PRIVACY POLICY

Dear User,

As the Data Controller Wiman S.r.l. acknowledges the importance of personal data protection and considers privacy and data protection as one of the main objectives of its business.

Before you disclose any personal data to the Data Controller, we encourage you to carefully read this Privacy Policy as it includes important information about your privacy, personal data protection, and the security measures taken to ensure confidentiality in compliance with the applicable legislation. This Privacy Policy:

• shall refer to the Wiman Application (hereinafter also "Application”), managed by the Data Controller; this Policy does not apply to websites that may be consulted through external links;
• is written pursuant to Article 13 of the General Data Protection Regulation ("GDPR") to users interacting with the Application;
• complies with Recommendation 2/2001 on certain minimum requirements for collecting personal data on-line in the European Union adopted on 17 May 2001, by the 'Article 29' Working Party.

***

The Data Controller informs you that the processing of your personal data will be based on the principles of fairness, lawfulness, transparency and the protection of your privacy and your rights. Your personal information will therefore be processed in accordance with the provisions of the GDPR and the confidentiality obligations provided for therein.

SUMMARY

Below a summary of the contents of this Privacy Policy is provided so that you can easily find information regarding the processing of your personal data.

1. DATA CONTROLLER AND DATA PROCESSORS
2. PERSONAL DATA SUBJECT TO PROCESSING

1. Data provided by the platform on which the Application runs at the time of installation on the user’s device
2. Data provided by the registered user
3. Connection data
4. Geolocation data
5. Information collected through third-party SDK services

3. PURPOSES OF THE PROCESSING AND OBLIGATORY OR VOLUNTARY DISCLOSURE OF DATA
4. PROCESSING, SECURITY AND LOCATION OF DATA PROCESSING
5. COMMUNICATION AND DISSEMINATION
6. RIGHTS OF THE DATA SUBJECT
7. PROCESSING OF USERS’ DATA BY THIRD PARTY APPLICATIONS THAT USE THE SERVICE
8. MODIFICATIONS TO PRIVACY POLICY
9. CONTACTS

1. DATA CONTROLLER AND DATA PROCESSORS
   By accessing and utilizing the Application, data relating to identified or identifiable physical persons may be processed. The details of the Data Controller are as follows: Wiman Srl, a company with registered office in Mattinata (FG), Corso Matino 81, ZIP CODE 71030, VAT 03814940718.
   Your personal data may be processed by employees or collaborators employed by the Data Controller, belonging to the administrative, commercial, legal, accounting departments or IT administrators, depending on the processing activity, and who act under the authority of the Data Controller and who have received appropriate operating instructions pursuant to Articles 28 and 29 of the GDPR.
2. PERSONAL DATA SUBJECT TO PROCESSING

1. Data provided by the platform on which the Application runs at the time of installation on the user’s device
   To access the features offered by the Application, you must install it on your device. At this stage, the data collected by Wiman are as follows:

• LOCATION
  Wiman uses your location data for:
  - Providing information about Wiman networks
  - Downloading the shared network passwords as defined in the END USER AGREEMENT - WIMAN APPLICATION AND SOFTWARE
  - Collecting information about Wi-Fi networks visible from your mobile device
  - Showing the Wiman Users Ranking ("Leaderboard")
• STORAGE / PICTURES / MEDIA / FILES
  When you agree to do so, Wiman uses these data to store maps offline.
• RUN AT STARTUP
  These data allow the Application to start automatically when your device turns on.
• VIEW WI-FI CONNECTIONS / CHANGE NETWORK CONNECTIVITY
  Wiman uses these data to collect Wi-Fi network information in your location in order to connect the device to the best network.
• MICROPHONE
  Wiman uses these data to prevent the device from automatically connecting to a Wi-Fi network when you make a call through VoIP services, thus causing the call to stop.
  You are allowed at any time to manage your privacy preferences within the application or, if so provided, from the device, and enable/disable Wiman's use of data for each of the settings described above.

2. Data provided by the registered user
   Some application features, such as sharing and accessing private networks, require logging in through "Facebook login", "Google login" or other authentication providers, which communicate the following personal data to Wiman: name, last name, profile picture, date of birth, sex, language, city of residence and time zone.  With the consent of the data subject, email address and friend lists may also be communicated.
   These data will be processed in full compliance with data protection regulations. Failure to provide such data will result in the impossibility of creating an account and accessing certain features.
   The user is responsible for the correctness of the data provided within the profile.
   Such data is stored for the time necessary to render the service and also for longer periods subsequent to the termination of the service, if retention is required by law or for other legitimate purposes such as Wiman's defense, or in the case of a legitimate interest of the data controller or third parties.
3. Connection data
   For security reasons and in order to protect your rights and Wiman's rights, Wiman records and stores the technical details of your connection on its servers including: IP address, date and time of access, MAC address, device ID, Wi-Fi network used, geographic location.
   Such data allows to trace the identity of the connection user, but only if this is required following requests or orders from a judicial authority. Under no circumstances does Wiman connect such information with any other data it may have in order to track the activities and geographic location of specific users. Data is stored for six months and then anonymized for statistical use.
4. Geolocation data
   Among the services offered by the Application is the possibility for the user to view their geographic location within a map showing the closest Wi-Fi networks. In addition, location data is required to provide the "autoconnect" service that allows the User to connect to the best networks in the area where he/she is located. These data are processed by the Data Controller in order to provide the services offered and the mapping of Wi-Fi networks, either free hot spots or private networks shared by Users, in order to improve the network sharing services.
5. Information collected through third-party SDK services
   Cookies and similar technologies, such as SDKs, are information that applications send and record on your devices when you access them, then are resubmitted to such applications at the time of the next access. Thanks to these technologies, applications recall actions and preferences (such as login data, preferred language, font size, other display settings, etc.) so that they do not have to be re-selected at the time of the next access. Some services provided to the Data Controller by third parties may result in third party access to personal data and other information contained in your device, also for purposes other than the provision of services to the Data Controller.
   When you choose to download and use the Application, you consent to Wiman's use of third-party services and the processing of information collected through them.
   In more detail, the third-party services used by the Application are:
   Google Analytics, Google Firebase, Google Play Services, Fabric.io, Facebook Audience Network, and Facebook Analytics which are used to submit the Application usage data to the Data Controller.
   To request information on data processed by third parties listed in this Policy, and if you wish to object to such processing, we encourage you to consult the privacy policies of the third parties listed below and activate the opt-out mechanisms provided by such third parties.
   Find below the links to the information notices about the use of your data by third parties:

• Google Analytics https://www.google.com/intl/it_it/analytics/learn/privacy.html
• Google Firebase http://www.google.com/policies/privacy/partners/
• Google Play Services https://www.google.com/policies/privacy/
• Fabric.io https://fabric.io/terms?locale=en-us&utm_campaign=fabric-marketing&utm_medium=natural
• Facebook Audience Network  https://www.facebook.com/policies/cookies/
• Facebook Analytics https://www.facebook.com/privacy/explanation

3. PURPOSES OF THE PROCESSING AND OBLIGATORY OR VOLUNTARY DISCLOSURE OF DATA
   The data you provide through the Application voluntarily or that are collected by the Application in other ways, will be processed by the Data Controller for the following purposes:

1. Purposes concerning the provision of the services requested (such as requests for information, registration, use and sharing of Wi-Fi networks, resolution of issues related to the Application, geolocation, etc.).
   Providing your data for the aforementioned purpose (a) is optional, but the failure to provide such data may render it impossible for the Application to provide the required functionalities. We do not ask your consent for the processing of your personal data for these purposes as "processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract" (see Article 6 (1) (b) GDPR).
2. Purpose of statistical research/analysis on aggregated or anonymous data - without the possibility to identify the user - to measure the functioning of the Application, measure traffic, and evaluate usability and interest.
   GDPR does not apply to the processing activities on aggregated or anonymous data.
3. Purpose of fulfilling the obligations laid down by law, regulation or Community law.
   The provision of your data for the aforementioned purpose (c) is mandatory. Any failure to provide such data would not allow the Data Controller to comply with the obligations laid down by law, regulation or Community legislation.
4. Purpose of communication to other data controllers.
   Only upon your specific and optional consent, which you will be required to provide and that you may revoke at any time, some of your data (e.g. biographical data, connection data, Application usage data, geolocation data, advertisement-id) may be communicated to other Data Controllers, Wiman's commercial partners – for example, operating in the field of telecommunications, finance, publishing, advertising, or performing potential promotional and/or profiling activities, or conducting analysis and market research - for potential promotional and profiling activities, market analysis and research purposes.
5. Dissemination purposes.
   The description of these processing activities is detailed in paragraph 5 of this Privacy Policy.

4. PROCESSING, SECURITY AND LOCATION OF DATA PROCESSING
   Your personal data are processed by the Data Controller - or by third parties specifically selected for their reliability and competence, and appointed as data processors - limited to carry out the purposes indicated above, with electronic means for the time strictly necessary to carry out the purposes for which they were collected.
   Specific security measures are observed to prevent data loss, misuse or incorrect use, and unauthorized access.
   The processing activities related to the features offered by the Application are carried out at the headquarters of the Data Controller; personal data is stored on servers located in the European Union.
5. COMMUNICATION AND DISSEMINATION
   Your personal data may be processed by subjects external to the Data Controller, whose activity is necessary and functional for providing the functionalities of the Application.
   Your personal data may also be communicated to third parties such as:

1. Persons, companies or professional firms that provide assistance and advice to the Data Controller, who are rightly appointed as Data Processors
2. Persons, entities or authorities to whom the disclosure of your personal data is mandatory under statutory provisions or orders of the competent authorities;
3. Subjects and/or entities delegated and/or appointed by the Data Controller to carry out activities strictly related to the pursuit of the above-mentioned purposes (including technical maintenance on systems), duly appointed as Data Processors;
4. Business partners, such as independent Data Controllers, for their own purposes, including commercial purposes. In that case, you will be required to provide specific consent.

Your personal information will not normally be disseminated by the Data Controller. However, Wiman, upon your consent, may, if necessary, disclose some of your data within the Community, as described below:

1. "Leaderboard": Wiman may display your name, last name and picture associated with your profile, the kind of your contribution to the Community, as defined in the END USER AGREEMENT - WIMAN APPLICATION AND SOFTWARE, and a score in order to place you within the "Leaderboard"; such processing activity is optional and you may decide whether or not to activate it through the Application settings;
2. Wiman makes available to Users who share their Wi-Fi network the name, last name, and picture associated with the User profile that connects to such networks, in order to ensure transparency and security for those who grant access to their private networks; by doing so, Wiman gives Users who share their network the possibility to block some or all of the Users from accessing that network. This processing activity is necessary for security reasons and does not require the consent of the data subject. Therefore, if you access a shared network within the Wiman Community, you are aware that the User who makes his own network available will see the described personal information;
3. On the Wi-Fi network map Wiman may display the name, last name and picture associated with the User profile of the User who shares  access to his/her Wi-Fi network with the Community. This processing activity is optional, and if you decide to share your Wi-Fi network, you can decide whether or not to activate it when you share your network ("Public" or "Anonymous" share mode), or to subsequently revoke that choice by doing so in the Application settings.
   Your data may be transferred abroad to countries of the European Union or to countries outside the European Union that have been subject to a decision on their adequacy from the European Commission, or also to countries that have not been subject to such an adequacy decision. In the latter case, however, the transfer of data shall take place on the basis of the existing legislation (GDPR).

6. RIGHTS OF THE DATA SUBJECT
   You have the right at any time to obtain the confirmation from the Data Controller of the existence of your data and to know its content and source, to verify its accuracy or to request its integration or updating, rectification or erasure, to request the restriction of the processing, and data portability (Section 3 of the GDPR). We highlight that the simple removal of the Application from your device does not erase your data from our systems. If you wish for Wiman to erase your data, or wish to exercise any of the other rights regarding the processing of your personal data, you must address your request to the Data Controller by sending an email to: privacy@wiman.me.
7. PROCESSING OF USERS’ DATA BY THIRD PARTY APPLICATIONS THAT USE THE SERVICE
   In addition to Users of the Wiman Community, as defined in the END USER AGREEMENT - WIMAN APPLICATION AND SOFTWARE, there are users who use Wiman's services through third party applications that implement the Wiman SDK. These users only have the option to automatically connect to open Wi-Fi networks and free hotspots as well as to Wi-Fi networks shared by other Community Users, but they do not use other services offered to the Community. With respect to the processing of the personal data of such users by Wiman, only sections 2.3, 2.4, 3 (d), 5 (b), 6, 7, 8, 9 of this Privacy Policy shall apply.
8. MODIFICATIONS TO PRIVACY POLICY
   The Data Controller may modify or simply update this Privacy Policy, in whole or in part, also due to amendments to the laws and regulations governing this matter and protecting your rights. Such changes and updates to the Privacy Policy will be notified to you on the home page of the Application as soon as they are introduced and will be binding as soon as they are published as described. We therefore invite you to visit this section regularly to know the most recent and up-to-date version of this Privacy Policy so as to always be updated with regards to the information we collect and  the use we make of such information.
9. CONTACT
   If you wish to receive any information on the processing of your data by the Data Controller you may send a request to the following address: privacy@wiman.me.

Last update: Jun 2017