About the Content
I wanted to look into a company’s privacy policy and examine just how intrusive it really is, as well as provide a breakdown as to what exactly they do with their users information. In researching and writing this content, I wanted to provide others with a basis of what to look for when combing through privacy policies in order to ensure that their personal information is safe. When searching for a company’s privacy policy to examine, I wanted to select a mobile app or website that is widely used and heavily trusted. Venmo was ultimately my choice – used by tens of millions of Americans every day and trusted with the sensitive financial information of all its users, I took on the challenge of poking through their privacy policy to see what I can discover.
Let’s Talk About Privacy Policies
Be honest – do you ever read the privacy policy before signing up or creating
an account with a mobile app or website? If you don’t then there’s no
judgment here, I don’t either. In fact, I can’t really think of anyone who does.
Pages and pages of documents – who wants to read that?
Today we see a whole new wave of accessible data that we have never seen
before. Companies can have access to their user’s data and seemingly do
whatever they want with it. When you create an account on any given
website, you could be agreeing to hand over your home address, your social
security number, your internet history, and all your private data on your
smartphone or tablet. But why do companies need this information?
In short, it’s for advertising and marketing sake. Private information about
consumers can be worth a fortune and can be used to predict and track
consumers’ history. If a marketer has enough information about a specific
demographic based on the data that they can access through social media
and location analytics, they can begin to forecast consumer behavior,
strategically creating and planting marketing campaigns to best boost
business.
This is also a good time to say that I hate apps and services that require
excessive data on their users. It’s my pet peeve – most of the data they want
is unnecessary to the function of the service anyways.
But wait – how do I know if my commonly visited websites and mobile apps
are mining my information?
You won’t believe this.
Read the Privacy Policy.
Enter Venmo
I decided to take this challenge head-on and do a deep dive into a mobile
app on my phone to see what data they access and what exactly they do
with it. I wanted to choose an app that nearly everyone has and one that has
a fundamental role, so no mobile games or editing apps.
I decided to settle on Venmo. The currency swapping app currently has over
65 million users – making it one of the most popular apps in the world. I’ve
had Venmo on my phone since high school and not once have I ever decided
to poke through their privacy policy until today.
What I Found
I’ll get straight to the point and tell you what data they have access to. Right
off the bat, when you use Venmo’s mobile app or go to their website, they
collect and store your IP address, your browser type, and what pages you
accessed on their website or mobile app.
Venmo also has access to the information that you are required to enter
when creating an account, which includes your mobile phone number and
other similar information. Venmo will also know your legal name, your street
and email address, date of birth, and your social security number.
Venmo will know your device ID, which means that they will know if you
accessed their server on a mobile phone or a computer. And when I say that
they know what device you are using I mean that they know it right down to
the “machine or mobile device identification number” (Venmo.com). Venmo
will also know your geolocation information, time zone, and language setting.
Geolocation. What is that? According to Venmo’s privacy policy, they can
access your exact longitude and latitude through GPS, Wi-Fi, or cell site
triangulation. Venmo claims that they need to know this information for “fraud
and risk purposes”. If you decide to opt-out of allowing Venmo to access
your geolocation, they claim that their services may not be able to function
properly.
Venmo also states in their privacy policy that when you visit a third-party
website that uses tracking technologies (cookies), they will be able to
“recognize you as a customer, customize services, other content and
advertising; measure the effectiveness of promotions; perform a wide range
of analytics; mitigate risk and prevent potential fraud; and to promote trust
and safety across our services”.
Did you catch that? “Other content and advertising; measure the
effectiveness of promotions”. Venmo is stating that they access
your data for their own gain to aid advertising and marketing purposes.
Most web browsers have a Do Not Track setting, which informs websites that
you are expressing your desire to not be tracked by advertisers and other
third-party websites. Venmo states in their Privacy Policy that “We do not
respond to DNT signals.”
Okay, so that’s a lot of information that Venmo has access to. So now the
next question is, what do they do with all this information on their users?
It’s Not as Bad as it Sounds
According to Venmo’s Privacy Policy, they use this information for customer
service purposes to best resolve potential conflicts and questions that their
users may have. Venmo also states that they use this data to “process
transactions and send notices about your transactions or your network
activity” while leaving out who exactly they send these notices to.
Venmo also uses its user’s data to collect fees and troubleshoot problems,
prevent fraud and illegal activities, create a connection between Venmo and
third-party platforms, customize and personalize the layout of their website,
confirm the accuracy of transactions, and perform other duties required by
law. Venmo also states that they use this information to send users updates
about new products and to provide users with offers and advertising.
So, while your data is used for the app to properly function, it is also used for
targeted ads and notification bombardments regarding new Venmo features.
How Does Venmo Protect This Data?
So how well does Venmo guard this private information on their users?
Thankfully, pretty well.
Venmo states in their Privacy Policy that their user’s data is “protected by
physical, electronic, and procedural safeguards in compliance with
applicable US federal and state regulations.” Venmo also uses firewalls and
data encryption, enforcement of physical access controls to their offices and
files, and they authorize access to “personal information only for those
employees who require it to fulfill their job responsibilities.”
Venmo also states that they do “not share their user’s personal information
with third parties for their promotional or marketing purposes.” They do
however use this information for their own marketing and advertising
purposes.
Should I Be Worried?
To sum it up, Venmo has access to a lot of information, but this isn’t out of
the ordinary for a mobile app platform of this kind. Venmo seems to be
extremely careful with the protection of their user’s information, and although
they have a lot of their users’ private and sensitive information, they claim
that it is necessary for the function of their service. If you ever want to make
sure that your information is wiped from Venmo’s servers, the deletion of
your account will result in the immediate termination of all data relevant to
you on Venmo’s servers.
nickmelansonportfolio.com 