Skyhook Privacy Shield Notice

Effective Date: 01/25/2017


Skyhook Holding, Inc. and its subsidiary Skyhook Wireless, Inc. (collectively, "Skyhook”, “we”, “our" or "us") respect your privacy. This Privacy Shield Notice ("Notice") describes our standards and procedures for handling Personal Information transferred from the European Economic Area ("EEA") to the U.S. in accordance with Skyhook’s obligations under the EU-U.S. Privacy Shield Framework.

Skyhook has subscribed to and will adhere to the EU-U.S. Privacy Shield Framework by adopting and implementing the Privacy Shield Principles ("Principles"). More information about the Privacy Shield can be found at Our Privacy Shield certification can be found at

For the purpose of this Notice, "Personal Information" means any data relating to an identified or identifiable individual, including, for example, name, address, telephone number and e-mail address, and "processing" means any operation performed on Personal Information, such as, for example, collection, use, management, consultation or disclosure. This Notice supplements the Skyhook Privacy PolicyUnless specifically defined in this Notice, the terms in this Notice have the same meaning as in our Privacy Policy. In case of conflict between this Notice and the Principles, the Principles will govern.

How we may obtain personal information

We may obtain and process Personal Information from the EEA in different capacities:

  • In the case of businesses and individuals opening accounts with Skyhook by signing up at, we collect and process EEA Personal Information as a data controller directly from individuals.
  • In the case of operating our location services, we obtain and process EEA Personal Information on behalf of our customers, such as by receiving location signals, determining location results, or providing geofence triggers or location-related data (as described in Skyhook’s Privacy Policy).

Skyhook commits to comply with the Principles with respect to all Personal Information received from the EEA in reliance on the Privacy Shield.

Privacy Shield Principles

  1. Skyhook’s Privacy Policy in combination with this Notice describes our privacy practices with respect to Personal Information received from the EEA in reliance on the Privacy Shield.
  2. When providing our Location Services, Skyhook requires all clients and third parties to provide notice regarding data collection and use, and to obtain all consents or permissions required, including without limitation any data such party collects, uses, and/or discloses from its users, the provision of such data to Skyhook, and the other party’s use of such data.

Skyhook also provides users the ability to directly opt-out from Skyhook’s services as follows: 

Location Information: For users who do not want any location data to be collected, the application, device, or operating system provides controls for disabling all location services.  This choice may limit the functionality of the device or installed applications

Device ID: If you wish to opt out of the Skyhook’s use of your Device ID to assist our partners with identifying your demographic information and interest segments for purposes of providing you with targeted ads, you may opt-out by clicking here. If you choose to opt out your Device ID(s), Skyhook will delete any collected data about this Device ID from Skyhook database, and quarantine the device ID so that Skyhook does not collect any data about this Device ID in the future or return or share any information about the Device ID to API or SDK requests.  Skyhook also respects platform-level controls and restrictions, so that if you disable targeted advertising through controls offered by the application and/or through the iOS or Android “Limit Ad Tracking” or “Opt out of interest-based advertising” settings, we will abide fully by those settings. More information on how to access these settings is provided on the Skyhook opt out page, which can be accessed by clicking hereIf a user chooses the “Limit Ad Tracking” or “Opt out of interest-based advertising” settings on iOS or Android, Skyhook will quarantine the device ID so that Skyhook does not collect any data about this device ID and will not return or share any information about the Device ID in response to API or SDK requests, instead returning an error code when the device ID has been opted out. Skyhook will also delete any encrypted device identified data from the opted-out user’s device.  

MAC Addresses: If you wish to opt out of Skyhook’s use of your MAC address to provide location, you may opt-out by clicking here. If you choose to opt out, Skyhook will (if applicable) delete the positioned record for that MAC address from the Skyhook database and will blacklist that MAC address so that we will not process or use that MAC address information in the future.

  1. Data Integrity and Purpose Limitation.Any Personal Information we receive may be used by Skyhook for the purposes indicated in the Skyhook Privacy Policy or as otherwise notified to you. We will not process Personal Information in a way that is incompatible with these purposes unless subsequently authorized by you.

We take reasonable steps to limit the collection and usage of Personal Information to that which is relevant for the purposes for which it was collected, and to ensure that such Personal Information is reliable, accurate, complete and current. Individuals are encouraged to keep their Personal Information with Skyhook up to date and may contact Skyhook as indicated below to request that their Personal Information be updated or corrected.

We will retain your Personal Information in an identifiable form only for the period necessary to fulfill the purposes outlined in the Skyhook Privacy Policyunless a longer retention period is required or permitted by law or by the Principles. We will adhere to the Principles for as long as we retain the Personal Information collected under the Privacy Shield.

  1. Accountability for Onward Transfer of Personal Information.Skyhook may transfer Personal Information for the purposes described in the Skyhook’s Privacy Policy to a third party acting as a data controller or as an agent. If we intend to disclose Personal Data to a third party acting as a data controller or as an agent we will comply with, and protect, Personal Information as provided in the Accountability for Onward Transfer Principle. When providing our location services we disclose Personal Information as provided in our agreement with customers.

We remain responsible for the processing of Personal Information received under the Privacy Shield and subsequently transferred to a third party acting as an agent if the agent processes such Personal Information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.

  1. Skyhook takes reasonable and appropriate precautions, taking into account the risks involved in the processing and the nature of the Personal Information, to help protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction.
  1. In the case of information submitted to set up an account with Skyhook, individuals have reasonable access to their Personal Information and may request corrections, deletions, or additions where the Personal Information is inaccurate or has been processed in violation of the Principles. In addition, as described above, Skyhook provides end users with the ability to opt out of collection of the users’ MAC address, IP Address, Device ID and location information.
  1. Recourse, Enforcement and Liability.Skyhook has established procedures to periodically verify implementation of and compliance with the Principles. Skyhook conducts an annual self-assessment of its practices regarding Personal Information intended to verify that the assertions Skyhook makes about its practices are true and that such practices have been implemented as represented.

In case of disputes, individuals are able to seek resolution of their questions or complaints regarding the processing of their Personal Information in accordance with the Principles. If an individual feels that Skyhook is not abiding by this Notice or is not in compliance with the Principles, he or she should first contact Skyhook at the contact information provided below.

If an issue cannot be resolved through Skyhook’s internal dispute resolution mechanism, you may submit a complaint to JAMS, which provides, at no cost to you, an independent third-party dispute resolution option based in the U.S. To contact JAMS and/or learn more about the company’s dispute resolution services, including instructions for submitting a complaint, please visit here. For residual complaints not fully or partially resolved by other means, you may be able to invoke binding arbitration as detailed in the Principles available here.

Skyhook is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”).


This Notice may be amended consistent with the requirements of the EU-U.S. Privacy Shield Framework. When we update this Notice, we will also revise the "Last Updated" date at the top of this document.

Questions and Complaints

 If you have any questions, concerns or complaint regarding our privacy practices, or if you’d like to exercise your choices or rights, you can contact us:

  • By email at
  • By mailing to Skyhook, Attn: Legal, 12 Thomson Place, 4th Floor, Boston, MA 02210, USA

We will make every effort to resolve your concerns.