Your privacy is important.
Privacy Policy
Minim, Inc., MTRLC LLC, & Cadence Connectivity, Inc.
EFFECTIVE DATE: December 28, 2022
1. Introduction
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) narrowly tailors the data they collect / process. The choice to opt-out from or a failure to opt-in to data collection / processing will prevent use of the Minim Solution because Minim will not be able to access data necessary for the Minim Solution to operate properly.
- The choice to opt-out from or a failure to opt-in to data collection / processing in the course of signing up for the Minim Mobile Application may not prevent, terminate or otherwise interrupt data collection / processing by your Internet Service Provider. If you have questions about what data your Internet Service Provider is collecting / processing you should contact them directly.
2. Scope
- This Privacy Policy (“Policy”) describes processing of information provided or collected on the sites and applications where this policy is posted, whether on our website or applications we make available on third-party sites or platforms. This policy also describes the principles relating to the collection, processing, use, retention, and disposal of Personal Data or Personally Identifying Information that are applied by Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”)
- This Policy is posted publicly on https://www.minim.com/privacy as well as https://www.motorolanetwork.com/privacy, and is also included in Minim’s Terms of Service, which can be found at the:
- Privacy Policy Link: https://www.motorolanetwork.com/privacy
- Terms: https://www.motorolanetwork.com/terms
- More specifically, the Policy covers:
- NOTICE with respect to various items, as such is required due to Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) participation in the Privacy Shield Program.
- The method and process by which a User may CHOOSE to object to Minim’s collection or processing of their Personal Data or PII.
- The Onward Transfer of Personal Data or PII Minim collects or processes.
- Minim’s methods and processes for COLLECTING, SECURING, PROCESSING, RETENTION, AND DISPOSAL of Personal Data or PII.
- The methods and processes Minim employs to ensure the INTEGRITY of Users’ Personal Data or PII that the Company collects or processes.
- The PURPOSE for which Minim collects and processes Personal Data or PII from Data Subjects.
- The method and process by which a User may ACCESS their Personal Data or PII.
- The activities, methods and processes that Minim deploys to build CONFIDENCE and empowers Users to take RECOURSE through mechanisms that relate to Minim’s collection and / or processing of Personal Data or PII.
3. Children under 18
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) Site and Services are not designed for children under 1813. If Minim discovers that a child under 18 has provided us with personal information, Minim will delete such information from our systems
4. How to Contact Us About this Policy
- Please contact us at privacy@minim.com regarding Minim, Inc. and/or Cadence Connectivity, Inc. and dataconsent-complaints@motorolanetwork.com regarding MTRLC LLC if you have any questions about this Policy.
5. Privacy Related Statements
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) classifies PII as confidential information.
- As a Data Controller and/or Data Processor, Minim is responsible for establishment and proper application of this Policy.
- To meet the European Union law requirements that PII transferred from the EU to the United States be adequately protected, Minim adheres to the Privacy Shield Principles.
- Where necessary, Minim may enter into the ‘Standard Contractual Clauses’ with customers to ensure that they are able to operate legally in their local jurisdiction.
6. Consent
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) collects and processes PII only where a Data Subject’s consent has been received or as a result of another legal basis.
- Minim seeks to obtain appropriate permission from a parent or legal guardian before accepting consent for the collection or processing of Personal Information from children ages 17 and under.
7. Purpose of Collection and Processing / Use
- General Purpose
-
- The general purpose of Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) collecting and / or using / processing PII is to provide and improve the Minim Website and Minim Solution, which it provides to its customers and, as may be applicable, its customer’s subscribers, to administer use of the Minim Solution by the same (including accounts, if customer is an account holder), and to enable the same to enjoy and easily use the Minim Solution.
- Information Categories and Specific Purpose
-
- Minim collects and processes certain categories of Personal Data for the purposes set forth below:
Table 1. Information Categories
|
What We Collect
|
How We Use It
|
Why We Collect It
|
1
|
End User / Customer Data
|
- To create and secure user accounts on the Minim solution;
- Identify users in our system; Provision of services or products
|
Performance of contract or required proof prior to entry into contract
GDPR - (point (b), Art. 6(1))
|
2
|
End User / Customer Metadata
|
- Provision of services or products
|
Performance of contract or required proof prior to entry into contract
GDPR – (point (b), Art. 6(1))
|
3
|
Personal data used for direct marketing
|
|
Data subject consent
GDPR - (point (a), art. 6(1))
|
4
|
Prospective Customer (legal entity)
|
|
Data subject consent
GDPR - (point (a), art. 6(1))
|
5
|
Third parties (suppliers, distributors, etc.) contact data
|
- Customer service, Provision of services or products
|
Performance of contract or required proof prior to entry into contract
GDPR - (point (b), art. 6(1))
|
6
|
Candidates for employee data
|
|
Data subject consent
GDPR - (point (a), art. 6(1))
|
7
|
Employee data
|
|
Legal obligation
GDPR - (point (c), art. 6(1))
|
c. More specifically, Category 1 Data includes, but may not be limited to, the following types:
-
-
- End User / Customer Account Information. If a Data Subject creates an Account, Minim collects certain information that can be used to identify the customer, which such information may include, but is not limited to, personal, device and device profile names (meta-data related to the same) and contact information. This information includes:
- First Name, Last Name and Middle Name
- Email address
- Phone number
- Device IMEI and serial number (if applicable)
- Device MAC address and serial number (if applicable)
- Information provided for authentication
- End User / Customer Network Information. If a Data Subject uses the Minim Solution, Minim collects certain information about how the Minim Solution is used, which such information includes: connected device information; network connection information; mesh network information; network router information; internet provider information and network management information.
- End User / Customer Website Application Use and Device Information. If a Data Subject uses the Minim Solution, Minim collects certain information about how the Minim Solution is used, which such information includes: device identifiers, device configuration information, what objects on the website application the Data Subject interacts with; the frequency and duration that a Data Subject spends engaging with various parts of the website application.
- End User / Customer Mobile Application Use and Device Information. If a Data Subject uses the Minim Solution, Minim collects certain information about how the Minim Solution is used, which such information includes: device identifiers, device configuration information, mobile application use information and mobile device location information. When a customer uses our mobile application, Minim may collect and store information about the customer’s location by converting his or her IP address into a rough geo-location or by accessing the customer mobile device’s GPS coordinates or approximate location if the customer enables location services on his or her device. Minim may use location information to improve and personalize our services for customers. If customer does not want us to collect location information, he or she may disable that feature on the mobile device. The customer agrees and acknowledges that it has been informed about this the foregoing.
d. More specifically, Category 3 and 4 data include, but may not be limited to, the following types:
-
-
- Website & Email Use Information. If a Data Subject visits websites maintained by Minim or opens an email sent by Minim, Minim collects certain information, using Cookies and Web Beacons, about how a person interacts with the website or the email, which such information includes: what objects on a website / email the Data Subject interacts with; the frequency and duration that a Data Subject spends engaging with various part of a website / email.
e. Note: If you are using Minim's app thru your ISP, you need to refer to that respective ISP's privacy policy regarding their utilization of your data (including Personal Information and/or Sensitive Personal Information).
8. Protection of Personal Data and PII
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) takes reasonable administrative, physical and electronic measures designed to protect Personal Data and PII from unauthorized or unlawful processing and against accidental loss, destruction or damage.
- More specifically, these measures include, but may not be limited to:
-
- Compartmentalized Digital Access
- Encryption at Rest
- Encryption in Transit
- Restricted Digital Access and
- Restricted Physical Access
9. PII Retention Periods and Protection Protocols
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) acts as a Data Processor for Data Controllers. Such processing and any retention periods and protection protocols associated therewith may be subject to the terms of Minim's contractual arrangements with those Data Controllers and any additional requirements or restrictions that result from the doing business in the jurisdictions in which an applicable Data Controller is located.
- Minim retains and protects PII as set forth below:
Table 2: PII Retention Periods and Protection Protocols
Information Category
|
PII Type
|
Retention Period
|
Protection Protocols In Use
|
1
|
End User / Customer Account Information
|
For the life of the Account plus seven (7) years, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim and MTRLC LLC is processing data
|
Compartmentalized Digital Access, Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
1
|
End User / Customer Network Information
|
Seven (7) years, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim and MTRLC LLC is processing data
|
Compartmentalized Digital Access, Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
1
|
End User / Customer Website Application Use and Device Information
|
Seven (7) years, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim and MTRLC LLC is processing data
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
1
|
End User / Customer Mobile Application Use and Device Information
|
Seven (7) years, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim and MTRLC LLC is processing data
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
2
|
End User / Customer Meta data
|
As long as necessary to achieve the purpose set forth in Section 3.1
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
3
|
Personal data used for direct marketing
|
As long as necessary to achieve the purpose set forth in Section 3.1
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
4
|
Prospective Customer (legal entity)
|
As long as necessary to achieve the purpose set forth in Section 3.1
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
5
|
Third parties (suppliers, distributors, etc.) contact data
|
As long as necessary to achieve the purpose set forth in Section 3.1
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
6
|
Candidates for employee data
|
One year
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
7
|
Employee data
|
As long as necessary to achieve the purpose set forth in Section 3.1
|
Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access.
|
10. Sharing with Third Parties / Onward Transfer of Personal Information / PII / Third Party Collection
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) will appropriately manage and coordinate the onward transfers of PII to third parties in accordance with this Policy.
- Minim will not sell, share or otherwise distribute PII to third parties except as provided in this Policy.
- Minim will not directly disclose the identity of any person except as provided in this Policy.
- PII may be transferred to third parties who act for or on Minim behalf and that are contracted to:
-
- not sell the PII to third parties and
- not disclose the PII to third parties (except as may be required by law, as permitted by us or as stated in this Privacy Policy).
- If Minim has knowledge that Data Processor is processing PII provided to it by Minim in a manner contrary to this Policy, it will take all reasonable steps to prevent or stop the processing.
- In accordance with its obligations under the Privacy Shield Principles, under certain circumstances, Minim may remain liable for the processing of PII by Data Processors and the onward transfer thereof.
- Notwithstanding the above, Minim may also share PII as follows:
-
- If Minim is acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if its assets are acquired by a third party in the event Minim and MTRLC LLC goes out of business or enters bankruptcy, some or all of its assets, including PII, may be disclosed or transferred to a third-party acquirer in connection with the transaction;
- Minim will cooperate with government and law enforcement officials or private parties to enforce and comply with applicable law(s). As a result, Minim and MTRLC LLC may disclose information about a Data Subject to government or law enforcement officials or private parties that Minim and MTRLC LLC, in their sole discretion, believes are necessary or appropriate;
- to respond to claims, legal process (including subpoenas);
- to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; or
- to stop any activity that Minim, in their sole discretion, believes is illegal, unethical or legally actionable activity; or
- in response to other lawful requests by public authorities, including to meet national security or law enforcement requirements.
- The Minim Solution may contain links to third-party websites and applications that collect and process your Personal Information / PII. Minim is not responsible for the privacy policies or practices of such third parties. You should carefully read and review the privacy policies and practices of such third parties.
- Where necessary, Minim may enter into the ‘Standard Contractual Clauses’ with customers to ensure that they are able to operate legally in their local jurisdiction.
11. Data Subject Rights
- Unless otherwise specified, references to "Minim" in this section collectively refers to Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc.
- Access
- Data Subjects have the right to access PII that is collected from them and processed by Minim and to obtain information, free of charge, on the sources and the type of the PII that has been collected, the purpose of processing of such PII and the data recipients to whom the PII are disclosed or have been disclosed by Minim in connection with the Minim Solution, and other related information.
- Data Subjects may request this access for Minim, Inc. and Cadence Connectivity, Inc. by emailing dataconsent@minim.com or MTRLC LLC access requests to dataconsent@motorolanetwork.com.
- Minim shall reply not later than 30 calendar days from receipt of such an access request in writing and shall provide the requested information or justification for the refusal to grant the request of the data subject.
- Upon the request of the data subject, such information must be provided by Minim in writing.
- Under California's "Shine the Light" law, California residents who provide Personal Information in obtaining products or services for personal, family or household use are entitled to request and obtain from Minim once a calendar year information about the PII we have shared, if any, with other businesses for their own direct marketing purposes. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g. requests made in 2022 will receive information regarding 2021 sharing activities).
- To obtain this information, please send an email message for Minim, Inc. and Cadence Connectivity, Inc. to dataconsent@minim.com or for MTRLC LLC to dataconsent@motorolanetwork.com with "Request for California Privacy Information" on the subject line and in the body of your message. We will provide the requested information to you at your e-mail address in response. Please be aware that not all information sharing is covered by the "Shine the Light'' requirements and only information on covered sharing will be included in our response.
- Correction / Rectification
- If the Data Subject finds out that PII that has been collected from them by Minim, Inc. and Cadence Connectivity, Inc. and/or MTRLC LLC is incorrect, incomplete or inaccurate, he or she may contact Minim, Inc. and Cadence Connectivity, Inc. by emailing dataconsent@minim.com or MTRLC LLC at dataconsent@motorolanetwork.com.
- Minim will then review the data elements at issue and rectify any incorrect, incomplete and inaccurate PII without delay and/or suspend processing of such PII, except for the purpose of storage, or provide a written explanation to the data subject describing why such efforts were not necessary.
- Minim may keep archive copies of such data if doing so is necessary to fulfill contractual obligations to the data subject and/or if it is required by applicable law or regulation (for example, for accounting purposes, cybercrime investigation, etc.).
- Erasure / Right to be Forgotten
- A Data Subject may request that Minim erase some or all of his or her PII from Minim’s systems by emailing Minim, Inc. and Cadence Connectivity, Inc. at dataconsent@minim.com or MTRLC LLC requests to dataconsent@motorolanetwork.com.
- Such erasure may prevent the Data Subject from successfully accessing, using or benefiting from the Minim Network Solution.
- If Minim discovers that Personal Information / PII of a child under the age of 18 has been submitted without verifiable parental consent, we will immediately delete such Personal Information / PII.
- Restriction of Processing
- A Data Subject may ask Minim, Inc. and/or Cadence Connectivity, Inc. and/or MTRLC LLC to restrict further processing of his or her PII by emailing Minim, Inc. and Cadence Connectivity, Inc. at dataconsent@minim.com or MTRLC LLC at dataconsent@motorolanetwork.com.
- Such processing restrictions may prevent the Data Subject from successfully accessing, using or benefiting from the Minim Solution.
- Portability
- A Data Subject may ask for a copy of his or her PII from Minim, Inc. and/or Cadence Connectivity, Inc. and/or MTRLC LLC in a machine-readable format by emailing Minim, Inc. and/or Cadence Connectivity, Inc. at dataconsent@minim.com or MTRLC LLC at dataconsent@motorolanetwork.com.
- He or she can also request that Minim, Inc. and/or Cadence Connectivity, Inc. and/or MTRLC LLC transmit the data to another controller where technically feasible by emailing Minim, Inc. and/or Cadence Connectivity, Inc. at dataconsent@minim.com or MTRLC LLC at dataconsent@motorolanetwork.com.
- Objection
- A Data Subject may contact Minim, Inc. and/or Cadence Connectivity, Inc. via email at dataconsent@minim.com or MTRLC LLC by emailing dataconsent@motorolanetwork.com to let Minim know that he or she objects to the further use or disclosure of his or her PII for certain purposes, such as for direct marketing purposes or for the purposes of the legitimate interests pursued by the Data Controller or by a third party.
- Right to File Complaint
- A Data Subject may appeal the validity or appropriateness of Minim, Inc. and/or Cadence Connectivity, Inc. and/or MTRLC LLC actions (either as a Data Controller or Data Processor), to the appropriate Supervisory Authority or enforcement agency within three months of receipt of the refusal to grant the request or within three months of the date when the period imposed by applicable law or regulation for giving a reply (if any) expires.
- In order to avail himself or herself of the rights set forth in this section, the Data Subject must provide a valid identity document or otherwise verify his or her identity according to applicable laws or through electronic means of communication, which must provide reliable identification of the person.
- Minim has registered with JAMS to serve as its third party alternative dispute resolution provider for Data Subject complaints. Data Subjects may seek recourse with JAMS free of charge.
12. Privacy Related Notices and User Rights
- As noted above, Minim collects, processes, etc. certain types of Personal Data and PII from Users.
- Regarding their Personal Data and PII, Users have the right to:
- Access their Personal Data and PII
- Rectify (Correct) their Personal Data and PII
- Erasure (Forgotten) of their Personal Data and PII, under certain circumstances
- Restrict Processing of their Personal Data and PII
- Data Portability of their Personal Data and PII
- Object to the processing of their Personal Data and PII
- Not be subject to Automated Decision-Making and Profiling
- Minim may, under certain circumstances and in accordance with the below, transfer onward certain User Personal Data or PII that it collects and or processes to certain parties.
- Minim is, under certain circumstances and in accordance with the below, liable in cases of onward transfers to third parties.
- Minim is subject to the investigation and enforcement powers of the Federal Trade Commission and, as may be applicable, other U.S. authorized statutory bodies.
- Minim may, under certain circumstances and in accordance with the below, disclose Personal Data and PII in response to lawful requests by public authorities.
- Users may, as specified below, contact Minim with respect to inquiries complaints, including any relevant establishment in the EU that can respond to such inquiries or complaints.
- Users may, under certain conditions and in accordance with the below, invoke binding arbitration.
13. Enforcement and Dispute Resolution
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) comply with the Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, processing / use, and retention of Personal Data transferred from the European Union to the United States.
- Minim has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles.
- The Federal Trade Commission (FTC) has jurisdiction over Minim’s compliance with the Privacy Shield.
- If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
- To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
- In compliance with the Privacy Shield Principles, Minim commits to resolve complaints about our collection or use of your PII.
- Individuals residing in the EU, United Kingdom, Lichtenstein, Norway or Iceland (collectively, “EU Residents”) who have inquiries or complaints regarding our Privacy Shield policy should first contact Minim via email at privacy@minim.com.
- Minim does not currently collect or transfer human resources data from the EU in the context of the employment relationship. If and when this business practice changes, Minim will further commit to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.
- If a Data Subject does not receive timely acknowledgement of his or her complaint, or if a complaint is not satisfactorily addressed, as a last resort and in limited situations, EU Residents (other than employees of Minim) may seek redress from the ICDR/AAA Privacy Shield Program, which is a binding arbitration mechanism.
- Minim has registered with JAMS to serve as its third party alternative dispute resolution provider for Data Subject complaints. Data Subjects may seek recourse with JAMS free of charge.
14. Updates
- Minim, Inc. and its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) periodically reviews and may, as necessary and/or appropriate, make updates to this Policy.
- Minim will provide notice of updates to this Privacy Policy by posting them on our website, on our web application or mobile application, by sending an email to relevant Data Subjects or by undertaking other notification methods.
- Upon each material update, the Version Date set forth above will also be updated.
15. Terms and Definitions
Defined Terms:
“Account” means a record in systems controlled by Minim, Inc. and/or its wholly owned subsidiaries MTRLC LLC and Cadence Connectivity, Inc. (collectively "Minim”) that enable the use of the Minim Solution.
“Compartmentalized Digital Access” means that information subject to this protection protocol may not be accessed in its entirety by a single privilege set.
“Cookies” are small text files that are placed on a customer device by a web server when a customer or end user accesses the Minim Solution.
“Data Controller” means the natural or legal person, public authority, agency or other body which alone, or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by the European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Data Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of a Data Controller.
“Data Subject” means any individual whose personal data is being collected, maintained or processed.
“Encryption at Rest” means a method of storing information where the information is encrypted.
“Encryption in Transit” means a method for sending and receiving information where the information is encrypted.
“General Data Protection Regulation” or “GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
“Minim Solution” means the combination of software and services, including the Motosync application, provided by Minim to secure and manage a WiFi network belonging to a customer or end user.
“Minim Website” means the website located at minim.com.
“Motosync” refers to the Motosync application provided by Minim to secure and manage a WiFi network belonging to a customer or end user. More information is located at motorolanetwork.com/pages/motosync.
“Motorola Website” means the website locate at motorolanetwork.com.
“Personal Data” means information relating to an identified or identifiable Data Subject and can refer to a Data Subject’s name, his or her home address, publications on social networks, etc.
“Personally Identifiable Information” or “PII” means Personal Data where it, directly or indirectly, by way of particular reference to an identifier such as a name, identification number, location data, online identifier or to one or more factors specific to an individual (e.g., physical, physiological, genetic, mental, economic, cultural or social) can be used to identify a specific Data Subject.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Restricted Digital Access” means instances where digital access to data is restricted to certain users based on rights or privileges in a system that the user must use credentials, tokens or other such security artifacts to access.
“Restricted Physical Access” means instances where physical access to systems on which data is restricted to persons based on the rights or privileges the person uses credentials, keys, cards or other such security artifacts to gain access.
“Supervisory Authority” means an independent public authority which is established by a European Union Member State pursuant to GDPR Article 51. Other terms and definitions used in this policy have the same meaning as in International Standard ISO/IEC 27000 “Information technology – Security techniques - Information security management systems-Overview and vocabulary.”
“Web Beacon” means a small piece of information or data stored on your computer or mobile device that are used to determine your preferences and track your search terms and other behaviors or activities as you navigate around the Internet.
Note: Capitalized terms that are not defined herein will have the meanings set forth in those Terms of Service
California Resident Privacy Notice
EFFECTIVE DATE: December 28, 2022
This California Resident Privacy Notice supplements the privacy policy of Minim, Inc. and its wholly owned subsidiaries MTRL LLC and Cadence Connectivity, Inc. (collectively "Minim”) and applies to California residents from whom the company collects Personal Information and/or Sensitive Personal Information (both as defined below) on our own behalf or on behalf of companies that have contracted with Minim to deliver services to others, including California residents.
1. Definitions
- “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, or as otherwise defined by the CCPA or the CPRA, except such information that is (i) lawfully made available from government records, (ii) de-identified or aggregated, (iii) information made publicly available by the consumer or information from widely distributed media, (iv) lawfully obtained, truthful information that is a matter of public concern or (v) otherwise excluded from the scope of the CCPA or CPRA.
- "Sensitive Personal Information" means information that reveals:
- social security, driver’s license, state ID, or passport numbers;
- account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;
- precise geolocation;
- racial or ethnic origin, religious or philosophical beliefs, or union membership;
- contents of a consumer’s mail, email and text messages, unless the business is the intended recipient of the communication; genetic data;
- genetic data;
- biometric data processed for the purpose of uniquely identifying a consumer;
- personal information concerning a consumer’s health; or
- personal information concerning a consumer’s sex life or sexual orientation.
- “CCPA” means the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.199) and its implementing regulations, as such may be amended or superseded from time to time.
- “CPRA” means the California Privacy Rights Act of 2020 and its implementing regulations, as such may be amended or superseded from time to time. The CPRA amends existing provisions of Title 1.81.5 of the California Civil Code (currently known as the CCPA) and adds new provisions.
2. Method of Collection of Personal Information and/or Sensitive Personal Information
- Like the CCPA, the CPRA requires that businesses provide consumers with certain information at or before the point of collecting personal information (Notice at Collection). The CPRA increases the amount of information that must be provided in that notice. In addition to the categories of personal information to be collected and the purposes for which the personal information is used, the CPRA will require that the Notice at Collection also include:
- Whether the collected personal information is sold or shared.
- If the business collects sensitive personal information (including the ‘categories’ and ‘purposes’ for which such info will be used).
- The length of time the business intends to retain each category of PI, including sensitive PI (if it is not possible to provide specific lengths of time, the business must disclose the criteria it uses to determine such period).
- In the preceding twelve (12) months, Minim HAS collected Personal Information from you via the devices you have that operate Minim software (e.g., the Minim website, the Minim mobile app, network access points running Minim software).
- In the preceding twelve (12) months, Minim HAS NOT collected Sensitive Personal Information from you via the devices you have that operate Minim software (e.g., the Minim website, the Minim mobile app, network access points running Minim software).
3. Collection, Sale, and Sharing of Personal Information and/or Sensitive Personal Information
- In the preceding twelve (12) months, Minim has only Collected, Sold, and/or Shared Personal Information with our Service Providers and Contractors as set forth in Table 1.
- Note that to be clear:
- Minim currently HAS NOT Sold and/or Shared Personal Information from you with Third Parties.
- Minim currently HAS NOT Collected any Sensitive Personal Information from you.
- Minim currently HAS NOT Sold and/or Shared Sensitive Personal Information from you with Third Parties.
Table 1
|
Information Type
|
Collected
|
Sell
|
Share
|
1
|
Geolocation Data (e.g., precise geolocation)
|
No
|
No
|
No
|
2
|
Common Identifiers (e.g., first name, internet protocol address, email address)
|
Yes
|
No
|
No
|
3
|
Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;
|
No
|
No
|
No
|
4
|
Online Behavior Information (e.g., browsing history, search history, service interaction history, preference profiles, behavioral profiles)
|
Yes
|
No
|
No
|
5
|
Commercial Information (e.g, purchase history, consumption history, usage history)
|
Yes
|
No
|
No
|
4. Purpose of Use of Personal Information and/or Sensitive Personal Information
- Minim may Collect and Share your Personal Information in accordance with the following business and commercial purposes with our Service Providers and Contractors. (Note that to be clear, Minim currently HAS NOT Sold and/or Shared any Personal Information from you with Third Parties; Minim currently HAS NOT Collected any Sensitive Personal Information from you; Minim currently has NOT Sold, and/or Shared any Sensitive Personal Information from you with Third Parties.)
- Enabling the purchase of services or products by you
- This use may include, but is not limited to (i) verifying your identity and contact information and (ii) completing transactions.
- Please note that Minim does not view or store your credit card information. Credit card information storage is handled by our third-party payment processor.
- Providing services or products to you
- This use may include, but is not limited to: (i) verifying your identity; (ii) communicating with you; (ii) providing customer support, (iii) delivering and improving network management and/or network security functionality of services or products and (iv) personalizing the services or products to improve your user experience.
- For more details on the management and security functionality of Minim services and products see minim.com/products.
- Please note that Minim may de-identify data about your use of our services or products to create statistical analysis and aggregated reports to identify trends.
- Proactively or reactively communicating with you
- This may include, but is not limited to (i) sending you emails and or newsletters about our or third-party products, services and promotions and (ii) inviting you to take part in market research or testing of services or products.
- Taking actions to prevent or avoid harm to you or others
- This may include, but is not limited to preventing fraud and, in accordance with applicable laws and regulations, preventing, detecting, investigating and/or reporting security incidents or malicious activity.
- Ensuring your compliance with Minim contractual terms and your and Minim’s compliance with applicable laws and regulations
- This may include, but is not limited to, monitoring any account’s use of Minim services or products to enforce the terms of Minim contracts and comply with applicable laws or protect our business interests and legal rights.
- Further, Minim may access, use, preserve, transfer, or disclose, at any time, your Personal Information as may be reasonably necessary to: (i) comply with any applicable law, regulation, subpoena, legal process or litigation, or respond to any governmental requests or regulatory investigation and to cooperate with law enforcement, if we believe such action is required or permitted by law; (ii) enforce this Policy or the Minim Terms of Use including investigating any potential violations; (iii) protect the safety, integrity, rights, or security of our users, our Services or equipment, or any third party; or (iv) detect, prevent, or otherwise address fraud, security, or technical issues related to our Services or those of our business customers.
- Providing Services to Minim’s business customers that you have contracted with to provide you with services (e.g., your internet service provider (“ISP”) or employer)
- Minim may act as a “Data Processor” of your Personal Information for businesses on whose behalf Minim has provided you with services or products. Please refer to our Privacy Policy concerning restrictions on use in this manner.
- Working with our service providers and contractors
- This typically includes working with vendors and/or contractors to: (i) maintain or service accounts; (ii) provide customer service; (iii) process or fulfill orders and transactions; (iv) verify customer information; (v) process payments; and (viii) provide analytic services.
- Other notified purposes
- This includes all other purposes for which we provide specific notice at the time the information is collected for later use or disclosure.
- Note: If you are using Minim's app thru your ISP, you need to refer to that respective ISP's privacy policy regarding their utilization of your data (including Personal Information and/or Sensitive Personal Information).
5. Sharing of Personal Information and/or Sensitive Personal Information
- Pursuant to our Privacy Policy, we Share your Personal Information with the following categories of Service Providers and Contractors (Note that to be clear, Minim currently HAS NOT Sold and/or Shared any Personal Information from you with Third Parties; Minim currently HAS NOT Collected any Sensitive Personal Information from you; Minim currently has NOT Sold, and/or Shared any Sensitive Personal Information from you with Third Parties.):
- Your ISP, Employer or Minim Customer
- If you are using a Minim powered product provided by your ISP, your employer, or by another/third person who has account access to that Minim account, then you are consenting to allow Minim to share your Personal Information and/or Sensitive Personal Information with that ISP, employer, or another/third person.
- Minim’s Service Providers and Contractors
- With vendors that we have selected to provide us with services and process some Personal Information on our behalf to operate our Services (e.g., internet speed testing, order fulfillment, email management, payment processing, data analytics, etc.). These companies are contractually obligated to safeguard any Personal Information they receive from us.
- Minim’s data analytics service providers
- We may share Personal Information with data analytics providers as part of our efforts to improve, customize our services, products or experiences.
- Local, State or Federal Authorities
- See Section 10(g)(ii) and (vi) of the Privacy Policy
- As a result of a merger, acquisition or asset sale, or if its assets are acquired by a third party in the event Minim and MTRLC LLC goes out of business or enters bankruptcy
- See Section 10(g)(i) of the Privacy Policy
- Note: If you are using Minim's app thru your ISP, you need to refer to that respective ISP's privacy policy regarding their utilization of your data (including Personal Information and/or Sensitive Personal Information).
6. California Privacy Rights
- California residents may exercise the following rights:
- Right to Know and Access / “Shine the Light”
- See Section 11(a)(v) and (vi) of our Privacy Policy.
- Effective 1/1/23, the calendar year limitation will be removed for California consumers. California consumers will be able to request access to all of the Personal Information Minim possesses that was collected from them on or after January 1, 2022. Personal Information will be provided for periods prior to January 1, 2022, to the extent that doing so is neither impossible nor involve a disproportionate effort. Minim is not required to keep PI for any specific period of time.
- Right to Delete
- See Section 11(d) of our Privacy Policy.
- Under the CPRA, this obligation to delete is extended to businesses (Service Providers/Contractors and Third Parties) Minim has Shared Personal Information with to delete info when a deletion request is received, to the extent that such a request is not Impossible or Involves disproportionate effort.
- Note, however, that Minim may deny the request If the Personal Information is reasonably necessary for certain processing activities.
- Right to Equal Service and Price
- Use and disclosure of Personal Information
- Use and disclosure of your Personal Information is necessary and inherent to Minim’s ability to deliver services and products that manage and secure your home wifi network.
- If you revoke Minim’s ability to use and disclose your Personal Information, Minim will be unable to provide you with our services or products.
- If you revoke Minim’s ability to use and disclose your Personal information , and Minim provides you with service as a result of our contract with your Internet Service Provider, it may be the case that our inability to continue to provide you with service will result in your Internet Service Provider ceasing to offer you services as they would then be unable to use Minim’s services to help secure and manage your home wifi network.
- Right to Submit Requests
- To exercise your rights under the CCPA / CPRA, please email us at dataconsent@minim.com.
- Right to Rectification (Correction)
- See Section 11(c) of our Privacy Policy
- Under the CPRA, this obligation to Correct/Update is extended to businesses (Service Providers/Contractors and Third Parties) Minim has Shared Personal Information with to Correct/Update info when a request is received, to the extent that such a request is not Impossible or Involves disproportionate effort.
- Right to be Informed of Data Retention
- Consumer Request Timelines:
- Minim will confirm the receipt of any requests within 10 business days
- Minim will respond to opt-out requests within 45 calendar days.
- Minim will maintain request records logs for 7 years.
7. Service Providers/Contractors and Third Party Authorization
- Where you access Minim’s services as a result of Minim’s contractual obligations to a third party (e.g., your employer or Internet Services Provider), we require that you contact us via an email address currently associated with your account and that the third party that you have contracted with to receive the service verify that the requested actions should be taken.
8. Accessing Alternative Formats of this Notice
- If you have a disability or would like to access this notice in an alternative format, please contact us at privacy@minim.com.
9. How to Contact us About this Notice
- You may reach us by email at privacy@minim.com if you have any questions about this Policy.
- You may also reach us by phone at our toll free number 1.833.96.MINIM to discuss this policy or make a rights based request for action relating to your Personal Information.