Cloud based systems offer a huge amount of benefit to most users, but we have also seen a number of systems use the data in ways that the user never intended.
In this post I want to address
- what the data is that we collect and store
- what we do with the data
- more importantly, what we don’t do with your data
- any concerns you may have about data security
What data we collect
Purchasing
If you purchased the system through a reseller, then we receive no information at all about you. It is only the information that you supply us that we have access to.
If you purchased the product through our online store then we know the typical eCommerce information including your:
- name,
- email,
- phone,
- shipping address
We use third party payment platforms such as Paypal or Stripe so that we are NOT aware of your credit card details.
By visiting this web site, we are also using Google’s standard web tools that provide generic information about you including what type of computer and browser you are using, a vague approximation (city, possibly suburb) of where you are, etc. We use this information to determine which pages people visit, how long they stay there, and what we need to focus on.
Configuration
As part of the configuration of the system, we know:
- users’ names,
- users’ emails,
- optional address information for the site
- optional contact person number for the site
Our phone app knows it is installed on a web enabled device and will receive notifications from our server. We do NOT know the number of the phone or any owner information.
For Wi‑Fi configuration, the password is either stored only in the gateway (i.e. on-site and we have no access to it), or securely encrypted in our server where only the gateway can decrypt and use it.
Data collection
As part of the ongoing operation of the system we store
- date, time and temperature
- network information for the gateway (IP address, time server address, DNS server address etc) for the purpose of assisting users if they are having network connectivity issues
- user browser information (computer, browser type, version)
What do we do with the data?
If you are part of a notification group, we will email you. There is no option to “unsubscribe” because this is not a marketing email. Instead, simply remove yourself from the notification group.
The purchaser of the system is automatically added to an email group that is used for
- notifying users of new features,
- sometimes asking for feedback,
- advising price updates,
- user and installation tips,
- very occasional marketing material from us
We are discussing if all users should be added to this group. We are finding that there is too often a disconnect from the purchaser and the user, and consequently users aren’t getting information on new features etc.
We do NOT share email addresses with any third party company.
We do NOT do paid or unpaid promotions on behalf of other companies. (Slight caveat, if there is an absolutely awesome product that would be of significant benefit to our users then we may notify users about it. My guiding rule is simple – is this in the best interest of the user or us? If it’s not in your best interest, then we won’t send it.)
We do NOT sell email addresses or mailing lists.
All marketing lists will have an UNSUBSCRIBE option. This is an automated feature and you should be instantly removed from the list.
Temperature Data
The data is only available to
- users that have been added to your organisation, and have access to the site
- API access which is organisation restricted
- support agents that have been linked to your organisation. This may automatically include the company that your purchased the system from. You can remove or add support agents manually
- system admin (i.e. Clever Logger support staff) have unrestricted access to temperature data
In the future we will add a feature that will allow you to embed a graph or table in your own web site. If you choose to do so, the data will obviously be available to anyone with access to that page.
We are also obliged to disclose data if officially requested by a court of law.
Reports
Reports can only be sent to people who have been added to your organisation in Clever Logger. They can also be created and downloaded by a registered users of the system.
These reports, however, can then be shared with other people.
If you share the report with a third party then there is an automatic implied permission that the third party has access to the displayed data. This permission is extended to any one they pass the report onto, etc. This permission is NOT extended to viewing the data within Clever Logger. It is simply implying that you have granted permission for them to see the report.
In practice, what this means is, if you use any data from Clever Logger for the purpose of an audit, compliance check, or validation and the recipient asks us to verify the data, we will confirm that the data is unaltered, or send the original report.
Other Data
The data is only available to
- users that have been added to your organisation, and have access to the site
- API access which is organisation restricted
- support agents that have been linked to your organisation. This may automatically include the company that your purchased the system from. You can remove or add support agents manually
- system admin (i.e. Clever Logger support staff) have unrestricted access to data
The sales and marketing information will stay inhouse.
Who owns the data?
This is one of those really obscure questions that I just don’t get. It’s our system so we do.
But it’s collected on your behalf and so you have full access to it at any time.
And since we know it is your data, we aren’t going to allow others to see it.
We need to be able to say that the data in our system is true and unmodified so you can’t modify or delete readings.
If you stop using the system, you can request that we scrub any possible identifying details (e.g. names, emails).
What we can't do
Clever Logger is a cloud based system that must communicate with our server. We do NOT offer a standalone version that works only on site, or a version that allows you to host your own server. If you want a system that is 100% within your building or I.T. infrastructure then we are not the right solution for you.
We don’t allow selective modification or deleting of data. It is how we can testify that our data is reliable.
Data security
Data security is a big deal for us and we are regularly reviewing what is best practice and implement it as soon as possible.
We also know that I.T. departments are responsible for maintaining the security within their own networks, and introducing a strange device into their network is often a cause of concern.
To address both of these concerns we have an existing article on I.T. security. Click on the button below to view it.
Any other questions?
Hopefully that has addressed your concerns around what we do with your data. If not, please contact us and we will see what we can do.