Privacy Policy

Printer-Friendly Version

We recognize the importance of your privacy. This Privacy Policy is intended to inform you about the information we collect when you access or use our website, our mobile applications, our social media accounts and the web portals and mobile applications that we develop for our clients (hereinafter all collectively referred to as “our services”), how we use that information, and with whom the information may be shared.

Who we are

On August 1, 2023, Bytemark, Inc. merged with and into its parent company, Siemens Mobility, Inc. (“SMI”), and as a result of this merger, SMI assumed certain of Bytemark’s legal obligations, including the services and obligations established in this Privacy Policy. SMI will continue to provide the same services provided by Bytemark, including the provision of secure, comprehensive transit fare collection and Payments as a Service (PaaS) solutions to cities and agencies around the globe. We connect clients to riders using cutting-edge technology. SMI is a corporation organized under the laws of the State of Delaware, with its headquarters is located at One Pennsylvania Plaza, Floor 11, Suite 1100, New York, NY 10119.

scope of our privacy policy

This Privacy Policy applies to information that we collect online through our services. Please read this Privacy Policy carefully. By continuing to access or use our services, you are consenting to the practices described in this Privacy Policy.

This Privacy Policy does not apply to information that we collect by other means, such as information you share with us verbally, in writing, or in email messages to our employees. It also does not cover any information collected by any other company, third-party site or third-party application that may link to, or that may be accessed from our website and mobile applications.

If you are using one of our client’s web portals or applications, they are also collecting certain information from you and about you. To learn more about our clients’ privacy practices, visit their respective websites.

personal information

Personal information is information that identifies, relates to, or could reasonably be linked with you or your household. For example, it could include your name, social security number, email address, records of products purchased, internet browsing history, geolocation data, fingerprints, and inferences from other personal information that could create a profile about your preferences and characteristics.

personal information we collect

We may have collected the following Personal Information within the past twelve (12) months.

• Identification: real name, alias, age, postal address, telephone number, unique personal identifier, online identifier, internet protocol address, email address, driver’s license, and state identification card number

• Financial Information: credit card and debit card numbers

• Commercial information: records of products and services purchased and obtained

• Internet or Network Activity: browsing history and information regarding your interaction with our services

• Geolocation data

• Professional or Employment Information: education and employment history for job applicants only

• Images: still photograph provided by you for identification purposes only

how we collect personal information (Sources)

We collect information directly from you when you register for our services or update your user account. We also collect information if you contact us.

We collect information about you from third parties. For example, our business partners or clients may give us information about you. Social media platforms may also give us information about you.

We collect information from you passively where permitted. We may collect personal information about users over time and across different websites when you use our services. We may also have third parties that collect personal information this way. We may do this using tracking tools like browser cookies and web beacons and though services providers such as Google Analytics.

To learn more about Google Analytics and how to opt out, please visit “How Google Uses Information From Sites or Apps That Use Our Services” at www.google.com/policies/privacy/partners/.

a.              Cookies and Web Beacons

Cookies are small text files that are downloaded to the browser of a computer, tablet, or smartphone used to visit a website. A web beacon, also known as an internet tag, pixel tag, or clear GIF, is a tiny graphic image that may be used in our websites or emails

Cookies and web beacons may identify your browser, help you log-in, and improve the navigation of a website. We use these features to help us improve the performance of our services. For example, cookies allow us to review the number of visitors to our website and a visitor’s usage patterns; to track key performance indicators such as pages visited, frequency of visits, downloads, and other statistical information; whether a visitor views the mobile or desktop version of the websites; to recognize you if you return to our website; to store information about your past visits, and to remember your preferences.

b.              Controlling Cookies and “Do Not Track” Requests

You can control cookies and other tracking tools. Your browser may give you the ability to control cookies or other tracking tools. How you do so depends on the type of tool. Certain browsers can be set to reject browser cookies. If you block cookies on your browser, certain features of our services may not work. Choices you make are both browser and device-specific. If you block or delete cookies, not all of the tracking that we have described in this policy will stop. Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so we are not currently set up to respond to those signals.

You can also control cookies and other tracking tools on your mobile devices. For example, you can turn off the GPS locator or push notifications on your phone. Each push notification has an “unsubscribe” link.

You have certain choices about sharing and marketing

You will not receive marketing material from us or our third-party communication partner, until you provide your express written consent to opt in to receive such material. We will notify you when the opt in function is available at which time you can then decide whether or not you wish to receive marketing material. Even if you do not provide your express written consent to opt in to receive marketing materials, we will still send you transactional messages. These include responses to your questions.

You can control cookies and tracking tools. Your browser may give you the ability to control cookies or other tracking tools. How you do so depends on the

type of tool. Certain browsers can be set to reject browser cookies. If you block cookies on your browser, certain features on our sites may not work. Choices you make are both browser and device-specific. If you block or delete cookies, not all of the tracking that we have described in this policy will stop. Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so we are not currently set up to respond to those signals.

You can control tools on your mobile devices. For example, you can turn off the GPS locator or push notifications on your phone. Each push notification has an “unsubscribe” link.

how we use or process personal information

We do not sell personal information and do not intend to sell personal information in the future.

We may use or process the information that we collect to:

• Manage our business operations and perform our services

• Fulfill or meet the reasons you provided us the information, including to process your requests, transactions or payments, to prevent transaction fraud and to provide customer service

• Maintain and service user accounts and verify customer information

• Send you information about new products and special offers

• Help maintain the safety, security, and integrity of our services, website products, and other technical assets

• Improve, develop, debug, modify or support our services, website products, and other similar internal purposes (including using analytics to analyze our website’s traffic and optimize its performance)

• Respond to your inquires, process your requests concerning your personal information in our possession, to investigate and address your concerns, and to monitor and improve our responses

• Respond to lawful requests for information through court orders, subpoenas, warrants and other legal process, obligations or governmental regulations

• Consider individuals for employment and contractor opportunities

• For employees only: to administer and provide compensation and benefits, to communicate with employees and their designated emergency contacts, to perform other human resource related activities, and to comply with employment law obligations

with whom we share personal information

We share personal information with our clients to provide our services and process transactions and payments.

We share personal information with third parties who perform services on our behalf. We may share personal information with service providers who help us operate, test, and improve our services. For example, your personal information may be stored on our behalf on third-party cloud infrastructure provider Amazon Web Services (AWS), a service provided by Amazon Web Services Inc. We also use Google Analytics, which is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our website. This data may be shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

We share personal information with payment processing vendors to fulfill or meet the reasons you provided us the information, including to process your requests, transactions or payments, to prevent transaction fraud, and to provide customer service.

We and our clients share information with business partners. For example, we or our clients may share information with third parties who co-sponsor a promotion. If you opt in to receive marketing materials, these partners may send you information about events and products by mail or email.

We share information if we think we have to in order to comply with a legal investigation or to protect ourselves. For example, we may share information to respond to a court order or subpoena. We may share it if a government agency or investigatory body requests. We may share information when we are investigating potential fraud.

We may share information with any successor to all or part of our business. For example, if part of our business was sold, we may give our customer list as part of that transaction.

Updating, Correcting or Withdrawing Your Personal Information

It is important that the personal information we have about you is accurate. If any of the personal information you provide us should ever change, for instance if you change your email address or phone number, or should you wish to change your preferences, to stop receiving announcements from us, to correct any inaccurate personal information about you, or to delete any personal information that you provided through your use of our services, please let us know by either following this link (https://www.bytemark.co/privacy), or by sending an email to privacy@bytemark.co.

For security reasons, we may need to request specific information from you to help us confirm your identity, before we correct, update or delete any personal information you provide us.

Links to Social Media and Third-Party Websites

Our services may include links to blogs, social media, and third-party websites. These third-parties  have their own privacy policies and terms of use and are not controlled by this Privacy Policy. You should carefully review any terms, conditions, and policies of such third-parties before visiting their websites or supplying them with any personal information. If you follow a link to any third-party site, any information you provide that site will be governed by its own terms of use and privacy policy and not this Privacy Policy.

We are not responsible for the privacy or security of any information you provide to a third-party website or the information practices used by any third-parties, including links to any third-party site from our website. We make no representations, express or implied, concerning the accuracy, privacy, safety, security, or the information practices of any third-parties. The inclusion of a link to a third-party site on our services does not constitute any type of endorsement of the linked site by us. We are not responsible for any loss or damage you may sustain resulting from your use of any third-party website or any information you share with a third-parties.

Information Security

We have implemented appropriate physical, administrative, technical, and organizational security measures, including encryption, to protect your personal information from inadvertent or unauthorized access, use, disclosure, alteration, or destruction. No method of data storage or data transmission over the Internet, however, is guaranteed to be completely secure. Your use of our services, and any personal information that you transmit over the Internet to us, is at your own risk.

Our Services Are Not Directed at and Not Intended to be Used by Minors Under Age 13.

We do not knowingly collect personally identifiable information from children under 13 without permission from a parent or guardian. No visitor to our services who is a minor or under the age of 13 should provide any personal information to us. If you are a minor under the age of 13, do not use our services and do not send any type of personal information about yourself to us.

If you are a parent or legal guardian and think your child under age 13 has given us information, email us at privacy@bytemark.co. You can also write to us at the address listed at the end of this policy. Please mark your inquiries “COPPA Information Request.”

Because we do not sell personal information, we do not sell the personal information of consumers regardless of whether they are age 15 or 51.

Additional Privacy Notice for California Residents

The California Consumer Privacy Act (“CCPA”) grants residents of the State of California certain privacy rights in their personal information. This Additional Privacy Notice for California Residents supplements the terms of our Privacy Policy explained above and should be read in conjunction our complete Privacy Policy.

If you are a California resident, you may ask us to disclose what personal information we have about you and what we do with that information, to delete your personal information and not to sell your personal information. You also have the right to be notified, before or at the point we collect your personal information, of the types of personal information we are collecting and what we may do with that information.

a.              Collection, Use and Sharing Practices

We set forth in the general Privacy Policy, above, the categories of personal information we have collected about California residents in the preceding twelve (12) months, the categories of sources from which that information was collected, the business or commercial purposes for which the information was collected, and the categories of third parties with whom we shared the personal information.

As described above, we use cookies and web beacons for analytics. While the CCPA lacks clear guidance whether using these features for analytics would be considered a “sale” of personal information, we do not believe this use constitutes a “sale” under CCPA.

b.              Your Right to Know

You may request that we disclose to you what personal information we have collected, used, shared, or sold about you, and why we collected, used, shared, or sold that information. Specifically, you may request that we disclose:

• The categories of personal information collected

• Specific pieces of personal information collected

• The categories of sources from which we collected personal information

• The purposes for which we use the personal information

• The categories of third parties with whom we share the personal information

• The categories of information that we disclose to third parties

c.              Your Right to Delete

You may request that we delete personal information we collected from you and to tell our service providers to do the same. However, there are many exceptions that allow us to keep your personal information. For example, we may deny your request to delete for the following reasons:

• If we cannot verify your request

• To comply with a legal obligation

• To complete the transaction for which the information was collected, provide a good or service you requested, perform a contract with you, to fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or take actions reasonably anticipated in the context of our ongoing business relationship with you

• To detect security incidents, protect against deceptive, malicious, fraudulent, or illegal activity, or to prosecute those responsible for that activity

• To debug products, services, or applications and to identify and repair errors that impair existing functionality

• To exercise free speech, to ensure the rights of others to exercise their free speech rights, or to exercise another right provided by law

• To comply with the California Electronic Communications Privacy Act (Cal. Penal Code §1546 et. seq.)

• To enable solely internal uses that are reasonably aligned with consumer expectations based upon your relationship us

• To make other internal and lawful uses of the information that are compatible with the context in which you provided the information

• If the personal information is certain medical information, consumer credit reporting information, or other types of information exempt from the CCPA

d.              Non-Discrimination

You have the right to not be discriminated against if you exercise CCPA privacy rights. We will not discriminate against you for exercising any of your CCPA rights. This means, for instance, that we will not deny you services, charge you a different price, including a discount or other benefit or impose a penalty for the exercise of your CCPA rights.

e.              How To Exercise Your Privacy Rights

You can exercise these rights in several ways.

• You can use this Web Form (https://www.bytemark.co/privacy)

• You can make a request by calling 1-844-285-5076 toll free

• You can submit a request via email to privacy@bytemark.co

• You can send a request by mailing it to One Pennsylvania Plaza, Floor 11, Suite 1100, New York, NY 10119, to the attention of Chief Privacy Officer.

You may make the request on your own behalf or on behalf of your minor child. Another person who is legally authorized to act on your behalf may also submit a request for you. Please describe your request in sufficient detail to allow us to understand the nature of the request, evaluate and respond to it. Please provide sufficient information with your request to allow us to verify that you are the person about whom we collected personal information, or an authorized representative of that person.

We will promptly acknowledge receipt of your request and begin our verification process.

f.               How We Will Verify and Respond

Before we respond to any request involving personal information, the CCPA requires that we confirm the identity of the person making the request, and if the request is made on behalf of another person, their authority to make the request on the other person’s behalf. We are not obligated to provide or to delete any information pursuant to your request if we are unable to adequately verify your identity or the identity of the person making the request on your behalf.

Accordingly, we reserve the right to deny any request where we are unable to satisfactorily confirm your identity. If you have authorized someone to make a request on your behalf, we reserve the right to deny the request if we are unable to adequately verify the identity of that person or if we are unable to verify that the individual making the request is authorized to act on your behalf.

We will attempt to verify your identity by matching any information provided in your request against the personal information already in our possession. If you have authorized someone to make a request on your behalf, we will attempt to verify the identity of that person. We will also seek to confirm that you have authorized that person to submit a request on your behalf, which may include requesting a copy of any written authorization or power of attorney for the request. This process does not require that you establish any type of account with us, or sign up to receive any of our services.

The amount of information we may require in our verification process will depend on a variety of factors, including the nature of your request, the type, sensitivity, and value of the personal information in our possession, the potential risk of harm that could result from any unauthorized access to or deletion of your personal information, the likelihood that fraudulent or malicious actors would seek your information, and whether the information provided to us in your request is sufficient to protect against fraudulent requests or being fabricated or spoofed. For instance, we will require more points of confirmation if you request that we disclose specific pieces of information rather than categories of information in our possession. Concerning a request to delete information, once we confirm your identity we will separately confirm that you want the information deleted.

During our verification process, we may request additional information from you. Any information provided to us during our verification process will only be used for purposes of verifying your identity or the identity and-or authority of the person making the request.

We will endeavor to respond within forty-five (45) days of receipt of your request. If, however, we are unable to respond within that time, we will notify you of the reason and the additional time needed to make our response. The CCPA permits us to extend the time of our response by up to an additional forty-five (45) days.

If we deny a request in whole or in part, we will endeavor to explain the reasons for our denial.

g.              CCPA’s Limitations on Disclosures

We are not obligated under the CCPA to respond to any request where compliance or disclosure would violate an evidentiary privilege under California law or conflict with federal or state law.

The CCPA does not require that we provide personal information to you more than twice in a twelve month period.

Any disclosures we make may only cover the twelve (12) month period preceding the request.

We will not charge a fee to process or respond to your request and will provide information free of charge. Where a person’s requests are repetitive, manifestly unfounded, or excessive, the CCPA authorizes us to either charge a reasonable fee that takes into account our administrative costs, or refuse to act on the request and notify the person making the request our reason for refusing the request. If we determine that a request warrants a fee, we will explain our decision and will endeavor to provide you with a cost estimate.

Regulations proposed by the California Attorney General prohibit us from disclosing specific pieces of personal information if the disclosure creates a substantial, articulable, and unreasonable risk to the security of that information or the security of our systems or networks. These proposed regulations further prohibit us from disclosing in response to your request a social security number, driver’s license number, other government issued identification number, financial account number, any health insurance or medical identification number, an account password or security questions and answers.

Other California Privacy Rights

The California Civil Code permits California Residents with whom we have an established business relationship to request that we provide you with a list of certain categories of personal information that we have disclosed to third-parties for their direct marketing purposes during the preceding calendar year. To make such a request, please send an email to privacy@bytemark.co, or write to us at the address listed below. Please mention that you are making a “California Shine the Light” inquiry.

International Users

This Privacy Policy describes our policies and procedures in the United States. Regardless of where you reside, by using our United States services, you consent to have your personal information transferred, processed, and stored in the United States, and allow us to use and collect your personal information in accordance with this Privacy Policy.

Contact

If you have any questions about this Policy or want to correct or update your information, please email us at privacy@bytemark.co.

You can also write to us at:

Siemens Mobility, Inc.

One Pennsylvania Plaza

Floor 11, Suite 1100

New York, NY 10119

Updates to Our Privacy Policy

This policy is effective on May 5, 2023.

We may amend this Privacy Policy from time to time by posting a revised version and updating the effective date above. Material updates to our Privacy Policy will be posted in the chart below. We also will send an email to all known current users of our services when we make material updates to our Privacy Policy.

Summary of Updates Made: