Oh Brother, Where Art Thou? We Say, More Content Without Location Tracking

Location services at a time of escalating user tracking and privacy issues


Ever since the General Data Protection Regulation (GDPR in short) has come into force in 2018 Proximity Technologies must face increasing interest into how they interact with our privacy. Users have been made aware of their online privacy and tracking options and have started to ask questions: How to stop apps from tracking you? How do I stop apps from tracking my location?  

We’re all for it. More power to the user! It’s no one’s business where you are, how long you are there, how you move around, and what you buy. Fact of the matter is that those technologies that collect, save, and process your personal data without any prior consent violate the GDPR. And that’s how it’s supposed to be. Businesses who track you without your consent face high fines, and therefore we urge all businesses offering location services to check their systems in order to avoid becoming an illegal processor of personal data.

Privacy by Design

Beacon manufacturers rightly argue that the small Bluetooth transmitters merely mark our position, but do not use any data - and above all no personal data. However, when applications such as the analysing of customer movements, or the creation of headmaps of high and low-frequented zones at the POS are discussed, the “we don’t spy on you” claims have very little credibility. And what about geofencing? With geofencing it is technically possible to record the smartphone ID, and in turn users will probably think: What’s this? Location Tracking with a little bit of service?

Behaving according to privacy regulations and respecting and protecting one's customers is therefore a fundamental, conscious decision with regard to the technical possibilities out there; this is the highest possible claim of those who build the infrastructures for proximity technology. Those are the software manufacturers themselves, and frankly, that’s us.

wingu Location-Services are Personal Data Minimalists

When we started developing our Proximity Platform it was our goal to create location-services that could be used and marketed without having to give up our Privacy by Design claims. We’ve stuck to our principles: we do not track users.

Whether we use iBeacons, Geofences or NFC Tags: we minimise the use of personal data as much as possible. We define large perimeters and ranges, and when users move into these squares and circles we trigger an interaction. We provide contextual services and content that’s equal to all. It’s really that simple.

That’s max anonymisation on our end. The users themselves decide what they share through their devices.

The only thing we know is whether you are near a trigger (iBeacon, NFC-Tag) or going through one of our geofences. That’s definitely more abstract than us knowing and processing your exact geo-coordinates. We don’t have any data about where the triggers of our customers are located either.

When we build and develop our platform architecture we only use software of third parties that voluntarily choose to work according to the regulations of the EU-US Privacy Shield. Facebook SDKs or PayPal integration? Not on our watch. We don’t barter your data. We never have, and we never will.

Nevertheless, we ask our subscribers to use an opt-in that allows you to provide location-services. This happens through the download of the app. When a user installs our app, she/he accepts the terms of use. Location tracking and bluetooth can be disabled for the app at any time, and we do not require any other access to your device.

Let’s face it: it’s important for us to know whether, where, and by whom we are tracked in order to fully understand the risks to ourselves and the people we love. And having this knowledge allows us to make the right decisions. Wouldn’t you agree?