Skip to main content

Local COVID-19 tracking and safe contact tracing. Do your part. Learn more.

Return to Citizen Homepage

Last Updated: April 14, 2020

Data Privacy at Citizen

Citizen’s mission is to keep you safe and informed.

At Citizen (as in sp0n, Inc the company that operates the Citizen mobile app and www.citizen.com), our stance is that we will only use and share your data for the limited purposes described in this privacy policy. We do not and will not serve advertisements in the app.

Our principles for protecting your data

  • We record the information we need to provide our services: Informing you of incidents happening around you, and helping you get emergency assistance when you’re in need.  
  • The personal information we do collect we store for as short a duration as possible. And, where possible, we store only de-identified or aggregate data that is not tied to you.
  • We involve as few third-party service providers as possible when touching your data. The third parties we work with have contracts in place to prohibit reuse or sale of your data.
  • We generally limit access to your data to a subset of the engineering team. We have specific systems to control data access, and all access is logged and regularly audited. We perform a privacy review for all new features.
  • We take protecting your location data seriously. We need accurate real-time location data to alert you of any emergencies and to help you get emergency assistance, but we lower the resolution of historical location data where possible.
  • We test the stability and security of our infrastructure, including annual penetration testing and review of our security systems and their configuration. We use an information security firm to provide these services under a strict non-disclosure agreement. 
  • Our services are designed to provide real-time notifications of incidents occurring near you, and to help you get assistance in the case of an emergency. We can only provide those services in certain areas, so if you are located outside of one of those areas, the services may not work for you. We only provide our service in the United States, so we apply U.S. law to our privacy practices.

Public data

  • Content visible to any other user on the Citizen platform is considered public data (for example, publicly posted comments and videos). You have control over public data on Citizen tied to your account, and can delete comments and videos you have posted. Furthermore, you can email support@citizen.com to request to delete your account and coordinated information.

Private data 

Content not accessible to any other user on the platform is considered private data:

  • Contact information: We use your email address and phone number to set up and validate your user account and to prevent abuse of the platform. We may also send you emails about Citizen – you can choose to opt out of any marketing emails by following the instructions at the bottom of the email, but we may still send you some important emails, such as to respond to a question, feedback, or request you send us.
  • Payment information: We will request your payment card details and billing address if you subscribe to paid features of the app, such as Citizen Protect.
  • Health information: If you elect to use Citizen Protect’s Watch My Back feature, you may connect your activity-tracking device, such as your Fitbit or Apple Watch, to share your walking pace and heart rate with the family members and friends you choose to be in your Citizen Network.  If you use Citizen Protect’s SOS feature, you may also provide us with your medical history and other information that may be helpful to our staff and first responders to assist you in case of an emergency.
  • Audio and video feed: If you use Citizen Protect’s Watch My Back feature, you may share an audio and video feed from your device with the family members and friends you choose to be in your Citizen Network, when you’re feeling unsafe.
  • User locations: We use your geolocation data to send you safety notifications for incidents reported near you or, if you sign up for Citizen Protect, to notify your Citizen Network, our staff, first responders, and other users of your whereabouts. You choose whether to share your location, and can always revoke Citizen’s access to your location data in your device settings, but the app will not properly function if the app can’t access location data.
  • User activity: We aggregate user activity data (like how you interact with Citizen, what times you use Citizen, what kind of device you have, etc.) for analysis to improve Citizen’s user experience. 
  • User contacts: If you want to use Citizen’s Inner Circle feature to inform your family and close friends of incidents near you or if you sign up for Citizen Protect and wish to designate family and friends as emergency contacts, as well as allow them to watch over you in unsafe situations, you can choose to share your contacts to connect with them through the app.
  • Content you capture through Citizen: If you use Citizen to capture a video or other content you wish to make publicly available, we collect and store that content and additional information about the content and device you used (like the metadata associated with the content, unique device identifier, wireless network, etc.).
  • Cookies: Like many online services, Citizen uses cookies to collect information on its website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to tailor your experience with Citizen, and advertise Citizen on third-party websites and apps. We also work with Facebook and Google ads integrations. These integrations allow us to track the efficacy of our own advertising campaigns across the web. We do not use these integrations to provide any manner of advertising on the platform.

How we share your information

We may share your data with service providers, such as:

  • Branch: Branch allows us to attribute when content is shared from Citizen to the platform and source.
  • Twilio: Twilio allows us to send you a SMS message to validate your account.
  • Google Cloud Services: We use Google to host our infrastructure.

We only partner with service providers that commit to use the information only to provide services to or on behalf of Citizen.

We may share videos posted publicly on the Citizen platform with news outlets in select circumstances.

If you use Citizen Protect’s Watch My Back feature, we will share some of your personal information with the family members and friends you choose to be in your Citizen Network to allow them to monitor your whereabouts and wellbeing.

If you use Citizen Protect’s SOS feature, we may share some of your personal information with first responders, your emergency contacts, and nearby Citizen users in the event that you are experiencing an emergency and request assistance. 

We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction involving the sale, transfer, divestiture, or disclosure of all or a portion of Citizen’s business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If sp0n, Inc business or assets are acquired by another company, that company will possess the personal information collected by Citizen and the company will assume the rights and obligations regarding your personal information as described in this Privacy Policy.

We may share personal information (a) with law enforcement as we’ve explained in the Information for Law Enforcement Authorities, (b) as otherwise required by law, (c) to enforce the terms and conditions that govern the platform and protection our rights, (d) and protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

How long we retain your data

We retain personal information for the period necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law, or an individual requests that we delete information about them.

How we protect your data

Citizen uses reasonable organizational, technical and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction of personal information we maintain. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure. Therefore, while Citizen strives to protect your personal information, we cannot guarantee the security of personal information. In the event that Citizen is required to notify you about a situation involving your data, we may do so by email or telephone to the extent permitted by law.

What choices you have regarding your data

You can make the following choices regarding your personal information:

  • Cookies. If you decide at any time that you no longer wish to accept cookies from Citizen for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. Consult your browser’s technical information. If you do not accept cookies, however, you may not be able to use all or portions of Citizen or all functionality of Citizen. If you have any questions about how to disable or modify cookies, please let Citizen know at the contact information provided below.
  • Application. You can stop all collection of information by the Citizen application by uninstalling the application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
  • Do-Not-Track. Some web browsers transmit “do not track” signals to the websites and other online services with which your web browser communications. There is currently no standard that governs what, if anything, websites should do when they receive these signals. Citizen currently does not take action in response to these signals. If and when a standard is established, Citizen may revise its policy on responding to these signals.
  • Access or correct your information. You may request to review and update the information Citizen maintains about you by submitting a request to support@citizen.com.
  • Opting Out of location tracking. If you initially consented to the collection of geo-location information through Citizen, you can subsequently stop the collection of this information at any time by changing the preferences on your mobile device. Please note, however, that if you withdraw consent to Citizen’s collection of location information, you may no longer be able to use some features of the app.

Children

Citizen is not directed towards individuals under the age of 13, and Citizen does not intentionally gather personal information about visitors who are under the age of 13. Furthermore, Citizen does not intentionally allow visitors under the age of 18 to register for the app. If a child under 13 submits personal information to Citizen and Citizen learns that the personal information is the information of a child under 13, Citizen will attempt to delete the information as soon as possible. If you believe that Citizen might have any personal information from a child under 13, please contact Citizen at: Attn: sp0n, Inc., PO Box 55071 #92726, Boston, MA, 02205-5071, US.

Job applicants

When you visit the “Careers” portion of our website, we collect the information that you provide to us in connection with your job application. This includes business and personal contact information, professional credentials and skills, educational and work history, and other information of the type that may be included in a resume. This may also include diversity information that you voluntarily provide. We use this information to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, and monitoring recruitment statistics. We may also use this information to provide improved administration of the website, and as otherwise necessary (a) to comply with relevant laws or to respond to subpoenas or warrants served on Citizen; (b) to protect and defend the rights or property of Citizen or others; (c) in connection with a legal investigation; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or Citizen’s Terms of Use.

Notice to California users

We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal Information, and of the rights and choices we offer California residents regarding our handling of their personal information. 

This notice and the privacy rights it describes do not apply to information related to our business contacts, job applicants, or employees. 

Personal information that we collect, use and share

The chart below describes how we currently collect, use and share personal information, and how we have collected used and shared personal information over the past 12 months. 

We do not sell personal information. We engage in: 

  • Online tracking. As we explain above, we use cookies and other tracking technologies to analyze website traffic and facilitate our own advertising across the web. If you would like to learn how you may opt out of our use of cookies and other tracking technologies, then you can instruct your browser, by changing its settings, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit.
  • Directed disclosures. In addition, when you use Citizen Protect, you direct us to share some of your information with friends and family members in your Citizen Network, with your emergency contacts, and with first responders and nearby Citizen users in order to assist you in the event of an emergency.

Personal information we collect

Email address & Phone number:

  • CCPA-defined categories of personal information (Definitions are available here): Identifiers
  • Sources of personal information: Citizen users
  • Business / commercial purposes for which we may collect and use personal information: To register user accounts, To provide our services, To send you marketing and promotional materials about Citizen
  • Data sharing: Directed disclosures to: First responders in the case of an emergency

Location information:

  • CCPA-defined categories of personal information (Definitions are available here): Geolocation data
  • Sources of personal information: Citizen users, automatically collected
  • Business / commercial purposes for which we may collect and use personal information: To provide our services
  • Data sharing: Directed disclosures to: Family members and friends in a user’s network to safeguard the user; first responders in the case of an emergency

Heart rate, Walking pace, Medical history and conditions:

  • CCPA-defined categories of personal information (Definitions are available here): Biometric information, Protected classification characteristics
  • Sources of personal information: Citizen users, automatically collected
  • Business / commercial purposes for which we may collect and use personal information: To provide our services
  • Data sharing: Directed disclosures to: Family members and friends in a user’s network to safeguard the user; first responders in the case of an emergency

Audio and video feed:

  • CCPA-defined categories of personal information (Definitions are available here): Sensory data
  • Sources of personal information: Citizen users
  • Business / commercial purposes for which we may collect and use personal information: To provide our services
  • Data sharing: Directed disclosures to: Family members and friends in a user’s network to safeguard the user; first responders and emergency contacts in the case of an emergency

Payment information:

  • CCPA-defined categories of personal information (Definitions are available here): Personal Information listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
  • Sources of personal information: Citizen users
  • Business / commercial purposes for which we may collect and use personal information: To register users for paid subscription services
  • Data sharing: N/A

Email interconnectivity, Mobile devices, Web logs, Online activity:

  • CCPA-defined categories of personal information (Definitions are available here): Online identifiers, Internet or network information, Geolocation data
  • Sources of personal information: Automatically collected
  • Business / commercial purposes for which we may collect and use personal information: To provide our services, To identify you when you visit our app or website
  • Data sharing: Collected directly by third-party tracking companies to conduct analytics

Feedback/Support:

  • CCPA-defined categories of personal information (Definitions are available here): Identifiers
  • Sources of personal information: Citizen users
  • Business / commercial purposes for which we may collect and use personal information: To provide our services, To respond to your inquiries, To conduct analytics, For internal administrative purposes
  • Data sharing: N/A

Please note that we may also disclose personal information with service providers, and in connection with corporate transactions or legal compliance.

California Residents’ Privacy Rights 

The CCPA grants California residents the following rights:  

  • Information. You can request information about how we have collected, used and shared your personal information during the past 12 months. We have made this information available to California residents without having to request it by including it in the above chart.
  • Access. You can request a copy of the personal information that we have collected about you. 
  • Deletion. You can ask us to delete the personal information that we maintain about you.

Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain information we maintain for compliance in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you.  

You are entitled to exercise the rights described above free from discrimination, as prohibited by the CCPA. 

How to Submit a Request

  • To request access to or deletion of personal information: Attn: sp0n, Inc., PO Box 55071 #92726, Boston, MA, 02205-5071, US. Email: support@citizen.com
  • Identity verification. We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it. 
  • Authorized agents.  California residents can empower an “authorized agent” to submit requests on their behalf.  We will require the authorized agent to have a written authorization confirming that authority.

Privacy Policy updates

This Privacy Policy is subject to occasional revision. Citizen will notify you of any material changes in its collection, use, or disclosure of your personal information by posting a notice on the Citizen website and within the application.

Contact us

Feel free to contact us with your questions, requests, comments, or concerns at support@citizen.com.