- Visitors to our website, www.CaptiveXS.com (the “Site” and such visitors, “Site Users”); and
- RaGaPa customers (“Clients”), who subscribe to one or more WiFi related RaGaPa products and solutions (collectively, the “RaGaPa Service”) accessed and used by our Client’s end-users (“Service Users”).
By using the Site or the RaGaPa Service, you are agreeing to the collection and use of your Information, including Personal Data, in the manner described in this Policy. “Personal Data” means ‘personal data’ or ‘personally identifiable information’, as such terms are defined under applicable data privacy and data protections laws, of individuals such as, but not limited to, your name, zip code, e-mail address and phone number.
RaGaPa complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union and Switzerland to the United States. Please see our Privacy Shield Commitments page for more information.
A. Information Provided to Us and How We Use It
Site Users. If you use the Site to ask that we contact you or provide you information, then we collect contact information, such as your name, company name and email address.
- We use this information to send you the information or materials you requested or to otherwise respond to your inquiry
- We also use this information to notify you of new product offerings by RaGaPa and developments related to the RaGaPa Service, including by sending you our monthly newsletter.
- If you no longer wish to receive these communications, you can follow the unsubscribe mechanism described in the Marketing Choices section of this Policy.
- We use this Client data to administer the Client’s account, provide support, improve the RaGaPa Service and to keep a record of our dealings with the applicable Client.
- We use Information related to a Client’s financial qualifications and billing information to perform credit analysis, to process purchases, for accounting, and to detect and prevent fraud. We do not use this financial information for marketing or promotional purposes.
- RaGaPa may use business email addresses provided by a Client to send newsletters and notify the Client of new product offerings by RaGaPa and to ask the Client about their experience with respect to the subscription to the RaGaPa Service. Clients can elect to not receive these mailings as described below in the Marketing Choices section of this Policy.
Service Users. RaGaPa receives data (“Service User Data”) from Service Users through their use of the RaGaPa Service provided to them by a particular Client. Service User Data may include name, email address, device mac/IP address, demographic information (such as gender, age, and zip code) and information from Client’s customer surveys and/or offers made through the RaGaPa Service. RaGaPa follows the instructions of the applicable Client with respect to the processing of Service User Data.
- RaGaPa processes Service User Data in order to provide the RaGaPa Service and perform its contractual obligations for the applicable Client.
- RaGaPa also may view and access Service User Data to resolve a problem or support issue, to update or enhance the RaGaPa Service, to investigate a suspected violation of the related Client’s user agreement, to provide professional services to the applicable Client, or as may be required by law.
B. Information Automatically Collected and How We Use It
Log Data. We gather certain information automatically and store it in log files when you visit our Site or use the RaGaPa Service, as follows:-
When you visit the Site, this information includes Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We may combine this automatically collected log information with other information we collect about you. We use the information automatically collected from your use of our Site to improve the Site and for services operations purposes (including analytics ), but not to create a profile about you.
When Service Users use the RaGaPa Service, this information includes the device ID/ MAC address, date/time stamp, and clickstream data. RaGaPa uses the information automatically collected from your use of the RaGaPa Service to improve the RaGaPa Service, but not to create a profile about you. We may also compile aggregated statistics about the usage of the RaGaPa Service by Service Users for a particular Client and share such aggregated statistics with the applicable Client.
Cookies. The Site and RaGaPa Service may send your browser cookies– a small piece of data stored on your device’s hard drive. The purpose of the cookies if you are a Site User is to improve your reading of and your search possibilities on the Site.
If you are a Client, the cookies will also manage and control your login and session on those parts of the Site and RaGaPa Service that are only available to Clients.
In addition, we may use Google Analytics for the Site. If we use this tool, it will help us to understand how often users visit the Site and what pages they visit. This Google page further explains how Google uses your data and how you can control the information that is shared by your device when we use Google Analytics on the Site. If you do not want to accept that your device receives and stores cookies, you can alter your security settings on your web browser. However, note that certain parts of our Site and the RaGaPa Service may only be used fully if your browser allows cookies. Thus, your use of the Site and our services may be affected negatively by removing and not allowing cookies.
C. Sharing of Information
RaGaPa may share Information in the following situations:
Service Providers. RaGaPa may contract with other companies to provide services or functionality on our behalf. If we do so, we may share your Information, including Personal Data, with such providers to the extent necessary for their engagement. In all such cases, the service providers’ use of your Information will be contractually limited to uses consistent with this Policy. Examples of such service providers are:
- Payment processors and other third parties which are provided billing information to complete our transactions with you and to detect and prevent fraud or for collections.
- Data storage providers where we may store copies of our database backups. These third parties do not have the right to access such data.
Legal Requirements. We reserve the right to disclose your Personal Data and other Information as required by law such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. With respect to Personal Data collected from your use of our Site, unless we are prohibited by law, we will attempt to notify you of any request to disclose your Personal Data to the authorities or any other party and, where appropriate, refer such requests directly to you. With respect to Personal Data collected from your use of the RaGaPa Service, unless we are prohibited by law, we will attempt to notify the Client which provided you access to the RaGaPa Service of any request to disclose your Personal Data to the authorities.
Successors. If RaGaPa is involved in a merger, acquisition, or sale of all or a portion of its assets, your Information, including Personal Data, may be disclosed and transferred in connection with that transaction. Such transfer would enable due diligence and/or allow the transferee to operate the business. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Data by RaGaPa or such transferee, as well as any choices RaGaPa or such transferee makes available to you regarding your Information.
D. Access to Personal Data (Other than Personal Data of Service Users)
The following terms describe how RaGaPa will respond (unless such response is not required by applicable local law) to the indicated requests regarding your Personal Data (other than Personal Data of Service Users) (“Covered Data”):
Access and Deletion. Upon request we will provide you with information about whether we hold any of your Covered Data.
- If you wish to receive a copy of your Covered Data or to correct, update or request the deletion (assuming that this does not impact services we are providing to you) of your Covered Data, you may contact us using the information below in the Contact Us section of this Policy.
- You may request that we restrict or cease the processing of your Covered Data while we make any corrections which you request.
- If we no longer need your Covered Data to provide services or for other legitimate purposes, you may request that we retain but not otherwise process such Personal Data to the extent needed in order for you to establish, exercise or defend legal claims.
- We will respond to your request to access, update or delete your Personal Data within 30 days. We may reject requests which risk the privacy of others or are unreasonable or repetitive or would require disproportionate effort.
E. Access to Service User Personal Data
We are a data processor or service provider with respect to the Personal Data of Service Users, which is controlled by our Clients. To the extent the Service User Data received from, or collected on behalf of, a particular Client includes Personal Data, such Client is responsible for complying with all privacy laws and regulations applicable to the relevant Service Users and controlling the use of such Service User Data. RaGaPa shall, unless legally prohibited, notify such Client if RaGaPa receives a request from an individual to exercise data subject rights for such Service User Data. RaGaPa will use reasonable efforts to assist such Client for the fulfilment of such a request at Client’s cost.
F. Destruction of Personal Data
Any of your Personal Data that we possess is only stored by RaGaPa as long as it is required for us to keep it in order to fulfill the purposes for which it was collected. It may, however, be necessary to store Personal Data for a longer period due to legal requirements, e.g. for accounting purposes.
G. Other Websites
The RaGaPa Service provides you access to wifi networks which enable you to access the Internet. RaGaPa has no control over the websites which you access, including their privacy and security practices.
I. California Privacy Rights
California law (including the California Consumer Privacy Act or “CCPA”) entitles California residents to certain additional protections regarding personal information. For purposes of this California Privacy Rights section alone, “Personal Data” means any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Please be aware, however, that under the CCPA Personal Data does not include:
- Publicly available information from government records;
- Deidentified, aggregated or anonymized information that is maintained in a form that is not capable of being associated with or linked to a California resident;
- Information excluded from the CCPA’s scope, such as:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; or
- Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994; or
- Information relating to job applicants, employees, contractors and other personnel of RaGaPa or its affiliates.
- information regarding your Personal Data we have collected in the past 12 months (including the categories of Personal Data we have collected, the categories of sources of such Personal Data, and the business or commercial purposes for collecting or, if applicable, selling such Personal Data);
- notice of whether we have disclosed or sold your Personal Data to third parties in the past 12 months (and if so, what categories of Personal Data we have disclosed or sold, and what categories of third parties we have disclosed or sold it to);
- a copy of your Personal Data collected by us in the past 12 months; and
- that your Personal Data be deleted.
|Category of Personal Data||Type of Personal Data Collected||Source(s)|
|I. Identifiers||Site User’s first name, last name, email, home phone number, and mobile phone number||Directly from Site User when Site User completes RaGaPa’s contact form on the Site or sends RaGaPa an email.|
|Site User’s IP address||Indirectly from Site User when Site User accesses the Site.|
|Service User’s first name, last name, zip code, email address, home phone number, mobile phone, number, and birthday||Directly from Service User as enabled by the applicable Client under that Client’s subscription to the RaGaPa Service.|
|Service User’s device ID/ MAC address||Indirectly from Service User when he/she accesses the RaGaPa Service under the applicable Client’s subscription.|
|II. Customer Records Information||Not collected||N/A|
|III. Legally Protected Characteristics||Service User’s age and gender||Directly from Service User as enabled by the applicable Client under that Client’s subscription to the RaGaPa Service.|
|IV. Commercial information||Not collected||N/A|
|V. Biometric information||Not collected||N/A|
|VI. Internet or other similar network activity information||With respect to the use of the Site, page response times, download errors, length of visits to certain pages, and other page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, date and time stamp, and clickstream data.||Indirectly from Site User as part of tracking the normal operation of the Site. If RaGaPa uses Google Analytics on the Site.|
|With respect to the RaGaPa Service, Service User’s clickstream to, through and from the RaGaPa Service (including date and time), videos watched (including view, skip and click on video), and banner ads viewed (including view, skip, or click on banner ad).||Indirectly from Service User as enabled by the applicable Client under that Client’s subscription to the RaGaPa Service.|
|VII. Geolocation data||Service User’s approximate physical location based on the WiFi access point Service User’s device connects to within the applicable Client’s venue under that Client’s subscription to the RaGaPa service.||Indirectly from Service User when Service User first accesses the RaGaPa Service during each visit to the applicable Client’s venue under that Client’s subscription to the RaGaPa Service.|
|VIII. Sensory information||Not collected||N/A|
|IX. Professional or Employment Information||Not collected||N/A|
|X. Education information||Not collected in connection with the use of the Site.||N/A|
|Not collected since [2018-04-03 07:26:07]* in connection with the use of the RaGaPa Service.||N/A since [2018-04-03 07:26:07]. *Prior to [2018-04-03 07:26:07], education level (“High School”, “Graduate”, and similar descriptions) of Service Users on Facebook was collected for Service User’s connecting to the RaGaPa Service via Facebook login.|
|XI. Inferences||Not collected in connection with the use of the Site.||N/A|
|Service User’s clickstream with respect to videos watched (including view, skip and click on video), and banner ads viewed (including view, skip, or click on banner ad).||Indirectly from Service User if content insertion is enabled by Client under the Client Subscription.|
RaGaPa will not discriminate against you if you choose to exercise any of the rights described in this California Privacy Rights section. To make any of the above requests, please contact RaGaPa as set forth in the last paragraph of this California Privacy Rights section. We will need to verify your identity before processing your request. In order to verify your identity, we will generally require the matching of sufficient information you provide us to the information we maintain about you in our systems. Although we try to limit the Personal Data collected in connection with a request to exercise the right to know and/or the right to deletion, certain requests may require us to obtain additional Personal Data from you. In certain circumstances, we may decline a request to exercise the right to know and/or right to deletion, particularly where we are unable to verify your identity. In certain instances, we may be permitted by law to decline some or all of your requests.
Note that RaGaPa will only be able to directly process the above requests in situations where RaGaPa is the “business” under the CCPA, which refers to the entity that determines the purpose and means of information processing. This includes some situations where you provided the relevant information directly to us. However, in many cases we are instead a “service provider” under the CCPA, and are processing Personal Data on behalf of our Client, who provided the information to RaGaPa or on whose behalf RaGaPa is collecting your Personal Data, and our Client, under whose terms you registered for, or accessed, the RaGaPa Service, acts as the “business” under the CCPA. In those situations where RaGaPa is acting as a service provider, we will refer your request to the applicable Client instead.
We will handle any request to exercise your rights in accordance with applicable law. If you wish to exercise any of the rights described above, please email RaGaPa at email@example.com with the subject line “Privacy Rights Request”, or calling: [408-215-4987].
RaGaPa is dedicated to maintain the security of Personal Data in its possession and preventing unauthorized access through the implementation of appropriate technical and organizational measures in its systems, as far as is reasonably possible. Such security measures also include that Personal Data may be accessed only by a limited number of persons within RaGaPa and only the applicable Client from whom you received access to the RaGaPa Service. Our employees are made aware of and must comply with RaGaPa’s security standards. When we occasionally use third-party contractors to perform tasks involving Personal Data that might otherwise be performed by our employees, these contractors are contractually bound to adhere to this Policy and they are subject to similar restrictions as our employees.
K. Do Not Track Signals
Some browsers contain features that signal that the user does not want to be tracked, known as “Do Not Track” or DNT. The Site currently does not respond to such signals.
L. Changes to this Policy
We may change this Policy from time to time. If RaGaPa is going to use your Personal Data in a manner different from that stated at the time of collection, we will advise you of the choices you may have as a result of those changes. We will also post a notice that this Policy has changed, so we encourage you to periodically review this page for the latest information on our privacy practices.
You may direct questions regarding this Policy to firstname.lastname@example.org or via postal mail at 19925 Stevens Creek Blvd Suite 100, Cupertino, California 95014.