new version updated 26th of December 2018
We are the sole owners of the information collected on this Our Website, through the Application or Services. We only have access to/collect information that you voluntarily give us. Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services.
“Anonymisation” – processing data with the aim of irreversibly preventing the identification of the individual to whom it relates.
“Application” – mobile applications owned by us and available on Apple Store and Google Play markets (e.g. “3DLOOK: get an exact 3D model of yourself and play with your body, outfit and masks”, “Starlook” etc.).
“Cookies” – small files that Our Website, web-based Application services or service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the Website’s or service provider’s systems to recognize your browser and capture and remember certain information.
“Law” – data protection and other laws and regulations of state of California, USA applicable to the subject matter, and Regulation as determined above.
“Non-Personal Data” – data in a form that does not, on its own, permit direct association with any specific individual.
“Pseudonymisation” – replacing any identifying characteristics of data with a pseudonym, or, in other words, a value which does not allow the data subject to be directly identified.
“Regulation” – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation).
“Services” – access to some functionality that the user receives when using our Application.
TYPES OF INFORMATION COLLECTED
- User’s Information. 3DLOOK collects the content and other information a User provides when he uses Applications. In order to use Application, a User is required to provide photos of a User for body measurement process performed using a camera of a smartphone or other device a User owns, sex, height, IP address, Mobile ID.
- Contact Information. Different forms on Our Website or in Application may also collect your name, email, phone number, company name, country, age, area, zip code, address, password or other data to help you with your experience. Providing of such data is voluntary, unless in the relevant forms pointed that this data is necessary for use of Our Website or Application.
You may set your browser to notify you or decline the receipt of Cookies; however, certain features of Our Website and Application may not function properly or be available if your browser is configured to disable Cookies and/or other technical means that allow to receive data pointed above.
- Billing information: when using Application and accompanying Services, you may be required to provide additional information that may include a credit card number, account number, beneficiary’s name and details, account holder, bank name, pay pal information, pay pal account details or other banking and payment information, as well as information necessary to secure your transactions, including the whitelist of IP addresses. This information is required by us to verify your identity, and invoice you for the relevant payment (if any). The user signing in the Application warrants that he is a legal representative of the business entity and is entitled to provide this kind of information regarding such entity.
USE OF INFORMATION COLLECTED
In addition to the uses described above, we may use information collected from you when you use Application, register or sign up for the Application, sign up for our newsletter, respond to a survey or to our marketing communication, browse our Application, or use Our Website or its features in the following ways:
- We will use your User’s Information in order to provide you Services via Application as follows: your photo will be converted to the parameters instantly after uploading them into Application and deleted immediately (we never store or transmit your photo to anyone), other data will be used for modeling of your body parameters only. Please, consider that if you download your photo through our showcase applications (as demo application is still in testing), it may be accessed by our employees in order to provide consultation (if necessary) or better interaction between the company and you.
- We may use any information collected from you (your Personal Data and Non-Personal Data): (i) to personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested; (ii) to improve our Application in order to better serve you and/or to provide Services more effectively; (iii) to ensure continuous improvement and development of the Application; (iv) to administer Our Website, the Application and accompanying Services and to diagnose possible problems; (v) to send periodic emails regarding your order or our other products and services.
- We may collect and store details of how you use our Application, including search queries. This information may be used to improve the relevancy of results provided by our Application. Except in limited instances to ensure a quality of our Application over the Internet, such information will not be associated with your IP address.
- If we do combine Non-Personal Data with Personal Data the combined information will be treated as Personal Data for as long as it remains combined.
- As is true of most internet services, we gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit Application, operating system, date/time stamp, and clickstream data. We use this information to understand and analyze trends, to administer Our Website, to learn about user behavior on Our Website, to improve our product and services, and to gather demographic information about our user base as a whole. We may use this information in our marketing and advertising services.
- In some of our email messages, we use a “click-through URL” linked to content on Our Website or Application. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on Our Website or Application. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
- Pixel tags enable us to send email messages in a format customers can read, and they tell us whether mail has been opened. We may use this information to reduce or eliminate messages sent to customers.
- To provide location-based services we may collect, use, and share precise location data, including the real-time geographic location of your access to Our Website and/or Application. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location. Unless you provide consent, this location data is collected anonymously in a form that does not personally identify you and is used to provide and improve location-based products and services. We may be obliged to process such information in order to comply with law or Regulation.
- We can collect Personal Data for protection of our users from fraud or other illegal activity which can be fulfilled with unlawful use of your Personal Data on Our Website and/or Application (as a way of example, we may collect Personal Data to form conversion IP whitelist) to the extent permitted by law or Regulation.
- We can provide some of your Personal Data to our partners, contractors, affiliates if it is necessary for performing agreements between you and us (e.g. Agreements, Insertion Orders etc.) or if it is an essential part of how our Application works and to ) to the extent permitted by law or Regulation.
- We can delete Personal Data and Non-Personal Data any time we consider it appropriate and in compliance with the purposes we collected it for, unless we are required by law or Regulation to store such information for particular period of time.
DISCLOSURE OF INFORMATION
3DLOOK will not pass Personal Data of User to third parties, with the exception of when it is required by functions of 3DLOOK Applications (e. g. sharing to Facebook or Twitter, and in that case the privacy of data transmitted is guaranteed by those third parties which may or may not request the right to use User’s personal data), or it is required by law (Regulation) or with the explicit consent of the user.
We may use third party (processor, contractor, affiliate, partner, contractors, suppliers, vendors etc.) to perform certain business-related functions. Examples of such functions include, but are not limited to: data storage services, database maintenance services, and payment processing. When we use such third party to perform services on our behalf, we will only provide them with access to Personal Data that they need to perform their specific function. We will make sure that each third party will be required by contract to keep such Personal Data confidential, make necessary steps to protect such Personal Data and not to use it for any purpose other than providing services to us and other provisions as required by law and Regulation.
Before transferring any Personal Data to third party (processor, contractor, affiliate, partner, contractors, suppliers, vendors etc.) we shall make reasonable check of such third party regarding its compliance with law and Regulation. We will make commercially reasonable efforts to store Personal Data of individuals in the regions where they live or operate in cases if we are required by law or Regulation to do so (e.g. Personal Data of EU citizens in EU or countries acknowledged by relevant authority as having appropriate level of data protection). If storing of Personal Data in such way is not commercially reasonable, we will ensure that third party processors are bound by agreement which contains obligations of the processor to provide at least minimum necessary level of security and other provisions as required by law or Regulation (e.g. as required by approved model data processing agreements adopted by relevant data protection authority). As well, we will ensure that such agreement contains obligation of processor to adopt necessary provisions into his agreements with sub-processors (if any). Herein you give us your free unambiguous consent to store your Personal Data (and Non-Personal Data, if applicable) outside of your country of residence (registration, domicile, centre of vital interests, economic region, etc.).
We may disclose Personal Data if required to do so by law (Regulation) or to comply with a legal obligation, or if we believe in good faith that such action is necessary to: (i) protect our rights or property and our customers or (ii) protect the property or safety of users of Our Website or the Application and the accompanying services, legal owners of Our Website or the Application; or any third party. If we will be required by law to disclose any of your Personal Data, we will use reasonable efforts to provide you with notice of that disclosure requirement, unless we are prohibited from doing so by statute, court or administrative order.
Please note that your non-personally identifiable information (Non-Personal Data) may be provided to other parties for marketing, advertising, statistics or other uses. This is not linked to any Personal Data that can identify any individual person.
By refusal to provide data necessary for registration, you refuse to receive our Application and Services.
In case you act as an agent for a third party during registration or use of our Our Website/Application you should be duly authorized to provide us with necessary amount of the data of such third party. By registering, you represent and warrant that you are duly authorized.
However, no method of transmission or method of electronic storage is 100% secure. We do not guarantee that Our Website or the data stored during your use of the Application is invulnerable to hacking and will not be subject to a security breach. We make no warranty, guarantee, or representation that Our Website, the Application or the Services are or will be protected from all viruses, security threats or other vulnerabilities or that your Personal Data and Non-Personal Data will always be secure.
To make sure your Personal Data is secure, we communicate our privacy and security guidelines to our employees and strictly enforce privacy safeguards within the company. Only employees who need your Personal Data to perform a specific job (e.g. billing or customer service) are granted access to relevant personally identifiable information (Personal Data). All of our employees sign relevant NDA and our security system is designed to ensure possibility of identification of all the employees who had access / accessed Personal Data of our users.
Your obligations regarding security of your data are the following: not to disclose your contact information and other data which allows/enables unauthorized access to the Application and/or Our Website or any other actions connected to the Application and/or Our Website on your behalf; make reasonable efforts to secure your actions in Internet and your use of the Application. You are solely responsible for the correctness, appropriateness fullness etc. of the provided data and warrant to us that you have all rights to provide us with such data.
LINKS TO OTHER OUR WEBSITES
Information collected by third parties, which may include such things as location data or contact details, is governed by their privacy practices. We encourage our users to be aware when they leave our Our Website/Application and to read the privacy statements of any other Our Website that collects personally identifiable information (Personal Data).
INTEGRATED THIRD PARTIES, SOCIAL MEDIA & WIDGETS
When you use Our Website, Application, or applications or post on Our Website or Application forum, chat room, board, or social networking service, the Personal Data and content you share is visible to other users and can be read, collected, or used by them. You are responsible for the Personal Data you choose to share or submit in these instances. For example, if you list your name and email address in a forum posting, that information is public. Please take care when using these features. By submitting actions pointed above you grand us, our partners and affiliates a non-exclusive, unlimited, worldwide, royalty-free license to use, display, perform, copy, transmit, distribute, promote, alter, modify, manipulate or create derivative works with materials, texts, words, impressions and other information provided by you in such a way.
Hereby 3DLOOK confirms that 3DLOOK includes APIs from the third parties, such as Facebook Inc. with legal address at 1601 South California Avenue, Palo Alto, CA 94304, USA. User is able to recognize elements that belong to Facebook Inc. and not 3DLOOK within Applications by the logo and sharing request notification. An overview of Facebook Inc. APIs and SDKs can be found here: https://developers.facebook.com/docs/graph-api.
The 3DLOOK application uses third-party APIs from the following parties: Appsflyer with the legal address at 111 New Montgomery St, San Francisco, CA 94105, United States, and Yandex Europe AG with the legal address at Werftestrasse 4, 6005 Luzern, Switzerland (both herein and after referred to as Analytics Services). The mentioned Analytics Services API is used to collect information about User behaviour within the Applications and APIs of Analytics Services do not require 3DLOOK to submit any personal data of User. Hereby 3DLOOK confirms that 3DLOOK does not submit any personal data of User unless the data is collected automatically by APIs of Analytics Services. An overview of Appsflyer API can be found here: https://support.appsflyer.com/hc/en-us/categories/201132313-Analytics-Reports-and-APIs. An overview of Appmetrica API can be found here: https://tech.yandex.ru/metrica-mobile-sdk/doc/mobile-sdk-dg/concepts/about-docpage/.
SURVEYS & CONTESTS
From time-to-time, Our Website requests information via surveys or contests. Participation in these surveys or contests is voluntary and you may choose whether or not to participate and therefore disclose this information. Information requested may include contact information (such as name and address), demographic information (such as zip code, age level) and business information (types and amounts of Services used, targeting specifications). Survey information will be used for purposes of monitoring or improving the use and satisfaction of this Our Website, and to notify the winners and award prizes (if any).
We understand the importance of taking extra precautions to protect the privacy and safety of children accessing Our Website and/or Application. Children under the age of 16, or equivalent minimum age in the relevant jurisdiction, are not permitted to use Our Website and/or Application, unless their parent provided verifiable consent or as part of the child account creation process (if this type of account is applicable). If we learn that we have collected the Personal Data of a child under 16, or equivalent minimum age depending on jurisdiction, outside the above circumstances we will take steps to delete the information as soon as possible, unless we are obliged to keep such data in order to comply with law or Regulation.
You acknowledge and voluntarily agree that we have no obligation of sending you via email or otherwise any notification regarding such change, though we have right to do so if consider it appropriate.
YOUR ACCESS TO AND CONTROL OVER PERSONAL DATA
We store your Personal Data for 10 years and make a revision of it after that period. During such revision, we may either delete all of your Personal Data or keep it collected for the next 10 years if: we are providing you Services; you use Application and Our Website; we are in the middle of dispute or you are our debtor; such information is still necessary for the purposes we collected it. We can delete your Personal Data any time and not wait for 10 years period to end if purpose we collected it for no longer apply. We make no warranties your Personal Data will be available for any specific period of time (10 years, or less or more etc.). Please consider, that we have no obligations to notify you when deleting your Personal Data and can do it at our sole discretion.
In cases of breach of security which lead to unauthorized access to your Personal Data, we: will let you know about this incident without undue delay as soon as we become aware of such breach and make all reasonable efforts to minimize the harm and restore necessary safety measures. We can notify (inform) you about breach of your Personal Data at our sole discretion in the following ways we consider most appropriate: via your contact email, by phone, in your personal account, in national news, on Our Website or any other way which allows you to make necessary steps to minimize the possible harm without undue delay. Such notification will include general information about the breach, possible risks and our steps to minimize them – to the extent possible in relevant circumstances. You are solely responsible to notify your third parties if their Personal Data is part of such breach (if your are the one who provided such information to us). Our notifications shall not constitute our acknowledgment of any kind of fault (guilt, liability) for the breach.
OTHER PROVISIONS AS REQUIRED BY LAW
DO NOT TRACK SIGNALS
We do not track you by ourselves over time and across third-party websites to provide targeted advertising and therefore respond to Do Not Track (DNT) signals in a way that we use the usual types of tracking systems that are a standard practice in advertising, e.g. Google AdWords. As well, be aware that some third party Our Websites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you.
NOTICE FOR MINORS
For Data Subjects in the EU:
We appointed GDPR-Rep.eu as representative according to Art 27 GDPR. If you want to
make use of your GDPR data privacy rights, please visit: https://www.goldmansachs.com/insights/pages/technology-driving-innovation-folder/virtual-and-augmented-reality/report.pdf
iuro | Dr. Andreas Mätzler
Attorney at Law
c/o 3DLOOK INC.
1010 Vienna, Austria
Please add the following subject to all correspondence:
GDPR-REP ID: 12970373