This Privacy Policy (this "Policy") describes how MapQuest Holdings, LLC ("MapQuest," "we," "our," or "us") collects, uses, and discloses personal information through the mobile application (the "App") and any related websites, support resources, and other services we offer in connection with the application (collectively, the "Services"). It also describes the choices and rights you have with respect to that information.
Capitalized terms not defined here have the meanings given to them in our Terms of Service. By using the Services, you acknowledge that you have read this Policy.
The information we collect depends on how you use the Services. We have grouped it below by where it comes from.
Account information. When you create an account, we collect information you provide during sign-up, which may include your email address, phone number, a display name, a profile photo, and other profile details. We may use authentication methods that do not require you to set or store a password.
Group and contact information. When you create or join a group within the Services, or invite another person to a group, we collect information about the group (such as a name) and information used to deliver the invitation (such as the recipient's email address or phone number). When you accept an invitation, we associate your account with that group.
Saved locations and labels. When you save, name, or label a location within the Services, we collect that information.
Content you submit. We collect content you submit through the Services, including notifications, messages, photos, feedback, and information you provide when you contact us for support or to exercise a privacy right. If you submit a privacy request, we may collect what we need to verify your identity and respond to the request.
Subscription and payment information. If you purchase a paid subscription, your payment is processed by the applicable app store or other third-party payment processor. We typically receive a transaction identifier, the subscription tier you purchased, the renewal date, and the status of your subscription. We may receive additional billing-related information depending on the payment method and the applicable processor.
Location information. Because the Services are a location-sharing app, we collect precise location information (such as latitude and longitude) from your device while you are signed in, including in the background where you have granted that permission. We also collect information derived from your location, such as a reverse-geocoded street address or the name of a saved location associated with where you are. The frequency at which we collect location information varies based on whether the app is in the foreground or background, your device's battery and connectivity, and how your operating system schedules background work.
Device and connectivity information. We collect information about your device and how it connects to the Services, including device model and operating-system version, app version, language and regional settings, an installation identifier we generate, network and connectivity information, battery level and charging state, crash logs, and basic performance metrics.
Usage information. We collect information about how you use the Services, such as the features you interact with, the actions you take in the app, and the timing and duration of those interactions.
Routing and map-related information. When you use features that depend on directions, navigation, or maps, we may send origin, destination, and travel-mode information to a routing or mapping service to generate the result, and we may store the result so we can display it to you and to others you have chosen to share it with.
From other users. We receive information about you from other users of the Services, such as when someone invites you to a group or shares content with you. We also receive information that other users in a shared group make available to that group.
From service providers and platforms. We receive information from companies that help us deliver the Services, including app stores, payment processors, email-delivery providers, push-notification platforms, mapping and routing providers, hosting and storage providers, and providers of customer-support and security tooling.
Inferences. We may derive information from the information we collect, such as inferring that a member of a shared group is at a saved location.
We use the information we collect for purposes that include the following:
We share your information in the circumstances described below.
The Services let you share information with other users you choose, including users in any group you have joined. Information that may be shared in this way includes your display name and profile photo, your current and recent location and information derived from it (such as a reverse-geocoded address or the name of a saved location), your device's battery and connectivity status, the saved locations you make available to a group, the notifications and content you send through the Services, and the timing of your activity within the Services. Information you share with a group is generally visible to every member of that group for as long as you and the information remain part of it. Other users may retain copies of information you have shared with them, including after you stop sharing or leave a group.
We share information with companies that perform services on our behalf and that are required by contract to use the information only for the purposes we authorize. These include providers of:
We may share information with our affiliates — companies under common ownership or control with MapQuest — for purposes consistent with this Policy.
If MapQuest is involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of all or a portion of our assets, or due-diligence relating to any of these, your information may be shared or transferred as part of that transaction or process. We will give notice consistent with applicable law before your information becomes subject to a different privacy policy.
We may disclose information when we believe in good faith that doing so is appropriate to:
We share information with third parties when you direct us to do so or otherwise consent to the sharing.
We may create and share aggregated, de-identified, or anonymized information that cannot reasonably be used to identify you. Where we do, we maintain and use that information in de-identified form and do not attempt to re-identify it, except as permitted by law.
Manage your profile. You can update profile information, such as your display name and profile photo, in the app's account settings. Changes may take some time to propagate to other users.
Manage groups and sharing. You can change which groups you are a member of and what you share within them, including by leaving a group, removing saved locations, or adjusting sharing settings the app makes available.
Control notifications. You can change which notifications you receive through your device's system settings or, where supported, in the app's notification preferences. Disabling certain notifications may meaningfully reduce the safety value of the Services.
Manage location permission. You can change or revoke the app's location permission in your device's system settings at any time. Doing so will affect features that depend on location.
Manage subscriptions. If you purchased a paid subscription through an app store, you can manage and cancel that subscription through the app store. Cancellation generally takes effect at the end of the current billing period.
Delete your account. You can delete your account in the app's account settings. Deleting your account is permanent and removes information associated with your account in accordance with the retention rules in this Policy and any applicable legal obligations.
You can contact us at the address in this Policy to make any of the requests or to exercise any of the rights described in this Policy. We may need to verify your identity before responding to certain requests.
If we send you marketing communications, each message will include an unsubscribe mechanism. Opting out of marketing communications does not stop us from sending Service-related notices that you cannot opt out of while you have an account, such as security alerts, billing receipts, and updates to our Terms or this Policy.
MapQuest takes special precautions to protect the privacy of younger users of the Services. The Services are intended to be used by children only with parental or guardian involvement and approval. We do not knowingly collect personal information from children who do not meet applicable minimum age requirements without the verifiable consent of a parent or legal guardian.
If we learn that we have inadvertently collected personal information from a child without parental consent as required by law, we will take appropriate steps to delete that information. If you are a parent or legal guardian and discover that your child has a registered account with the Services or is using the Services without your consent, please alert us immediately by contacting us at the address in this Policy.
As a parent or legal guardian, by enabling your child to create an account with the Services or otherwise permitting your child to use the Services, you expressly agree to the practices described in this Policy and you consent, on your child's behalf, to our collection, use, and disclosure of your child's personal information as described in this Policy.
If a parent or legal guardian wishes to add a child to the Services, we ask the parent or legal guardian to provide verifiable consent through one of several methods accepted under applicable law. The specific methods we accept may change from time to time, and the method we use in a particular case may depend on factors such as your jurisdiction, the child's age, and the features the child will be using. We may adjust our parental consent process to reflect the digital age of consent in the parent's or child's jurisdiction. After verifiable consent has been provided, the child will be able to participate in the Services as permitted by the parent or legal guardian and by these practices.
By providing verifiable consent for your child to use the Services, you represent and warrant that you are the child's parent or legal guardian and that you consent, on your child's behalf, to our collection and use of information from your child as described in this Policy and in our Terms of Service.
We take precautions to collect from children only as much information as is reasonably necessary for the child to use the Services and for us to operate them. Subject to that limitation, the categories of information we collect from or about a child are the categories described in this Policy.
We may disclose a child's personal information to the categories of recipients described in this Policy, including service providers and affiliates that help us provide the Services and other users with whom the child or the parent or legal guardian has chosen to share. Profile and location information for a child using the Services may be visible to other members of any group that the child joins, and the child may exchange notifications and other content with those other members through the Services.
Consistent with applicable law (including the Children's Online Privacy Protection Act in the United States), we treat personal information of users we know to be children differently from personal information of other users. Among other things, we do not sell or share personal information of users we know to be children for purposes of cross-context behavioral advertising, and we do not show third-party advertising in accounts we know belong to children.
The parent or legal guardian who provided parental consent is responsible for monitoring the child's account and the child's sharing activity through the Services, and for adjusting the sharing settings the Services make available.
If you are between the minimum age set by law in your jurisdiction and 18, please ask a parent or legal guardian to read this Policy and our Terms of Service before you use the Services. Your parent or legal guardian must accept our Terms on your behalf as described in those Terms.
The parent or legal guardian who provided parental consent has the right to request to review the personal information we have collected from the child, to request that this information be deleted, and to withdraw consent for the further collection of personal information from the child. To make any of these requests, please contact us at the address in this Policy. Before providing access to or acting on a request relating to a child's personal information, we will require the requesting parent or legal guardian to provide us with sufficient identification to verify their identity and their relationship to the child.
We retain personal information for as long as we need it to operate the Services, comply with our legal obligations, resolve disputes, enforce our agreements, and pursue our legitimate interests. The actual retention period for a particular piece of information depends on factors that include:
When we no longer need information for the purpose for which it was collected, we delete it, anonymize it, or take steps to put it beyond use, except where applicable law requires or permits otherwise.
We use administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, alteration, and disclosure. These may include encryption in transit and at rest, access controls and least-privilege permissions, audit logging, anomaly detection, and a vulnerability-management program.
No system is perfectly secure. You are responsible for keeping your account credentials and authentication information confidential and for the security of the device on which you use the Services. If a security incident materially affects your personal information, we will provide notice as required by applicable law.
MapQuest is based in the United States, and the infrastructure used to provide the Services is operated primarily in the United States. If you use the Services from outside the United States, the information we collect about you may be transferred to, stored in, and processed in the United States and other countries that may have data-protection rules that differ from those in your country.
Where we transfer personal information out of the European Economic Area, the United Kingdom, or Switzerland, we use appropriate safeguards recognized under applicable law (including the European Commission's Standard Contractual Clauses and the United Kingdom International Data Transfer Addendum) to protect that information. You can request information about the safeguards we rely on by contacting us at the address in this Policy.
If you live in a U.S. state with a comprehensive privacy law — currently including California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia — you may have additional rights described in this section. The rights vary by state, and not every right is available in every state.
Depending on the state you live in, you may have the right to:
Several state privacy laws define a category of "sensitive personal information" or "sensitive data," which may include precise geolocation. We use the precise geolocation we collect for the purposes described in this Policy and in accordance with applicable law.
To exercise any of the rights in this Policy, contact us at the address in this Policy and tell us which right you want to exercise and the email address associated with your account. We may need to verify your identity before responding; we will use information already associated with your account where we can, and may ask for additional information if needed. You may use an authorized agent to make a request on your behalf, where the law permits, by providing the agent with appropriate written permission and submitting evidence of that permission with the request.
We will respond within the time frames required by applicable law. If we deny a request, we will tell you why and, in states that require an appeal process, how to appeal.
This section serves as our notice at collection for California residents. The categories of personal information we collect, the purposes for which we collect and use them, and the categories of recipients with which we share them are summarized below. We retain each category for the periods described in this Policy.
| Category | Purposes of collection and use | Categories of recipients |
|---|---|---|
| Identifiers (such as email address, account identifier, IP address, and device identifiers) | Provide and operate the Services; account management; security and fraud prevention; communications | Service providers; affiliates; other users you have chosen to share with; legal authorities (when required) |
| Internet or other electronic network activity (such as app usage, interactions, and crash logs) | Operate, secure, and improve the Services | Service providers; affiliates |
| Geolocation data, including precise geolocation (which is a category of sensitive personal information) | Provide the location-sharing functionality of the Services to you and to others you have chosen to share with | Other users you have chosen to share with; service providers; legal authorities (when required) |
| Commercial information (such as subscription tier, billing status, and transaction history) | Manage subscriptions; provide customer support; comply with legal obligations | App stores; payment processors; service providers; legal authorities (when required) |
| Audio, electronic, visual, or similar information (such as a profile photo or content you submit) | Personalize your experience; provide and improve the Services; respond to your communications | Other users you have chosen to share with; service providers |
| Inferences drawn from the categories above | Provide and improve the Services | Other users you have chosen to share with; service providers; affiliates |
California Civil Code §1798.83 permits California residents to request information about disclosures of personal information to third parties for those parties' own direct-marketing purposes. To submit a request under this law, contact us at the address in this Policy.
If you are located in the EEA, the United Kingdom, or Switzerland, this section provides additional information about how we process your personal data and the rights you have under the EU General Data Protection Regulation, the UK GDPR, and the Swiss Federal Act on Data Protection.
MapQuest Holdings, LLC is the controller of the personal data described in this Policy. Our contact details are in this Policy.
We process your personal data on one or more of the following legal bases:
You have the right to access, rectify, erase, restrict, and port your personal data, and to object to processing carried out on the basis of legitimate interests. Where we process your data on the basis of consent, you have the right to withdraw your consent at any time. You also have the right to lodge a complaint with your local data-protection authority; we encourage you to contact us first so we can try to resolve the issue.
We do not make decisions about you that are based solely on automated processing and that produce legal or similarly significant effects on you.
As described in this Policy, your personal data is transferred to the United States. We rely on appropriate safeguards recognized under applicable law to protect that data. You can request information about the safeguards in place by contacting us.
We may update this Policy from time to time to reflect changes to the Services, the way we do business, or applicable law. We will post the updated Policy through the Services and update the "Last updated" date at the top. Where the changes are material, we will provide additional notice consistent with applicable law (for example, by email or in-app notice) before the changes take effect. Your continued use of the Services after a change becomes effective indicates that you have read the updated Policy.
If you have questions, comments, or complaints about this Policy or about how we handle your personal information, please contact us:
MapQuest Holdings, LLC
Attn: Privacy
4235 Redwood Ave.
Los Angeles, CA 90066
United States
Email: [privacy email — TBD]
California residents may also contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs by mail at 1625 North Market Blvd., Suite N 112, Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.