Skip to main content

Data Collection

Understand what data is collected during WiFi authentication and your responsibilities as a data controller.

Automatic Data

Collected for all authentication methods:

DataPurpose
MAC AddressDevice identification, access control
IP AddressSession management
TimestampUsage tracking
Session DurationBandwidth management
Data UsageFair use policies
Device TypeAnalytics
Access PointLocation analytics

User-Provided Data

Depends on your authentication configuration:

DataCollection Method
EmailRegistration form, social login
PhoneSMS verification
NameRegistration form, social login
Payment InfoPayment gateways
Custom FieldsRegistration form

Social Login Data

ProviderAvailable Data
GoogleEmail, name, profile picture
AppleEmail (can be hidden), name
LinkedInEmail, name, professional profile
InstagramUsername, profile picture

Data Storage

  • Location: Secure cloud infrastructure (US, EU, or Asia Pacific based on your region)
  • Encryption: At rest and in transit
  • Retention: Configurable in Account > Settings
Data TypeDefault Retention
Session logs90 days
User accountsUntil deleted
Auth logs1 year

Data Ownership

Your data belongs to you.

  • Guest information is owned by your organization
  • IronWifi does not sell or share your data
  • Export or delete all data at any time

Your Responsibilities

As the data controller, you must:

  1. Comply with privacy laws (GDPR, CCPA, etc.)
  2. Display privacy notice on splash pages
  3. Obtain consent for data collection
  4. Honor access requests from users

Minimizing Collection

To collect only essential data:

  • Use click-through or access code authentication
  • Disable optional form fields
  • Set shorter retention periods

GDPR Compliance

User RightHow to Fulfill
AccessExport via Reports
RectificationEdit user profile
ErasureDelete user account
PortabilityExport as CSV/JSON

Data Processing Agreement

  1. Navigate to Account > Legal
  2. Download the DPA
  3. Sign and return to support@ironwifi.com