24 May 2018
25 May 2020
Date of the last review/modification:
24 May 2018
WiFisher LLC works with traditional businesses to understand who their guests, visitors, clients, and customers are. We collect the data, group customers into specific categories, and analyse their behaviour. WiFisher LLC helps its client to know who their customers are, to know better how to reach out to them. WiFisher provides automated email marketing tools, or allows creating customized marketing messages. WiFisher’s platform is also perfect for advertisers as it allows choosing a venue, design creative campaigns, pay online, launch WiFi Ads, and monitoring its success instantly.
WiFisher LLC is happy to welcome you on its website and your interest in our services. Data protection has the utmost importance at WiFisher LLC. Thus, in order to ensure an appropriate level of protection for your Personal Data, which is collected and Processed within WiFisher LLC, and to provide a high level of transparency, we want to inform you in the following on:
- Responsible persons at WiFisher LLC concerning data protection and how to contact
- Data collection and the purposes of data collection
- The legal basis for data collection and legitimate interests pursued by the WiFisher LLC or by a Third Party
- Parties involved in data Processing and the Recipients of the Personal Data
- The existence of automated decision-making, including Profiling, and, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such Processing for you
- Your rights concerning data Processing
- Time period of data storage and data security
- Cookies we use
WiFisher LLC may change this Policy from time to time so you should check it occasionally to ensure that you are happy with any changes. By using restaurant’s, bar’s, café’s and other venue’s (location’s) hotspot (Wifi) set up by WiFisher LLC, you are agreeing to be bound by this Policy.
Any questions regarding this Policy and WiFisher LLC privacy practises should be sent by email to responsible person of WiFisher LLC.
“WiFisher LLC” refers to the legal entity – limited company, including their partners, directors, professional and administrative staff, employees, self-employed or contract personnel.
“Client(s)” – the existing or potential Client(s) of WiFisher.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data. WiFisher is a Controller in relation to Data Subject’s Data.
“Data Subject” – Client’s guests, visitors, Clients, customers, who signs-in to Client’s hotspot.
“Data Subject’s Data” - are Personal Data related to current, former, or prospective Data Subjects that are collected, used or Processed by WiFisher. An exhaustive list of Data Subject’s Data is provided under Section 4.
“Personal Data” means information about an identified or identifiable natural person.
“Process”, “Processed” or “Processing” means any automated or manual operation performed on Personal Data, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction. Processing may use the equipment or facilities of WiFisher or a Third Party.
“Processor” means a natural or legal person, public authority, agency or other body, which Processes Personal Data on behalf of the Controller. By default the WiFisher’s Processors are WiFisher approved vendors and IT service suppliers.
“Profiling” means any form of automated Processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's personal preferences, interests, behaviour, location or movements.
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed. Public authorities which may receive Personal Data in the framework of a particular inquiry in accordance with the law shall not be regarded as Recipients.
“Third Party” means any individual or entity, including subcontractor, vendor, Client, provider of outsourced information Processing services, excluding the Client to whom the Data Subject’s Data relates.
- Responsible person/Controller:
7, Innovation st., 0114, Tbilisi, Georgia
(in the following referred to as “WiFisher”)
- Data protection officer
- Data collection
WiFisher collects uses and stores your Personal Data in accordance with the applicable Data Protection Legislation. Personal Data means any information relating to an identified or identifiable natural person. Below we inform you about the categories, extent and purpose of the collection and use of Personal Data.
4.1.Collection and Processing of Personal Data via WiFi, set up by WiFisher
WiFisher Process your Personal Data, which includes:
- Your name, surname, email, Facebook ID, mobile number, MAC address, birth date, gender, age, hometown, current country, current city, liked pages, current position, locations, where you used Wifi set up by WiFisher, for marketing purposes, i.e. for sending to you promotional and advertising notifications and materials about different products and services of various business entities and organizations and statistical purposes, e.g. for getting statistics about your return rate/frequency at the venue.
- Your MAC address from WiFi Mac Address Mapper device for marketing and Processing / analytics purposes. The latter information is used for WiFisher to detect your location better as WiFi Mac Address Mapper is a Wifi access point to which mobile device sends its MAC address automatically, which is a general function of any smartphone. WiFi Mac Address Mapper receives MAC address from your mobile device, sends it to WiFisher’s server after which WiFisher’s server saves the MAC address in it’s database only in the case, if the Data Subject has previously logged into venue’s (location’s) hotspot (Wifi) set up by WiFisher and agreed to consent. After saving applicable MAC addresses in the database, WiFisher uses this information to deliver higher preciseness marketing and analytics tools as mentioned above.
- In accordance with Art. 6 (1) point (f) GDPR, our website uses so-called cookies in order to make available personalized functions and in order to analyze your use of our website. A cookie is a small file, which stores certain information about a user’s access device (PC, Tablet, Smartphone etc.) on such device. When such device accesses our server’s website, the server receives such cookies. The server can evaluate the information stored in the cookie by different methods. Cookies enable e.g. functionality of us remembering your choice of “remember me” to automatically log you into our management panel to make the service more comfortable for user. You may accept or disable cookies via your browser settings. However if you disable cookies you may potentially not be able to use all interactive functions of our website. For more information about the Processing of your Personal Data via cookies see our Cookies list below and the Section 4.3.
- Moreover, in accordance with Art. 6 (1) point (f) GDPR, every single web page uses log files, i.e. for every page impression, the access data are saved to the server log. The saved data record contains the following details:
All mentioned data is obtained from you in the course of your log-in to Client’s (e.g. restaurants, bars, cafes, etc.) hotspot (Wifi) , set up by WiFisher or while being on the territory or nearby the client’s venue. The collection of the above-mentioned your data are collected only with your consent or when it is necessary for us to comply with our legal obligations or necessary for our (or others’) legitimate interest, including our interests in providing an innovative, relevant, safe, and profitable service to our clients unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of Personal Data. You have the right to withdraw your consent at any time without affecting the lawfulness of Processing based on consent before its withdrawal by sending us a withdrawal request via email at: email@example.com .
4.2.Collection and Processing of Personal Data via Cookies and Log files
- Impression – visit to the page
- Activities in the dashboard, management/administrative panel
- Collection and processing of logs via WiFi hotspot log-in page:
- Browser type
- Device OS
- IP address
- Screen size
- Device Vendor
- Connection time
- Mac address
- AP mac address
- Location (based on router location)
- Mouse movement
- Ad show time
We use the log data only in anonymized form (i.e. without any allocation to or indications about your person) for statistical analyses, e.g. [please indicate the examples of statistical analyses]. Moreover, the log files enable us to detect possible errors, e.g. faulty links or software bugs. Thus, we can use the log files for the further development of our webpages. We never associate the use and page impressions that are stored in the server log with individual persons. We reserve the right to use data from log files if certain facts give rise to the suspicion that users use our websites and/or our services in an unlawful or non-contractual way.
4.3.Collection and Processing of Personal Data via Web Analytics
(1) Google Analytics
In accordance with Art. 6 (1) point (f) GDPR, this website uses Google Analytics, a web analytics service provided by Google LLC (“Google”). Google uses mainly uses first-party cookies to report on user interactions on Google Analytics customers’ websites. The information generated by the cookie about your use of the website will normally be transmitted to and stored by Google Analytics on servers in the USA.
In accordance with the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 transfers from a Controller or Processor in the European Union to organisations in the U.S. that have self-certified their adherence to the EU-U.S. Privacy Shield Framework Principles with the Department of Commerce and have committed to comply with them are allowed. Google has self-certified its adherence to the EU-U.S. Privacy Shield Framework Principles and has committed to comply with them.
Google Analytics uses IP addresses to provide and protect the security of the service, and to give website owners a sense of where in the world their users come from (also known as "IP geolocation"). A method known as IP masking gives website owners using Google Analytics the option to tell Google Analytics to use only a portion of an IP address, rather than the entire address, for geolocation.
4.4.Collection and Processing of Personal Data when using our Registration Form i.e. https://www.wifisher.com/registration
If you provide WiFisher Personal Data, i.e. name, surname, email, job title, mobile number by using our registration form in our website, you expressly give your consent that WiFisher may store and use this data for contacting you in the near future and for the Processing of your query. You have the right to withdraw your consent at any time without affecting the lawfulness of Processing based on consent before its withdrawal by sending us a withdrawal request via email at: firstname.lastname@example.org .
- Parties involved in the Processing and the Recipients or categories of Recipients of the Personal Data
WiFisher receives information, which contains Personal Data from you, when you log in to WiFisher’s set up WiFi access point by using Facebook, LinkedIn, Twitter, VKontakte, Odnoklassniki or other social media or manual registration with required and/or optional fields. We work with third-party service providers to help us operate, provide, improve, understand, customize, support, and market our and Clients’ services. For example, we work with Facebook in order to give you an additional option to log-in to venue’s (location’s) hotspot (Wifi) set up by WiFisher and provide WiFisher with the needed information.
The Data we receive through different social media platforms is received only after your consent. Additionally, for example, when you choose to log-in with Facebook, Facebook shows you all the information about the Personal Data that you will be sharing with us and Facebook’s terms and conditions. Depending on venue (location) or marketing goals, collection of personal data varies from venue to venue. Here is the information that we might collect from different Social Media platforms only after your consent when you log into venue’s (location’s) hotspot (Wifi) set up by WiFisher with the particular social media platform or manual registration together with MAC address:
- Manual Registration:
- mobile number
- birth date
- current country
- current city
- Questionnaires that you have to fill in or choose pre suggested answers
- mobile number
- birth date
- current country
- current city
- Work Positions
- birth date
- birth date
The following Recipients receive Personal Data collected by WiFisher:
- Employee of WiFisher and its Processors and clients
- Amazon Web Services, Frankfurt
- Amazon Simple Email Service, Ireland
- Zero Bounce, USA
- SendGrid, USA
- Amazon Web Services, USA
- Microsoft Azure, Netherlands
- Automated decision making, including Profilling
We will Process your Personal Data by automated means, i.e. by means of information technologies, and in particular, we may do any or all of the following:
- Collect and store the Personal Data;
- Organize and group the Personal Data into certain categories;
- Disclose and transmit the Personal Data to the administrator or owner of the venue, where you have connected to the WiFi Internet network, so that the administrator or owner of the venue has an opportunity to send to you promotional and advertising notifications and materials about its products and/or services.
- Data security
WiFisher uses technological and organizational security measures in order to protect your data from accidental or deliberate loss or destruction or access by unauthorized persons. Our security measures are constantly being adapted to technological development. WiFisher uses only Processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that Processing will meet the applicable data protection requirements and ensure the protection of the rights of the Data Subject. Processors Processes the Personal Data only on documented instructions from the WiFisher.
- Your Rights
WiFisher shall provide information on action taken on a request under Articles 15 to 22 of GDPR to the Data Subject without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. Please note that where WiFisher has reasonable doubts concerning the identity of the natural person making the request referred to in Articles 15 to 21 of GDPR, WiFisher may request the provision of additional information necessary to confirm the identity of the Data Subject.
Each Data Subject has the right to lodge a complaint with a supervisory authority of the alleged infringement if the Data Subject considers that the Processing of Personal Data relating to him or her infringes the GDPR. Here is the list supervisory authorities responsible for such complaint according to Article 77 GDPR and also in countries where GDPR does not imply:
A. Juozapaviciaus str. 6
Data State Inspectorate
Blaumana Street 11/13-11,
Riga, LV-1011, Latvia
Drottninggatan 29, Box 8114,
140 20 Stockholm
Norwegian Data Protection Authority
Office of the Personal Data Protection Inspector
7, Vachnadze Str.
0105, Tbilisi, Georgia
According to Art. 21 (1) GDPR, the Data Subject shall also have the right to object, on grounds relating to his or her particular situation, at any time to Processing of Personal Data concerning him or her which is based on point (e) or (f) of Art. 6 (1) GDPR including Profiling based on those provisions. WiFisher shall comply with the aforementioned requests if and to the extent such compliance is required by the applicable statutory laws.
Where Personal Data are Processed for direct marketing purposes (for example sending e-mails or SMS for marketing purposes), according to Art. 21 (2) GDPR, the Data Subject shall have the right to object at any time to Processing of Personal Data concerning him or her for such marketing, which includes Profiling to the extent that it is related to such direct marketing.
More information about the procedure of data subject request, can be found in Data Subject Requests Procedure.
- Period of Data Storage
We Process and store Personal Data only for the period, which is required to meet the purpose of Processing, or as long and to the extent as statutory laws require us to Process and/or store such data.
If the purpose of Processing does not apply anymore and the applicable statutory retention requirement expires, we will as a matter of routine erase data or restrict the Processing of data in accordance with the applicable statutory laws.
- Cookies List
These cookies control how the website works, perhaps by remembering your choices and preferences or checking what your browser is able to do:
This cookie is used to detect your visit to the web-page.
Up until you clear your cookies.
This cookie is used to remember your choice of “remember me” on the log-in page to automatically log you into our management panel.
Up until you clear your cookies.
Cookies for measuring the use of our website (analytics):
Used to distinguish users.
Used to distinguish users.
Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.
Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.
30 seconds to 1 year
Contains campaign related information for the user. If you have linked your Google Analytics and AdWords accounts, AdWords website conversion tags will read this cookie unless you opt-out.