Skyhook Data Privacy Framework Notice

Last Updated and Effective Date: 03/29/24

Introduction

Skyhook Wireless, Inc. ("Skyhook”, “we”, “our" or "us") complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union and Switzerland to the United States. Skyhook has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Skyhook has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Data Privacy Framework Notice (“Notice”) and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification on the “Data Privacy Framework List,” please visit https://www.dataprivacyframework.gov.

This Notice describes our standards and procedures for handling personal data transferred from the European Economic Area ("EEA") and Switzerland to the U.S. in accordance with Skyhook’s obligations under the EU-U.S. DPF and the Swiss-U.S. DPF.

This Notice supplements the Skyhook Privacy Policy. The terms "personal data" and "processing" are defined in Skyhook Privacy Policy.

How We May Obtain Personal Data

We may obtain and process personal data from the EEA and Switzerland in different capacities:

  • In the case of businesses and individuals opening accounts with Skyhook by signing up here, we may collect and process EEA and Swiss personal data as a data controller directly from individuals.
  • In the case of operating our location services, we may obtain and process EEA and Swiss personal data, such as by receiving location signals or determining location results, as further described and for the purposes set forth in the Skyhook Privacy Policy.

Skyhook commits to comply with the DPF Principles with respect to all personal data received from the EEA and Switzerland in reliance on the DPF.

DPF Principles

1. Notice. The Skyhook Privacy Policy in combination with this Notice describes how Skyhook may process personal data received from the EEA and Switzerland in reliance on the DPF, including the types of personal data we collect, our purposes for collecting and using personal data, the types of third parties to whom we disclose personal data, and our purposes for disclosing personal data to third parties.

2. Choice. When providing our location services, Skyhook provides users the ability to directly opt-out from Skyhook’s services or disclosing their personal data to a third party that is not acting as an agent to perform task(s) on behalf of and under the instructions of Skyhook, as set forth under the section “Opt-Out Choices” of the Skyhook Privacy Policy. Skyhook enters into a contract with third parties acting as an agent to perform tasks on behalf of and under the instructions of Skyhook.

3. Data Integrity and Purpose Limitation. Any personal data we receive may be used by Skyhook for the purposes indicated in the Skyhook Privacy Policy or as otherwise notified to you. We will not process personal data in a way that is incompatible with these purposes unless subsequently authorized by you. We take reasonable steps to limit the collection and usage of personal data to that which is relevant for the purposes for which it was collected, and to ensure that such personal data is reliable, accurate, complete and current. Individuals are encouraged to keep their personal data with Skyhook up to date and may contact Skyhook as indicated below to request that their personal data be updated or corrected. We will retain your personal data in an identifiable form only for the period necessary to fulfill the purposes outlined in the Skyhook Privacy Policy, unless a longer retention period is required or permitted by law or by the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles. We will adhere to the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles for as long as we retain the personal data collected under the DPF.

4. Accountability for Onward Transfer of Personal Data. Skyhook may transfer personal data for the purposes described in the Skyhook Privacy Policy to a third party acting as a data controller or as an agent. If we intend to disclose personal data to a third party acting as a data controller or as an agent, we will comply with and protect personal data as provided in the Accountability for Onward Transfer Principle. Pursuant to the requirements of the DPF, we remain responsible for the processing of personal data received under the DPF and subsequently transferred to a third party acting as an agent if the third-party processes such personal data in a manner inconsistent with the DPF, unless we prove that we are not responsible for the event giving rise to the damage.

5. Security. Skyhook takes reasonable and appropriate precautions, taking into account the risks involved in the processing and the nature of the personal data, to help protect personal data from loss, misuse and unauthorized access, disclosure, alteration and destruction.

6. Access. In the case of information submitted to set up an account with Skyhook, individuals have reasonable access to their personal data and may request corrections, deletions, or additions where the personal data is inaccurate or has been processed in violation of the DPF. In addition, as described above, Skyhook provides end users with the ability to opt out of collection of the users’ MAC address, IP address and location information.

7. Recourse, Enforcement and Liability. In accordance with the EU-U.S. DPF and the Swiss-U.S. DPF, Skyhook has established procedures to periodically verify its implementation and compliance. In addition, in compliance with the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles, Skyhook commits to resolve complaints about our collection or use of your personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF. EEA and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Skyhook according to the contact information provided in the end of this Notice.

In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, Skyhook has further committed to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your DPF-related complaint from us, or if we have not addressed your DPF-related complaint to your satisfaction, please visit here for more information or to file a complaint. The services of JAMS are provided at no cost to you.

For residual complaints not fully or partially resolved by other means, you may be able to invoke binding arbitration as detailed in Annex I of the official DPF website here.

Please be aware that the Federal Trade Commission has jurisdiction over Skyhook’s compliance with the EU-U.S. DPF and the Swiss-U.S. DPF. In certain situations, Skyhook may be required to disclose personal data received under the DPF in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Amendment

This Notice may be amended consistent with the requirements of the EU-U.S. DPF and the Swiss-U.S. DPF. When we update this Notice, we will also revise the "Last Updated" date at the top of this document.

Questions and Complaints

If you have any questions, concerns or complaint regarding our privacy practices, or if you’d like to exercise your choices or rights, you can contact us:

  • By email at [email protected]
  • By mailing to Qualcomm Incorporated, Attn. Privacy Office, 5775 Morehouse Dr., San Diego, CA, 92121, USA

We will make every effort to resolve your concerns.

Qualcomm relentlessly innovates to deliver intelligent computing everywhere, helping the world tackle some of its most important challenges. Our leading-edge AI, high performance, low-power computing, and unrivaled connectivity deliver proven solutions that transform major industries. At Qualcomm, we are engineering human progress.

Stay connected

Get the latest Qualcomm and industry information delivered to your inbox.

Subscribe
Manage your subscription
Also of Interest

© Qualcomm Technologies, Inc. and/or its affiliated companies.

Snapdragon and Qualcomm branded products are products of Qualcomm Technologies, Inc. and/or its subsidiaries. Qualcomm patented technologies are licensed by Qualcomm Incorporated.

Note: Certain services and materials may require you to accept additional terms and conditions before accessing or using those items.

References to "Qualcomm" may mean Qualcomm Incorporated, or subsidiaries or business units within the Qualcomm corporate structure, as applicable.

Qualcomm Incorporated includes our licensing business, QTL, and the vast majority of our patent portfolio. Qualcomm Technologies, Inc., a subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of our engineering, research and development functions, and substantially all of our products and services businesses, including our QCT semiconductor business.

Materials that are as of a specific date, including but not limited to press releases, presentations, blog posts and webcasts, may have been superseded by subsequent events or disclosures.

Nothing in these materials is an offer to sell or license any of the services or materials referenced herein.