Privacy Policy
Who We Are
Stampede AI Ltd build and control a software platform (“Our” “Service”) used by businesses (“Our” “Customers”) to acquire, retain and expand the “Customers” “End User” database. “You” are the “End User”.
In this policy, whenever “You” see the words (“We,” “Us,” or “Our”), it refers to Stampede AI Ltd, 30 Maritime Street, Unit 4F (The Loft), Leith, City of Edinburgh, EH6 6SE. Registered in Scotland Company No: SC503985.
“You” can contact Us in writing to the above address, or via email to DPO@stampede.ai
This policy applies to all the websites “We” operate, “Our” use of emails, and any other methods “We” use for collecting information. It covers what “We” collect and why, what “We” do with the information, what “We” won’t do with the information, and what rights “”You”” have. This Privacy Policy only applies to personal information “We” hold about individuals. It does not apply to information “We” hold about companies and other organisations.
“We” may update this Privacy Policy from time to time by publishing the amended version on “Our” website www.stampede.ai
Information We Collect
Our Service
In providing “Our” “Service” to “Our” “Customers” (who operate the venues where “You” access the WiFi), Stampede acts as the Data Processor. Your email address is required to enable “Our” “Customers” use of “Our” “Service”. Any additional data capture fields on the registrations page are configured by “Our” “Customers”.
“Our” “Customers” are the Data Controller. “You” should consult “Our” “Customers” Privacy Policy for full details of the data being collected and how “Our” “Customer” intends to use it.
“You” have the ability to opt in or opt out of being marketed to on “Our” registration page at the point of connecting to the venue’s WiFi.
“We” will only ever collect the information “We” need, including data that will be useful to help “Us” improve Our services.
When “You” register for “Our” “Service” “We” may automatically collect and process the following data about “You”;
- Personal information, such as name, postal address, phone number, email address, date of birth, gender, and social media account details (such as Facebook, Twitter, Instagram, etc.) that “You” provide by registering and using “Our” “Service”.
- Any log-in information “You” provide when “You” use guest WiFi services offered by “Our” customers at their venues.
- Information about the computer, tablet, cellular telephone, smartphone, or other electronic device used to access the service (device) including (where available) the MAC address of any connected network interface, the unique device identifiers, operating system, browser types, and telephone number (if applicable) of the device (Device Information).
- The actual location and relative signal strength for WiFi enabled devices present at a location by means of relative signal strength from WiFi access points from which an X/Y coordinate is calculated (Location Information).
- Any data collected when a device is used to access the service including (without limitation) internet protocol addresses, internet service providers, browser types, language, viewed and exit pages, and date and timestamps (Log Information).
- Details of your visits to “Our” site, including but not limited to, IP addresses (the location of the computer on the internet), pages accessed, and files downloaded. This helps “Us” determine how many people use “Our” sites, how many people visit on a regular basis, and how popular “Our” pages are. This is statistical data about “Our” users’ browsing actions and patterns and does not identify any individual. It simply allows “Us” to monitor and improve “Our” service.
Other means of data collection
Telephone Calls
“We” may record incoming telephone calls for training and quality control purposes. “We” may also record outgoing telephone calls in response to a query submitted through “Our” website or when returning a telephone call “You” have made to “Us”.
Website
“Our” website uses Google Analytics. This means that when “You” visit “Our” website “We’ collect various information about “You”. This includes;
- information about the apps, browsers and devices that you use to access “Our” site
- your activity on “Our” site
- information about your location when “You” access “our” site
When filling in forms on “Our” website (stampede.ai) or when “You” contact “Us” by telephone or email, “We” may collect personal information, such as name, postal address, phone number, email address, date of birth, gender, and social media account details (such as Facebook, Twitter, Instagram, etc.) that “You” provide when “You”:
- Subscribe to receive one of “Our” e-communications.
- Enquire about a specific product or service.
- Request information via telephone.
- Request a call back.
- Respond to a campaign.
- Enter a competition or promotion.
- Submit a question to “Us” or provide “Us” with feedback.
Online Lead Forms
“We” display Lead Generation Forms on platforms such as LinkedIn or Facebook. If “You” enter your personal details into a lead generation webform, “We” use the information you submit to provide “You” with the content requested, and to determine if “You” or your organisation can utilise “Our” products and services. If appropriate, “We” will contact “You” or your organisation by phone and/or email to qualify further any needs for which “We” can supply products and services.
“We” will only ever collect the information “We” need, including data that will be useful to help Us improve “Our” services.
Cookies
“Our” site uses cookies to distinguish “You” from other users of “Our” site. This helps “Us” provide “You” with a good experience when “You” browse “Our” site and allows “Us” to improve “Our” site. For detailed information on the cookies “We” use and the purpose for which “We” use them, please see “Our” Cookie Policy. If “You” want to disable cookies, please refer to “Your” browser’s help option.
How We Use the Information We Collect
If “You” have provided “Us” with personal data to access WiFi in a venue, then “We” will use this data for the performance of the contract with “Our” “Customer” as described in this Privacy Policy.
“We” may also process personal data for “Our” legitimate business interests. “Legitimate Interests” means the interests of “Our” company in conducting and managing “Our” business and providing “You” with the best services and products in the most secure way. These interests include:
- To ensure that content from “Our” site is presented in the most effective manner for “You” and for your device.
- To collate and aggregate anonymised information for consumer analysis and statistical reporting.
- To associate submitted information and/or additional information and/or device information and/or location information and/or log information to enable analysis by “Us” and “Our” “Customer” at the venue in which you use the service as to how people move around such venues. In such circumstances, the MAC address of your device is masked to prevent linking data to other sources.
- To contact “You” regarding your opinion of “Our” products and services, which may be used for research and analysis to help “Us” to improve or modify those products and services.
- To help “Us” identify “You” when “You” contact or visit “Us”.
- When dealing with your inquiries and requests.
- To help “Us” improve the quality, security, and safety of “Our” products and services.
- To carry out analysis and service improvement.
- When “You” communicate with “Us” for customer service or other purposes (e.g., by emails, faxes, phone calls, tweets, etc.), “We” retain such information and “Our” responses to “You” in the records of your account.
When “We” process “Your” personal data for “Our” legitimate business interests, “We” always ensure that “We” consider and balance any potential impact on “You” and the rights “You” have under data protection laws.
If “You” have any concerns about the processing activities described above, “You” have the right to object to this processing. For more information please review the “Your Rights” section below.
Opt-In and Opt-Out
When “You” first connect to “Our” “Service” within “Our” “Customers” venue “You” are provided with the opportunity to opt in to receiving communications from “Us” and “Our” partners.
If “You” do not opt in, “Your” personal data will not be added to “Our” database and “You” will not receive communications from “Us” or “Our” “Customers”. “You” are still able to connect to the WiFi however no data will be retained on “Our” “Service”.
If “You” do opt in, your details will be added to “Our” database and can be used for marketing purposes by “Our” “Customers”.
Each and every time “You” receive communication from “Us” or “Our” “Customers” thereafter “You” will be given the opportunity to opt-out of having “Your” contact details used for such communications.
Be aware that if “Our” customer has exported your data to a separate mailing platform and “You” subsequently opt out, “We” are unable to manage your opt out preferences. “You” may continue to receive information from these “Customers” until “You” inform them that “You” wish to opt out of marketing communications as well. Consult “Our” “Customers” privacy policy for details on how to do this.
Sharing Your Information
Just like most other organisations, “We” work with third-party service providers which provide important functions to “Us” that allow “Us” to be easier, faster, and friendlier in the way “We” deliver “Our” services. “We” need to disclose user data to them from time to time, for any of the purposes set out above, so that the services can be performed.
“We” have listed below the parties to whom “We” may disclose “Your” personal data for the purposes set out in this policy:
- “Our” employees.
- “Our” “Customers”; the account holders at venues where “You” access “Our” “Service”.
- Virtual hosting infrastructure providers to host “Our” servers and data, and to provide other services to “Us”.
- Third party consultants, service providers, or contractors when providing support and other services to “Us”.
- Auditors or advisers assisting “Us” in “Our” business operations in any jurisdiction where “We” operate.
“We” may also disclose personal information to third parties if “We” are under a duty to disclose or share such data for legal or regulatory purposes, in relation to existing or future legal proceedings for the prevention of fraud/loss or to protect the rights, property and/or safety of “Our” company, “Our” customers, or others.
Data Security
“We” store personal information on hosted services located in The Republic of Ireland. However, from time to time, “We” may transfer information to other reputable third-party organisations that may be situated outside the European Economic Area (EEA) if legally required to do so. If this is the case “We” ensure that compliant safeguards are put in place and are clearly communicated to “You”.
“We” have security protocols and policies in place to manage and record data privacy and preferences correctly. “We” ensure data is stored securely to protect against its loss, misuse, and alteration.
Whilst “We” do “Our” best to protect the security of information, the transmission of data across the internet is not completely secure. “We” cannot ensure or guarantee that loss, misuse, or alteration of data will not occur while data is being transferred.
“We” will keep information only for as long as “We” need it to provide “You” with the services or information “You” have requested, to administer your relationship with “Us”, and to comply with the law. When “We” no longer need information, “We” will always dispose of it securely by using specialist companies if necessary to do this work for “Us”. If “You” are a user of “Our” “Services” and “You” do not log in to one of “Our” “Customers” venues for more than 2 years, all personally identifiable data “We” store about “You” is deleted.
Children’s Privacy
“Our” “Services” are not intended for use by anyone under the age of 13. “We” do not knowingly collect personal information from anyone under the age of 13. If “You” are under 13, “You” may not attempt to register for “Our” “Services” or send any information about “You” to “Us”, including name, address, telephone number, or email address. If “We” become aware that “We” have collected personal information from someone under the age of 13, “We” will delete that information promptly. If “You” are a parent or legal guardian of a child under 13 and believe that a child has provided “Us” with their personal information, please contact “Us” by emailing DPO@stampede.ai or by writing to the mailing address listed in this Policy.
Your Rights
Under The General Data Protection Regulation 2018 (GDPR), “You” have several rights over “Your” personal data.
Informed
“You” have access to this Privacy Policy on “Our” website at all times. “We” will continually review “Our” activities and update this policy if and when necessary. “You” can contact “Our” DPO at DPO@stampede.ai for further clarification if necessary
Access
“You” are able to access “Your” information at all times. “You” can do this by contacting Us at DPO@stampede.ai. “We” will provide “You” with this information in an easily accessible format, without undue delay, and in any event, no longer than one month after receiving “Your” request.
Rectify
If “You” believe the personal information “We” hold about “You” is incorrect or incomplete, “You” have the right to ask us to rectify this information on “Your” behalf. “You” can do so by contacting us at DPO@stampede.ai
Erasure or the ‘Right to be Forgotten’
“You” have the right to have “Your” personal data erased where the data is no longer necessary for the purpose(s) for which it was originally collected/processed unless “We” have legitimate grounds or a legal right(s)/obligation(s) to store “Your” personal data.
Restrict
“You” can request that “We” restrict the processing of “Your” personal data if “You” believe that the data “We” hold is inaccurate, unlawfully obtained, or “You” no longer wish us to use “Your” personal data for any reason other than storage. Submit “Your” request to DPO@stampede.ai and “We” will respond within one month of receiving “Your” request.
Data Portability
“You” have the right to receive the personal data “You” have provided to Us in a structured, commonly used and machine readable format. “You” also have the right to request that “We” transmit this data directly to another controller.
Object
If “You” believe “We” are using “Your” information for purposes other than those “You” consented to as explained above, “You” have the right to object to Us using “Your” personal information for these purposes. Please bring this to “Our” attention by emailing DPO@stampede.ai and “We” will identify if the activity is taking place. If so, “We” will cease these activities immediately.
Freedom of Information – Subject Access Request (SAR)
“You” can request a copy of the information “We” hold about “You” (a subject access request). “We” will require proof of “Your” identity before “We” are able to provide “You” with any personal information that “We” hold about “You”.
“You” are also able to view or delete this information through “Our” portal at ??https://my.stampede.ai/. Login details are emailed to “You” when “You” first register on “Our” WiFi services.
To submit a SAR, contact us in writing at DPO@stampede.ai or Stampede, 30 Maritime Street, Unit 4F (The Loft), Leith, City of Edinburgh, EH6 6SE.
Information Commissioner’s Office (ICO)
For more information about “Your” rights, please directly contact “Your” local supervisory authority.
“Our” registration number with ICO is ZA129901.