AWARE’s Privacy Policy Last modified 24.January 2019

This Privacy Policy is meant to help you understand what data we collect, why we collect it, and what we do with it. This is important; we hope you will take the time to read it carefully. When you install AWARE (official client and plugins), by default the data is collected and stored solely on your device. As long as you are not part of a study, this is always true.

Information we collect

We collect information to improve AWARE’s functionalities – from detecting which device you have to more complex things like which plugin is misbehaving and draining your battery. We collect information in the following ways:

  • To understand AWARE’s worldwide usage
    • When you install AWARE for the first time, a UUID is assigned to you. This UUID is the same for any plugin you install after the client. When you update AWARE, the UUID is maintained. If you remove and reinstall AWARE, a new UUID is created. This guarantees your privacy and makes sure you can reset the UUID anytime you wish.
  • To understand AWARE’s Server usage
    • We provide a dashboard for free for anyone who is using AWARE as a platform to collect research data. To better estimate the server’s demand, the client lets us know every 15 minutes that your device exists and is still using AWARE. We collect:
      • AWARE Device ID
      • timestamp of the keep alive
      • Do you use the Android or iOS client?
      • What package is installed (to distinguish between the official/modified clients and plugins)?
      • Which version of the package is installed (code and name).

When this Privacy Policy applies

Our Privacy Policy applies to all of the official client and plugins, offered by AWARE Framework in the Play Store. It excludes packages created specifically for studies, bundled versions of AWARE as a library. Please refer to the specific application’s privacy policy.

General Data Protection Regulation (GDPR)

When installing AWARE on a mobile phone, a randomly generated 128-bit Unique User ID is generated, reset every time the user joins a new study. By design, AWARE does not collect any personal identifiers in its data (e.g., contacts’ phone numbers, users’ calendar events, etc.). By default, the mobile client only stores data locally on the users’ phones. Integrating the mobile client with an AWARE Server allows replication of the data to a secure remote database. AWARE offers data encryption and obfuscation by default, crucial to safeguard the transition between local-only data and shared data. The collected data is presented on the user’s mobile phone, within the AWARE mobile clients (Android & iOS). During a study deployment, a user can withdraw and remove the collected data from the server and the mobile phone at any time, directly from his phone. As the data is primarily stored on the users’ device, it can be backed up and opened by connecting the device to your computer and using an SQLite client. The data is stored in the folder AWARE of the external storage of the device (i.e., /Android/data/ or /AWARE/, depending on the device manufacturer and the availability of external storage).