This policy applies to all personal data collected or sent via PocketCampus applications on any Operating System.
User ID: a unique identifier indicating your identity. Typically the username provided by the institution in which you use the PocketCampus app.
Device ID: a unique identifier for the device on which you use the PocketCampus application. This ID is different for each of your devices and cannot be used to determine your identity (compared to your User ID).
Push Notification Token: an identifier provided by Google / Apple to allow us to send you push notifications. This identifier cannot be used to determine your identity.
PocketCampus Server: the server handling requests from the PocketCampus app. The location of this server depends on the institution in which you use the PocketCampus app. Contact us for more information.
Store: by the verb store, we mean “keep of copy of” on the PocketCampus Server. Data only stored on your devices are excluded from this definition, as we don’t have direct access to it.
Information we Collect
Depending on your institution, we store the model name (for e.g. “iPhone”, “Samsung Galaxy S9”), last-know IP address, and last date of access of the devices on which you are logged in, so that we can provide you with an overview of your devices and let you remove them.
If you contact us via email or via the ticketing system of your institution, we store the content of your message(s), your email, and your name (or the content of the “From” field of the email).
In the context of the Car Parking feature, we store your preferred weekly template for purchasing parking authorizations.
In the context of the « Nearby Content » (disabled by default), using Bluetooth beacons, we store which beacon your Device ID has encountered and when. « Nearby Content » is a generic term for features that rely on detecting Bluetooth beacons to trigger behaviors. Contact us for the precise list of those features that are deployed at your institution.
Upon startup, PocketCampus apps might send the Push Notification Token of your device to the PocketCampus Server. The pair Device ID & Push Notification Token is stored in this context.
When you enable push notification features, such as for the Card Balance, Grades or Event reminders, we store your preference for these notifications. At the same time, an association is made and stored between your Device ID and your User ID (except for Event reminders).
When you rate a meal, we store your Device ID, so that multiple votes from the same device on the same day are counted only once.
In-Class Quizzes (Clickers)
In the context of the « Quizzes » features, the quiz content, as well as the students answers, are stored on the PocketCampus Server. The quiz data contains links to the User ID of the users using this feature.
The PocketCampus Server stores logs of the requests done by the PocketCampus app. The logs contain only your IP address, which cannot be tied to your identity. In the case of a server error (typically resulting in an error message in the app), your User ID is stored for debugging purposes.
Custom Event Modules
In the context of « Custom Event Modules » (within your institution’s app or as a standalone app), we store the information you provide us with in the « My Profile » section of the app, as well as the information that we are provided with by the event organizers. This may include first name, last name, email, phone, website, bio, and potentially others.
When polls are done in the context of the Event, we store the participants’ answers.
Analytics & Crash Reporting
The PocketCampus app uses Google Analytics to collect aggregate, anonymous statistics, such as the number of times a feature was used, in order to improve the app.
In the case of a crash of the app, an anonymous report containing all the precise actions that lead to the Crash is sent to a crash reporting tool: Fabric.io. The details of these actions may include personal data, but not your User ID.
Depending on the institution in which you use the PocketCampus app, your password might transit through the PocketCampus Server in order to log you in to the service you are trying to access. In any case, your password is not stored on the PocketCampus Server. Whenever possible we store an authentication token instead of your password on your device. In the cases where we have to store your user password, we encrypt it and securely store it on your device. Contact us for more information about the specific case of your institution.
We use the information we collect to operate and improve the PocketCampus apps. We do not share any user information with any external entity for advertising or similar purposes.
As mentioned in previous chapters, we might share personal data with third parties only as an artifact of our dependence, in terms of infrastructure and resources, on external entities. For example, we rely on the Apple/Google servers to send a push notification to your device. Similarly we might rely on an external Database or Virtual Machine provider to operate the PocketCampus app and server. The full list of providers depends on your institution. Contact us for more information.
We implement a variety of security measures to help keep your information secure. For instance, all communication between the mobile app and the PocketCampus Server are encrypted using HTTPS.
Accessing, Changing, or Deleting Personal Information
Some of your information can be changed or deleted in the PocketCampus app directly (where your entered them in the first place), while others might require an operation on our side. Please contact us if you have any doubt.
Deleted information may be kept for some time in backups or disaster recovery tools.
Changes to This Policy
- May 23, 2018: First published
- June 25, 2018: Added Support sub-section
- July 30, 2018: Added Authentication sub-section