Mimo Privacy Policy | Open question

Service: mimobaby
Case: none
Changes: 2
Source: link
Author: michielbdejong Staff

Mimo Privacy Policy | Open question

On 2018-05-15 09:11:42 UTC, Deleted wrote:

imported from PExbj62V4jE

On 2018-05-23 12:41:05 UTC, Deleted wrote:


Dear ToS;DN community,

As I am a new user, this is my occasion to introduce myself. I am a
designer and a Ph.D student researching in the area of user privacy issues
in digital services and embedded sensing technologies.

Since my research interests covers ToS and Privacy policies I would like to
use the ToS;DN platform as a tool to understand privacy issues related to
the usage of some 'smart devices' such as the ones listed here

My first experiment is with Mimo's Privacy policy
. In order to better understand
Privacy Policy (PP) I will forward my rating proposals using the new
ToS;DN's platform form (when I will be able to use it
). In
addition, I have an open question regarding a particular aspect of the PP,
for those in the community interested to answer.

I apologize for the length of my email.

In order to ease the reading I have put some descriptors.

*The final questions are at the end* (/// questions).

Thanks in advance to everyone that will take this into consideration and
give their opinion.

/// What is Mimo

Mimo is a cloud base baby monitor that, using the company's words: “[helps
parents to] get real-time audio and insights about [their] baby’s sleep
activity, right on [the] smart device, from anywhere in the world”.

/// brief introduction to Mimo's Privacy Policy

It seems that Rest Device Inc., who is the organization owning Mimo,
collects 3 principal kind of user information: (1) *personal information*,
(2) *aggregated information* and (3) *profile*, which is a combination of
both the information gathered from users and acquired from third parties.
Even though privacy policy (PP) related to Personal Information are clear
and well explained, PP for ‘Profile’ looks to be more ambiguous.

(1) *Personal Information* "means information that specifically identifies
an individual (such as a name, address, telephone number, mobile number or
e-mail address) or other information about that individual that is directly
linked to Personal Information. Except for some 'features that give [users]
the option to share certain of your information with friends and other
third parties, [the service] do not share Personal Information with third
parties. Moreover, Personal Information does not include "aggregate"

(2) *Aggregated information* are not linked to Personal Information but can
be shared with affiliates organizations and business associates e.g.
'aggregated demographic information about our user'.

The situation is more complicated for the *Profile* (3). As claimed by the
company: It is made ' by storing 'information that we collect through
cookies, log files, clear gifs, and/or third party sources to create a
"profile" of your preferences'. Moreover, Profile information is shared
with third parties in aggregated form only.

Again, at least for the moment Mimo 'does not tie users Personal
Information, or purchasing history, to information in the profile, in order
to provide tailored promotions' etc. that it should means that Profile and
Personal Information are kept separately.

/// the controversial part

The more controversial part came at this point: 'To *enrich our profiles*
of individual customers, we tie [information purchased *from third parties*]
to the *Personal Information* [that users/individual customers] have
provided to us. For me, such sentence sounds like a negation of what has
been claimed above, when the company told that Profile and Personal
Information are not tied together, and now they are.

/// questions

*[1] If that is true it means that Profile is a combination of Personal
Information and aggregated data that was not supposed to be linked together

*[2] Finally, even though Profile is shared with third parties in
aggregated form only, does it mean that Rest Device Inc. does not share
users personal data* with third parties?*

I am sorry if I made some ingenuity during my explanation and/or if my
summary of the Mimo's privacy policy is not so clearly explained.

*with ‘Personal Data’ I am taking into consideration the definitions in
Article 2 of EU Directive 95/46/EC: Any information relating to an
identified or identifiable natural person (“data subject”); an identifiable
person is one who can be identified, directly or indirectly, in particular
by reference to an identification number or to one or more factors specific
to his physical, physiological, mental, economic, cultural or social

tosdr.org | twitter.com/tosdr | github.com/tosdr
You received this message because you are subscribed to the Google Groups "Terms of Service; Didn't Read" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tosdr+unsubscribe@googlegroups.com.
To post to this group, send email to tosdr@googlegroups.com.
Visit this group at http://groups.google.com/group/tosdr.
For more options, visit https://groups.google.com/d/optout.

On 2018-08-30 08:43:03 UTC, import script Bot wrote:

scripted message: please link to a quote

On 2018-09-10 10:14:04 UTC, import script Bot wrote:

scripted message: moving this point to Michiel

On 2021-02-06 03:50:19 UTC, System Bot wrote:

Point automatically declined as no activity have been monitored over a course of 2 months

We track editorial changes to analyses and updates to a point's status and display the previous versions here as part of an effort to promote transparency regarding our curation process.

Version 1: 2021-02-06 03:50:19 UTC by Deleted

Previous Title: No changes recorded

Updated Title: No changes recorded

Previous Analysis: No changes recorded

Updated Analysis: No changes recorded


Updated Status: DECLINED

Version 2: 2018-05-15 09:11:42 UTC by Deleted

Previous Title:

Updated Title: Mimo Privacy Policy | Open question

Previous Analysis:

Updated Analysis: Mimo Privacy Policy | Open question

Previous Status:

Updated Status: PENDING