Privacy Policy

Version 1.1 – Effective 4 September 2025

RESPONSIBILITY FOR THE PROCESSING OF YOUR DATA

This Privacy Policy describes how we collect, use, and share your personal data when you use our mobile application, our website, customer dashboard, or other services we make available to our customers.

The purpose of this Policy is to inform you about our privacy practices and to ensure that you understand the purposes for which we collect and process your personal data.

Endeavour Technology Ltd. is the entity which is responsible for the control and processing of personal data that we collect from you when you use our services. For residents of the EEA, our lead supervisory authority is the Data Protection Commission, Ireland. For UK residents, you may also contact the Information Commissioner's Office (ICO).

If you have any questions or concerns about Endeavour Technology's use of your personal data, please contact us at info@endeavourtechnology.com.

HOW WE COLLECT AND USE YOUR PERSONAL DATA

  • Network performance data: If you are a user of our mobile application, when allowed access to your data, we collect data from your mobile device both when you are using our app and when it is closed. We take repeated measurements from your device including location data (GPS coordinates or similar), network type, network operator, cellular and Wi-Fi signal strength and quality, and identifiers of connected cell towers and Wi-Fi routers (including BSSID and SSID).
  • Information you provide to us: If you or your employer use or register for our Services, or if you engage with us in other ways (e.g. job enquiries), we may collect personal information such as your name, postal address, email, phone number, login credentials, date of birth, and any messages you send us.
  • Information from third parties: If you register using a third-party service (e.g. Facebook, Google), we may receive information from those services as permitted by you.
  • Analytics: We use analytics tools to understand usage of our Services. These tools use cookies and identifiers. In the EEA/UK, analytics are only enabled where you have given consent through our consent banner.
  • Cookies: When you use the Services, cookies may be set on your device. We use both session and persistent cookies. In the EEA/UK, non-essential cookies are only used with your consent, which can be withdrawn at any time through your browser or our consent management settings.

We also measure how data flows, both passively (by monitoring how fast it moves through other apps) and actively (by running a test that downloads or uploads synthetic test payloads within our SDK). We do not monitor the content of your communications or application usage.

We may also collect data from environmental sensors on your device (e.g. acceleration, orientation, atmospheric pressure, light intensity) and internal device conditions such as battery temperature and voltage, to understand how device conditions affect mobile network experience.

To understand device-level differences, we collect data on hardware such as model, manufacturer, and cellular radio model, as well as mobile platform version.

When you first use the nSpireMobile app a random identification code is generated and used to identify your device whenever we take measurements. To help manage the data, we may also collect related IP addresses. We no longer routinely collect MAC addresses or Android serial numbers. We may use an App Instance ID, but we do not combine this with precise location data without your consent.

THE PURPOSES FOR WHICH WE USE YOUR PERSONAL DATA

The purposes for which we collect and store your personal data are the following:

Measurements that we take from the mobile devices of individual network users allow us to create a detailed picture of the service availability, quality and performance of numerous communication networks across the world and over time. We publish some of the statistical data that we generate and we provide it to our customers (such as network operators) to help them understand their own network's service coverage, performance and signal quality (and those of their competitors). Although the end-product we produce is made up of aggregated anonymized data, the underlying 'raw data' which contains personal data of individual users is important for us and our customers for generating statistical data, validating the results, quality control and further analysis.

Personal data that we receive from you enables us to deliver our Services to you and enables you to use them efficiently.

Insofar as permitted under applicable law, we use your data to communicate with you in relation to our Services.

We use data to personalize, test, monitor, improve and upgrade our Services, to meet our legal obligations and the regulatory requirements to which we may be subject, for loss prevention purposes and to protect and enforce our rights and meet our obligations to third parties, and for our internal business purposes, such as compiling and analyzing usage information for general operational, statistical and business purposes.

We use personal data in the general operation and administration of our business including in recruitment of staff, engaging service providers to provide services to our business, in providing services to our customers and for marketing purposes.

YOUR RESPONSIBILITIES

It is important that the personal data we hold about you is accurate and current. If you provided us with any details of personal data, please keep us informed if such details change.

LEGAL BASIS FOR PROCESSING YOUR DATA

We rely on the following lawful bases for the processing of your personal data:

Our legitimate interests in delivering the Services, operating and administrating our business, conducting commercial research, improving and maintaining the Services, protecting the security or integrity of our databases, protecting our business or reputation, taking precautions against legal liability, protecting and defending our legal rights or property, or resolving disputes.

Your consent, for device measurement data, analytics, cookies, and precise location collection. Consent can be withdrawn in-app or via the cookie banner.

The fulfilment of our contractual obligations to you under our terms and conditions of service.

Compliance with legal obligations to which we are subject.

HOW WE SHARE YOUR INFORMATION

Joint and Independent Controllers

We share some of the raw measurements that we collect from users' mobile devices with some of our customers under the terms of data license agreements and data sharing agreements. Some of the data we share with our customers contains personal data such as datasets containing location data of individual users. Our customers are permitted to use the data for the purpose of analyzing it and generating aggregated data relating to the performance of their networks or telecommunications equipment (and competing networks or equipment) and to use aggregated data in their sales activities. Our customers are not permitted to use your personal data to communicate with you or to influence you or to profile or track individual users. They are required to keep your personal data confidential and to use appropriate means to protect it.

Service Providers

We may share datasets containing your personal data with third-party service providers that perform services on our behalf in connection with our Services. Where your information is shared with such third parties, we ensure that the third-party service provider will deal with your information only on our behalf and on our written instructions and solely for our benefit.

Business Change

If we become involved in a merger, acquisition, sale of assets, or other transaction, we may share or transfer databases containing personal data of users to successor parties.

Necessary Disclosure

We may disclose information about you to third parties to: enforce or apply our terms, comply with legal obligations, protect our rights and safety, protect against legal liability, or investigate illegal activities or fraud.

HOW WE PROTECT YOUR INFORMATION

We take certain measures to protect personal data collected through the Service against loss, theft, and unauthorized access, use, disclosure, destruction or modification. These include physical, technological and administrative measures.

HOW LONG WE KEEP YOUR INFORMATION

We retain personal data only as long as needed for its purpose:

Device-linked measurements are retained for up to 24 months, after which they are pseudonymised and used only in aggregated statistical form.

Account and support data may be kept for up to 7 years for business and legal purposes.

IP addresses and logs are generally retained for up to 90 days unless required longer.

We periodically review and securely delete or anonymise data once no longer required.

DATA SUBJECT RIGHTS

Data subjects have the following rights under applicable law:

  • Confirmation: Confirmation of whether data is processed, purposes, recipients, retention, and use of automated decision-making.
  • Access and rectification: Access to personal data and rectification of inaccuracies.
  • Withdrawal of consent: Withdrawal of consent where processing relies on consent.
  • Request for erasure: Request for erasure where data is no longer necessary, consent has been withdrawn, or processing is based solely on legitimate interest and overridden by objection.
  • Restriction of processing: Restriction of processing in certain circumstances (e.g. disputed accuracy).
  • Data portability: Data portability where processing is based on consent or contract.
  • Objection: Objection to processing based on legitimate interest, unless overriding grounds apply, or to direct marketing (which will cease immediately).

We respond to rights requests within one month.

EEA residents may lodge complaints with the Data Protection Commission, Ireland. UK residents may lodge complaints with the ICO.

COUNTRY OF PROCESSING

We operate the Services from Ireland. Data is processed in the EU, UK, and via third-party providers (e.g. cloud services) in the USA and other countries. Where data is transferred outside the EU/UK, we use the EU Standard Contractual Clauses (2021), the UK IDTA or Addendum, and other supplementary safeguards as required by law.

CHILDREN'S PRIVACY

The Service is not directed to children. We do not knowingly collect personal data from individuals under 16 in the EU/UK or under 13 in the US. If you are below the relevant age, do not use the Service. Parents/guardians should contact us if they believe their child has submitted personal data.

THIRD-PARTY SITES AND SERVICES

The Service may reference or provide links to other websites, applications, or resources. If you access any such resources provided by a third party, our Privacy Policy will not apply. Your interactions are subject to the privacy policies of those third parties.

AGGREGATED INFORMATION

We may share aggregated, anonymized or de-identified data relating to users of our Services with affiliated or unaffiliated third parties.

CHANGES TO THE PRIVACY POLICY

We may update this Policy from time to time, and the updated version will be effective upon posting. We will provide notice if changes are material and, where required, obtain your consent. Please check this page to review the most up-to-date version.

QUESTIONS / CONTACTING US

If you want to exercise your rights under paragraph 12 of our privacy policy, please email info@endeavourtechnology.com with "Data Request" in the subject line.

[latest update: 25th June, 2024]