Privacy Policy

Last Updated: May 6, 2021

Privacy at Spoke AIOT

Spoke AIOT Inc. (“Spoke,” the “Company,” “We,” “Us,” or “Our”) is committed to individuals’ rights to privacy. This Privacy Statement applies to all Spoke affiliates and their and our respective websites (“Websites”) and products and services (“Services”) that we own and operate. It describes our privacy practices for how we collect, use, share, and process information relating to individuals (“Personal Data”) in connection with operating our Websites and Services and describes how you can learn about your rights and choices regarding our processing of your Personal Data. As a global organization, we abide by all applicable data privacy laws, such as the California Consumer Privacy Act (“CCPA”) and the European Union’s General Data Protection Regulation (“GDPR”).

 

Spoke and your Personal Data

Personal Data Collected

We collect Personal Data about you as described herein. This includes identifiers and professional information (e.g., name, company name, email address, mailing address, phone number, portal login ID and password) and Internet / network activity information (e.g., Internal Protocol (IP) address, browser type, operating system, referring / exit pages, links clicked, and actions taken while browsing).

We receive your identifier and professional and Personal Data directly from you, primarily in the following situations:

When expressing an interest in obtaining additional information about Spoke’s Services or accessing secure areas of our Websites, we may require you to provide the following personal information such as: full name, company name, email address, mailing address, phone number, login id and password.

When you purchase Spoke’s Services, we will ask you to provide billing information. When you register for or attend corporate events, Spoke will ask you to provide basic contact information, billing information, and information related to your participation in the events on Spoke’s websites.

As you navigate our Websites, Spoke may collect your Internet / network activity information through the use of commonly used information gathering tools such as web beacons and cookies. Because our processing of this data is rather technical, we have explained this in more detail below under “Spoke and Website Functionalities.”

 

Use of Personal Data Collected

Spoke uses the Personal Data collected from our Websites to perform the services and make communications that you have requested. For example, we may use your identifiers to:

  • Send requested product or service information
  • Send product updates
  • Respond to customer service requests
  • Administer your account
  • Send newsletters
  • Send marketing communications
  • Respond to questions and concerns
  • Improve our Web site and marketing efforts
  • Conduct research and analysis
  • Respond to inquiries regarding career opportunities

Note specifically that your provision and our processing of your Personal Data are not contractual or statutory requirements, and we do not conduct automated decision-making or profiling with respect to your Personal Data.

 

Sharing your Personal Data

We will only share your Personal Data with third parties in the ways that are described in this Privacy Statement. None of these disclosures constitute “sales” of your Personal Data, and we do not otherwise sell your Personal Data.

 

Service Providers, Sub-Processors and Third Parties

We may provide your Personal Data to companies or their websites that provide services to help us with our business activities (such as customer support or billing for / otherwise providing our Services). Some examples include:

  • Amazon AWS, which is our primary cloud infrastructure provider, to host our Services.
  • Marketing tools (such as Salesforce, Pardot,).
  • Communication tools (such as Zoom and Google Meet), which may record some of our conference calls with prospective customers.

 

Other Sharing Circumstances

We may also disclose your Personal Data (in any category):

  • As required by law such as to comply with a subpoena, or similar legal process,
  • When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • If we are involved in a merger, acquisition, or sale of all or a portion of our assets, we may disclose your Personal Data to the extent related to the consummation of that transaction. We may notify you via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Data, as well as any choices you may have regarding your Personal Data, but unless you hear specifically from us or our acquirer, your Personal Data will continue to be subject to this Privacy Statement, and to any other third party with your prior consent to do so.

 

Public Forums, and Customer Testimonials

Spoke may provide bulletin boards, blogs, or chat rooms on its Websites. Any Personal Data you choose to submit in such a forum may be read, collected, or used by others who visit these forums and may be used to send you unsolicited messages. We are not responsible for the Personal Data you choose to submit in these forums or for the processing of that Personal Data by participants in those forums or other third parties we do not control.

Spoke may post lists of Customers and testimonials on the Company’s Websites that contain information such as Customer names and titles. We obtain the consent of each Customer prior to posting any information on such a list or posting testimonials. To request removal of your Personal Data from our blog or forum or to have your testimonials removed, contact us at privacy@Spoke-aiot.com.

 

Data Localization and Transfer

Spoke AIOT is based in the United States, and that is where we (and most of our processors and sub-processors) store and otherwise process Personal Data. When you provide Personal Data to us directly, you are knowingly consenting to our transferring to and processing that Personal Data in the United States. Unless you ask for that data back, we will not thereafter transfer Personal Data to another country unless we have put in place appropriate legal mechanisms to do so.

If you live in the European Economic Area, you should understand that the European Commission does not consider the United States to apply “adequate levels of protection” to Personal Data. This means that the EC is not satisfied with the scope, applicability, or level of protection granted by U.S. laws and regulations that relate to Personal Data. The EC has also raised concerns regarding the U.S. government’s ability to access Personal Data stored within the United States. Overall, this means that Personal Data in the U.S. may not be subject to the same stringent legal protections as it would be in Europe, so there is a theoretically increased risk that your Personal Data is accessed, used, or disclosed by unauthorized third parties. That said, we would encourage you to review–and take comfort from–the section below describing our security measures. We take the security of your data very seriously and think you can trust that it will be kept as safe as it would be anywhere else.

 

Data Retention

Spoke will retain your information for as long as your account is active or as needed to provide you Services, and as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, or as otherwise reasonably necessary for our business purposes.

 

Children and Minors

Spoke does not knowingly process or sell Personal Data concerning children under the age of sixteen, nor are any of our Websites or Services directed at minors. If you are under the age of thirteen, you must get your parent’s or guardian’s consent prior to using this Website. 

 

Spoke and Customer Data

Spoke’s Customers may electronically submit data or information, including personal data (collectively, “Customer Data”), for hosting and processing purposes in connection with those Customers’ use of Spoke’s Websites and Services. Importantly, this Privacy Statement does not apply to Spoke’s processing of Customer Data. Instead, Spoke’s rights and obligations concerning that processing is addressed in the Spoke Master Services Agreement or other applicable Spoke-Customer agreement.

 

Security and Infrastructure

Data security is paramount for Spoke and our customers. Spoke protects Customer Data with world-class physical, network, application, and data-level security. In addition, Spoke invests in the most advanced and modern infrastructure available to provide an innovative, scalable, global, predictable, and secure environment.

 

Security

Spoke maintains a comprehensive security program to ensure the confidentiality, integrity, and availability of customer data. Spoke is committed to ensuring our Websites and Services are available for operation and use at times set forth in service-level agreements, protected against unauthorized physical and logical access and that our system processing is complete, accurate, timely, and authorized.

 

Web Sites Covered

As noted above, this privacy statement covers the information practices of the Websites and Services that link to this Privacy Statement, including www.Spoke-AIOT.com

The Websites may contain links to other websites. Spoke is not responsible for the information practices or the content of such other websites. If you submit Personal Data to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any website you visit.

Our Website may also include social media features, and Widgets or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy statement of the company providing it.

 

Web Site Navigational Information

Spoke uses commonly-used information-gathering tools, such as cookies and web beacons, to collect information as you navigate our Websites (“Website Navigational Information”). This section describes the types of Website Navigational Information that may be collected on our Websites and how this information may be used.

 

Cookies and Other Tracking Technologies

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. Technologies such as: cookies, beacons, tags and scripts are used by Spoke and some of our business partners (e.g., Salesforce.com), affiliates, or analytics or service. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use session cookies to make it easier for you to navigate our Websites. A session ID cookie expires when you close your browser. Cookies enable us to track and target the interests of our users to enhance the experience on our Websites.

Enabling these cookies is not strictly necessary for the Websites to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of our Websites may not work as intended.

We use the following categories of cookies on our Websites and Services:

Category 1 — Strictly Necessary Cookies

These cookies are essential to enable you to browse around our Websites and use their features. Without these cookies, services including user account login and access to video content cannot be provided.

Category 2 — Preference Cookies

These cookies collect information about how you use our Websites and remember choices you make while browsing. This data may be used to help optimize our Websites and make them easier for you to navigate.

For instance, we may store your geographic location in a cookie to ensure that we show you our Websites localized for your area. We may also remember preferences such as text size, fonts, and other customizable site elements. They may also be used to keep track of what featured products or videos have been viewed to avoid repetition. The information these cookies collect will not personally identify you, and they cannot track your browsing activity on non-Spoke websites.

Category 3 — Statistics Cookies

These cookies help Spoke understand how visitors interact with our Websites and help us improve our overall site experience.

Spoke primarily uses Google Analytics on our Website to provide statistics and reporting on our Website performance. Our implementation of Google Analytics does not collect any Personal Data. The user IDs used in Google Analytics are not personally identifiable, and there are several thresholds in place to link this non-identifiable user ID to an identifiable Spoke Network user.

Category 4 — Marketing Cookies

These cookies are used to track visitors’ behavior on our site. The intention is to display Spoke-specific content that are relevant and engaging for the individual user. The information these cookies collect will not personally identify you and is used to target content to users anonymously.

 

How to control cookies

You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer, and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

EU Users: Update your cookie preferences for this site.

 

Web Beacons

Spoke uses web beacons alone or in conjunction with cookies to compile information about Customers and visitors’ usage of our Websites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a website tied to the web beacon. For example, Spoke may place web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Websites. Spoke uses web beacons to operate and improve the Websites and email communications.

Spoke may use information from web beacons in combination with data about Spoke customers to provide you with information about the Company and Services.

 

Log Files

As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. We do this to improve Services we offer you.

Local Storage

We use Local Storage (LS) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.

Do Not Track

Currently, various browsers (such as Internet Explorer, Firefox, and Safari) offer a “do not track” or “DNT” option. Spoke does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Websites, in part because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Spoke takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

 

Spoke and Data Privacy Rights

User privacy is important to us. A significant part of respecting that privacy is making you aware of and welcoming your exercise of your data privacy rights under applicable law, including the GDPR or the CCPA. Those rights may include:

  • Right to Know: You may have the right to request information about the processing of your Personal Data if you think it is missing from this Privacy Statement (e.g., if you’d like to see what precise pieces of Personal Data we have).
  • Right to Access: You may have the right to access your Personal Data that we process.
  • Right to Rectification: You may have the right to request that we fix errors or omissions in your Personal Data that we process.
  • Right to Erasure (a/k/a the Right to be Forgotten): You may have the right to have us delete your Personal Data.
  • Right to Object: You may have the right to object to our processing of your Personal Data or to stop it altogether.
  • Right to Restrict Processing: You may have the right to limit the ways in which we process your Personal Data.
  • Right to Data Portability: You may have the right to request a portable version of your Personal Data.
  • Right to Non-Discrimination: We will not treat you unfairly as a result of your choice to exercise any of the above rights.

 

Your entitlement to one or more of the rights above may depend on your location or other circumstances surrounding our processing of your Personal Data, but we will always do our best to accommodate your requests. You may request to exercise one or more of these rights by contacting us as set forth under “Spoke and Communication / Updates” below.

When handling requests to exercise data privacy rights, we may take steps to verify your identity or the authority of an authorized agent you have appointed (more on that in a few). Where possible, we’ll try to accomplish that verification by referring only to Personal Data we already have on hand. If you live in California, you may be able to appoint an authorized agent to exercise your data privacy rights on your behalf (in which case we may take steps to verify your agent’s authorization to act on your behalf).

 

Concerns

If you think we have done something wrong concerning your Personal Data, we hope that you will reach out to us as soon as possible so that we can resolve your concern. However, you are always free to file complaints concerning violations of this Privacy Statement or applicable law with appropriate government agencies. If you live in the European Union, this includes your local “supervisory authority” that is responsible for GDPR compliance.

 

Spoke and Communication / Updates

At Spoke, we strive to maintain productive communication with our current and prospective customers. You may manage your preferences by clicking on the “unsubscribe” link located on the bottom of our marketing emails. Please note that customers cannot opt out of receiving transactional emails related to usage of Spoke’s Services.

Spoke’s Chief Privacy Officer is happy to help with questions or inquiries. You can direct those questions or inquiries to our attention at:

Spoke AIOT, Inc.

1646 W. Snow Avenue, Suite 13,

Tampa, FL 33606

privacy [at] SpokeAIOT [dot] com

This Privacy Statement is current as of May of 2021. Spoke reserves the right to update this Privacy Statement to reflect changes to our practices. We will provide notification of material changes here or directly to our Customers via email prior to the change becoming effective. We encourage you to periodically review this page for the latest information on privacy.

 

Spoke GDPR Guide

What is the GDPR?

GDPR stands for the General Data Protection Regulation. GDPR came into effect on 25th May 2018 as the new European Union Regulation, replacing the Data Protection Directive (DPD) and The UK Data Protection Act 1998. It was approved by the EU Parliament on April 14th 2016 and involves the protection of personal data and the rights of individuals. Its main aim is to ease the flow of personal data and increase privacy and rights for EU residents across all member states.

Who does GDPR apply to and what does it regulate?

The GDPR applies to any organization which processes and holds the personal data of EU citizens and obligates the to abide by the laws set out by GDPR. This applies to every organization, regardless of whether or not they themselves reside in one of the 28 EU member states. The GDPR aims to regulate how companies “process” personal data, that is, how companies use, store, collect and transfer the data when providing products and/or services to an individual and/or monitoring their behavior.

What responsibilities do organizations have under the GDPR?

Under the GDPR, organizations must meet several data protection principles whenever they process personal data – including ensuring that their use of personal data is lawful, fair and transparent. Those who do collect personal data are obliged to protect it from misuse and exploitation.  If a data breach does occur, organizations are required under the GDPR to report certain types of breaches to the relevant authorities within a certain amount of time as they become aware of it.

What is personal data?

Considering technological advancements, the concept of “personal data” has been significantly amended under the GDPR. While it still covers any information relating to an identified or identifiable individual (also called a “data subject”), the definition now includes things such as online identifiers, genetic data and location data etc.

What are some elements of GDPR that one should be aware of?

The GDPR provides greater rights to individuals in the EU and significantly increases the obligations on organizations. Some key elements are:

  • Rights: The GDPR provides expanded rights for individuals in the EU such as restriction, deletion, and portability of personal data.
  • Profiling and monitoring: The GDPR places additional obligations on organizations engaged in profiling or monitoring behavior of individuals in the EU.
  • Accountability: The GDPR requires organizations to implement appropriate policies, identify where personal data resides, conduct privacy impact assessments, keep detailed records on data activities and enter into written agreements with suppliers.
  • Security: The GDPR requires organizations to implement technical and organizational controls to secure personal data considering both the cost and nature of technology, including measures such as tokenization and anonymization/de-identification.
  • Data breach notification: The GDPR requires organizations to report certain data breaches to data protection authorities, and under certain circumstances, to the affected data subjects.
  • Enforcement: Under the GDPR, authorities can fine organizations up to the greater of €20 million or 4% of a company’s annual global revenue, based on the seriousness of the breach and damages incurred. Several fines have already been levied against large organizations.
  • Central Data Protection Authority: The GDPR introduces the concept of a lead supervisory authority to allow organizations operating in many EU countries to work with one data protection authority rather than many for matter such as cross-border data protection issues and enforcement.

I would like to find out more about GDPR, where shall I go?

More information about the GDPR can be found by visiting the official EU GDPR website.

The Steps That Spoke is Taking

Spoke understands that complying with the spirit of the GDPR is a serious responsibility that helps build and retain customer Trust. We further understand that significant time and effort has been spent by our customers and prospects to comply with GDPR themselves. Therefore, Compliance with the GDPR requires a partnership between Spoke, our suppliers in providing services to support our business, and our customers in their use of our services.

Spoke is committed to helping our customers attain and maintain GDPR compliance. Since compliance with the GDPR is not a one-time effort, Spoke works continuously year-round to ensure adherence to the regulation. Our concept of Security and Privacy by Design is at the core of each product we build. Our commitment is further solidified by reflecting at which technology partners we have chosen to deliver our products and services. Please visit the following to read more about our cloud service providers’ GDPR commitment, and rest assured that Spoke monitors and evaluates its service providers compliance with the GDPR:

Amazon Web Services (AWS) Commitment to the GDPR

SalesForce Commitment to the GDPR

 

Spoke’s Commitment to Data Protection

At Spoke, our commitment to respecting the privacy of our customers go beyond the GDPR. We fully understand that countries, regions of the world and States within the US are introducing more legislation to ensure the privacy of their citizens are respected. As such, Spoke continues to embrace the principles of Security by Design and Privacy by Design.