Advertima AG and its subsidiaries (“Advertima”, “we”) are technology companies and offer a software solution for corporate customers that is used as a service (“service” or “solution”).
We are committed to responsible handling of data and compliance with all applicable data protection regulations. This namely includes the European General Data Protection Regulation (GDPR).
1. Contact Information
Responsible for data processing:
9014 St. Gallen
You can contact the data protection officer of Advertima AG at: firstname.lastname@example.org.
Data protection representative in the European Economic Area (EEA):
Within the European Economic Area (EEA) including the European Union (EU), the Principality of Liechtenstein, Iceland and Norway, we have the following data protection representative as an additional contact point for requests from supervisory authorities and data subjects in connection with the General Data Protection Regulation (GDPR) pursuant to art. 27 GDPR:
VGS Datenschutzpartner UG
Am Kaiserkai 69
2. Type and Scope of Data Collection
Advertima’s solution only produces and stores anonymous metadata that provides information about the size and demography of a clientele of content playout devices (e.g. a digital signage screen) or visitors to a specific physical location (e.g. a retail store or a shopping center).
Advertima does not store any data that would allow a clear identification of an individual and namely does not record any corresponding image or video footage. Our algorithm processes sensor livestreams in real time, and all raw data is processed locally and in real time by an edge computer. In particular, no biometric data is stored in a long-term memory or uploaded to a cloud memory.
For each identified observer/visitor, the solution estimates the following data in real time:
- Gender (male, female)
- Total time spent looking at specific content
- Total attention span
- Position and distance from installation point
- Routes taken
Advertima’s customers must inform the public with appropriate notices on their point of installation and/or at the entrance of the location that our solution is in operation. Such notice contains a statement on the collection of anonymous data and on how data subjects can obtain further information on data protection.
3. Purpose of Processing Personal Data / Recipients of Data
We only process personal data that is necessary for the following purposes: Digital Smart Signage, which means decision-making for content playback based on demographic group attributes at a particular point of installation as well as data analysis on content views.
The processing is carried out on the following legal bases:
- Performance of contracts with our respective customer (art. 6 par. 1 lit. b GDPR);
- Pursuit of the overriding interests of our company and/or our customers. We have the following legitimate interests (art. 6 par. 1 lit. f GDPR):
- Improvement of products and services in order to monitor and improve the performance of the commercial offer;
- Improved understanding of the clientele or visitors reacting on certain contents in order to enhance the cost efficiency of marketing expenditure;
- Understanding of the general flow of people at the physical location in order to improve the store design;
- Protection of our rights.
- Compliance with applicable laws and regulations (art. 6 par. 1 lit. c GDPR);
- Consent of the data subjects (art. 6 par. 1 lit. a GDPR).
However, the metadata collected is only available in aggregated formats for analysis purposes. User of the analysis solutions is the Advertima customer who operates the specific point-of-installation server.
We ensure that all afore-mentioned processes and services are carried out by service providers who are obliged to guarantee an adequate level of data protection. These are companies from the categories of IT services, consulting, sales and marketing as well as service providers whose services we use within the framework of contract processing agreements.
4. Storage Period
5. Your Rights
The General Data Protection Regulation (GDPR) gives you the following rights regarding your personal data:
- Right of access (art. 15)
- Right to rectification (art. 16)
- Right to erasure (art. 17)
- Right to restriction of processing (art. 18)
- Right to data portability (art. 20)
- Right to object (art. 21)
However, since our solution does not collect any personal data, but only anonymous demographic metadata, we are not able to rectify or erase any personal data. Furthermore, we are not able to retroactively link any metadata to your personal data. For further information, please send an e-mail to email@example.com.
You also have the right to contact a competent data supervisory authority (art. 77 GDPR).