End users of WiFi should have control over the data they are willing to share with companies. The General Data Protection Regulation (GDPR) comes into full force on 25th May this year, the biggest revision to data privacy and security in 20 years by the European Union parliament, but there is no reason end users around the world shouldn’t also benefit from more transparent terms of use.
We were proud to unveil our new Profile Portal in July 2017, as the first WiFi provider to give end users complete transparency of the data collected about them. GDPR outlines that individuals have a “right of access” to the information a company holds on them, and if requested the firm must supply the individual with their data within one month.
At Purple we’ve gone one step further by providing users with ongoing access to all personal data captured after signing up for WiFi, as well as providing the functionality to update their marketing preferences and export data, via our Profile Portal. This was not a mandatory part of the EU’s GDPR legislation, it’s a differentiating level of transparency we wanted to achieve for our end users around the world, as well as the users affected in the EU.
Individuals logging into WiFi at a Purple venue have ‘unambiguous consent’. This means they are fully aware of the terms they are agreeing to. When a guest WiFi user ticks the consent box on the WiFi splash page, they will be presented with a “Terms Overview” screen explaining exactly how their data will be used.
Our Privacy Policy within the login journey has also been reduced from 1600 to just 260 words, which means no more tedious legal jargon, just simplistic language that clearly outlines what we collect, why we collect it and what we do with the data.
At Purple, we know all too well how end users fail to read terms and conditions when signing up to guest WiFi. In July last year, we carried out an experience by adding a spoof term to our terms and conditions of logging into WiFi. Shockingly, 22,000 people agreed to 1,000 hours of community service to clean festivals toilets, paint snail shells and scrub gum off the sidewalk, just for free WiFi access. This two-week experiment proved why it was necessary to improve transparency for our global network of Purple WiFi end users, while meeting GDPR compliance.
More details about the Purple Profile Portal
The Profile Portal aggregates all of the information collected on the user when accessing WiFi at any Purple supported venue and is split into 3 main areas:
My Personal Information
This area allows the user to view all of the personal information that has been collected about them, which can include their first name, surname, email, date of birth and gender.
My Activity
Users can access a breakdown of their activities, including the venues they’ve visited, marketing communications received, surveys completed, devices used to login to the WiFi and the method used to connect to the network.
My communication settings
We’ve given users the ability to view their marketing preferences and choose which companies are permitted to send them future marketing communications in this area of the Profile Portal.
The Profile Portal eradicates the big brother element of data capture and instead opens the doors and invites users to find out exactly what data is collected, how it will be used, and by whom. We have received overwhelming feedback from our partners and customers on how beneficial the early changes have been as the GDPR deadline looms (it’s only two months away!) and are proud to be leading the way in transparent WiFi data collection.
Read next: Top 10 Tips for GDPR