Last updated: March, 2020
To deliver the Mapiq smart building platform to our users and to give you the best buyer experience, we need to process personal information. Your name and business email address for example. In this privacy policy we explain how we use that information, how we safeguard that information, and how you can contact us for queries about your personal information. This document explains in non-technical terms how Mapiq makes sure your data is safe and how we comply with the latest privacy regulations (the GDPR).
This document is targeted towards all individual web visitors and Mapiq users. However, in case you are a user, please note that Mapiq is a product that is made available through your company or organization. That means that your company or organization has an agreement with us that states who can use Mapiq, what features are enabled and what information is being processed by Mapiq. Therefore, your own company’s service desk or privacy officer is a good starting point if you have any questions or privacy concerns about Mapiq. Feel free though to contact us directly at privacy@mapiq.com if there is anything we can help you with.
Personal data is all data that tells us something about you or that can be linked to you as a person. For example, when you log on to Mapiq with your corporate or institutional account Mapiq receives your name, email address and additional business contact information. A room reservation that you create within the Mapiq application becomes part of your personal data as well, as it is linked to you as a user. Your personal data might also exist of technical details, like your computer’s IP-address that is used to log on to the Mapiq web service.
In contrast to personal information Mapiq also handles anonymous information. The occupancy status of a room or flex desk that is measured with a sensor is no personal data, as Mapiq cannot link that data to who is keeping the room or workplace occupied.
In summary, personal information is all information that we have that links to you as a person.
The goal of our Mapiq product is to give you a great and efficient day at work. Processing personal data is part of that and should always serve your interests.
We care for your private data. That means that we see it as our responsibility to keep your data secure, to handle your data according to the privacy laws and to only allow access to your data to systems or persons that have the right and need to access it. The Mapiq company is ISO-27001 certified, which means that we have security policies in place that are regularly verified by an independent external auditing party.
You are in control. Mapiq does not own the data we have on you. We handle (process) your data on behalf of your company or organization (that purchased the Mapiq service). We can only use your data for the purposes described in the agreement with your organization. Features of Mapiq that allow you to share information with your colleagues (such as our colleague-finding feature) are only enabled after you opt-in for that feature. You can opt-in and opt-out as frequently as you want. If you want to know what data Mapiq has on you, if you see that your data is incorrect, or if you want your data to be removed entirely we are happy to help you.
We only use your data for the intended purpose. That means that Mapiq uses personal data only to deliver and improve the Mapiq functionality and to keep Mapiq performing and secure.
Mapiq has personal data of the people that use Mapiq. That data is first transferred to Mapiq when you log on to Mapiq for the first time. Using a process called Single Sign On, your organization sends us the required information to log you on and get you started with Mapiq. That means that Mapiq only receives your personal data when you start using the Mapiq service.
Further, Mapiq may receive your personal data when you contact us directly, for instance when you create a support request or contact us by phone.
Mapiq provides integrations with technical systems that your organization owns or maintains. For example, we may integrate with a room booking system to provide convenient meeting room reservations, or we may integrate with the Wi-Fi network to provide location-based services. It can happen, that the system that we integrate with also provides us with personal data of people who are not actively using Mapiq. That means that Mapiq receives more information than it asks for and strictly requires. When this happens, the non-required data is disposed directly upon receival, to ensure that we do not store personal data from non-Mapiq users.
We only use your data for the intended purpose. That means that Mapiq uses personal data only to deliver and improve the Mapiq functionality and to keep Mapiq performing and secure.
This is the basic personal information that we receive from your organization when you log on to Mapiq, like:
We use this information to:
Using Mapiq may generate new personal information, as the new data can be linked to you as a user:
We use this information to:
Data that is generated during the use of Mapiq (bookings, a profile picture, your last known location) are all stored with the purpose of delivering that exact functionality. We need to store bookings to correctly manage concurrent reservations and we need to store your profile picture if you have chosen to set one to personalize your Mapiq experience. A special note on last known location is that we only store a single last known location, and only if you have opted in for localization. Location data is erased after 24 hours.
This category of data varies from customer to customer, but the purpose for receiving the data is generally the same. When connecting to a system of your organization, it may be necessary for your organization to deliver additional personal data to correctly match your data within that system. This is best explained by a real-life example.
Mapiq offers integration with smart lockers. That means that you can use the Mapiq application to find and claim an available locker, and to open it using the Mapiq application. Your organization’s locker system may be designed to use your badge number to uniquely identify you as the owner of the locker. For Mapiq to integrate with that system, it will need to also know that badge number to claim a locker on your behalf.
Since it differs from customer to customer it is not possible to exactly specialize this category of data in this privacy policy. This type of data is governed by the data processing agreement between Mapiq and your organization, which assures that Mapiq can only use the data for the purpose intended by your organization.
We store personal data no longer than required by law and no longer than required to deliver the Mapiq services. Retention varies between 24 hours (location data) and the duration of the subscription your organization has with Mapiq.
When your organization decides to stop their Mapiq subscription, your organization has two options to choose from:
In general, we do not share your data with other organizations unless there is a valid and legitimate reason. We do or may share your information with:
Technical and organizational security is an important aspect of keeping your data secure. The Mapiq company is an ISO-27001 certified company. ISO-27001 is an international standard on information security. If defines both technical and organizational measures that a company should implement to ensure security throughout all business processes: from hiring staff, to software development and hosting a service.
Although the ISO standard is much broader than the few examples we can give here, the following should give an idea of the aspects of caring for your data:
Our information security standard is audited by an external auditor on a yearly basis.
Privacy awareness amongst our personnel is an important aspect of caring for your data. All Mapiq employees have signed a confidentiality agreement. Only Mapiq employees that require access to personal data to fulfill their jobs (for instance our service administrators) can access personal data.
You have the right to ask us:
Mapiq processes personal data on behalf of your organization, who have taken a subscription to Mapiq. To streamline communications, the best starting point for such a request would be your own organization’s service desk or privacy officer.
Nevertheless, you may always directly contact us at privacy@mapiq.com for such a request. By emailing to this address, a service ticket is created that will be handled by our support staff. Together with your organization we will then make sure to have your request handled within two weeks.
We are happy to answer any questions you may have on privacy or your personal data. Feel free to contact us at privacy@mapiq.com.