Generic guidelines and definitions for users of Cloudi-Fi's services
Disclaimer: This article does not constitute legal advice, nor is this information intended to create or rise to the level of an attorney-client relationship. Professional legal advice should be used where appropriate.
Regarding customer data processing, Cloudi-Fi First Principle requires that all personal data are processed lawfully, fairly and transparently. Our strong privacy-by-design practices provide a solid foundation to address all data privacy requirements immediately. While our customers are responsible for providing comprehensive information to their users, our services involve a shared responsibility across our services.
Cloudi-Fi Terms Of Use are available at the following URL: http://www.cloudi-fi.com/terms-of-use/
Personal data is anything that contains:
Directly identifying information such as a person’s name, surname, phone number, etc.
Pseudonymous data or non-directly identifying information does not allow the direct identification of users but allows the singling out of individual behaviors (for instance, to serve the right ad to the right user at the right moment).
Personal data can be categorized as “sensitive” and "non-sensitive data".
Sensitive data is any data that reveals:
Racial or ethnic origin
Political opinions
Religious or philosophical beliefs
Trade union membership
Genetic data
Biometric data to uniquely identify a natural person
Data concerning health or a natural person’s sex life and/or sexual orientation
By nature, the data that Cloudi-Fi collects and processes for its customers does not qualify as sensitive data as defined by the GDPR.
What type of personal, non-sensitive data does Cloudi-Fi collect?
Cookie IDs
Email addresses, phone numbers, or any customer ID that they explicitly agree to give when login to Wi-Fi
Any other technical identifiers that allow Cloudi-Fi to single out individual behavior without directly identifying the individuals
Legitimate Interest and Unambiguous Consent
Of the six bases for data collection and data processing in Europe, we believe for businesses in the marketing or digital marketing industry or for those who collect data for marketing, the two applicable bases are (1) unambiguous consent of the individual and (2) legitimate interest of the data controller.
First, the data controller's legitimate interest may include direct marketing. Second, unambiguous user consent, including a user explicitly accepting the Terms Of Use before login, can be a basis for collecting and processing non-sensitive personal data.
Legal requirements are different depending on the country where the service is executed. Cloudi-Fi customers, being the Internet Service Providers of the guest Wi-Fi services, also take responsibility to their users in delivering the service and, as such should adopt this First Principle and eventual local regulations.
Generic guidelines:
The customer decides on the captive portal format and which data are collected from the end user.
The user always gives his consent before sharing some non-sensitive data.
All data collected are parsed and treated to match Cloudi-Fi taxonomy
Only the public data with the user's consent are collected when using a third party for login (social network connect, for instance).
Logs are stored for a duration and in a location in compliance with local regulations. Please see additional articles to have specifics about your country. Feel free to contact us with any specific concerns about your country at privacy@cloudi-fi.com.