Privacy Policy

Your privacy is important.


Privacy Policy

Minim, Inc.

VERSION DATE: November 12, 2019
EFFECTIVE DATE: November 18, 2019

1. Introduction

  1. Minim narrowly tailors the data it collects / processes.  The choice to opt-out from or a failure to opt-in to data collection / processing will prevent use of the Minim Solution because Minim will not be able to access data necessary for the Minim Solution to operate properly.
  2. The choice to opt-out from or a failure to opt-in to data collection / processing in the course of signing up for the Minim Mobile Application may not prevent, terminate or otherwise interrupt data collection / processing by your Internet Service Provider.  If you have questions about what data your Internet Service Provider is collecting / processing you should contact them directly.

2. Scope

  1. This Privacy Policy (“Policy”) sets forth the policy and policy principles relating to the collection and processing / use of Personal Data / PII that are applied by Minim, Inc. and its subsidiaries (if any) (“Minim”). 
  2. This Policy, publicly posted at https://www.minim.co/privacy, is governed and incorporated by reference into Minim’s Terms of Service, which is available at https://www.minim.co/terms.
  3. More specifically, the Policy covers:
    1. NOTICE with respect to various items, as such is required due to Minim’s participation in the Privacy Shield Program.
    2. The method and process by which a Data Subject may CHOOSE to object to the collection or processing of their Personal Data / PII.
    3. The ONWARD TRANSFER of Personal Data / PII Minim collects or processes 
    4. Methods and processes by which Personal Data / PII collected and / or processed by Minim is SECURED.
    5. Methods and processes by which Minim ensures, and enables Data Subjects to ensure, the INTEGRITY of the Personal Data / PII that Minim collects or processes
    6. The PURPOSE for which Minim collects and processes Personal Data / PII from Data Subjects.
    7. The method and process by which a Data Subject may seek to ACCESS their Personal Data / PII.More specifically, the Policy covers:
    8. Certain activities, methods and processes by which Minim builds CONFIDENCE and provides Data Subjects with RECOURSE mechanisms relating to how Minim collects and / or processes Personal Data / PII.

3. Terms and Definitions

  1. Defined Terms

“Account” means a record in systems controlled by Minim that enable the use of the Minim Solution.

“Compartmentalized Digital Access” means that information subject to this protection protocol may not be accessed in its entirety by a single privilege set.

“Cookies” are small text files that are placed on a customer device by a web server when a customer or end user accesses the Minim Solution.  

“Data Controller” means the natural or legal person, public authority, agency or other body which alone, or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by the European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

“Data Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of a Data Controller.

“Data Subject” means any individual whose personal data is being collected, maintained or processed.

“Encryption at Rest” means a method of storing information where the information encrypted. 

“Encryption in Transit” means a method for sending and receiving information where the information is encrypted. 

“General Data Protection Regulation” or “GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

“Minim Solution” means the combination of software and services provided by Minim to secure and manage a WiFi network belonging to a customer or end user.

“Minim Website” means the website located at minim.co.

“Personal Data” means information relating to an identified or identifiable Data Subject and can refer to a Data Subject’s name, his or her home address, publications on social networks.

“Personally Identifiable Information” or “PII” means Personal Data where it, directly or indirectly, by way of particular reference to an identifier such as a name, identification number, location data, online identifier or to one or more factors specific to an individual (e.g., physical, physiological, genetic, mental, economic, cultural or social) can be used to identify a specific Data Subject.

“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Restricted Digital Access” means instances where digital access to data is restricted to certain users based on rights or privileges in a system that the user must use credentials, tokens or other such security artifacts to access.  

“Restricted Physical Access” means instances where physical access to systems on which data is restricted to persons based on the rights or privileges the person uses credentials, keys, cards or other such security artifacts to gain access. 

“Supervisory Authority” means an independent public authority which is established by a European Union member State pursuant to GDPR Article 51 Other terms and definitions used in this policy have the same meaning as in International standard ISO/IEC 27000 “Information technology – Security techniques - Information security management systems-Overview and vocabulary.”

“Web Beacon” means a small piece of information or data stored on your computer or mobile device that are used to determine your preferences and track your search terms and other behaviors or activities as you navigate around the Internet.

  b.  Capitalized terms that are not defined herein will have the meanings set forth in those                       Terms of Service.

4. Privacy Related Statements

  1. Minim classifies PII as confidential information. 
  2. As a Data Controller and/or Data Processor, Minim is responsible for establishment and proper application of this Policy. 
  3. To meet the European Union law requirements that PII transferred from the EU to the United States be adequately protected, Minim adheres to the Privacy Shield Principles.

5. Privacy Related Notices

  1. Form Language
    1. Minim complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework(s), as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and/or Switzerland to the United States. 
    2. Minim has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. 
    3. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. 
    4. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
  2. Minim collects / processes certain types of Personal Data / PII as such are specified below. 
  3. As set forth above and as is detailed further below, Minim is committed to following the Principles of the Privacy Shield program with respect to all personal data received from the EU as a result of its reliance on its participation in the Privacy Shield program.
  4. Minim collects and / or processes certain Personal Data / PII for purposes specified below.  
  5. Data Subjects may, as specified below, contact Minim with respect to inquiries complaints, including any relevant establishment in the EU that can respond to such inquiries or complaints. 
  6. Minim may, under certain circumstances, transfer onward certain Personal Data / PII that it collects and / or processes to certain parties, as such are specified below. 
  7. Data Subjects have, in accordance with the below, the right to access their Personal Data / PII. 
  8. Data Subjects may, in accordance with the below, to limit the collection and / or processing of their Personal Data / PII. 
  9. Minim has registered with JAMS to serve as its third party alternative dispute resolution provider for Data Subject complaints.  Data Subjects may seek recourse with JAMS free of charge.
  10. Minim is subject to the investigation and enforcement powers of the Federal Trade Commission and, as may be applicable, other U.S. authorized statutory body.  
  11. Data Subjects may, under certain conditions and in accordance with the below, invoke binding arbitration.
  12. Minim may, under certain circumstances and in accordance with the below, disclose Personal Data / PII in response to lawful requests by public authorities.
  13. Minim is, under certain circumstances and in accordance with the below, liable in cases of onward transfers to third parties.
  14. The Services are not targeted to children under the age of 18.  

6. Consent

  1. Minim collects and processes PII only where a Data Subject’s consent has been received or as a result of another legal basis.
  2. Minim seeks to obtain appropriate permission from a parent or legal guardian before accepting consent for the collection or processing of Personal Information from children ages 18 and under.

7. Purpose of Collection and Processing / Use  

  1. General Purpose
      1. Minim’s general purposes in collecting and / or using / processing PII are to provide and improve the Minim Website and Minim Solution, which it provides to its customers and, as may be applicable, its customer’s customers, to administer use of the Minim Solution by the same (including accounts, if customer is an account holder), and to enable the same to enjoy and easily use the Minim Solution.
  2. Information Categories and Specific Purpose
      1. Minim collects and processes certain categories of Personal Data for the purposes set forth below:

 Table 1. Information Categories

 

Information Category

Purpose

Legal Basis

1

End User / Customer Data

Provision of services or products

Performance of contract or required proof prior to entry into contract

GDPR - (point (b), Art. 6(1))

2

End User / Customer Metadata

Provision of services or products

Performance of contract or required proof prior to entry into contract

GDPR – (point (b), Art. 6(1))

3

Personal data used for direct marketing

Direct marketing

Data subject consent

GDPR - (point (a), art. 6(1))

4

Prospective Customer (legal entity)

Internal administration

Data subject consent

GDPR - (point (a), art. 6(1))

5

Third parties (suppliers, distributors, etc.) contact data

Customer service, Provision of services or products

Performance of contract or required proof prior to entry into contract

GDPR - (point (b), art. 6(1))

6

Candidates for employee data

Internal administration

Data subject consent

GDPR - (point (a), art. 6(1))

7

Employee data

Internal administration

Legal obligation

GDPR - (point (c), art. 6(1))


c.   More specifically, Category 1 Data, includes, but may not be limited to types: 
      1. End User / Customer Account Information. If a Data Subject creates an Account, Minim collects certain information that can be used to identify the customer, which such information may include, but is not limited to, personal, device and device profile names (meta-data related to the same) and contact information.
      2. End User / Customer Network Information.  If a Data Subject uses the Minim Solution, Minim collects certain information about how the Minim Solution is used, which such information includes: connected device information; network connection information; mesh network information; network router information; internet provider information and network management information.
      3. End User / Customer Website Application Use and Device Information.  If a Data Subject uses the Minim Solution, Minim collects certain information about how the Minim Solution is used, which such information includes: device identifiers, device configuration information, what objects on the website application the Data Subject interacts with; the frequency and duration that a Data Subject spends engaging with various parts of the website application.
      4. End User / Customer Mobile Application Use and Device Information.  If a Data Subject uses the Minim Solution, Minim collects certain information about how the Minim Solution is used, which such information includes: device identifiers, device configuration information, mobile application use information and mobile device location information.  When a customer uses our mobile application, Minim may collect and store information about the customer’s location by converting his or her IP address into a rough geo-location or by accessing the customer mobile device’s GPS coordinates or approximate location if the customer enables location services on his or her device. Minim may use location information to improve and personalize our services for customers. If customer does not want us to collect location information, he or she may disable that feature on the mobile device. The customer agrees and acknowledges that it has been informed about this the foregoing.
 d.  More specifically, Category 3 and 4 data include, but may not be limited to the following
      1. Minim Website & Email Use Information.  If a Data Subject visits websites maintained by Minim or opens an email sent by Minim, Minim collects certain information, using Cookies and Web Beacons, about how a person interacts with the website or the email, which such information includes: what objects on a website / email the Data Subject interacts with; the frequency and duration that a Data Subject spends engaging with various part of a website / email.

8. Protection of Personal Data and PII

  1. Minim takes reasonable administrative, physical and electronic measures designed to protect Personal Data and PII from unauthorized or unlawful processing and against accidental loss, destruction or damage.  
  2. More specifically, these measures include, but may not be limited to:
      1. Compartmentalized Digital Access
      2. Encryption at Rest
      3. Encryption in Transit
      4. Restricted Digital Access and 
      5. Restricted Physical Access 
  1.  

9. PII Retention Periods and Protection Protocols

  1. Minim acts as a Data Processor for Data Controllers.  Such processing and any retention periods and protection protocols associated therewith may be subject to the terms of Minim’s contractual arrangements with those Data Controllers and any additional requirements or restrictions that result from the doing business in the jurisdictions in which an applicable Data Controller is located.  
  2. Minim retains and protects PII as set forth below:

Table 2: PII Retention Periods and Protection Protocols

Information Category 

PII Type

Retention Period

Protection Protocols In Use

1

End User / Customer Account Information

For the life of the Account plus thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim is processing data

Compartmentalized Digital Access, Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

1

End User / Customer Network Information

Thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim is processing data

Compartmentalized Digital Access, Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

1

End User / Customer Website Application Use and Device Information

Thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim is processing data

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

1

End User / Customer Mobile Application Use and Device Information

Thirty (30) days, unless otherwise specified in an applicable legal agreement or by data controller for whom Minim is processing data

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

2

End User / Customer Meta data

As long as necessary to achieve the purpose set forth in Section 3.1

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

3

Personal data used for direct marketing

As long as necessary to achieve the purpose set forth in Section 3.1

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

4

Prospective Customer (legal entity)

As long as necessary to achieve the purpose set forth in Section 3.1

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

5

Third parties (suppliers, distributors, etc.) contact data

As long as necessary to achieve the purpose set forth in Section 3.1

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

6

Candidates for employee data

One year

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

7

Employee data

As long as necessary to achieve the purpose set forth in Section 3.1 

Encryption at Rest, Encryption in Transit, Restricted Digital Access and Restricted Physical Access. 

  

10. Sharing with Third Parties / Onward Transfer of Personal Information / PII / Third Party Collection

  1. Minim will appropriately manage and coordinate the onward transfers of PII to third parties in accordance with this Policy.  
  2. Minim will not sell, share or otherwise distribute PII to third parties except as provided in this Policy.
  3. Minim will not directly disclose the identity of any person except as provided in this Policy. 
  4. PII may be transferred to third parties who act for or on Minim behalf and that are contracted to:
      1. not sell the PII to third parties and 
      2. not disclose the PII to third parties (except as may be required by law, as permitted by us or as stated in this Privacy Policy).
  5. If Minim has knowledge that Data Processor is processing PII provided to it by Minim in a manner contrary to this Policy, it will take all reasonable steps to prevent or stop the processing.
  6. In accordance with its obligations under the Privacy Shield Principles, under certain circumstances, Minim may remain liable for the processing of PII by Data Processors and the onward transfer thereof.
  7. Notwithstanding the above, Minim may also share PII as follows:
      1. If Minim is acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if its assets are acquired by a third party in the event Minim goes out of business or enters bankruptcy, some or all of its assets, including PII, may be disclosed or transferred to a third-party acquirer in connection with the transaction.
      2. Minim will cooperate with government and law enforcement officials or private parties to enforce and comply with applicable law(s). As a result,  Minim may disclose information about a Data Subject to government or law enforcement officials or private parties that Minim, in its sole discretion, believes is necessary or appropriate:
      3. to respond to claims, legal process (including subpoenas); 
      4. to protect our property, rights and safety and the property, rights and safety of a third party or the public in general;
      5. to stop any activity that Minim, in its sole discretion, believes is illegal, unethical or legally actionable activity or
      6. in response to other lawful requests by public authorities, including to meet national security or law enforcement requirements.
  8. The Minim Solution may contain links to third-party websites and applications that collect and process your Personal Information / PII.  Minim is not responsible for the privacy policies or practices of such third parties. You should carefully read and review the privacy policies and practices of such third parties.

11. Data Subject Rights

  1. Access
    1. Data Subjects have the right to access PII that is collected from them and processed by Minim and to obtain information, free of charge, on the sources and the type of the PII that has been collected, the purpose of processing of such PII and the data recipients to whom the PII are disclosed or have been disclosed by Minim in connection with the Minim Solution, and other related information according to GDPR Article 15.Access
    2. Data Subjects may request this access by emailing dataconsent@minim.co.
    3. Minim shall reply not later than 30 calendar days from receipt of such an access request in writing and shall provide the requested information or justification for the refusal to grant the request of the data subject.
    4. Upon the request of the data subject, such information must be provided by Minim in writing.
    5. Under California's "Shine the Light" law, California residents who provide Personal Information in obtaining products or services for personal, family or household use are entitled to request and obtain from Minim once a calendar year information about the PII we have shared, if any, with other businesses for their own direct marketing purposes. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g. requests made in 2017 will receive information regarding 2016 sharing activities).
    6. To obtain this information, please send an email message to dataconsent@minim.co. with "Request for California Privacy Information" on the subject line and in the body of your message. We will provide the requested information to you at your e-mail address in response. Please be aware that not all information sharing is covered by the "Shine the Light" requirements and only information on covered sharing will be included in our response.
  2. Correction / Rectification
    1. If the Data Subject finds out that PII that has been collected from them by Minim is incorrect, incomplete or inaccurate, he or she may contact Minim by emailing dataconsent@minim.co. 
    2. Minim will then review the data elements at issue and rectify any incorrect, incomplete and inaccurate PII without delay and/or suspend processing of such PII, except for the purpose of storage, or provide a written explanation to the data subject describing why such efforts were not necessary.
    3. Minim may keep archive copies of such data if doing so is necessary to fulfill contractual obligations to the data subject and/or if it is required by applicable law or regulation (for example, for accounting purposes, cybercrime investigation, etc.).
  3.  Erasure / Right to be Forgotten
    1. A Data Subject may request that Minim erase some or all of his or her PII from Minim’s systems by emailing dataconsent@minim.co.  
    2. Such erasure may prevent the Data Subject from successfully accessing, using or benefiting from the Minim Solution.
    3. If Minim discovers that Personal Information / PII of a child under the age of 18 has been submitted without verifiable parental consent, we will immediately delete such Personal Information / PII. 
  4. Restriction of Processing
    1. A Data Subject may ask Minim to restrict further processing of his or her PII by emailing dataconsent@minim.co.
    2. Such processing restrictions may prevent the Data Subject from successfully accessing, using or benefiting from the Minim Solution. 
  5. Portability
    1. A Data Subject may ask for a copy of his or her PII in a machine-readable format by emailing dataconsent@minim.co. 
    2. He or she can also request that Minim transmit the data to another controller where technically feasible by emailing dataconsent@minim.co.
  6. Objection
    1. A Data Subject may contact Minim via email at dataconsent@minim.co to let Minim know that he or she objects to the further use or disclosure of his or her PII for certain purposes, such as for direct marketing purposes or for the purposes of the legitimate interests pursued by the Data Controller or by a third party.
  7. Right to File Complaint
    1. A Data Subject may appeal the validity or appropriateness of Minim’s actions (either as a Data Controller or Data Processor), to the appropriate Supervisory Authority or enforcement agency within three months of receipt of the refusal to grant the request or within three months of the date when the period imposed by applicable law or regulation for giving a reply (if any) expires. 
    2. In order to avail himself or herself of the rights set forth in this section, the Data Subject must provide a valid identity document or otherwise verify his or her identity according to applicable laws or through electronic means of communication, which must provide reliable identification of the person.
    3. Minim has registered with JAMS to serve as its third party alternative dispute resolution provider for Data Subject complaints.  Data Subjects may seek recourse with JAMS free of charge.

12. Enforcement and Dispute Resolution

  1. Minim complies with the Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, processing / use, and retention of Personal Data transferred from the European Union to the United States.
  2. Minim has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
  3. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ In compliance with the Privacy Shield Principles, Minim commits to resolve complaints about our collection or use of your PII.
  4. Individuals residing in the EU, United Kingdom, Lichtenstein, Norway or Iceland (collectively, “EU Residents”) who have inquiries or complaints regarding our Privacy Shield policy should first contact Minim via email at privacy@minim.co. 
  5. Minim does not currently collect or transfer human resources data from the EU in the context of the employment relationship.  If and when this business practice changes, Minim will further commit to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.
  6. If a Data Subject does not receive timely acknowledgement of his or her complaint, or if a complaint is not satisfactorily addressed, as a last resort and in limited situations. 
  7. The Federal Trade Commission (FTC) has jurisdiction over Minim’s compliance with the Privacy Shield.

13. Updates

  1. Minim periodically reviews and may, as necessary and/or appropriate, make updates to this Policy. 
  2. Minim will provide notice of updates to this Privacy Policy by posting them on our website, on our web application or mobile application, by sending an email to relevant Data Subjects or by undertaking other notification methods.  
  3. Upon each material update, the Version Date set forth above will also be updated. 

14. How to Contact Us About this Policy

  1. Please contact us at privacy@minim.co if you have any questions about this Policy.

California Resident Privacy Notice

(VER 02SEP2020)

This California Resident Privacy Notice supplements Minim’s privacy policy and applies to California residents from whom the company collects Personal Information (as defined below) on our own behalf or on behalf of companies that have contracted with Minim to deliver services to others, including California residents.

1. Definitions

  1. “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, or as otherwise defined by the CCPA, except such information that is (i) lawfully made available from government records, (ii) de-identified or aggregated or (iii) otherwise excluded from the scope of the CCPA. 
  2. “CCPA” means the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.199) and its implementing regulations, as such may be amended or superseded from time to time.

2. Method of Collection of Personal Information

  1. In the preceding twelve (12) months, Minim HAS collected Personal Information from you via the devices you have that operate Minim software (e.g., the Minim website, the Minim mobile app, network access points running Minim software).

3. Collection, Disclosure and Sale of Personal Information

  1. In the preceding twelve (12) months, Minim HAS collected and disclosed Personal Information as set forth in Table 1.
  2. In the preceding twelve months, Minim HAS NOT sold any California resident’s Personal Information.

Table 1

 

Information Types

Collect

Disclose

Sell

1

Biometric Information (e.g., physiological, biological characteristics) that can be used to establish individual identity from which an identifier template, such as a faceprint, minutiae template, or voiceprint, can be extracted, or identifying keystroke, gait, sleep, health, or exercise information.

No

N/A

N/A

2

Protected Classification (e.g., race/color, ancestry/national origin, religion/creed, age (over 40), mental/physical disability, gender, sexual orientation, medical condition, genetic information, marital status, military/veteran status.

No

N/A

N/A

3

Geolocation Data (i.e., precise physical location)

No

N/A

N/A

4

Sensory Information (e.g., audio, visual, thermal, olfactory information)

No

N/A

N/A

5

Employment-Related Information (e.g., job application or resume information, job history, or job performance information)

No

N/A

N/A

6

20 U.S.C. 1232g; 34 C.F.R. Part 99  Non-Public Education Information (e.g., Student records)

No

N/A

N/A

7

Common Identifiers (i.e., name, address, internet protocol address, email address, telephone number)

Yes

Yes

No

8

CCPA 1798.80(e) Identifiers (e.g.,name, address, telephone number, employment, employment history, bank account number, credit or debit card number, or other financial information)

Yes

Yes

No

9

Inferential Information (e.g., preference profiles, behavioral profiles)

Yes

Yes

No

10

Commercial Information (e.g, purchase history, consumption history, usage history)

Yes

Yes

No

11

Online Behavior Information (e.g., browsing history, search history, service interaction history)

Yes

Yes

No

 

4. Purpose of Use of Personal Information 

  1. Minim may collect, use, and disclose your Personal Information in accordance with the following business and commercial purposes.
    1. Enabling the purchase of services or products by you
      1. This use may include, but is not limited to (i) verifying your identity and contact information and (ii) completing transactions. 
      2. Please note that Minim does not view or store your credit card information.  Credit card information storage is handled by our third-party payment processor.
    2. Providing services or products to you
      1. This use may include, but is not limited to: (i) verifying your identity; (ii) communicating with you; (ii) providing customer support, (iii) delivering and improving network management and/or network security functionality of services or products and (iv) personalizing the services or products to improve your user experience. 
      2. For more details on the management and security functionality of Minim services and products see minim.co/products.
      3. Please note that Minim may de-identify data about your use of our services or products to create statistical analysis and aggregated reports to identify trends.
    3. Proactively or reactively communicating with you
      1. This may include, but is not limited to (i) sending you emails and or newsletters about our or third-party products, services and promotions and (ii) inviting you to take part in market research or testing of services or products. 
    4. Taking actions to prevent or avoid harm to you or others
      1. This may include, but is not limited to preventing fraud and, in accordance with applicable laws and regulations, preventing, detecting, investigating and/or reporting security incidents or malicious activity. 
    5. Ensuring your compliance with Minim contractual terms and your and Minim’s compliance with applicable laws and regulations 
      1. This may include, but is not limited to, monitoring any account’s use of Minim services or products to enforce the terms of Minim contracts and comply with applicable laws or protect our business interests and legal rights.
      2. Further, Minim may access, use, preserve, transfer, or disclose, at any time, your Personal Information as may be reasonably necessary to: (i) comply with any applicable law, regulation, subpoena, legal process or litigation, or respond to any governmental requests or regulatory investigation and to cooperate with law enforcement, if we believe such action is required or permitted by law; (ii) enforce this Policy or the Minim Terms of Use including investigating any potential violations; (iii) protect the safety, integrity, rights, or security of our users, our Services or equipment, or any third party; or (iv) detect, prevent, or otherwise address fraud, security, or technical issues related to our Services or those of our business customers.
    6. Providing Services to Minim’s business customers that you have contracted with to provide you with services (e.g., your internet service provider (“ISP”) or employer)
      1. Minim may act as a “Data Processor” of your Personal Information for businesses on whose behalf Minim has provided you with services or products.  Please refer to our Privacy Policy concerning restrictions on use in this manner.
    7. Working with our vendors and contractors
      1. This may include, but is not limited to working with vendors and/or contractors to: (i) maintain or service accounts; (ii) provide customer service; (iii) process or fulfill orders and transactions; (iv) verify customer information; (v) process payments; (vi) provide financing; (vii) provide advertising or marketing services; and (viii) provide analytic services.
    8. Other notified purposes
      1. This includes all other purposes for which we provide specific notice at the time the information is collected for later use or disclosure.

5. Disclosure of Personal Information

  1. Pursuant to our Privacy Policy, we share your Personal Information with the following categories of third parties:
    1. Your ISP, Employer or Minim Customer
      1. If you acquired your Minim product from your Internet service provider, we may share your Personal Information with that Internet service provider.
    2. Minim’s vendors and contractors 
      1. With vendors that we have selected to provide us with services and process some Personal Information on our behalf to operate our Services (e.g., internet speed testing, motion detection, order fulfillment, email management, payment processing, data analytics, etc.). These companies are contractually obligated to safeguard any Personal Information they receive from us.
    3. Specified express consent parties
      1. We may share Personal Information with third parties with your express, affirmative consent. For example, you may give us permission to share Personal Information with others for marketing uses, authorize a third-party web client or application to access your account, or ask us to share your feedback with a business.
    4. Minim’s data analytics service providers
      1. We may share Personal Information with data analytics providers as part of our efforts to improve, customize our services, products or experiences.
    5. Local, State or Federal Authorities
      1. See Section 10(g)(ii) and (vi) of the Privacy Policy
    6. Minim’s professional service providers 
      1. See Section 10(g)(i) of the Privacy Policy
  1.  

6. California Privacy Rights

  1. California residents may exercise the following rights:
    1. Right to Know and Access / “Shine the Light”
      1. See Section 11(a) of our Privacy Policy. 
    2. Right of Verification
      1. See Section 11(b) of our Privacy Policy
    3. Right to Delete
      1. See Section 11(c) of our Privacy Policy.
    4. Right to Equal Service and Price
      1. Use and disclosure of Personal Information
        1. Use and disclosure of your Personal Information is necessary and inherent to Minim’s ability to deliver services and products that manage and secure your home wifi network. 
        2. If you revoke Minim’s ability to use and disclose your Personal Information, Minim will be unable to provide you with our services or products.  
        3. If you revoke Minim’s ability to use and disclose your Personal information, and Minim provides you with service as a result of our contract with your Internet Service Provider, it may be the case that our inability to continue to provide you with service will result in your Internet Service Provider ceasing to offer you services as they would then be unable to use Minim’s services to help secure and manage your home wifi network.  
      2. Sale of Personal Information
        1. Notwithstanding any other provision of this notice, in accordance with the CCPA, you have the right not to receive discriminatory treatment in terms of price or access to the service to the extent that you exercise your right to prevent Minim from selling or continuing to sell your Personal Information. 
    5. Right to Submit Requests 
        1. To exercise your rights under the CCPA please email us at dataconsent@minim.co.

7. Third Party Authorization

  1. Where you access Minim’s services as a result of Minim’s contractual obligations to a third party (e.g., your employer or Internet Services Provider), we require that you contact us via an email address currently associated with your account and that the third party that you have contracted with to receive the service verify that the requested actions should be taken.

8. Accessing Alternative Formats of this Notice

  1. If you have a disability or would like to access this notice in an alternative format, please contact us at privacy@minim.co.

9. Do Not Track

  1. There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals.

10. How to Contact us About this Notice

  1. You may reach us by email at privacy@minim.co if you have any questions about this Policy.
  2. You may also reach us by phone at our toll free number - 1.833.96.MINIM to discuss this policy or make a rights based request for action relating to your Personal Information.