top of page

JAPER Privacy Policy

Privacy is JAPER TECHNOLOGY’s core business. It follows the principle of ‘privacy by design’. This means the JAPER  service has been designed from the ground up to lead the industry on privacy. JAPER TECHNOLOGY doesn’t track end users or collect their personally identifiable information. All data is anonymized so end-users can’t be identified.

This is the Privacy Policy of JAPER Technology Pty. Ltd. (“JAPER”, “Company”, “us”, “we”, “our”).


This Privacy Policy explains how we collect, use and disclose data and information on, or in relation to, the web sites owned by JAPER, including,,, and other subsidiary or related sites (“Site”), the JAPER SDK and other supporting or future software products offered by JAPER (“Software”), the supporting web service, associated Application Programming Interfaces (APIs), JAPER Places, Point White Label and other services or materials provided by us (collectively “Services”). The Privacy

Policy is subject to, and incorporates by reference, our Terms and Conditions. We therefore recommend this Privacy Policy be read in conjunction with the Terms and Conditions. Your use of the Software, Services and/or Site will be deemed to be your agreement to abide by all of the terms set out below.

JAPER actively seeks to protect the privacy and data of individual end users of mobile applications (“End Users”). To this end, we have implemented a range of industry-leading privacy safeguards (outlined below) as core elements in the design, development and operation of the Software, Services and Site.

Our Software, Services and Site have been designed so that we do not collect any personally identifiable information about the End User or track the movement of the End User.

Our clients and partners are entities or individuals, such as companies or application developers, that use the Software, Services and Site to develop, distribute and manage location-based platforms and mobile applications (“Client”, “Partner”, “You”, “Your”). Our Clients are not the End Users. We, however, recognize, respect and actively seek to protect the End User’s privacy.

Please note this Privacy Policy does not apply to the collection, use or disclosure of data or personal information by our Clients and Partners. We do not control or take responsibility for their privacy policies, such as those related to applications downloaded by End Users. For that reason, Clients and Partners may not use the Software nor the Hosted Service to transmit, communicate or store Personal Information of Users including, but not limited to names, addresses (home or business), telephone numbers, and financial information.


We, however, offer to refer our Clients and Partners to Information Integrity Solutions to carry out a Privacy Impact Assessment on their business or application to ensure compliance with applicable privacy requirements or, preferably, international best practice in this area. We also recommend that End Users review the privacy policy of applications they download to understand how data is collected, used and disclosed by Clients and Partners.


“Privacy by Design” to protect the privacy of End Users


JAPER has structured its data collection and storage model according to the principle of ‘Privacy by Design’. This ensures that the privacy and data protection of End Users are considered core objectives, with safeguards integrated in the design and development of a technology or product, rather than being applied after development is complete.


As a result, our data collection and storage model has been designed so that we do not collect any personally identifiable information about, or track the movement of, the End User.

When an End User begins using an application that contains or connects to JAPER Software or Services, a randomized unique reference number (“Install Reference”) is issued to that particular instance of the downloaded application. The Install Reference is not connected to the personal information of an End User or their device.


If an End User is using multiple applications that use JAPER Software or Services on the same device, then multiple, distinct, random Install References will be issued to ensure that the End User cannot be identified by associating the multiple applications they are using with a single overarching ID or reference number. We do not combine datasets for multiple Install References in order to prevent inferences or patterns emerging that could directly or indirectly identify an End User.


We do not continuously, periodically or intermittently track an identifiable End User or record their precise or general location. The location of a device with a random Install Reference is identified when that device performs an Action (e.g. sends a notification or plays a tone) upon its entry into a geographic area (known as a ‘Zone’, which comprises one or multiple related Geofences, Geolines or Beacons) that has been pre-defined by the Client or Partner for use in an application. The Client or Partner may also set particular Conditions that must be met for an Action to be triggered (e.g. entry into a Zone by the End User within a pre-defined date and time range). We record the following data from the device at the point an Action is initiated:

  • randomised Installation Reference associated with a particular instance of a downloaded application;

  • geographic coordinates (usually longitude and latitude) associated with the location where the action was initiated;

  • estimated accuracy with which the device is being located;

  • date and time the action was initiated;

  • speed the device was moving;

  • make and model of the device;

  • software platform (Android or iOS) and version of the operating system on the device;

  • bearing and orientation of the device; and

  • orientation of the device’s screen (i.e. landscape or portrait).


Once this final stage of anonymisation has been carried out, the data is passed on to a separate analytics platform and all data that was originally recorded is permanently deleted from the servers that are not used for analytics.

The Client and Partners (not End User) information we receive or collect

You may browse the Site without a JAPER account but an account must be created to use the Software or Services. We may collect the following information from our Clients and Partners (not the End User) when they create a JAPER account:

  • legal name of the Client or Partner, such as the registered name of the entity that owns the application;

  • name and contact information of the representative acting on behalf of the Client or Partner;

  • email address and password to access the JAPER account; and

  • industry, size, intended use of the Software and Service and other similar information.


The Client or Partner’s user name, password and Application ID created or issued during the registration process may be requested when logging in subsequently.

We reserve the right to periodically contact our Clients or Partners to confirm that the information held is correct and up to date.


How You can access, correct or delete Your information

You have the right to access, correct or request the deletion of information we hold about You. Such requests can also be made in writing to 136 Thomas Street, Brighton East, Victoria, Australia, 3187. We will endeavor to respond to any requests within 10 working days.

How payment and billing information is collected, stored and used

The Client or Partner also provides payment and billing information (“Payment Information”) when creating a JAPER account or updating billing details. Payment Information is directly provided to and stored by the payment gateway providers, through its web service that is integrated into the Site. The payment process is carried out in accordance with our Billing Policy.

Payment Information is not persisted, stored or retained in any way by JAPER. The transfer of Payment Information to payment gateway providers is carried out through secure SSL methods and held by these partners in accordance with requirements.


How we use the Client and Partner (not End User) information we receive or collect

We use the Client and Partner information referred to above for the following purposes:

  • provide, operate and maintain the Software, Services and Site;

  • communicate with You about Your account or respond to Your requests or enquiries, tailor the information we send or display to You, and for similar service purposes;

  • generate aggregate and anonymous reports for You about the usage of the Software and Services in or by Your application;

  • process and issue bills, and charge payments for use of the Software and Service;

  • effectuate or enforce a transaction or agreement with account holders, including our Terms and Conditions and this Privacy Policy;

  • provide You with information about our company or products that we believe may be of interest, including by sending promotional e-mails (from which You may opt out); and

  • to improve the design and delivery of, and better understand how You use, our Software, Services and Site.


Notwithstanding anything else in this Privacy Policy, we will only use aggregate, non-identifying information for marketing, advertising, research or other similar purposes.


How we disclose Client and Partner (not End User) information

We will only disclose the Client and Partner information we collect or receive through our Software, Services and Site in the following instances:


  • if required by law, legal process, governmental entity or other relevant authority;

  • to protect or enforce our rights or property, such as those outlined in our Terms and Conditions and this Privacy Policy;

  • in the event of the sale or dissolution (bankruptcy) of assets, in whole or in part, of JAPER or any of its affiliates;

  • to our legally related affiliates and subsidiaries, for purposes consistent with this Privacy Policy; and

  • to our contractors or service providers to the extent required to provide services or perform functions on our behalf;


We may share aggregate and/or non-personally identifiable information with third parties for marketing, research or other similar purposes. We will not disclose the personally identifiable information of Clients and Partners to third parties for such purposes without Your consent.

Personally identifiable information on End Users is not collected by JAPER and will therefore not be disclosed, including for any of the above purposes.

Visitors to the Site

By using our Sites or Services, You agree that we may collect cookies or other general information, such as the number of views and the length of time spent on the Site by visitors, in order to optimize the Site or Services and enhance Your experience using our Site or Services.

Third-party links

Our Site may contain links to third party websites, such as those of partners or service providers. Any access to and use of third party websites is governed by their respective privacy policies. We are not responsible for the development, implementation or management of the privacy policies of third-party websites. This Privacy Policy only applies to the Software, Site and Services offered directly by JAPER.

Marketing communications

We may send You emails from time-to-time about information that we believe may be of interest to You, including news, special offers or information about products or services. You may opt-out from receiving promotional emails at any time by following the link and instructions contained in these emails, or by requesting that such emails no longer be sent to You at

Please note that it may take up to 10 business days for us to process opt-out requests. If You opt-out of receiving promotional emails, we may still send You e-mails about Your account or the Software and Services You use, or for other service purposes.

Consent to transfer information

If You are located outside of the Australia, please note that the Client and Partner information we collect or receive may be transferred to and processed in Australia. By using our Site and Services, You consent to the transfer and processing of Your information in Australia. Please note, Australian data protection laws may not provide the same level of protection as other jurisdictions, such as the European Union. Your consent is voluntary. If, however, You do not consent, we will not be able to provide You with our Software or Services.



JAPER takes the security of Client and Partner data seriously. We use a range of physical, technical and operational measures to secure the data we collect or receive from loss, misuse and unauthorized access, disclosure, alteration, and destruction, including, where appropriate, through password protection, encryption, and SSL.

JAPER stores all Client and Partner-specific information, including usage data related to JAPER accounts, within a secure hosted solution supplied by Amazon Web Services (AWS).

Please be aware that despite our best efforts, we cannot and do not guarantee the complete privacy, security, integrity or authenticity of information. The Internet provides the opportunity for unauthorized third parties to circumvent safeguards and illegally gain access to information.



JAPER customers, the ‘Data Controllers’ under GDPR, are responsible for the data rights of their end users (‘Data Subjects’) in the handling of their data.

Data Subject Rights

JAPER is committed to make available methods for our customers to address GDPR requirements.   The below is intended for JAPER’s customers to take action upon receiving your end users consent settings.

Restrict Processing

Data Subjects (“subject” being the term for end users) can request the Data Controller to stop processing data.

JAPER Implementation

As the Data Controller, data collection originates from integrating the JAPER Point SDK into your mobile apps.  The first step the SDK performs is authenticating your app by a method known as the JAPER service.  The app may explicitly stop the JAPER service at any time, therefore immediately ceasing data collection.

See developer documentation for Android and iOS to disable the JAPER service. Upon an app restarting, the JAPER service should not be initiated for users whom have not consented to data collection.


Data Portability

In certain cases, Data Subjects may request to the Data Controller to have their known data exported.   In compliance with the consumer’s rights in regards to JAPER’s data collection, follow the guidelines below:

JAPER’s device identifier is known as an Install Reference.  Data Controllers can retrieve IDs for any devices that have opted out of data collection. To make a request, send a list of all install references in a flat file to   JAPER will then send the Data Controller company two files in JSON format, one for Rule Request logs and the other for Checkin/Checkout logs.

Right to Erasure

Known as “the right to be forgotten” this right empowers Data Subjects to request that a Data Controller delete or remove their personal data.

JAPER shall delete Customer Data known as an install reference.  Data Controllers can retrieve the IDs on devices that have opted out and made this request. To request a deletion, send Install References in a flat file to

JAPER will confirm receipt of the request and notify Data Controller upon completion within 90 days. Additionally, within ninety (90) days of termination or expiration of the Data Controller’s agreement with JAPER, all Customer Data shall be removed.

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. The date this Privacy Policy was last revised can be viewed in the ‘Last Updated Date’ below. You should check periodically to review our current Privacy Policy. Your use of any of Software, Services and Site constitutes Your agreement to and understanding of the Privacy Policy, as in effect at the time of Your use. If we make any changes to this Privacy Policy that materially affect our practices or the protection of personal information, we will provide notice by highlighting the change on the Site or, where practical, by emailing account holders.

How to contact us and the dispute resolution process

Please contact JAPER via general enquiries, notifications or complaints related to this Privacy Policy. We are committed to handling any notifications or questions regarding this Privacy Policy in an effective, transparent and timely manner. Complaints should initially be sent to JAPER so that we are able to rectify breaches or errors. Should we not handle your complaint in a satisfactory manner, the complaint may be passed on to the relevant Californian Government (United States) or Victorian Government (Australia) corporate dispute resolution program for mediation. If a resolution is not achieved, the complaint may be passed on to the appropriate legal authority in each jurisdiction to consider the matter.


bottom of page