Golioth Location Privacy Policy

Last Updated Date: February 19, 2025

This Golioth Location (“Location”) Privacy Policy ("Location Privacy Policy") describes how Golioth, Inc. ("Golioth," "we," "our," or "us") collects, processes, shares, and stores data in connection with your use of Location, which utilizes Qualcomm Aware Positioning Services (“QAPS”) provided by Skyhook, Inc. (“Skyhook”) for geolocation functionality. This Location Privacy Policy applies solely to the data collected through Location and supplements the Golioth Privacy Policy. If there is a conflict between this Location Privacy Policy and the Golioth Privacy Policy, this Location Privacy Policy shall control with respect to Location.

By using Location, you agree to the collection, processing, and sharing of data as described in this Location Privacy Policy, and you also agree to Skyhook’s Privacy Policy.

For more details about QAPS, please visit here.

1. Data Collected Through Location

When you or your devices use Location, we may collect and process the following categories of data:

1.1 Device and Location Data

  • Geolocation Data: Latitude, longitude, altitude, accuracy, speed, and timestamp of location queries.
  • Device Identifiers: Unique device identifiers, MAC addresses, IMEI numbers, or other identifiers used for positioning services.
  • IP Address: Logged to determine approximate geographic location.

1.2 Usage and Performance Data

  • Log Data: Timestamped logs of API calls, service requests, and system diagnostics.
  • Service Performance Metrics: Data related to the functionality and responsiveness of Location.

1.3 Customer-Provided Data

  • Application and Integration Data: Information about applications and devices that integrate Location.
  • End-User Interactions: Any data you or your end users submit in connection with Location usage.

Location does not collect personally identifiable information unless such information is included in the device identifier or location data by the Customer. Customers must ensure compliance with applicable privacy laws when collecting or submitting data via Location.

2. How We Use Data

Golioth processes data collected through Location for the following purposes:

  • Provide Location: Enable accurate geolocation services through QAPS and Skyhook.
  • Maintain and Improve Location: Analyze performance, troubleshoot issues, and enhance service accuracy.
  • Ensure Security and Compliance: Detect fraudulent activity, enforce usage policies, and comply with legal obligations.
  • Generate Aggregated or Anonymized Insights: Develop analytics, reports, and service improvements without identifying individual users.

Golioth does not use Location data for targeted advertising or profiling.

3. Data Sharing and Disclosure

We share Location data with the following parties for the purposes outlined above:

3.1 Third-Party Service Providers

  • Qualcomm: Location queries are processed by QAPS for positioning services.
  • Cloud Infrastructure Providers: Location operates on third-party cloud services that process and store data securely.

3.2 Compliance with Legal Obligations

We may disclose Location data as required by law, including in response to subpoenas, legal requests, or regulatory inquiries.

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, Location data may be transferred as part of the transaction, subject to the same privacy protections.

4. Data Retention

  • Location Data: Retained only as long as necessary to provide Location functionality.
  • Aggregated/Anonymized Data: May be stored indefinitely for service optimization.
  • Log and Performance Data: Retained only as long as necessary for debugging and compliance purposes.

Customers may request deletion of certain data in accordance with applicable laws by contacting privacy@golioth.io.

5. Customer Responsibilities

If you integrate Location into your applications or services, you must:

  • Obtain Consent from End Users: Ensure that users understand and agree to location data collection and tracking, and include a link to this Privacy Policy and Skyhook’s Privacy Policy.
  • Provide Transparent Privacy Notices: Inform users about how their location data is collected, used, and shared.
  • Comply with Privacy Laws: Adhere to GDPR, CCPA, and other applicable regulations when processing personal data.
  • Implement Security Measures: Protect location data from unauthorized access, misuse, or disclosure.

Golioth is not responsible for how Customers or end users handle data outside of Location.

6. Data Security

Golioth implements industry-standard security measures to protect Location data, including:

  • Encryption: Location data is encrypted in transit and at rest.
  • Access Controls: Restricted access to authorized personnel and systems.
  • Monitoring & Logging: Regular audits and monitoring for security threats.

Despite our efforts, no system can be completely secure. Customers should implement their own security controls to protect data.

7. International Data Transfers

Location data may be processed and stored in the United States and other countries where we or our service providers operate. By using Location, you acknowledge that your data may be transferred to jurisdictions with different privacy laws than your own.
For transfers from the European Economic Area (EEA) or UK, we rely on Standard Contractual Clauses (SCCs) or other legal mechanisms.

8. Rights and Choices

Depending on your location, you may have rights under applicable privacy laws, including:

  • Access & Portability: Request a copy of the data we process.
  • Correction: Request updates to inaccurate or incomplete data.
  • Deletion: Request deletion of certain data, subject to legal retention requirements.
  • Objection & Restriction: Limit how we process your data in specific circumstances.

To exercise these rights, contact us at privacy@golioth.io.

9. Changes to this Location Privacy Policy

We may update this Location Privacy Policy from time to time. If we make material changes, we will notify you via email or through Location. Continued use of Location after changes take effect constitutes acceptance of the updated terms.

10. Contact Information

If you have any questions about this Location Privacy Policy, please contact us at:

Golioth, Inc.

548 Market Street, PMB 73345 San Francisco, CA 9410

Email: privacy@golioth.io