SENSORBERG POSITIONS ITSELF WITH THE RELEASE OF THE FIRST PRIVACY POLICY STATEMENT FOR BEACONS

Sensorberg positions itself as the iBeacon competence leader with the release of the first privacy policy statement for the Sensorberg Beacon Management Platform by the lawyer Kathrin Schürmann.

Berlin. In all sectors, and most particularly those related to technical innovation, any company must pay attention, again and again, to the question of private consumers’ data security. Sensorberg sets the highest priority to the issue of privacy policy.

What does Sensorberg do?

Sensorberg provides a management platform for Beacons that enables anyone to take advantage of the new iBeacon technology, based upon the Bluetooth 4.0 standard, developed and trademarked by Apple

Sensorberg´s product is based on the Beacon Management Platform. It comes as a bundle composed of the SDK (for iOS and Android) with which any app can be made iBeacon compatible, the cloud based Content Management System, the hardware, which comes as CE-certified Beacons produced in the UE, and the configuration app developed by the firm.

When talking about “iBeacon”, what is usually meant is the iBeacon technology, or iBeacon protocol. The Beacon is in turn a small wireless transmitter, equipped with Bluetooth Low Energy (BLE) and able to send universally unique identification number (UUID).

If a smartphone or a tablet equipped with BLE and operated by iOS 7 or Android 4.3 Jelly Bean enters the emission range of a Beacon and has an app equipped with Sensorberg’s SDK, it will receive a notification via services running in the background.

Excerpts of the first privacy policy statement:

With regards to privacy policy, an app made compatible with the iBeacon technology through integration of the Sensorberg SDK is not submitted to a different regulation than a conventional app. iBeacon transmitters are uncritical since they cannot hold, process, transmit or store any personal data. Due to lack of a receiver module, they are not able to receive data from users, or to scan their surroundings. Threats to privacy policy can however come from the app of the provider. The app provider is the responsible entity for all privacy issues with regards to handling of personal data.

The only function of a Beacon consists of permanently emitting a so-called advertising bundle, which in the first hand contains only its universally unique identification number (UUID). The reception field strength, a standardized info regarding the strength of the signal emitted by a Beacon at a distance of one meter, is also sent. Since the role of the Beacon is limited to the permanent emission of the advertising package, Beacons are incapable of sending advertisement themselves as well as receive, process, store information or “scan” their surroundings.

In order for the UUID emitted by a Beacon to trigger an action on a mobile device within its emission range, an app which has been programed to respond to this signal with a sequence of actions must be installed on the mobile device.

For this purpose, iOS devices maintain since version 7 a data bank of so-called “iBeacon regions”. Each app installed on the device can record up to 20 iBeacon regions. An iBeacon region is an area in which determined UUIDs are received. If a received UUID matches a region on file, the UUID is transmitted to the app. Even though the app is not active, it will be activated for this purpose. Since Android does not dispose of iBeacon –specific functions by default, the reaction to the received UUID relies essentially on the programing of the actual iBeacon-compatible app.

Nonetheless, the UUIDs sent by a Beacon can trigger a programed sequence in the app only if the user gave his authorization for the system to access the Bluetooth interface, and if he switched on the location services of his mobile device.

The IP-address of the user is not analyzed, transmitted or stored. No user profiles are created.

Data processing of the Sensorberg Beacon Management Platform is performed on Microsoft Azure servers. The Microsoft Corporation has committed to the exclusive use of the servers in the European Union / European economic region.