Who we are. SafeGraph is a data-as-a-service company. Our sole mission is to provide the most trusted data about physical places around the world. We believe open access to high-veracity, ethically, and transparently sourced data about physical places is crucial to innovation and technological advancement.
Our Offerings. When we use the term “SafeGraph Services”, we are referring to the datasets that we offer (detailed explanations of each data product are available on our public website: https://docs.safegraph.com/docs). We do not collect Information directly from natural persons to develop SafeGraph Services. SafeGraph aggregates data collected from third party data sources to develop the SafeGraph Services, such as products reflecting trends in consumer transactions at a certain retail store over or at a given time. Our customers – a variety of companies and organizations – use SafeGraph Services for commercial and research purposes, including retail site selection (e.g., determining where to open a new restaurant) and market research (e.g., analyzing general consumer purchasing trends).
Although we may license Information from third parties (e.g., advertising identifiers, such as Apple IDFA or Google Advertising ID) to develop SafeGraph Services, we do not correlate that data with other personal data such as name, phone number, or email address and none of the products we sell include Information. We use filtering mechanisms and other privacy enhancing measures to remove any Information from our products and require our customers to commit to not reidentifying anonymized or aggregated data.
We obtain Information in three main ways: (1) Information you choose to provide directly to us; (2) Information we collect automatically through technology when you visit our website; and (3) Information we collect from other sources.
1. Information you chose to provide directly to us
2. Information from other sources
As is true of most websites, we or third-party platforms with whom we work may automatically collect Information when you visit our website from your desktop computer, laptop, mobile phone, tablet, or other consumer electronic device (“Devices”) that you use to access the website. This Information may include pseudonymized information, such as a unique browser identifier, technical information about your device (such as the device type, operating system, settings and system configurations, IP address, other unique device identifiers, and mobile network information) and your activity on our website, as well as data about the webpages you access, traffic to and from websites, the dates and times associated with transactions, and web log data. We refer to this as “Site Data.”
SafeGraph does not incorporate or sell Site Data as part of our SafeGraph Services. We use Site Data for our internal business purposes, such as marketing, analytics, research, and improving our website and services. Site Data may be correlated with other personal information, such as name or email address.
Our Use of Web Beacons. Web beacons are electronic images that may be used on the SafeGraph website or in emails we send to you. We may use web beacons to deliver cookies, count visits to our website, understand usage and effectiveness of offers, and tell whether you open an email and act upon it.
3. Information from other sources
We also receive Information from third parties. Sometimes, we receive or license Information (such as email addresses) from vendors or others in our industry, reflecting the contact or other details of potential customers, business partners or prospective employees; we also sometimes collect this information at trade shows and events. We only use this Information for our internal business purposes and do not incorporate it into SafeGraph Services.
To develop SafeGraph Services we license data from third parties, including Data Suppliers/Brokers who license to us commercially available Information and data. Examples of such commercially available Information may include data about interactions with third party retail locations, websites, apps, and device data (including mobile device type and advertising identifiers, such as Apple IDFA or Google Advertising ID, and location data, but we do not use or include device data or other Information in SafeGraph Services).
To the extent relevant to applicable law, any of several legal bases may underlie our collection of Information, including:
Contract Performance. When the processing is necessary to perform our contract with you, which may include providing you with SafeGraph Services or tailoring SafeGraph Services to your preferences.
Legitimate Interests. When the processing is necessary for our legitimate business interests (or those of our enterprise customers), including but not limited to, providing, developing, improving or marketing the SafeGraph Services.
Consent. When you have given us your consent to process your Information.
We use and share Information:
We may also disclose Information:
We may choose or be required by law to provide different or additional disclosures relating to the processing of Information about residents of certain countries, regions or states. Depending on your state of residency and subject to certain legal limitations and exceptions, you may be able to exercise some or all of the following rights:
The Right to Know. The right to confirm whether we are processing your Information and access to that information.
The Right of Portability. The right to obtain a copy of the Information in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance, subject to certain exceptions as set forth in applicable law.
The Right to Correction. The right to correct inaccuracies in your Information, taking into account the nature of the Information and the purposes of the processing of the Information.
The Right to Deletion. The right to have us delete the Information we maintain about you, subject to certain exception as set forth in applicable law.
The Right to Opt-Out of Certain Processing of Information. The right to opt-out of processing of your Information for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) in some states, profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
Right to Non-Discrimination: Depending on your state of residency, you may also have the right to not receive retaliatory or discriminatory treatment in connection with a request to exercise the above rights.
Submitting Privacy Rights Requests. To submit a request to exercise one of the privacy rights identified above, please email us at [email protected].
We may need to verify your identity before processing your request. In certain circumstances, we may decline a request to exercise the rights described above, particularly where we are unable to verify your identity or locate your information in our systems. We will only use personal data provided in connection with a Rights Request to review and comply with the request.
We do not intend to collect Information from children under the age of 16. If you believe we have collected Information from a person under the age of 16, please contact us at [email protected].
SafeGraph uses reasonable measures to protect Information in our possession against unauthorized access, disclosure, alteration, or destruction. We regularly review our information security, storage, and processing to ensure compliance with industry best practices. However, as no physical or technological safeguards are 100 percent secure, we do not guarantee the security of any particular elements of data that we hold.
We retain your Information only for as long as is reasonably necessary to fulfill the purpose for which it was collected. However, if necessary, we may retain your Information for longer periods of time, for instance where we are required to do so in accordance with legal, tax and/or accounting requirements set by a legislature, regulator or other government authority.
To determine the appropriate duration of the retention of Information, we consider the amount, nature and sensitivity of the Information, the potential risk of harm from unauthorized use or disclosure of Information and if we can attain our objectives by other means, as well as our legal, regulatory, tax, accounting and other applicable obligations.
Once retention of your Information is no longer necessary for the purposes outlined above, we will either delete or de-identify the Information or, if this is not possible (for example, because Information has been stored in backup archives), then we will securely store your Information and isolate it from further processing until deletion or deidentification is possible.
We may sometimes receive “personal data” from potential customers or business partners located in the EEA or the United Kingdom. If you wish to exercise any of your rights under the GDPR or UK GDPR with respect to this limited set of data (for instance, if you provided us with your business information in the past), please contact us at [email protected].
Attention: Office of General Counsel
1580 N Logan St, Ste 660, #53755
Denver, CO 80203
In some instances, we may receive information considered to be “sensitive” under certain privacy laws, including geolocation data. However, we do not collect this information directly from natural persons to develop SafeGraph Services, and we require our data suppliers to validate that they have obtained all data licensed to us in a lawful manner. SafeGraph does not sell sensitive information or products derived from geolocation data that can identify a person’s location, and we do not process or otherwise share sensitive information for the purpose of targeted advertising.
We may at times receive or process Information to create de-identified data that can no longer reasonably be used to infer information about, or otherwise be linked to, a particular individual or household. Where we maintain deidentified data, we will maintain and use the data in deidentified form and not attempt to reidentify the data except as required or permitted by law.