Connect to WIFI
Join publicroam
Need help connecting?

Publicroam

Privacy statement

Introduction

First of all, thank you for wanting to use our service, called “Publicroam”. In this document, which we have named the “Privacy Statement”, we explain what data we process from you when you use Publicroam, what we do with this data, how we ensure the security of your data, and what rights you have regarding your privacy.

Our identity

We are Publicroam B.V., located at Driebergseweg 2 in Zeist, the Netherlands, and registered with the Dutch Chamber of Commerce under number 70318433.

The “Publicroam” service

Publicroam is an authentication service for WiFi networks. By using Publicroam for the first time, you create a “Publicroam account” (which can be considered a virtual identity) that allows you to connect safely and easily to WiFi networks of organizations that use Publicroam (hereafter, we call these organizations “guest organizations” and their WiFi networks “WiFi guest networks”).

It is important to understand that Publicroam is not an internet access service or any other (tele)communication service. The Publicroam service only verifies your virtual identity (using your “Publicroam account”) so that you, as a user, can use the guest organization’s WiFi guest network with authentication.

Publicroam and privacy

Publicroam provides the service of access to WiFi guest networks; we do not trade in data. This means that we do not collect and resell personal data and that we do not track you. And that will never happen. The data collected is only necessary for authentication and to ensure that the service works properly. So, no user profiles, no personalized advertisements, and no sneaky business.

Our policy is that personal data is processed and secured carefully. This means that:

  • it is clearly stated for which purposes your personal data are processed;
  • explicit permission is requested to process your personal data in cases where permission is required;
  • the collection of personal data is limited to only the data necessary for the purposes for which they are processed;
  • personal data is not passed on to third parties, unless this is necessary to provide the requested service or when there is a legal obligation to do so;
  • when personal data is shared with third parties, agreements are made to ensure that it is not used for other purposes;
  • appropriate security measures are taken to protect personal data.

Publicroam has agreed with the guest organizations that they carry out their processing in line with the Publicroam policy for processing and securing personal data, as described in this Privacy Statement.

Why using Publicroam increases your security

Publicroam helps ensure security for you, the other users of the WiFi guest network, and the guest organization. Security experts generally advise against using public WiFi networks without such security, because unauthorized persons can then gain access to your device (for example, your laptop, smartphone, or tablet) and the data stored in it too easily.

For your safety, it is therefore recommended to only use public WiFi networks if they use Publicroam or similar security. If you want to know more about the security of Publicroam, please read further under the heading “Security”.

Applicability of this Privacy Statement

This Privacy Statement applies to our processing of your data when using Publicroam. In this statement, we want to provide insight into how the processing of personal data looks when using Publicroam, and therefore we also explain a bit about the processing carried out by the guest organization.

The guest organization can provide more information about how they process your data through their own privacy statement. Agreements in an individual privacy statement must always be in line with the Publicroam policy and the agreements made for processing and securing personal data.

Roles, responsibilities, processed data, and retention periods

Data for which we are responsible

Publicroam account If you register an account with Publicroam to connect to a WiFi guest network of a guest organization, we are responsible for processing the data in your Publicroam account for the purpose of authentication.

This includes the following data:

  • Publicroam username and password
  • Email address
  • Mobile phone number
  • The MAC address of the device you use to connect to a WiFi guest network
  • Times of request and activation of the Publicroam account
  • Organization(s) where the Publicroam account was requested and activated
  • Data about the WiFi guest network being connected to
  • Content and traffic data of SMS messages for requesting a Publicroam account.

Retention period for Publicroam account data: Your Publicroam username and password, email address, mobile phone number, and location/time of account request and activation, are kept for as long as your Publicroam account remains active. You can cancel your Publicroam account at any time. If you do not use Publicroam for 12 months, your Publicroam account will be automatically terminated. Your data will be deleted no later than six months after your cancellation or termination. Other data, including the MAC address and data about the WiFi guest network you are connected to or have attempted to connect to, we keep for a maximum of three months. However, if we are legally required to keep it longer, we will comply with this obligation. Data flagged due to abuse or suspicion of abuse may be kept for as long as necessary to definitively determine if there was abuse and to take any legal action against it.

Support We are also responsible for processing your data if you contact our support. This may include your email address, first and last name, phone number, and other personal data that you provide to us. This data is deleted within 3 months after we consider your request fully handled.

Service messages If you have a Publicroam account, we process data to send you service messages, such as security updates. This may include your email address and your phone number. We keep this data for as long as your Publicroam account remains active. You can cancel your Publicroam account at any time. Your data will be deleted no later than six months after your cancellation.

Newsletter If you choose to receive the Publicroam newsletter, we process your email address. This is kept by us for as long as you are subscribed to our newsletter. You can cancel your newsletter subscription at any time via the link in the newsletter. Data for which the guest organization is responsible

Authentication data for access to the WiFi guest network The guest organization is responsible for processing all authentication data that the WiFi access point (the device that transmits and receives the WiFi signals of the guest network) must process further technically to allow you to use the WiFi guest network. This concerns, for example, the following data:

  • Your Publicroam username
  • The MAC address of the device you use to connect to a WiFi guest network
  • Time and duration of your connection to the guest organization’s WiFi guest network
  • Data about the guest organization’s WiFi guest network that you are connected to or have attempted to connect to

Publicroam and the guest organization have mutual agreements regarding the processing of the authentication data that Publicroam receives from a guest organization. This concerns, for example, the following data:

  • Your Publicroam username
  • Time of your connection to the guest organization’s WiFi guest network
  • Data about the guest organization’s WiFi guest network that you are connected to or have attempted to connect to

Retention period: Authentication data is kept for a maximum of 3 months after the connection to the WiFi guest network is terminated, unless the data must be kept longer to prevent abuse, or when there is a legal obligation to keep this data longer. In the event that the data must be kept longer to prevent abuse, the data will be kept for as long as necessary to act against the reported abuse, and otherwise for a maximum of 3 months.

Purposes and legal grounds for processing

We process your data solely to enable you to connect safely and very easily to the WiFi guest networks of our guest organizations. The legal basis for processing is primarily to perform a contract with you (Article 6, paragraph 1, sub b GDPR). By using Publicroam, you also give permission to process your data in accordance with this Privacy Statement (Article 6, paragraph 1, sub a GDPR). Additionally, we process data based on our legitimate interest to offer Publicroam and to secure our services and the connected WiFi guest networks against unauthorized access and abuse (Article 6, paragraph 1, sub f). If we are required by competent authorities or the law to retain data (Article 6, paragraph 1, sub c), we will comply with our obligation.

We never sell your data

We do not use your personal data for purposes other than allowing you to use Publicroam and the connected WiFi guest networks. We never sell your data to third parties.

Parties engaged by us and confidentiality of your data

All employees of Publicroam must adhere to this privacy statement and handle your data confidentially. If we engage third parties who process your personal data for or on behalf of us, we enter into an agreement (which is called a ‘processor agreement’) to ensure the confidentiality of your data. Examples of third parties we engage who may receive your personal data to process it confidentially for or on behalf of us include a telecom provider through which you receive SMS messages from Publicroam, or a provider of highly secure hosting or data center services.

Anonymous statistics

We may process completely anonymous data to map out the use of Publicroam and the WiFi guest networks in general (at an aggregate level) and to improve these services. We can use this aggregated data, for example, how many users are connected on average in a certain period, in communication with third parties, such as potential customers and the media. This anonymous data can never be traced back to you or any other individual user.

Data storage and security

We take appropriate measures to secure your use of the WiFi guest networks as best as possible. Only employees who need to do so in the context of their work are given access to your data. We take, among other things, the following security measures:

  • Technical, organizational, and physical security measures for access to our own systems, including: o Restrictive access policy based on need-to-know or need-to-process; o Logical access control on our systems, using passwords; o Locks, camera surveillance, and other physical security measures for rooms in which personal data is processed;
  • Technical measures for the security of WiFi guest networks, including: o WPA2-Enterprise and AES support; o IEEE 802.1X with the Extensible Authentication Protocol (EAP); o Routable IP addresses; o VLAN separation.

Inspection, correction, and right to object

If you want to know what data we have stored about you, please contact us via the options mentioned under contact. Please include your mobile phone number associated with an account. We will contact you within 2 weeks. If the overview provided by us contains inaccuracies, you can request us in writing to change or delete the data. We handle your requests or complaints on behalf of the guest organization, unless it concerns an account where abuse has been reported, or where abuse is expected to be reported soon. In that case, the guest organization itself has the option to handle the request or complaint.

Complaints – Data Protection Authority

Should you unexpectedly have a complaint, you can always contact us via our contact details listed at the bottom of this document. In addition, under privacy legislation, you always have the right to lodge a complaint with the Data Protection Authority (Autoriteit Persoonsgegevens) regarding our processing of your personal data. You can contact the Data Protection Authority via publicroam.net/en/autoriteit-persoonsgegevens.

Changes to the Privacy Statement

We may adjust this Privacy Statement if necessary. The latest version will always be available via our website. If you want to stay informed about changes, please check our website regularly. Should we wish to implement a change for which your permission is required, we will, of course, ask for your permission first.

Contact

You can contact us via email and telephone:
support@publicroam.net
+31 (0)30 – 307 44 99