Effective Date: July 24, 2024
Sensor Tower, Inc. (“Sensor Tower”, “we”, or “us”) is honored to provide the StayFree suite of apps (collectively the “App”) that helps users (“you”) improve their mobile experience with privacy-focused app usage tools. When using the App, you may consent to us collecting some of your personal information.
The purpose of this Privacy Policy is to provide you with a clear understanding of what personal information we have access to when you use the App, and our website and other services accessible via stayfreeapps.com (our “Services”), as well as what personal information may be collected, how your personal information is used, and the choices you have to control the collection and/or use of your personal information.
If you have any questions, comments, or concerns about your personal information, this Privacy Policy, your privacy, or any of our privacy practices, please contact our Data Protection Officer by email at data-protection@sensortower.com or by mailing correspondence to Data Protection Officer at Sensor Tower, Inc., 2261 Market Street #4331, San Francisco, CA 94114.
This Privacy Policy explains how Sensor Tower collects, stores, uses, transfers and shares your personal information in connection with the Services including the App, which is available for download from several different channels including without limitation the Google Play(TM) store, Apple App Store(TM), Windows Store(TM), various different browser extension marketplaces, Chrome, our website, and so forth.
We may and reserve the right to update this Privacy Policy to reflect changes in and to keep you informed about our privacy practices. Please periodically review the App or the relevant Google Play(TM) store page for the latest information on our privacy practices.
If we make any changes, we will notify you by contacting you through the App, by posting a notice on the App, by posting a notice on our Google Play(TM) store page for the App, by posting a notice on our website, by posting an update to this Privacy Policy, or by some combination of these methods. If you keep the App installed and/or continue to use the App after the Privacy Policy has been updated, this will indicate your acceptance of the Privacy Policy as modified. In some cases, you will have to explicitly accept changes to the Privacy Policy.
If you do not accept the terms of the Privacy Policy, please uninstall the App and discontinue its use immediately.
When you install the App, a randomly generated unique identifier (“Generic ID”) is used to distinguish your installation of the App from installations of the App by other users.
Upon installation, you will be explicitly asked to grant the App permission to access your device’s usage data and accessibility services (the “Device Services”).
Using the Device Services, we collect non-personal ad and app-related information (“Services Data”) from your device. The non-personal Services Data we collect is designed to not include information that could uniquely identify you.
Rather, the Services Data contains app and ad-related information including without limitation ads, ad context, ad interactions, ad metadata, app usage data, website usage data, informational queries, and product and service e-commerce information such as information about orders, transactions, promotions, subscriptions, bills, shipments, and the like.
We index the Services Data using the Generic ID so as to keep it deidentified and unassociated with your personal identity.
The App locally processes the Services Data to provide various features and functionality to you. You are entirely free to decide whether or not to grant the App access to the Device Services, and can revoke this permission at any time in the App, although doing so may make it infeasible for the App or a feature of the App to function properly.
The App will ask for your explicit consent to transmit the below-listed Collected Data to Sensor Tower’s servers, such as:
the Services Data;
the Generic ID;
App configuration data;
your IP address;
your device type;
your browser version;
your installed apps;
ads displayed in your feed;
your country;
your birth year; and
your gender (collectively the “Collected Data”).
Upon receiving any Collected Data, our policy is to delete your full IP address from our logs within hours of receipt, unless an error is being debugged, in which case it is deleted upon resolution of the error. When stored, the Collected Data is stored in association with your Generic ID. If you uninstall the App, any Collected Data is permanently disassociated with that installation of the App and is at that point irreversibly anonymized and cannot be used to re-identify you.
We never intentionally collect, receive or process any of your sensitive personal information, such information regarding your sexual orientation, ethnicity, religious affiliation, refugee status, health, or personal finances (other than general purchase-related information as noted above).
We may process your personal information for the purposes described in this Privacy Policy, with your consent; when we have assessed it is necessary for the purposes of the legitimate interests pursued by Sensor Tower or a third party to whom it may be necessary to disclose information; or to comply with a legal obligation. If you have questions about these legal bases you can contact our Data Protection Officer.
We may use your personal information for the following purposes:
to operate, maintain, debug, and improve the App;
to send you technical notices, updates, security alerts and support and administrative messages;
to respond to your comments, questions and requests and provide customer service;
to monitor and analyze trends and usage of the App;
to monitor and analyze ads;
to power, in an anonymized form, other products and services, such as the Sensor Tower available at sensortower.com;
to use, in an anonymized form, in training of neural networks and artificial intelligence;
for scientific and academic research purposes; and
for any other purposes indicated in this Privacy Policy.
We will not process your personal information in a way that is incompatible with the purposes for which it has been collected or collect any personal information that is not needed for these purposes.
We do not and will never sell your personal information to advertising platforms, data brokers, or information resellers. We will also never sell your personal information as may be defined by applicable laws.
We may anonymize information from the Collected Data ("Anonymized Information") and use the Anonymized Information for any purpose. For example, we may use Anonymized Information to generate and validate the data and insights about app ecosystems that we provide on our website at app.sensortower.com. We may provide Anonymized Information to third parties, although third parties that receive Anonymized Information cannot use the Anonymized Information to personally identify you. Some third parties are our customers or partners, and others are our service providers that perform services on our behalf to help us provide, understand, or improve the App, help host our services and databases, perform analyses or research, send communications on our behalf, or measure the effectiveness of our advertising.
In situations where you consensually provide us with contact information for the sole purpose of communicating with us, we may use your information to respond to your communications and send you information you request.
From time to time, a situation may arise where we may use Collected Data to enforce our terms of service; prevent unlawful activities and misuse of the App; protect the legal rights, property, safety, and security of Sensor Tower, our affiliates, and our users; and resolve disputes involving you relating to the Services; or and comply with applicable laws and assist law enforcement. Regardless, we do not and will not share your Collected Data with third-parties except in the following limited circumstances:
With your consent.
With third-Parties When Required By Law or as Necessary to Protect the Services. We may access, use, preserve, and share your information with third parties when we have a good faith belief that it is necessary to: detect, prevent and address fraud and other illegal activity; protect ourselves, you and others, including as part of investigations; or prevent death or imminent bodily harm. We may also share such information if we believe that you have abused your rights to use the Services or violated an applicable law, or in connection with any dispute between you and us with respect to the Services.
In Response to a Legal Request. We may also access, use, preserve, and share your information,in response to a legal request if we believe in good faith that the response is required by law in that jurisdiction, applies to users in that jurisdiction, and is consistent with internationally recognized standards. Information we receive about you may be accessed, processed, and retained for an extended period of time when it is the subject of a legal request or obligation, government investigation, investigation concerning possible violations of our terms or policies, or otherwise to prevent harm.
In Connection With a Transfer of Assets. If we sell all or part of our business, make a sale or transfer of assets, are otherwise involved in a merger or business transfer, or in the event of bankruptcy, we may confidentially disclose and transfer your personal information to one or more third parties as part of that transaction.
Other Disclosures. We also may disclose personal information as described to you at the point of collection or pursuant to your consent.
The personal information we collect from you, as described above, is pseudonymized when collected and is retained for as long as needed to accomplish the purposes provided in this Privacy Policy. At any time, you can request that we erase any personal information that we have collected as outlined in the “Your Rights” section of this Privacy Policy.
If you delete the App from your device, your Generic ID is permanently disassociated with that instance of the App and any of your personal information will become Anonymized Information. You should be aware that we may retain any such Anonymized Information after you have deleted the App. We reserve the right to use the Anonymized Information after you have deleted the App.
With us, you have rights and control over your personal information regardless of the country you live in. Many of these important rights are afforded by Europe's and the UK's General Data Protection Act (“GDPR”), which include:
The right to be informed about the collection and use of your personal information, which this Privacy Policy provides.
The right to access your personal information (called a “subject access request” under the GDPR), which you can do by sending an email to our Data Protection Officer using the contact information provided above. Please note that since we pseudonymize data collected from you, we may need some additional information from you in order to re-identify your personal information. Also, if you have uninstalled the App, any data collected from you will have been anonymized and will not be re-identifiable.
The right to have any data that is inaccurate or incomplete rectified by correcting or completing it.
The right to erasure (a.k.a., “be forgotten”) by sending an email to our Data Protection Officer using the contact information provided above and requesting that we delete your personal information. Please note that since we pseudonymize data collected from you, we may need some additional information from you in order to locate and delete your personal information. Also, if you have uninstalled the App, any data collected from you will have been anonymized and we will be unable to locate it.
The right to restrict the processing of your personal information under certain circumstances provided by Article 18 of the GDPR.
The right to obtain and reuse a copy of your personal information for your own purposes.
The right to object to processing of your personal information under certain circumstances provided by Article 21 of the GDPR.
Contact our Data Protection Officer using the contact information provided above to exercise any of your privacy rights. We commit to grant them within 30 days after receipt or less.
If you reside in Europe or the UK, you can also contact Osano, which has been appointed as our representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, Osano can be contacted in addition to our Data Protection Officer, only on matters related to the processing of personal data. To make such an inquiry, please contact Osano by mail using the contact information below:
UK Representative
Osano UK Compliance LTD
ATTN: 8QL4
42-46 Fountain Street
Belfast
Antrim
BT1 - 5EF
EU Representative
Osano International Compliance Services Limited
ATTN: 8QL4
3 Dublin Landings
North Wall Quay
Dublin 1
D01C4E0
Contact our Data Protection Officer using the contact information provided above to exercise any of your privacy rights. We commit to grant them within 30 days after receipt or less.
If you reside in Europe or the UK, you can also contact our Article 27 representative listed above.
Please keep in mind that in the case of a vague request we may engage the individual in a dialogue so as to better understand the motivation and content of the request. We may also refuse manifestly unfounded and excessive (repetitive) requests.
We might also require you to prove your identity in some cases. This is made to ensure that no rights of third parties are violated by your request.
Notification requirements. We commit to notify you, when it is needed under the law, within a reasonable period of time and your data protection authority within the timeframe specified in applicable law about data breaches related to your personal information.
Data Protection Authorities. Subject to applicable laws, you may have the right to lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with applicable law.
If you are a California resident, then Under the California Consumer Privacy Act (“CCPA”) you have certain rights regarding the personal information that we may have collected about you. The following sections disclose the “what,” “how,” and “why” behind any personal information we collect about you, who we share it with, and what your rights are over your personal information.
As summarized in detail in the Collected Data section above, we collect:
personal identifiers; commercial information; and Internet or other electronic network activity information.
We use identifiers, commercial information, and Internet or other electronic network activity information in order:
to operate, maintain, debug, and improve the App;
to send you technical notices, updates, security alerts and support and administrative messages;
to respond to your comments, questions and requests and provide customer service;
to monitor and analyze trends and usage of the App;
to monitor and analyze ads;
to power, in an anonymized form, products and services, such as the Sensor Tower products and services available at sensortower.com;
to use, in an anonymized form, in training of neural networks and artificial intelligence;
for scientific and academic research purposes; and
to ensure security.
As further described in the Collected Data section above, we collect identifiers and commercial information directly from you and we collect Internet or other electronic network activity from your usage of the App and its services.
We do not use cookies or web beacons to collect personal information from you or track your activity.
We do not sell your personal information. We do sell deidentified and/or aggregated consumer information, which does not identify you or any individual person and is not considered personal information by the CCPA (Cal. Civ. Code 1798.140(o)(K)(3)) on app.sensortower.com as summarized in the Use of Anonymized Information section above.
We may share your personal information in the following circumstances:
Service Providers: We will share personal information with third parties who perform services on our behalf. For example, we share personal information with our vendors (e.g., IT services providers, cloud providers, online platforms, debugging platforms, support providers, etc.), partners and consultants. We may also share personal information with companies that operate our Services.
Comply with the Law: We will share personal information if we think we have to in order to comply with the law or to protect ourselves such as responding to court orders or subpoenas. We may also share your personal information if a government agency or investigatory body requests. We may also use your personal information when we are investigating potential fraud or other areas of concern or if we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property, or the rights, property or safety of others.
Business Successors: We may share personal information with any successor to all or part of our business. For example, in the event of a merger, acquisition, divestiture, change of control, or liquidation of Sensor Tower or part of its business (or in anticipation of such an event) we may share your personal information as part of that transaction.
Business Transfers: In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your personal information as set forth in this Privacy Policy.
Information We Share With Your Consent: We will share your personal information in the manner that you authorize us to.
We may share personal information for other reasons we may describe to you or as permitted by law.
The consumer rights you may have under CCPA include the right to:
Opt out of the sale of your personal information;
Request that we disclose information about the personal information collected, used, disclosed or sold;
Request that we delete personal information collected or maintained by us; and
Not receive discriminatory treatment for exercising your privacy rights.
We do not sell your personal information. While you have the right to direct us to not sell your personal information, as summarized below, such a request could be moot since we do not sell your personal information.
You have the right to request that we disclose to you what categories of personal information we have sold or disclosed for a business purpose about you, and the categories of third parties to whom the personal information was sold or disclosed. Additionally, you have the right to request disclosure of specific pieces of information. Below is a list of the information that you can include in your request.
the categories of personal information that we have collected about you;
the categories of sources from which we collected the personal information;
the business or commercial purpose for collecting or selling the personal information;
the categories of third parties with whom we share personal information;
the specific pieces of personal information we have collected about you;
the categories of personal information that we disclosed about you for a business purpose; and
the categories of personal information that we have sold about you, as well as the categories of third parties to whom we sold the information.
You have the right to request that we delete any personal information about you that we have collected from you. Please note that there are exceptions where we do not have to fulfill a request to delete information, such as when the deletion of information would create problems with the completion of a transaction or compliance with a legal obligation.
We will not discriminate against you (e.g., through denying goods or services, or providing a different level or quality of goods or services) for exercising any of the rights afforded to you.
If you would like to exercise your right to opt out, right to delete, or right to request disclosure, or if you have any questions or would like to provide feedback on this Privacy Policy or our privacy practices, please email us using the following information and our privacy team will examine your request, question, or feedback and respond to you as quickly as possible.
Data Protection Officer, data-protection@sensortower.com.
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternatively, such businesses may have in place a policy not to disclose Personal Information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. We do not participate in the sharing of your personal information with third parties for the third parties’ direct marketing purposes, so there is no need to opt-out.
Various other states, including but not limited to, Colorado, Connecticut, Virginia, and Utah, have passed laws providing their state residents rights that are the same or similar to those afforded under the CCPA and the GDPR. These rights, which we honor in the same fashion as outlined above, include without limitation rights to:
Confirm whether we process their Personal Information.
Access and delete certain Personal Information.
Data portability.
Opt-out of Personal Information processing for targeted advertising and sales.
Some states also provide their state residents with rights to:
Correct inaccuracies in their Personal Information, taking into account the information's nature processing purpose.
Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.
Outside of the US, if you are a resident of another country, state, or province with applicable data privacy laws and regulations that afford you with privacy rights similar to those afforded by the GDPR, CCPA, or other similar laws or regulations, we will honor any requests from you to exercise those privacy rights in accordance with those data privacy laws and regulations to the extent possible.
We adhere to the standards set out in this Privacy Notice and do not monitor or respond to Do Not Track browser requests.
We maintain reasonable and appropriate safeguards to protect all collected personal information against loss, misuse, theft, unauthorized access, disclosure, alteration, or destruction. While we strive to protect your information and privacy, no data transmission or storage can be guaranteed to be 100% secure. We cannot guarantee or warrant the security of information you disclose or transmit to us and cannot be responsible for the theft, destruction, misuse, unauthorized access, alteration, or inadvertent disclosure of your information.
If we become aware of a security systems breach, we will attempt to inform you by posting a notice, publishing a press release, notifying you via the App, or other appropriate means, and will take appropriate steps to remedy the breach in compliance with any applicable laws and as specified in this Privacy Policy.
General age limitation. We are committed to protecting child privacy. The App is not intended for children and we do not intentionally or knowingly collect information, personal or otherwise, about individuals under the age of 18, much less children under 13 years old. If you are aware of anyone under 18 using the App, please contact us using the contact information provided above and we will take required steps to delete any such information and/or prevent that individual from accessing the App.
Age limitation for EU residents. To the extent prohibited by applicable law, we do not allow use of the App by EU residents younger than 18 years old. If you are aware of anyone younger than 18 using the App, please contact us using the contact information provided above and we will take required steps to delete any such information and/or prevent that individual from accessing the App.
Sensor Tower is based in the United States of America (“U.S.”) and the personal information we collect is governed by U.S. law. Please be advised that the laws in the U.S. and the laws of other countries may not offer the same protections as the law of your jurisdiction, and may be deemed inadequate relative to your country’s data protection law.
Further, you agree that we may store and process your information through third-party or affiliate hosting services in the United States, European Economic Area (“EEA”), and other international jurisdictions. As a result, we, our affiliates, subsidiaries, or agents may securely transfer your information to a jurisdiction with different data protection laws than your jurisdiction. By using the Services, you explicitly and unambiguously consent to the transfer of your information outside of your own country for the purposes described in this Privacy Policy.
We use data processors that perform particular operations with your personal information for us.
Data processors (or just processors) are companies that help us, the Data Controller, run the App, support our communication with you or perform other App-related activities. They may process certain personal information on our behalf to accomplish the goals related to the App functions and associated activities. Data processors act only in accordance with instructions and process only the personal information that we instruct them to process. We are liable for any acts or omissions of our data processors and engage with them under data processing agreements to the extent required by applicable law.
We keep our Privacy Policy under regular review. This new version was published on July 24, 2024, and supersedes the prior privacy policies that covered Mobile Data Usage, StayFree and StayFree Web.
This Privacy Policy may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.