loader image
X-Mode
  • Data Licensing
  • App Publishers
  • Privacy Mode
  • Picket
  • Contact Us
  • Our Products
  • About Us
  • Careers
  • Press
  • Blog
  • Menu

Back to Blogs

Getting Technical

Best Practices: How X-Mode Helps Protect Privacy.

Read about our best practices in data privacy.

By Joseph Green

Iwrite a lot on here about privacy. Can you really blame me? As someone who works in the location data space, the topic is never far from my mind. Whether I’m keeping up to date on new regulations like GDPR and CCPA, or reading about the latest big data breach, I am constantly reminded of the importance of privacy — and of the responsibility of companies like X-Mode to keep data safe and secure.

But that’s enough abstract discussion. Let’s bring the topic of privacy back to Earth. What does a company like X-Mode actually do to ensure all of our data remains secure and privacy-compliant? In this post, I am going to outline some of our company’s best practices when it comes to privacy. I do this not just to show off, but to inspire other data companies to do the same. If everyone in the location data space approached their business with a privacy-first mindset, the whole industry would improve.

FIRST THING’S FIRST…

Why do we care about privacy, and why should you? If the answer seems obvious, that’s good. It’s obvious to us too, and that’s why privacy is one of our core values as a company. But when we’re talking to our app developer clients, we like to lay out explicitly the reasons why they should take privacy seriously:

It keeps their apps live, and their revenue flowing.

This one is pretty self-explanatory! Our clients are in the business of people downloading their apps. If they don’t value privacy or have the right infrastructure in place, they will not be able to deliver a product to their users. At the most basic level, privacy matters just so app developers can keep doing their job.

It keeps them ahead of the privacy curve.

GDPR, CCPA, ePrivacy… it seems like every year a new privacy regulation is passed. These laws are a step in the right direction, but they can be troublesome for developers who don’t take privacy seriously. By staying up to date on privacy standards — and even going above and beyond current regulations — developers can steer clear of unexpected penalties or fines.

It Maintains Our Commitment to Proactive Privacy for Publishers and Users.

For lack of better words, we believe that respecting privacy is just the right thing to do. We shouldn’t just respect our users’ privacy and protect their data for our own interests; we should do so because privacy is a fundamental right. By running our business with a philosophy of proactive privacy, we are always prepared for new regulations. We aren’t in the business of playing catch-up. We’re in the business of setting the standard.

THE “X-SSENTIALS.”

After clarifying the reasons why we think privacy should matter, we work with all of our clients to make sure they are actively complying with laws and regulations. This is a complex and ongoing process, but we attempt to make it as easy as possible for developers. That’s why we developed “The X-ssentials,” everything your app needs to comply.

X-Ssential 1: Location Permission Dialogue.

Both Apple and Android require all apps collecting location to obtain  explicit permission from the user. The requirements for each operating system is slightly different. While the location permission dialogue may seem straightforward to industry players, we provide platform-specific examples in order to ensure appropriate language and user flow.

X-Ssential 2: Privacy Policy Accessibility.

Under both Apple and Google’s guidelines, the app’s privacy policy must be readily accessible to the user in both the store and in the app itself. To aid in our clients’ understanding of this requirement, we provide them with an example of how we make our privacy policy accessible to users within our owned and operated app, the XDK Visualizer.

X-Ssential 3: Data Sharing Disclosure.

Both Apple and Google  require specific disclosures when apps share data with third parties, e.g. X-Mode. For this reason, most apps that collect location also need to have a data-sharing disclosure. We provide our publisher partners with recommended language both to ease their privacy navigation and to have brand consistency with the way we present our data collection and sharing to users across our panel. 

X-Ssential 4: Platform Consent Implementation.

The final X-Ssential requires that all users consent to data collection using a specified consent framework. The exact nature of this framework depends on the jurisdiction that the user  falls under. Once again, X-Mode helps developers determine what consent framework is right for them by choosing between different consent level tiers.

LEVELS OF CONSENT IMPLEMENTATION AND GDPR COMPLIANCE

Based on updated privacy regulations, we currently have three distinct levels of consent based on jurisdiction. These are:

Accept — in which the user simply consents through a single option.

Proceed or Device Settings — in which users can either proceed with the app or consciously change their device settings.

Yes or No — in which the user consciously opts-in (or out) to have their location tracked.

We also have three tiers for how developers can make app users aware of their compliance with GDPR. These are:

Standard — the app contains a link to the publisher’s privacy policy, which in turn contains X-Mode’s Trusted Partners list. This puts two clicks between the user and any data controller’s privacy policy including X-Mode

Plus — the app contains a direct link to X-Mode’s trusted partners. This also puts two clicks between the user and any data controller’s privacy policy including X-Mode. .

Premium — the app contains a direct link to X-Mode’s privacy policy, which contains X-Mode’s list of Trusted Partners. At the top-level, this puts just one click between the user and the X-Mode privacy policy and two clicks between the user and any data controller’s privacy policy

The battle for privacy doesn’t stop with these best practices. Every day, the location data industry undergoes more scrutiny. Every year, it seems, more stringent regulations are introduced. I fully believe that this focus on privacy will make the industry stronger… but only for the companies that center privacy in their mission. At X-Mode, we know what side of the privacy debate we fall on. Do you?

To see more about X-Mode’s Privacy initiatives, check out our privacy page today. For any further questions about our data, our practices, or even just to chat, swing by our contact form.

Share
  • Share on Facebook
  • Share on Twitter
  • Share on Linkedin
  • Share on Reddit
  • Share by Mail
Joseph Green

Joseph Green

Writer
X-Mode

Privacy Policy
California Notice at Collection
Your Privacy Choices
Cookie Policy
Trusted Partners
Copyright ©2022 X-Mode Social Inc.
X-Mode is a data broker under Texas law. To conduct business in Texas, a data broker must register with the Texas Secretary of State (Texas SOS). Information about data broker registrants is available on the Texas SOS website at sos.state.tx.us.
NOTICE REQUIRED UNDER TEXAS LAW: We may sell your sensitive personal data.
Employee Spotlight: Jessica Simmons, Director of Marketing Data For All: Announcing X-Mode as Launch Partner for the AWS Data Exchange...
Scroll to top

Texas law defines sensitive personal data to include precise geolocation data. In this regard, we may receive and sell the precise latitude and longitude coordinates of your mobile device.