Niantic Spatial Privacy Policy (Consumer)

This Privacy Policy applies to the processing of Personal Data by Niantic Spatial, Inc. and its affiliates (“Niantic,” “we,” “us,” or “our”) in connection with our web and mobile applications (the “Apps”), our related products and services, our developer customers’ applications (“Developer Applications”), and our other online or offline offerings that link to, or are otherwise subject to, this Privacy Policy (collectively, the “Services”).

However, this Privacy Policy does not apply to any Personal Data that we process under our Business and Developer Privacy Policy.

This Privacy Policy covers our use of any information that can or could be used to identify a natural person ("Personal Data") in connection with the Services.

For information on our processing of Personal Data that is subject to the California Consumer Privacy Act (“CCPA”), please see Section 10 (Disclosures Specific to Residents of Certain U.S. States > Disclosures Specific to California Residents).

1. Who Decides How Your Personal Data Is Used?

Niantic Spatial, Inc. is the data controller generally responsible for making decisions about how we use your Personal Data.

If you have any questions or comments on this policy, you can:

Email us at privacy@nianticspatial.com

Contact our Data Protection Officer at dpo@nianticspatial.com

2. Personal Data we Collect and How We Use It

We need to collect and use certain Personal Data to provide the Services to you or our developer customer and fulfill the promises we make in our applicable terms:

When you sign up or apply for an account (your “Account”), you give us Personal Data voluntarily by providing it to us. We collect and use that information in order to authenticate you when you register for an Account and use the Services, to make sure you are eligible and able to receive the Services, and so that you receive the correct version of the Services. This may include: information about you (your name, email address, and phone number) and internal account IDs that we may assign to your account.

You may also have the option of using a supported external single sign-on service to sign up for an Account. As such, the Personal Data we collect also depends on which external accounts you choose to use, their privacy policy, and what your privacy settings with those services allow us to see when you use their services to access the Services.

If you choose to link your Google account to the Services, we will collect your Google email address and an authentication token provided by Google.

If you choose to link your Meta account to the Services, we will collect a unique user ID provided by Meta and your Meta registered email address.

Some external providers may notify you that they make additional information, such as your public profile, available to us when you use their single sign-on services. We may collect that information from them. We collect and use your device location information when you use certain features our Services.

You also give us your Personal Data when you pay for the Services, subscribe to our publications, enter a promotion or survey, or communicate with us. Where payment is required to use the Services, you will be required to supply payment information, including your credit card number, the expiration date of your credit card, your email and postal addresses for billing and notification, and additional information to verify your identity (collectively, “Payment Information”). To protect your privacy, your Payment Information will not be stored on Niantic Spatial's systems but rather by a third party payment processor that assists Niantic Spatial in the authentication, authorization, charge and maintenance of your Payment Information for the Services you purchase from Niantic Spatial in accordance with their own privacy policy. Such payment processor is subject to applicable standards and regulations with respect to the holding of Personal Data and the processing of online payments.

We may collect Personal Data that is provided to us through Developer Applications including, without limitation, [Niantic Spatial to insert examples] about end users of Developer Applications. We may use such Personal Data to provide, operate, and maintain the Services.

In addition, we have and rely on a legitimate interest in collecting and using your Personal Data as follows:

Using your IP address, browser type, operating system, the web page you were visiting before accessing our Services, the pages of our Services which you browsed or the features you used, and the time spent on those pages or features, the links on our Services that you click on, and device and advertising identifiers, to understand who is using our Services and how.

Using your contact information, such as your email address, in order to communicate with you including, without limitation, to provide technical and customer support, to ask you to participate in surveys, and to learn more about your needs in connection with our products and services;

Collecting and using Personal Data from other commercially available sources for our business purposes such as improving customer experience, outreach, and marketing.

To send you marketing communications and carry out other marketing activities.

To request feedback and to otherwise contact you about your Account or your use of the Services.

To develop, improve, and train Niantic Spatial’s technology and other products and services, including, without limitation, semantic and geospatial models and other artificial intelligence and machine learning algorithms and models.

To develop new products and services.

To personalize and improve the features that we offer you through our Services, or to provide you with new or additional services.

To create de-identified data. If we create or receive de-identified data, we will not attempt to reidentify such data unless doing so is permitted by, or we are required to do so to comply with, applicable laws.

To notify you about important changes to the Services;

To carry out anti-fraud measures and to ensure that you and other users are complying with our Terms; and

To make legal or regulatory disclosures, and to establish, exercise, or defend legal claims.

In some cases, we rely on your consent where we use cookies or similar technologies. Please see our Cookie Policy for more information about how we use cookies and similar technologies.

In some cases, we rely on your consent to send your marketing. While you may disable the usage of cookies through your browser settings, Niantic Spatial currently does not respond to a “Do Not Track” signal in the HTTP header from your browser or mobile application due to the lack of industry standard on how to interpret that signal.

3. Who We Share Personal Data With

We will not share any Personal Data that we have collected from or about you except as described below:

Personal Data Shared with Our Service Providers. We may share Personal Data with external service providers. This may include, without limitation, service providers that assist us with the administration, provision, and improvement of the Services, with marketing, and with data enrichment.

Some external service providers may also collect Personal Data directly from you (for example, a payment processor may request your billing and financial information) as a Third-Party Service in accordance with their own privacy policy. Such external Third-Party Service does not share your financial information, like credit card number, with Niantic Spatial, but it may share limited information with us related to your purchase, like your zip or postal code.

Personal Data Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We only share Personal Data  about you to government or law enforcement officials or private parties when we reasonably believe necessary or appropriate: (a) to respond to claims, legal process (including subpoenas and warrants); (b) to protect our property, rights, and safety and the property, rights, and safety of a third party or the public in general; or (c) to investigate and stop any activity that we consider illegal, unethical, or legally actionable.

Personal Data Disclosed in Connection with Business Transactions. Information that we collect from our users, including Personal Data, is a business asset. If we are acquired by a third party as a result of a transaction such as a merger, acquisition, or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your Personal Data, will be disclosed or transferred to a third-party acquirer in connection with the transaction.

4. How Your Personal Data is Transferred

Niantic Spatial operates its Services across the globe. Your Personal Data will likely be transferred and stored in a country outside of your home country, including in the USA, for the purposes outlined in this Privacy Policy to the extent permitted by applicable laws. The data protection laws in these countries may not be the same as in your home country.

If we transfer your Personal Data from the EEA, the UK, or Switzerland to other countries, including the USA, we ensure that a similar degree of protection is provided to your Personal Data as within the EEA, the UK, or Switzerland, as applicable, by ensuring that at least one of the following safeguards is implemented:

The country that your Personal Data is transferred to is a country that the European Commission (or the UK or Swiss Governments, respectively, if you are based in the UK or Switzerland) has deemed to provide an adequate level of protection for Personal Data as the EEA, the UK, or Switzerland, as applicable.

We use specific contracts approved by the European Commission, the UK Information Commissioner’s Office, or the Swiss Federal Data Protection and Information Commissioner, as applicable, including Standard Contractual Clauses, the UK's International Data Transfer Agreement, and, where applicable, Switzerland's standard contractual safeguards, which give Personal Data the same protection as it has in the EEA, the UK, or Switzerland, as applicable, when we engage with service providers.

5. How Long We Keep Your Personal Data

Niantic Spatial maintains policies and procedures surrounding the retention of your Personal Data. The criteria used to determine our retention periods varies based on type of Personal Data, including, but not limited to, legal requirements to retain Personal Data in certain jurisdictions and retention limitation periods under applicable laws. We also keep your Personal Data for as long as we need to provide the Services to you and fulfill the purposes set out in this Privacy Policy. This is also the case for anyone that we share your Personal Data with and who carry out services on our behalf.

When we no longer need to use your Personal Data and there is no need for us to keep it to comply with our legal or regulatory obligations, we will either remove it from our systems or anonymize it so that it can no longer be associated with you.

6. Your Rights and Choices

You have certain rights in relation to your Personal Data. In order to exercise these rights, please contact us at: privacy@nianticspatial.com.

You can:

Request access to the Personal Data we hold on you.

Delete or correct your Personal Data.

Have your Personal Data transferred to another organization (where it is technically feasible).

Object to us processing your Personal Data or ask us to stop using your Personal Data. Some of the Personal Data we hold is necessary for us to provide the Services to you and fulfill the promises we make to you under our terms.

Complain to a regulator. We'd appreciate the chance to deal with your concerns directly so we'd prefer you to contact us first. However, if you're based in the EEA, the UK, or Switzerland and believe that we have not complied with data protection laws, you can complain to your local data protection authority.

If you’re based in the EEA, you can also contact our EU Representative, EDPO. EDPO can be contacted:

by using EDPO’s online request form: https://edpo.com/gdpr-data-request/

by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium

To protect your privacy, we will take steps to verify your identity before fulfilling requests submitted under applicable privacy laws. These steps may involve asking you to provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Data or an authorized representative. Examples of our verification process may include asking you to confirm the email address we have associated with you.

The law provides exceptions to these rights in certain circumstances. Where you cannot exercise one of these rights due to such an exception, we will explain to you why.

We offer you choices regarding the collection, use, and sharing of your Personal Data and we’ll respect the choices you make. Please note that if you decide not to provide us with the Personal Data that we request, you may not be able to access all of the features of the Services.

To request deletion of your account, please use the standard deletion functionality available via the mobile app or contact us at: privacy@nianticspatial.com.

7. Children

Unless stated otherwise for a particular Service, children are not allowed to use the Services, and we do not knowingly collect Personal Data from them. We define “children” as follows:

Residents of the EEA: anyone under 16 years old, or the age needed to consent to the processing of Personal Data in your country of residence.

Residents of the Republic of Korea, anyone under 14 years old.

Residents of other regions: anyone under 13 years old or the age needed to consent to the processing of Personal Data in that region.

If we learn that we have collected Personal Data from a Child, we will take steps to delete such Personal Data from our files as soon as possible.

8. Changes to this Privacy Policy

Any Personal Data that we collect is covered by the Privacy Policy in effect at the time such information is collected. We may make changes to this Privacy Policy from time to time. If we do, we’ll let you know by posting the updated Privacy Policy on our website, and we may also send other communications.

9. Third Parties

In using our Services you may access links to websites and services that are owned or operated by third parties (each, a “Third-Party Service”). Any information that you provide on or to a Third-Party Service or that is collected by a Third-Party Service is provided directly to the owner or operator of the Third-Party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy, or security practices and policies of any Third-Party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-Party Services that you access.

10. Disclosures Specific to Residents of Certain U.S. States

Certain U.S. states, including California, have enacted privacy laws that grant their residents certain rights and require certain disclosures (“State Privacy Laws”). If you are a resident of one of these states, this section applies to you.

Your Rights

You have the right to request the categories and specific pieces of Personal Data we have collected about you and to request the deletion or correction of your Personal Data. You may exercise your rights set forth in Section 7 (“Your Rights and Choices”). You also have the right to opt out of any “sales” of your Personal Data. Because Niantic Spatial does not sell Personal Data as that term is defined by the State Privacy Laws, Niantic Spatial does not offer this opt out. You may also have the right to appeal if we deny your request to exercise your privacy rights, which you may do by contacting us at privacy@nianticspatial.com. If you have concerns about the result of an appeal, you may contact the attorney general in the state where you reside.

Disclosures Specific to California Residents

California law requires that we make certain disclosures about your data. The following disclosures are made pursuant to the CCPA.

Notice at Collection

At or before the time of collection, California residents have a right to receive notice of our privacy practices. California residents can find this information below.

Personal Data Collected. See the section below titled “Collection and Use of Personal Data” for a list of Personal Data that may be collected. If we have previously collected Personal Data in the past 12 months, we may collect that Personal Data from you.

Uses of Personal Data. See the section below titled “Collection and Use of Personal Data” for a list of the purposes for which we use Personal Data.

Is Personal Data “Sold” or “Shared” for “Cross-Context Behavioral Advertising”? No.

How Long Is Personal Data Retained? Our retention of Personal Data is described in the Privacy Policy under Section 5 (How Long We Keep Your Personal Data).

Additional Information. For more information on our privacy practices, please review this Disclosures Specific to California Residents section and our Privacy Policy.

Collection and Use of Personal Data

In the preceding 12 months, we have collected the following categories of Personal Data: identifiers, commercial information, Internet or other electronic network activity information, geolocation data, visual information, account log-in, financial account, debit card, or credit card number, and precise geolocation information. To learn more about the specific information we collect, the sources and purposes of such collection, please see Section 2 (“Personal Data We Collect and How We Use It”).

Sale or Sharing of Personal Data

We do not sell or share your Personal Data as those terms are defined under the CCPA. Niantic Spatial has no actual knowledge of selling or sharing the Personal Data of minors under 16 years of age.

Disclosure of Personal Data for a Business Purpose to a Service Provider or Contractor

In the preceding 12 months, we have disclosed the following categories of Personal Data to a service provider or a contractor for a business purpose: identifiers, commercial information, Internet or other electronic network activity information, geolocation data, visual information, account log-in, financial account, debit card, or credit card number, and precise geolocation information. To learn more about the disclosure of your Personal Data, please see Section 3 (“Who We Share Personal Data With”).

Sensitive Data

We do not use sensitive Personal Data for purposes other than those specified in Section 7027(m) of the CCPA Regulations. Therefore, we do not offer you the option to opt out or to limit the use of your sensitive Personal Data.

Authorized Agents

If you authorize another person to submit a request to know, correct, or delete on your behalf, we may ask you to verify your identity or to confirm that you authorized another person to make such request on your behalf. Separately, such other person may have to submit proof that they are authorized to make a request on your behalf.

No Retaliation for the Exercise of Rights under the CCPA

California residents have the right not to be retaliated against by us for the exercise of their rights conferred by the CCPA.