the implementation of the geolocation system. Pole Star is provider of geolocation processing as a subcontractor of the Customer.
Pole Star undertakes to respect the laws concerning the protection of personal data, in particular the GDPR and the French Data Protection Act of 1978.
i. Purpose:
The purpose of this data processing is to identify and authenticate Users/customers or End-users of the NAO Cloud® platform and associated components such as NAO Logger® in order to enforce data protection and subscription profiles.
ii. Collected Data:
The data collected are first name, last name, mail address (supposed to be a professional mail address, but no obligation on that), company name, type of job occupation, IP address logged and stored to database with date of connection.
iii. Storage policy:
The data is stored on a secure cloud server throughout the contractual relationship and until the end of use of the service and will be destroyed after termination of the duration of services as defined by Contract. However, it is possible to ask Pole Star to delete your information by contacting the DPO. After a period of 3 years of inactivity from the last contact with the Customer or from the last unanswered solicitation, your account and your Registration Information will be anonymized and archived for another 3 years. After this period, the data will be automatically deleted. The data is stored on Heroku Postgres servers hosted in Ireland, Europe and in compliance with European personal data protection rules (GDPR)
i. Purpose:
The purpose of this data processing is to collect RF and location data on the field with the operator's location from a smartphone app (NAO Logger®), upload these data to the NAO Cloud® server in order to generate a calibration file for our location services and in order to evaluate the accuracy of the location.
i. Collected Data:
The data collected are identity or a code to identify the logger and limited to data collection sequences ("logs") intentionally taken by the operator of the smartphone:
i. Storage policy:
The data is stored on a secure cloud server throughout the contractual relationship and the end of use of the service and will be destroy. However, it is possible to ask Pole Star’s DPO to delete your information. After a period of 3 years of inactivity from the last contact with the Customer or from the last unanswered solicitation, your account and your Registration Information will be anonymized and archived for another 3 years. After this period, the data will be automatically deleted. The data is stored on two AWS datacenters, one hosted in Ireland, Europe, in compliance with European personal data protection rules (GDPR), the other one hosted in North Virginia, USA, in compliance with USA personal data protection rules. You can choose the datacenter upon site creation.
i. Purpose:
The purpose of this data processing is to compute analytics based on anonymized location information reported from smartphone applications that integrate the NAO SDK®.
i. Collected Data:
The data collected are anonymized location information reported from smartphone applications that integrate the NAO SDK®. These data are collected from the moment the end user gives his consent.
i. Storage policy:
Only NAO Cloud® users who have an "Analytics manager”, or "platform administrators" role in the NAO Cloud® platform can access the data. The geolocation data of the End-users will be kept anonymous and archived for a period of 3 years and it will be destroyed. End users of the solution should, if possible, request deletion from our partners depending on how the data is used and how it is stored. The data is stored on two AWS datacenters, one hosted in Ireland, Europe, in compliance with European personal data protection rules (GDPR), the other one hosted in North Virginia, USA, in compliance with USA personal data protection rules. You can choose the datacenter upon site creation.
i. Purpose:
The purpose of this data processing is to compute locations of tags in the NAO Cloud® platform or import location events reported by a smartphone application that integrates the NAO SDK® and to store the location results in a place selected by the customer. Location results are used either through an integrated web app or exported to customer selected destination as a real time data stream through an API. Browsing in the location history of a specific device. Get geofencing notifications when a device enters or exits a given area. Get location analytics for a specific device or a group of devices. Devices can be either an electronic tag that emits Bluetooth Low Energy signals, or a smartphone that embeds a specific mobile application, NAO Track® App, that is intentionally configured to operate on a given site and to report a stream of location data to the NAO Cloud® platform. The purpose of the device tracking depends on customer needs: security enforcement, safety, operational efficiency (such as quickly finding assets).
i. Collected Data:
The data collected are Device ID related to the tag or to the smartphone that is tracked is reported. In the NAO® suite, authorized users ("Tracking manager", "platform administrator") are allowed to enter a name associated with the Device ID. Such users can potentially type additional information.
i. Storage policy:
Data are stored for a maximal default duration of 12 months. Actual storage duration is defined with Customer at contract start, in compliance with GDPR. The data is stored on two AWS datacenters, one hosted in Ireland, Europe, in compliance with European personal data protection rules (GDPR), the other one hosted in North Virginia, USA, in compliance with USA personal data protection rules. You can choose the datacenter upon site creation.
Pole Star may use web and mobile analytics, such as Google Analytics, a service provided by Google Inc., to help analyze and understand use of the Service. Such services collect information sent by your browser as part of a web page request, including cookies and your IP address, and their use of it is governed by their Privacy Policy. Additionally, Pole Star may use software, hardware, or other services provided by third parties as part of or in connection with the Service. By using the Service, you are consenting to the foregoing third party services.
We do not sell or share any information about you with anyone, excepted if you choose the paid option of Google Analytics features provided with Pole Star data. However, we may enter into partnerships or other business arrangements with third parties who may be given access to personal information including your name, address, telephone number and email for the purpose of improving the Service and your experience in connection therewith. We may also transfer such information in the course of corporate divestitures, mergers, or any dissolution. Additionally, we will share personal information with companies, organizations or individuals outside of Pole Star we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
Pole Star cares about the integrity and security of your personal information. We cannot, however, ensure or warrant the security of any information you transmit to Pole Star or guarantee that your information on the Service may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. Your privacy settings may also be affected by changes to the functionality of our distributors, such as third-party website or social network. Pole Star is not responsible for the functionality or security measures of any third party.
To protect your privacy and security, we take reasonable steps (such as requesting a unique password) to verify your identity before granting you access to your account. You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications to and from Pole Star, at any time.
Pole Star cares about the security of your information and your end-user information with reasonable physical, technical and organizational measures (An organization and a team dedicated to the security of information systems, updated personal data protection policy, use of strong authentication, restricted access, anonymization and archiving, control of connections,…) designed to preserve the integrity and the security of all information we collect and that we share with our service providers. In addition, all Pole Star employees attend awareness sessions on privacy and system security.
Pole Star is committed to respecting and ensuring that its partners comply with all laws concerning the protection of personal data by working closely with our customers and partners.
In addition, we are committed to stopping any activities that would be contrary to the protection of personal data.
A few components of the NAO Suite, such as NAO Cloud® and NAO Logger®, propose free text fields to be filled in by the Customer, User or End-User, as defined in the present Privacy Policy. Pole Star is NOT responsible for content entered by Customers, Users or End-Users in these fields. By using the Services, Customer, User and End-User agree to enter neither personal nor sensitive information in such text fields, unless specifically stated.
The NAO Suite includes Graphical User Interfaces (GUI) and APIs that may be used by Customers to access data and the Service. In case the people tracking service is activated in the Contract with the Customer, a specific API is able to deliver tracking data to the Customer. Pole Star is not responsible for the way GUIs and APIs are used by Customer.
In the event that personal information is compromised as a result of a breach of security, Pole Star will promptly notify those persons whose personal information has been compromised, in accordance with the notification procedures set forth in this Privacy Policy, or as otherwise required by applicable law.
You have the rights:
You can address all your questions about your rights to:
If we change our Privacy Policy and/or procedures, we will post those changes on the Site to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted. In some cases, we may also notify you (via email or otherwise) of such changes, at our sole discretion; however, you are encouraged to check the Site frequently for any posted changes.
Additional information can be found via the following link: Privacy Documentation.
Contact our DPO at: dpo@polestar.eu