… if you use a Groupon mobile application and your mobile device’s settings allow it, we may collect Mobile Location Information from your device. Our application may be designed to collect information even if you are not logged into the Groupon application or the Sites…, if the settings on your location-aware device allow us to receive Location Information, we will collect that automatically.
We will retain your information for as long as your account is active or as needed to provide you services and to maintain a record of your transactions for financial reporting purposes.
There’s more. Groupon has broadened its definition of “personal information” to include your habits and interests, a la Facebook, and it’s reserving the option to combine that information with other data it obtains about you from third parties. Can you say “data mining”? I knew that you could.
First, kudos to Groupon for even notifying its users of the privacy changes. Not all companies do. Many just leave it up to users to check the privacy policies periodically – and who, aside from privacy nerds like me, ever does that? (Though the conspiracy theorist inside me has to wonder why they chose to send the notifications out on a Saturday near midnight.)
As for the rest, though, a big fat raspberry. Groupon is tracking mobile users’ locations, unless they tell it not to, and apparently storing that information indefinitely. That’s never good. The potential for abuse is enormous.
I’ve asked Groupon to clarify what is and isn’t in its new policy, and will update this post if they reply.