Phunware shall maintain commercially reasonable standards and procedures to address the configuration, operation, and management of its systems and networks, services, as well as data owned by Customer.
Such standards and procedures shall include commercial or professional-grade (a) security controls, (b) identification and patching of security vulnerabilities on a commercially reasonable schedule, (c) use of anti-virus software, (d) change control processes and procedures, (e) problem management, and (f) incident detection and management.
Phunware shall provide a minimum of 99.9% uptime for all the hosted network components and functionality of the Phunware Software as measured on a calendar quarterly basis, over a twenty-four (24) hour period of all days during such calendar quarter and excluding those periods of time designated as scheduled downtime which shall not exceed 60 minutes per month. In no event shall Phunware uptime obligations be subject to any downtime, intermittent or inconsistent performance by any Customer or third party system, API, web service or similar integrated to any Phunware Software.
If Phunware does not maintain 99.9% uptime during any calendar quarter, customer is entitled to one month’s service fee as the sole and exclusive remedy. Uptime is measured by the customer’s ability to login and use the software. Customer may request a credit by emailing their account representative.
Exclusions to the uptime guarantee include but are not limited to scheduled downtime, failure of third-party systems that Phunware has no control over or any issues with customer’s network or hardware in accessing the software.
Phunware shall use its logs and other reporting tools to verify up time.
Last Updated: January 2020
Your privacy is important to Phunware, Inc (“Phunware”, “Provider,” “we,” or “us”) and we are fully committed to the protection of your privacy.
By using the Services, you consent to the privacy practices described in this Policy. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield. You may also contact us as specified in the “Our Contact Information” section below. If you reside in California, please see our CCPA Privacy Statement at www.phunware.com/privacy/ccpa/.
To learn more about our customers’ privacy practices and understand how they may collect, use, disclose, transfer, store or otherwise process your Personal Information, please visit their respective websites and/or privacy policies.
1. The information we collect
We may collect Personal Information about you from various sources described below. “Personal Information” means any information relating to an identified or identifiable individual. Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide Personal Information when requested, you may not be able to benefit from the Services if that information is necessary to provide you with them or if we are legally required to collect it.
1.2. Information Collected via Automated Means
When you use the Services, we and/or our business partners may collect certain information about you from your device by using various types of technology, including but not limited to “cookies”, “clear gifs”, “web beacons”, or “pixel tags.” This information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use the Services, the pages or other content you view or otherwise interact with on the Services, and the dates and times that you visit, access, or use the Services. We also may use these technologies to collect information regarding your interaction with messages sent to you, such as whether you opened, clicked on, or forwarded a message.
Cookies. When you use the Services, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your device. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Services. Please review your web browser “Help” file to learn the proper way to modify your cookie settings. Please note that if you delete, or choose not to accept, cookies from the Services, you may not be able to utilize some central features of the Services.
Analytics. We may use and/or provide your information to third parties that help us better understand how you and other Customers use our Services. For example, we may use a third-party service called Google Analytics and permit Google to use technologies such as web beacons and cookies to collect certain information that helps us understand usage of our Services. We may permit Google and other third party analytics providers to combine information collected through our Services with information collected from third party services, and those analytics providers may use this information to help us better understand users of our Services, and those analytics providers may also use this information to help their other customers better understand their users. These analytics permit the re-identification of data by third parties. You can learn about Google’s practices by going to https://www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
Third Party Web Beacons and Third Party Buttons. We may also implement third-party content or advertising on the Services that may use clear gifs or other forms of web beacons, which allow the third-party content provider to read and write cookies to your browser in connection with your viewing of the third party content on the Services. Additionally, we may implement third party buttons (such as Facebook “like” or “share” buttons) that may allow third parties to collect information about you through such third parties’ browser cookies, even when you do not interact with the button. Information collected through web beacons and buttons is collected directly by these third parties and is subject to that third party’s own data collection, use, and disclosure policies.
1.3 Information Obtained from Third Parties
Our Customers. When we provide Services to our customers, we may collect certain information about their end-users from our customers’ services, applications, or other offerings. We generally process this information on behalf of our customers to provide the Services to them, but in some cases we may use that information for other purposes as described below and in accordance with applicable law.
The types of information we may collect in this context varies based on the particular Services utilized by our customers and may include:
- information that allows us to identify the particular customer service, application, or offering used by you through a single device or combination of devices such as using a computer, tablet and smart phone in proximity. You may always change the settings of your device not to share such data. Please refer to your specific hardware’s “preferences” or “settings” or similar section to restrict sharing of data.
- information about your hardware device as well as the configuration of the device such as the manufacturer, model number, the operating system, carrier, the IP address, battery level, wifi connection status information, network status, language, locale, time zone, unique identifiers associated with the device such as the identifier for advertisers, identifier for vendors, unique device identifier, the Android Advertiser ID, International Mobile Equipment Identity (IMEI), and MAC address.
- information about the location of your device over time, such as the device’s latitude and longitude, as well as information regarding your location over time within a building or structure. Location information may be tracked across different devices that you have linked, meaning that if you consent to the collection of location information on one device, we may collect location information across all of your devices linked to the device in which you gave consent or across multiple devices in proximity to each other in which you gave consent on each device.
- the content and other materials displayed to you through the Services and other information about your interactions with our customers’ services, applications, or other offerings, including the features used over time;
- information about when and for how long you use a service, application or other offering connected with our Services;we and other third parties, including our business partners, may track your activity across different devices (e.g. smartphone, tablet, desktop computer, and other connected devices that are linked or in which consent has been given on each device); when multiple devices are used in proximity (e.g. you are logged in to an iPhone®, iPad® and Mac laptop in proximity to each other and they are all linked via your Apple® ID), then our system may see them as a “single” device and behavior pattern, and process data accordingly.
- other information that a you may submit in connection with your use of a customer’s service, application, or other offering including Personal Information and demographic information such as a your name, gender, age, address, city, state, zip code, and phone number.
Other Third Parties. We may obtain Personal Information about you from other third parties and sources other than the Services, such as our partners, advertisers, and Integrated Services. For example, we may receive information collected from wireless access points, including Media Access Control (MAC) addresses, which we may use in connection with providing our Services. We may combine or associate this information with Personal Information that we collect through the Services in accordance with this Policy.
2. How we use the information we collect
We use information we collect in a variety of ways in providing the Services and operating our business, including the following:
- We use the information that we collect through the Services to operate, maintain, enhance and provide all features of the Services, to provide services and information that our customers request, to respond to comments and questions and otherwise to provide support to our customers.
- We use the information that we collect through the Services and from third parties to understand and analyze the usage trends and preferences of customers and their end-users, to improve the Services, and to develop new products, services, features, and functionality.
- We may use your email address or other information we collect on the Services to contact you for administrative purposes such as customer service, to address intellectual property infringement, privacy violations or defamation issues related to content posted on the Services.
- We may use your email address or other information we collect to send communications, including updates on promotions and events, relating to products and services offered by us and by third parties we work with. Where required by applicable law, we offer the ability to opt-out of receiving any promotional communications as described below under “Your Choices.”
- We may use “cookies” information and “automatically collected” information we collect on the Services to: (a) personalize our services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Services; (b) provide customized advertisements, content, and information; (c) monitor and analyze the effectiveness of Services and third-party marketing activities; (d) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (e) track your entries, submissions, and status in any promotions or other activities on the Services.
- We may provide Customers with certain analytics information collected from end-users of that customer’s services, application, and other offerings integrated with our Services. In addition to providing that analytics information, we may also combine that information with aggregated and de-identified information collected from end-users through non-affiliated services, applications, and other offerings integrated with our Services in order to provide additional analytics or re-identification information and insights. Additionally, we may use this information in a manner that would re-identify you personally.We may combine and use the information collected across non-affiliated Customer services, applications, and other offerings, as well as information about end-users collected across different devices and from third parties, in order to enable advertisers to purchase and target ads to Users based on certain criteria or end-user interests. These targeted ads may be displayed within our customers’ services, applications, or other offerings integrated with our Services, or may be displayed on third-party services, applications, websites, or other offerings. For example, we could help advertisers to make advertisements available to end-users that fit into certain categories, such as end-users that access particular types of content, whose devices visit particular locations, or who fall within certain demographic categories. Users may choose to opt out from this ad targeting through the process described in our opt out page https://www.phunware.com/privacy/optout. If an end-user opts out from receiving interest-based ads, we or other advertisers may continue to present that end-user with advertisements but those advertisements may be less relevant or useful to that end-user. Please note that this opt out does not apply to cross-device tracking or other forms of tracking.
- We use information collected from our business partners and vendors to manage those relationships.
- If you apply for a job with Phunware, we may process your Personal Information to evaluate your application.
- We may use your Personal Information to enforce our Terms and Conditions, to defend our legal rights, and to comply with our legal obligations and internal policies.
- We may also use your information as may be described in a notice to you at the time the information is collected, or in any other manner to which you consent.
If you are located in the European Economic Area, we only process your Personal Information based on a valid legal ground, including: consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you, for example to deliver the Services or respond to your inquiries), our or a third party’s legitimate interests (for example, to personalize our Services and provide you with tailored content, conduct business analytics, and otherwise improve the safety, security, and performance of our Services) or to comply with our legal obligations. We only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights and interests.
3. When we disclose information
We do not share or otherwise disclose Personal Information we collect about you, except as described in this Policy or otherwise disclosed to you at the time of the collection. We may disclose Personal Information to third parties in the following circumstances:
- We may disclose Personal Information about you with our affiliates and subsidiaries.
- Any information that you voluntarily choose to include in a publicly accessible area of the Services may be shared with individuals with access to such public areas.
- We work with third party service providers to provide website or application development, hosting, maintenance, data matching, targeted advertising, and other services for us. These third parties may have access to or process your Personal Information as part of providing those services for us or others.
- We may make certain automatically-collected, aggregated, or otherwise de-identified information available to third parties for various purposes, including (a) compliance with various reporting obligations; (b) for business or marketing purposes; or (c) to assist such parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Services.”
- We may disclose certain end-user information we collect in connection with Services to the customer that is associated with the service, application, or other offering through which we collected that information. We may also disclose end-user information for the purposes of data analytics and targeted advertising.
- We may disclose your Personal Information if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws (such as U.S. copyright law), or other applicable laws depending on your country, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
- We also reserve the right to disclose Personal Information about you that we believe, in good faith, is appropriate or necessary to (a) take precautions against liability, (b) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (c) investigate and defend ourselves against any third-party claims or allegations, (d) protect the security or integrity of the Services and any facilities or equipment used to make the Services available, or (e) protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights, property or safety of others.
- If you apply for a job with Phunware, we may process your Personal Information to evaluate your application.
- Your Personal Information, may be disclosed and otherwise transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
- We also may disclose Personal Information about you as may be described in a notice provided to you at the time the information is collected, or in any other manner to which you consent.
4. Your Rights and Choices
4.1 Marketing Communications
If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us, and any other promotional communications that we may send to you from time to time, by sending your request to us by email at firstname.lastname@example.org or as specified in the “Our Contact Information” section below.
Please be aware that if you opt-out of receiving commercial email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten business days for us to process your request, and you may receive promotional communications from us that you have opted-out from during that period. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding the Services.
If your Personal Information changes, you may correct, update, request to delete/remove it by emailing our Customer Support at email@example.com. We will respond to your request to access within 30 days.
4.2 Information Collected by Automated Means
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the Site.
Please note that there is currently no uniform way in which to respond to Do Not Track signals, and at this time we do not respond to such signals. You may choose to opt out from ad targeting through the process described in our opt out page https://www.phunware.com/privacy/optout.
4.3 Other Rights and Choices
- If you are located in the European Economic Area or Switzerland, you may have the following additional rights: Request access to and receive information about the Personal Information we maintain about you, to update and correct inaccuracies in your Personal Information, to restrict or to object to the processing of your Personal Information, to have the information anonymized or deleted, as appropriate, or to exercise your right to data portability to easily transfer your Personal Information to another company. In addition, you may also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place.
- Withdraw any consent you previously provided to us regarding the processing of your Personal Information, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before your consent withdrawal.
Those rights may be limited in some circumstances by local law requirements. You may exercise these rights by using the “Our Contact Information” section below.
5. Third-Party Services
The Services may contain features or links to Web sites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed them through the Services. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Services. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
6. Children’s Privacy
Protecting the privacy of young children is especially important. Our Services are not directed to children under the age of 13, and we do not knowingly collect Personal Information from children under the age of 13. If you are under 13 years of age, then please do not use or access the Services at any time or in any manner. If we learn that Personal Information has been collected on the Services from persons under 13 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this Personal Information. If you are a parent or guardian and discover that your child under 13 years of age has obtained an account on the Services or that we may have collected information from that child through our Services, then you may alert us at firstname.lastname@example.org and request that we delete that child’s Personal Information from our systems.
7. Data Security and Retention
We use certain physical, managerial, and technical safeguards that are designed to appropriately protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession.
Although we may allow you to adjust your privacy settings to limit access to Certain Personal Information, please be aware that no security measures are perfect or impenetrable. We are not responsible for circumvention of any privacy settings or security measures on the Services. Additionally, we cannot control the actions of other users with whom you may choose to share your information such as through an online comment. Further, even after information posted on the Services is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Services. We cannot and do not guarantee that information you post on or transmit to the Services will not be viewed by unauthorized persons.If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Services if a security breach occurs. To receive a free written notice of a security breach you should notify us at email@example.com. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
We take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrollment with our products or services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.
8. International Data Transfers
We may transfer your Personal Information to countries other than the country where you are located, including to the United States where we are headquartered. By providing your Personal Information to us, you consent to any transfer and processing in accordance with this Policy.
If you are located in the European Economic Area or Switzerland, we may transfer your Personal Information to countries which provide an adequate level of protection under EU law.
Phunware complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information transferred from the European Union to the United States. Phunware has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
Phunware is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and under certain conditions, individuals may invoke binding arbitration as well as learn more about Phunware’s liability in cases of onward transfers to third parties at: https://www.privacyshield.gov/EU-US-Framework.
You may contact us as specified below to obtain a copy of the safeguards we use to transfer Personal Information outside of the European Economic Area.
9. Change and Updates to this Policy
Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Site or otherwise on the Services, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change. For example, we may send a message to your email address, if we have one on file, or generate a pop-up or similar notification when you access the Services prior to the changes becoming effective. Your continued use of the Services after the revised Policy has become effective indicates that you have read, understood, and agreed to the current version of the Policy.
10. Our Contact Information
Phunware, Inc. is the entity responsible for the processing of your Personal Information, except where we process your Personal Information on behalf of our customers.
Please contact us with any questions or comments about this Policy, your Personal Information, our use and disclosure practices, your consent choices or if you would like to exercise your rights, by email at firstname.lastname@example.org.
You may also write to us at:
7800 Shoal Creek Blvd.
Suite 230 S
Austin, TX 78757