Locators may not appear to include personal or have privacy implications of any kind, however; upon further consideration, personally identifiable information can surface within MetaLocator, and this article discusses where that data can appear and how to manage it.
MetaLocator Data Types
To understand data privacy in MetaLocator, we should first define the various types of data involved.
Customer-Provided Data. This is data uploaded directly from our customers into MetaLocator. This can include, but is not limited to:
A spreadsheet of locations with columns like location name, address, city state, etc.
Uploaded location images or files that may show a store front or profile photo.
PDFs, documents or text files
Technical assets like fonts, CSS or scripts.
MetaLocator-Generated Data. This is information that is generated by MetaLocator which is confidential and proprietary to MetaLocator and our customers, such as:
Analytics Data. This is information regarding the utilization of our customer's implementation of MetaLocator, and can include detailed information regarding approximate user location, browser software, device details, and visitation metrics like total number of users, number of searches. Analytics data can sometimes include eCommerce data as part of our Where to Buy solutions, so figures like revenue, sales and quantities of product sold.
Data Enrichment. This includes optional MetaLocator-provided corrections or enrichment of user or customer provided address data. This includes
Geocoding results including meta-data regarding user searches, such as the latitude/longitude of a user's search, or the city associated with their postal code search.
Address correction results including corrected street address, city, state and other corrections
Email validation data including the validation status of an email address.
Log and Report Data. This includes data quality reports, email validation reports, log files of user activity, account establishment dates, and activity history. MetaLocator logging of our customer's activity includes full audit trail, including IP address, times and locations; however end-user logs are anonymized to avoid storage of full IP addresses and user locations are generalized.
User-Provided Data. This is information created by the end users of this software. The general public users of the locators performing searches, filling out contact forms generally using the software. This includes
Lead Data. MetaLocator allows its customers to create forms which are commonly used to gather information regarding a user inquiry, e.g. a business lead or contact. By default, MetaLocator includes Name, Email and Message on this form, but allows for custom fields which can be labelled and used as required by our customer.
Search Data. This overlaps a bit with Analytics Data above, but users can enter keywords and search terms which are then stored in our Analytics system. For users of our SMS and IVR locator products, this can include the phone number used to request a text message of search results.
Data Privacy Protections
In order to protect the information of real persons, we provide protections and services including, but not limited to the following:
We anonymize user IP addresses associated with analytics before permanent storage
We store user location only in aggregate for reporting and reduce it's accuracy.
We add an extra application layer of encryption to lead data for added redundancy.
We provide GDPR-compliant discovery, disclosure and deletion tools.
We provide tools to our customers to integrate with customer-provided privacy compliance tools.
We optionally truncate phone number data captured in our SMS and IVR products.
Data Scope & Type
Customer-Provided Data. MetaLocator customers define the scope of data imported into MetaLocator. MetaLocator customers choose and solely control the nature, type and volume of data imported into MetaLocator.
User-Provided Data. MetaLocator customers define the scope of data that can be collected from end users. MetaLocator customers build and select the fields on the (optional) forms for Lead Capture, Search and Crowdsourcing. Therefore, the scope of data collected from end users and any potential impacts on privacy is under the sole control of our Customer.
MetaLocator-Generated Analytics Data. MetaLocator analytics data captures anonymized details regarding user activity in a manner to dissociate it from real persons. We also provide facilities to allow end user's to opt-out of analytics tracking while relegating control, authority and responsibility over those opt-out mechanisms to our customers.
Data Storage & Transfers
MetaLocator stores data in the United States. We leverage the "standard contractual clauses" in our contracts to define MetaLocator as processor, and our customer as the controller under GDPR, including security practices, encryption, transfer practices etc. The actual details of these can be found in our Enterprise contracts, which are between MetaLocator and our Enterprise customer. GDPR tools, compliance, privacy tools and support thereof are only included in MetaLocator Enterprise contracts.
Data Retention Periods
Our data retention periods vary by the type of data as shown below:
Customer-Provided Data. The contractual customer relationship period, plus 90 days.
User-Provided Data. The contractual customer relationship period, plus 90 days.
MetaLocator-Generated Analytics Data. Up to 3 years within the contractual customer relationship period, plus 90 days.
MetaLocator-Generated Log Data. The contractual customer relationship period, plus 7 years.
MetaLocator-Generated Report Data: The contractual customer relationship period, plus 90 days.
MetaLocator-Generated Enrichment Data:
Geocoding results and address corrections can be retained by MetaLocator indefinitely.
Email validation data is retained for the contractual customer relationship period, plus 90 days.
The contractual customer relationship period, plus 90 days.
Users and customers may specifically request data deletion by contacting our support team (email@example.com).
Personally Identifiable Information (PII) in MetaLocator
MetaLocator does not collect personally identifiable information unless specificially enabled by our customers as described below:
Our Lead Generation and Form Builder tools allow our customers to create custom forms which may be used to collect personally identifiable information. The form fields can be defined by our customers and could, therefore; be used to collect personally identifiable information.
Our location and product data import facilities include support for custom fields. Customers could theoretically import personal information in that data.
Our Limitation of Liability
MetaLocator does not audit or review:
The data provided by our Customer
The data provided by Users
The Customer-Provided Data as described in section 1 above should always be considered publicly available information.