“Services”, as used herein, are defined as the administrative, technical, and physical functionality related to our application Rokoko Studio. An “END-USER”, as used herein, is defined as the actual ultimate user of the Services as a private person or organization. A “Customer”, as used herein, shall mean such organization, entity or person purchasing the Services. A Customer may also be an END-USER.
What data we collect
We collect/process several types of information from and about users of our Website and/or Services, including (i) “Personal Data,” which the EU General Data Protection Regulation 2016/1679 (GDPR) defines as any information relating to an identified or identifiable data subject; (ii) information or data that is about you, but in a form that does not, on its own, permit direct association with you (e.g., sex, age, language preference, occupation, or the like); and (iii) information or data about your interaction with (or use of) Our Website or Services, which may include your Internet connection, the equipment you use to access our Website or Services, and details relating to your use of our Website or Services.
Some data will be collected automatically by our Website or our Services, other data will only be collected if you voluntarily submit it, for example, when signing up for an account. Depending upon your use of our Website and our Services, we may collect some or all the following data:
- Date of birth
- Weight, height, or other body characteristics
- Business/company name
- Contact information such as e-mail addresses and telephone numbers
- Company identification number
- Demographic information such as post code, preferences and interests
- Activity information collected from, but not limited to, wearable sensors or through a video processing application
- Internet Protocol (IP) addresses
- Device or mobile IDs and/or device model and type
- Browser information, operating system information, and/or language preferences
- The location and the preceding and succeeding websites you have visited, including which pages/part/icons on the Website you interacted with
- Applications you click on and how often
- The pages of Our Website you visit, and how long you spend on each page
We use TrueDepth API technologies in our Rokoko Remote and Face Capture apps on iOS to access the 52 blend shapes for the face that ARKit is providing and stream it to our Services. This allows you to record the facial animation provided in our Services and play it back in a 3D character and export it in 3D file formats. For this functionality to work, the Services require access to your device’s camera. This access can be toggled on or off at any time in your device’s settings. The camera images and resulting depth data are only used for gameplay purposes. The live video feed is never used, and its data is never stored, locally or remotely, by us. The generated data remains in your device, and never leaves your device at any time.
As an END-USER you can obtain and reuse your Personal Data for your own purposes across different accounts.
To use the Services, you need to create an account. When an account is created, we will collect certain information that can be used to identify you as a Customer. We will only use such information for the purposes of providing the Services.
You agree that we may collect, use, and save statistical, technical, and other non-identifying information gathered by your use of the Services, and that we may use this information to improve our Services or to provide customized services or technologies to you or our partners. We will not disclose this information to any third party in a form that personally identifies you as an individual.
How we use your data
We use your data to provide the best possible Services to you. This includes:
- Providing and managing your account
- Providing and managing your access to our Website and Services
- Personalising and tailoring your experience on our Website and Services
- Supplying our Services to you
- Personalising and tailoring our Services to you
- Responding to communications from you
- Supplying you with e-mails that you have subscribed to
- Market research
- Analysing your use of our Website and Services to enable us to continually improve our Website and our Services and your user experience.
How we collect your data
Information you provide to us directly: We collect/process information received directly from you when you provide it to us, as well as data that is generated through use of our Services, which may include information you provide to us: (i) through e-mail, messages, chat rooms, surveys, blogs, or our Website or Services; (ii) offline when you contact us in writing or by telephone, including when you contact customer support; (iii) at the time of registering and/or subscribing to use our Website or Services; or (iv) when you report a problem with our Website or Services, including when you contact our technical support.
- Different forms on Our Website (e.g. registration form) may also collect your name, e-mail, phone number, company name (if applicable), country, area, zip code, address, password or other data to help you with your experience. Provision of such contact information is voluntary, unless the relevant forms specify that this data is necessary for use of Our Website and/or the Services.
- When using our Services, you may be required to provide billing information. This information is required by us to verify your identity, and invoice you (if applicable).
Information we collect automatically: We collect some information about you automatically when you visit our Website or use our Services, like your IP address and web browser type and version. We also collect information when you navigate through our Website and Services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our Website and Services so that we can continue to provide the best experience possible (e.g., by personalising the content you see).
Where we collect Personal Data, we will only process it:
- to perform a contract with you, or
- where we have legitimate interests to process the Personal Data and they’re not overridden by your rights, or
- in accordance with a legal obligation, or
- where we have your consent
If we don’t collect your Personal Data, we may be unable to provide you with all our Services, and some functions and features on our Website may not be available to you.
How we share your data
There will be times when we need to share your Personal Data with third parties. We will only disclose your Personal Data to:
- other companies in our group of companies
- third party service providers and partners who assist and enable us to use the Personal Data to, for example, support delivery of or provide functionality on the Website or Services, or to market or promote our services to you
- regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure
- an actual or potential buyer (and its agents, banks and advisors) in connection with an actual or proposed purchase, investment, merger or acquisition of any part of our business
- other people where we have your consent.
We may compile statistics about the use of our Website and Services including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymised and will not include any personally identifying information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners and advertisers.
International data transfers
Your Personal Data may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard that in the EEA. Where we disclose Personal Data to a third party in another country, we put safeguards in place to ensure your Personal Data remains protected.
Security is enforced by a strict security policy and does not permit entities to be accessed or manipulated across organizations. Within the organization, security is role based and users can be given administrative roles on a unit/department level.
The System is always accessed over SSL, safeguarding the information being exchanged between the client and the server. We only store a hash of the user’s password, and when authenticating through our regular interface, salt, hashing, and a short-lived challenge is used to ensure that message replay cannot be used to illegitimately gain access.
External services are required to use the SSL enabled endpoints to ensure transport security. The system provides integrity by ensuring that users are not able to insert or edit entities they are not authorized for. Actions are logged.
Safety measures and procedures against external attacks are put in place.
Retention of personal data
We retain Personal Information that you provide us, as long as we consider it necessary. We will be contacting you about the Services from time to time, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements, and then we securely delete the information. We will delete this information from the servers at an earlier date if you so request. If you terminate your use of the Services, then we will provide you with access to all information stored for you by the Services. After termination, we may, unless legally prohibited, delete all your information, including your Personal Data, from the Services.
You have rights to:
- know what Personal Data we hold about you, and to make sure it’s correct and up to date
- request a copy of your Personal Data, or ask us to restrict processing your Personal Data or delete it
- object to our continued processing of your Personal Data
- request from us rectification or erasure of Personal Data
- the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal
- the right to lodge a complaint with a supervisory authority.
Asking us to stop processing your Personal Data or Personal Information or deleting your Personal Data will likely mean that you will no longer be able to use our Services, or at least those aspects of the Services that require the processing of the types of Personal Data you have asked us to delete.
Where you request us to rectify or erase your Personal Data or restrict any processing of such Personal Data, we may notify third parties to whom such data/information has been disclosed of such request. Such third party may have the right to retain and continue to process such Personal Data in its own rights.
While we will not sell your Personal Data (or any other data you provide us) to third parties, we reserve the right to share any data that has been aggregated and/or anonymized.