Effective Date: October 17, 2018
When you access or use our Services, you acknowledge that you have read this Policy and understand its contents. Your use of our Services and any dispute over privacy is subject to this Policy and our Terms of Service (including any applicable limitations on damages and the resolution of disputes).
As iPass grows, our business changes, and we may update this Policy at any time as we deem appropriate to reflect those changes. Where the changes are material, we will post them here in advance and, if the changes are likely to affect you personally, we will also attempt to contact you directly (such as via email if we have your email address). It is important that you check back from time to time and make sure that you have reviewed the most current version of this Policy.
Why Do We Collect Information and Data?
We rely on certain information to run our business. In some instances, this information may include data that could be used to identify a particular individual, otherwise referred to as Personal Information. In this Policy, we will provide multiple examples of how Personal Information we collect may be used and why it is important. For example, Business Clients of iPass may provide iPass with Personal Information to help iPass provide its Services to customers or employees of the Business Clients. Some of the reasons that we collect Personal Information include to:
- Provide our products and services, including our Apps and this website and improve them over time;
- Personalize and manage our relationship with you, including providing customer support;
- Investigate, respond to, and manage inquiries or events; and
- Work with and respond to law enforcement and regulators.
What Kinds of Personal Information Do We Collect?
The following are examples of the type of Personal Information that may be collected. The specific kind of information collected will depend on the Services used:
- Authentication information (including email address and password);
- Device information (including unique identifiers for computers, tablets or phones to confirm their eligibility for use of the Service);
- Session data (including access point information and location information for the purpose of enabling the Service to connect users to the best available connection).
- Optional data (at the direction of iPass customers), iPass may collect user names for billing/eligibility purposes and advertising ID.
- Session Data, including aggregate usage statistics, is generally not personally identifying. On the other hand, some of this Session Data either alone or when combined or linked with your Personal Information, may allow your identity to be discovered. In such cases, we treat the combined data as Personal Information. In many cases, Session Data is gathered automatically by systems or technology such as cookies (see the section on Information Collected Automatically below).
How Do We Collect Information?
We collect information from our Business Clients in order to provide the Services to you on their behalf, automatically through your use of our Services and, in some cases, directly from you.
For personal data subject to the European Union’s General Data Protection Regulation (“GDPR”), we rely on several legal bases to process the data. These include when the processing is necessary to perform a contract, for compliance with a legal obligation to which iPass is subject, and for our legitimate business interests, such as in improving, personalizing, and developing the Services, and promoting safety and security as described above.
Our Site may contain publicly accessible blogs or community forums. You should be aware that any information provided in these areas may be read, collected and used by others who access them. To request removal of any Personal Information for our blog or community forum, contact us at firstname.lastname@example.org.
How Do We Use Personal Information?
Provision of the Service. iPass will use Personal Information only for purposes related to providing you with the Service on behalf of iPass Business Clients or otherwise to improve the Service. iPass will use and process your Personal Information: (a) in connection with provisioning of the Service; (b) to incorporate your data into databases controlled by iPass for administration, provisioning, billing and reconciliation, verification of your identity, maintenance, support and product development, fraud detection and prevention, customer and customer use analysis and reporting and customer-directed application of policies as part of our service delivery. iPass may also use Session Data to contact third parties in connection with inappropriate use of the Service or violation of iPass policy.
Business Uses. We may use Personal Information for business purposes, including to:
- Analyze users’ behavior when using iPass products and services to customize preferences;
- Establish and manage iPass accounts;
- Provide customer support, manage subscriptions, and respond to requests, questions, and comments;
- Customize, measure, and improve our websites, products, services, and advertising;
- Prevent, detect, identify, investigate, respond, and protect against potential or actual claims, liabilities, prohibited behavior, and criminal activity;
- Comply with and enforce applicable legal requirements, agreements, and policies; and
- Perform other activities consistent with this Policy.
Processing as Part of the Services. We also process certain information as an integral part of our Services. If you install one of our Apps or use one of our services, software will operate in the background of your computer system or device environment to perform specific tasks including:
- Determining the quality of available network access points;
- Intrusion detection, prevention, and protection;
- Network defense; and
- Data encryption.
When Do We Share Personal Information?
We respect the importance of privacy. Other than as provided in this Policy, we do not sell your Personal Information, nor do we share it with unaffiliated third parties for their own marketing use, unless we have your consent or we are required by law to do so. Generally, we may disclose the information we collect, including Personal Information, in order to facilitate our provision of the Services or communications with customers (e.g., to service providers who perform functions on our behalf), to operate our business, to advertise or promote our Services, to facilitate changes to or transfers of our business, as required by law, or with your consent.
We may share Personal Information in the following ways:
- Current and future members of the iPass family of companies for the purposes described in this Policy, such as to: (i) provide services (e.g., registration, and customer support); (ii) help detect and prevent illegal acts and violations of our policies; and (iii) guide our decisions about our products, services, and communications;
- If we believe disclosure is necessary and appropriate to prevent physical, financial, or other harm, injury, or loss, including to protect against fraud.
- To legal, governmental, or judicial authorities, as instructed or required by those authorities or applicable laws, or in relation to a legal activity, such as in response to a subpoena or investigating suspected illicit activity (including identifying those who use our services for illegal activities). We reserve the right to report to law enforcement agencies activities that we in good faith believe to be illegal.
- In connection with, or during negotiations of, an acquisition, merger, asset sale, or other similar business transfer that involves substantially all of our assets or functions where Personal Information is transferred or shared as part of the business assets (provided that iPass will continue to take measures to protect the confidentiality of Personal Information and give affected users notice before transferring any personal information to a new entity).
- With others after obtaining your consent. If we want to share Personal Information other than as permitted or described in this Policy, we will provide you with a choice to opt in to such sharing and you may choose to instruct us not to share the information.
iPass does not share your Personal Information with non-affiliated third parties for their own marketing use without your permission.
We may disclose to third parties Session Data or non-Personal Information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual.
What Security Measures Do We Have?
We use administrative, organizational, technical, and physical safeguards to protect the Personal Information we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability. We regularly test our website, data centers, systems, and other assets for security vulnerabilities.
iPass uses commercially reasonable protection technology such as encryption (when you provide us with information such as login credentials), firewalls and other security procedures to help protect the accuracy and security of your Personal Information and Session Data and to help prevent unauthorized access or improper use.
What Control do I have over my Personal Information?
Because iPass provides the Service to you on behalf of its Business Clients pursuant to contract, users should contact the Business Client directly to request correction, access, or deletion of Personal Information associated with your account. If the Business Client then requests iPass comply with your request, iPass will respond to the request within 30 business days.
Data Retention We retain your Personal Information while your account is in existence or as needed to provide you the Service. This includes data you or others provided to us and data generated from your use of the Service. In some cases we choose to retain certain information in a de-identified or aggregated form.
Our International Operations and Data Transfers We operate internationally and may transfer information collected within the European Economic Area and Switzerland to the United States for the purposes described in this policy.
We are subject to the oversight of the US Federal Trade Commission and remain responsible for personal information that we transfer to others who process it on our behalf.
Links to Other Websites and Services Our Site or Services may contain links to other websites or services for your convenience and information. These websites or services may be operated by companies not affiliated with iPass. Linked websites or services may have their own privacy policies or notices, which we strongly suggest you review if you visit those websites. We are not responsible for the content, privacy practices, or use of any websites that are not affiliated with iPass.
With regards to any handling of your Personal Information, iPass acts primarily as a processor on behalf of its Business Clients, who act as the controller. Please direct any inquiries to the Business Client that engaged iPass to provide you with the Service.
Attn: Legal Department
3800 Bridge Parkway, Suite 200
Redwood Shores, CA 94065