Canada’s Privacy Commissioner has launched an investigation into Tim Hortons’ mobile app.
The investigation was launched after the Financial Post first reported the app was collecting extensive location data and information of those using it. In a months-long investigation, the article indicated that the app collected “longitude and latitude coordinates more than 2,700 times in less than five months” and not just when the app was being used.
A press release from the Office of the Privacy Commissioner of Canada said the investigation is in partnership with the Commission d'accès à l'information du Québec, Office of the Information and Privacy Commissioner for B.C., and the Office of the Information and Privacy Commissioner of Alberta.
The investigation will look into whether Tim Hortons is in “compliance” with the Personal Information Protection and Electronic Documents Act.
“More specifically, the [Office of the Privacy Commissioner] will look at whether the organization is obtaining meaningful consent from app users to collect and use their geolocation data for purposes which could include the amassing and use of detailed user profiles, and whether that collection and use of the data is appropriate in the circumstances,” the release said.
In an emailed statement, Tim Hortons said it would “fully cooperate” with the privacy regulator.
“We are confident we’ll be able to resolve this matter,” the statement read.
“Since Tim Hortons launched our mobile app, our guests always had the choice of whether they share location data with us, including ‘always’ sharing location data - an option offered by many companies on their own apps. We recently updated The Tim Hortons app to limit the collection of location data to only while guests have our app open, even if a guest has selected ‘always’ in their device settings.”
With files from Alicja Siekierska