At Navv Systems, Inc. (NSI), privacy and security are part of our core values and are built into our service. We respect of the privacy and confidentiality of individuals who visit NSI’s websites (“Visitors”), Organizations and their registered users who use our services and apps (“Corporate Subscribers”), Corporate Partners who develop applications using NSI’s APIs (“API Partners”), Corporate Partners engaged in selling NSI’s products (“Sales Partners”) and individuals or companies seeking a business relationship with NSI (“Applicants”).
This Privacy and Security Policy covers the information practices of websites that link to this policy, collectively referred to as NSI’s websites.
www.navv-systems.com is our public website. NSI’s websites may contain links to other websites. The privacy statements of those websites govern the information practices and the content of those websites. NSI encourages you to review the privacy statements of other websites to better understand their information practices.
NSI Business Data Privacy Statement
This Statement applies to the following:
Personal information we collect through public websites operated by NSI. Personal information we collect about you in the course of interacting with you, such as when you engage with us as a customer, potential customer, vendor, service provider, potential partner, partner, applicant, consultant, contractor or other third-party in relation to the operation of our business generally. This includes sales, marketing, business contact or registration activities conducted by NSI. Collectively this is considered “Business Data”.
This statement does not apply to:
Personal information Corporate Subscribers or Corporate Subscriber Administrators input, upload or otherwise capture into NSI’s services and systems. Activity and event data (including location) that is automatically collected by NSI’s services in our role as a Data Processor. Personal information captured about Partners in order to establish or maintain their business relationship as a API Partner or Reseller of NSI’s products and services. Collectively this is considered “Account Data”. For more information on the handling of Account Data, please refer to the NSI’s Services Privacy Statement below.
COLLECTION AND USE OF BUSINESS DATA
NSI collects only the personal information necessary to enable us to respond to your requests for our products and services. When you use our websites, complete forms, schedule a demo, respond to a survey, complete a Partner application, contact us or otherwise interact with our business, we usually collect personal information such as your name, e-mail address, postal address, company name, telephone number and any other information you choose to provide that will enable us to provide an appropriate response to you.
The information you share with us is never sold to third parties but may be shared with our Partners once you confirm that you would like to move forward with purchasing our services.
You can opt out of providing information by not entering it or not providing it if asked. If you wish to subscribe to news and information, we will use your email address information for this purpose. We will also provide you a way to unsubscribe.
Google Analytics is a web analysis service provided by Google that utilizes cookies to monitor web-traffic on our Websites. We use Google Analytics to collect, track and examine data about the Websites’ usage. We may run reports based on the data we collect, and we may share the data with other Google services.
NSI Privacy Statement
This Statement applies to the following:
Personal information you or your Administrators input, upload or otherwise capture into NSI services and systems. Activity and event data (including video) that is automatically collected by NSI’s services in our role as a data processor. Personal and business information captured about Customers, Partners or Applicants in order to establish or maintain their business relationship with NSI. Collectively this is considered “Account Data”.
COLLECTION AND USE OF ACCOUNT DATA
Our Corporate Subscribers and Partners are responsible as Data Controllers for ensuring (i) their Data Subjects receive proper notice of the Data Controllers’ privacy practices, and that (ii) Account Data is obtained in accordance with all applicable laws. Since Account Data is managed by the Data Controllers, the Data Controller is responsible for providing appropriate notice and choice to its Data Subjects regarding our processing of Account Data on its behalf. If a Data Subject has any questions or concerns related to our handling of their data, the Data Subject may contact the NSI Data Protection Officer via firstname.lastname@example.org and we will work with the Corporate Subscriber and/or Partner to address the concern.
From Corporate Partners, NSI collects the personal information that is needed to properly manage our business relationship. NSI Partners will receive login credentials to manage Corporate Subscriber accounts. Partners are able to create a new account for each Corporate Subscriber by providing Account Name, Reference Numbers, Username, and Email address. We only collect this information for the purposes of allowing you to manage your Corporate Subscriber accounts and for conducting business with NSI.
Types of Account Data Collected related to NSI Services
NSI collects information for the purposes of providing NSI services. We collect information in the following ways:
Information generated from events: NSI collects location data on its NavvTrack® platform for the purpose of making workflows location-aware. For example, NavvTrack records the location of a mobile device to record arrivals and departures from locations inside a building. NSI does not use that information and it is the Corporate Subscriber who owns that data.
Log Information: NavvTrack records the actions of system Administrators, as well as the status and the settings of various devices that have been configured to operate with NSI. Log information is used by the Data Controller to review the activity of Administrators.
Mobile Applications: NSI provides mobile applications which can optionally be used with NavvTrack. The NavvTrack app provides administrative access to the system under the same conditions as using a web-browser. We collect information about the location of other devices that can be sensed using Bluetooth Low Energy (BLE) beacons. This data is used by the Corporate Subscriber to locate other devices. In order to use these services various features such as location services, WiFi and Bluetooth communication will need to be activated on your mobile device.
Third Parties: NSI shares data with relevant third-party processors when explicitly authorized by Administrators in the relevant NavvTrack account; for example, to enable integrations via our Application Programming Interface (API).
Account Data may be used by NSI to:
Contact you to inform you of product and service enhancements that we think may be of interest to you. Provide important service notices regarding the NavvTrack application and related devices. While you use NSI’s services, it will not be possible to opt out of communications regarding service notices. Ask you to participate in surveys that help us better understand your needs in order to improve our products.
Roles of Customers, Partners and NSI in Protection of NSI Account Data
NSI provides products to end customers via its authorized Partner channel. NSI’s Partners handle the initial setup and configuration of the NSI applications, services and hardware (collectively, the NSI System). Customers can choose what data to share with the Partner and/or NSI during the set-up process. After initial set-up, access to the NSI System is limited to authorized Administrators.
Customers are responsible to verify that all Administrators of the NavvTrack system are authorized by them for the levels of access granted. In general, the customer should be the master Administrator for their NSI System. In the event that the customer chooses to permit the NSI Partner to have administrative rights to the NSI System, the Customer is responsible for monitoring the Partner’s access to Account Data.
NSI employees have access to Account Data solely to provide our services and in response to specific customer and Partner requests for technical support. NSI will access Customer Data only for the purposes of providing the Services, preventing or addressing service or technical problems, or as may be required by law.
At NSI, privacy and security are core elements of our service. Accordingly, we are always conscious and respectful of the privacy and confidentiality of individuals who visit NSI’s websites, use our services, develop applications using NSI’s APIs and resell NSI’s products.
NSI maintains a comprehensive, written information security program that contains industry standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to Customer Data. NSI does not share, sell, rent or trade personally identifiable information with third parties.
Lawful Requests: NSI also may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure. Please be aware that NSI may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. NSI is liable for appropriate onward transfers of personal data to third parties.
Data Location & Transfer of Information
NSI stores all Account Data in the continental United States. To facilitate our Corporate Subscribers’ global operations, NSI transfers information to the United States and provides access to that information to Corporate Subscribers around the world.
Protection of Children’s PII
We do not intend to collect PII from anyone under age 13 and will not knowingly collect, maintain, or disclose such information. If you are under age 13, do not enter any PII about yourself on our Site or through an NSI Application. If you are a parent or guardian who has discovered that your child under age 13 has submitted his or her PII to us without your permission or consent, we will make reasonable efforts to remove the information from our database, at your written request. To request the removal of your child’s information, please send us an email at email@example.com and include in your message your child’s name and the email address that your child submitted.
The security of Account Data, including personal data, is very important to NSI. NSI maintains a comprehensive, written information security program that contains industry standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to Customer Data.
NSI commits to resolve complaints about our collection or use of your personal information. Individuals with inquiries or complaints should contact NSI’s Data Protection Officer at firstname.lastname@example.org or +1 313-566-4845.
If you have questions regarding this Statement or if you need to request access to or update, change or removal of personal information that we control, you can do so by contacting:
Navv Systems Data Protection Officer
Navv Systems, Inc.
P.O. Box 7983
Ann Arbor MI, 48107 USA
Changes to this Privacy Statement
NSI reserves the right to change this Privacy and Security Policy from time to time and will alert you that changes have been made by indicating on this Statement the date it was last updated.
Capitalized terms in this Privacy and Security Policy have the following meanings:
“Account Data” is data collected by NSI in our role as a Data Processor based on a contracted service relationship.
“Administrator(s)” are individuals with a log-on to the NavvTrack application.
“Applicants” are prospective employees or partners seeking to have a business relationship with NSI.
“Business Data” means personal data collected through your interaction with our websites and via non-contractual sales, marketing and general business contact activities conducted by you and NSI.
“Customers” are end-users of NSI products.
“Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Data Processor” Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Data Subject” means an identified or identifiable natural living person. An identifiable person is one who can be identified, directly or indirectly, by reference to a name, or to one or more factors unique to his or her personal physical, psychological, mental, economic, cultural or social characteristics.
“Employee” means an employee (whether temporary, permanent, part-time, or contract), former employee, independent contractor, or job applicant of NSI or any of its affiliates or subsidiaries, who is also a resident of a country within the European Economic Area.
“Europe” or “European” or “EU” refers to a country in the European Union.
“Personal Data” as defined under the European Union Directive 95/46/EC means data that personally identifies or may be used to personally identify a person, including an individual’s name in combination with country of birth, marital status, emergency contact, salary information, terms of employment, job qualifications (such as educational degrees earned), address, phone number, e-mail address, user ID, password, and identification numbers. Personal Data does not include data that is de-identified, anonymous, or publicly available. For Switzerland, the term “person” includes both a natural person and a legal entity, regardless of the form of the legal entity.
“Sensitive Data” means Personal Data that discloses a Data Subject’s medical or health condition, race or ethnicity, political, religious or philosophical affiliations or opinions, sexual orientation, or trade union membership.
“Third Party” means any individual or entity that is neither NSI nor an NSI employee, agent, contractor, or representative.
This Privacy and Security Policy is effective as of June 25th 2020.