Synantoo Systems Privacy Policy

Last Updated: May 1, 2021

Synantoo S.A.S. (“Synantoo,” “we,” “us,” and “our”) provides an online platform allowing our customers to communicate and collaborate from anywhere in the world using augmented and virtual reality (“AR/VR”) teleconferencing (the “Platform”). Our Privacy Policy (“Privacy Policy”) is designed to help you understand our practices regarding the collection, use, and disclosure of certain information, including your personal information, and to assist you in exercising your privacy rights.

SCOPE

This Privacy Policy applies to information processed by us in the course of our business, including on our websites (the “Sites”), our mobile applications (the “Apps”), the Platform, and our related online and offline offerings (collectively, the “Services”).

INFORMATION WE COLLECT

When you use our Services, we may collect the following kinds of information:

Information You Provide to Us

Account Information. When you sign up for an account with our Services, you will provide us with personal information (also known as “personally identifiable information” or “personal data” under applicable laws). This may include your name, email address, gender, phone number, profile photo or image (to create an avatar), and AR/VR device type. For enterprise users, we may collect additional personal information from you including the name and address of your business and your role at the business. We may further collect necessary personal information about authorized users whom you authorize to use the Services on behalf of your business.

Your Communications with Us. We collect personal information from you such as your email address, name, employer or other company with which you are associated, AR/VR device type, and purchasing plans when you request information about our Services, register for our newsletter, request customer or technical support, or otherwise communicate with us.

Virtual Rooms. When you use our Services, you can create virtual rooms and visit virtual rooms created by others (“Rooms”). The Services allow you to upload images, documents, slides, attachments and other content (collectively, “Content”) into the Rooms so that you may easily share and collaborate with other individuals. We collect and store data describing the Rooms and the Content uploaded to the Rooms.

Teleconferencing. The Services allow you to teleconference with other users within the Rooms using the sensors on your AR/VR device. When you do this, audio and video of you and your surroundings will be captured by us and provided to other users along with an avatar constructed from your profile photo to enable AR/VR teleconferencing. We also collect and store usage information describing teleconferencing activities within the Rooms, such as the number of files uploaded, times and durations of the teleconferences, and the identities of the users who participated in the teleconferences.

Interactive Features. We may offer interactive features such as forums, blogs, chat and messaging services, and social media pages on the Services. We and others who use our Services may collect the information you submit or make available through these interactive features. Any content you provide via the public sections of these features will be considered “public” and may not be subject to all privacy protections referenced herein. By using these interactive features, you assume the risk that the personal information provided by you may be viewed and used by third parties for their own purposes.

Payment Information. We may receive payment information allowing you to pay us for the Services, but sensitive personal information such as your credit card information cannot be accessed by us. Payment information goes to a third-party payment provider to process payments for the Services. We may receive non-sensitive personal information associated with your payment information, such as billing address and transaction information, but we do not store payment information on the Services.

Surveys. We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.

Registration for Sweepstakes or Contests. We may run sweepstakes and contests. Contact information you provide may be used to inform you about the sweepstakes or contest and for other promotional, marketing and business purposes, if permitted by law. In some jurisdictions, we are required to publicly share information about winners.

Conferences and Trade Shows. We may attend conferences and trade shows where we collect personal information from individuals who interact with or express an interest in Synantoo and/or the Services. If you provide us with any personal information at one of these events, we will use it for the purposes for which it was collected.

Business Development and Strategic Partnerships. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities.

Job Applications. We may post job openings and opportunities on the Services. If you reply to one of these postings by submitting your application, CV and/or cover letter to us, we will collect and process the information contained therein, which includes personal information, to assess your suitability, aptitude, skills, and qualifications for employment.

Information Collected Automatically

Automatic Data Collection. We may collect certain personal information automatically when you use the Services. This personal information may include your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, location information (including inferred location based on your IP address), Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, information about how you interact with the Services, including the frequency and duration of your activities, and other information about how you use the Services. Personal information we collect may be associated with accounts, other devices, Rooms, and teleconferences.

AR/VR Device Information. We automatically collect camera, microphone, and telemetry information from your AR/VR device when you use the Services. The telemetry information describes your AR/VR device and how you use it, and may include information about the type of AR/VR device, its configuration, and how it is performing. The telemetry information may also describe other devices used in connection with the AR/VR device such as a computer or mobile device, and information about your network connection. The telemetry information may additionally include information about your physical environment and movements within the environment. With your consent, we may collect personal information describing your precise location using a GPS or other sensor on the AR/VR device or other device used in connection with the AR/VR device. You may opt out of this collection by changing the settings on your AR/VR device or other device. If you are using a shared AR/VR device, you should ensure that its settings reflect your preferences before participating in a teleconference using the Services.

Cookies, Web Beacons, and Personalized Advertising. We, as well as third parties that provide content, advertising, or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect personal information through the Services. Technologies are essentially small data files placed on your computer, tablet, mobile phone, or other devices that allow us and our partners to record certain pieces of information whenever you visit or interact with the Services.

  • Cookies. Cookies are small text files placed in visitors’ device browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly.
  • Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded on the Services that collects information about users’ engagement. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on particular content. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.

Analytics. We use service providers such as Google Analytics, Matomo and may use others to collect anonymized or aggregate information regarding user behavior and user demographics on the Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s processing of data generated by your use of the Services by visiting http://tools.google.com/dlpage/gaoptout. For more information about Matomo, please visit https://matomo.com/privacy

Session Replay Providers. We use service providers such as FullStory for session replay analytics. FullStory is a service provider that allows us to record and replay an individual’s interaction with the Services. FullStory’s privacy policy can be found at https://www.fullstory.com/legal/privacy/. You can opt out of FullStory’s collection of your information by visiting https://www.fullstory.com/optout/.

Information from Other Sources

We may obtain personal information about you from other sources, including through third party services. Synantoo may allow you to register for an account and/or use our Services with certain third-party login services such as Google (each, a “Third-Party Account”). If you use our Services with a Third-Party Account, we will receive basic information tied to the account such as your email address, full name, profile photo and unique user IDs or tokens used by the third party service. We will also receive files and other information from these third party services that you specifically link to while using the Services, such as files from Google Drive, Google Docs or Dropbox.

HOW WE USE YOUR INFORMATION

We use your personal information for a variety of business purposes, including to: Provide the Services or Requested Information, such as:

  • Fulfilling our contract with you;
  • Managing your information;
  • Processing payment card and/or other financial information to facilitate your use of the Services;
  • Responding to questions, comments, and other requests;
  • Providing access to certain areas, functionalities, and features of the Services;
  • Answering requests for customer or technical support; and
  • Allowing you to register for events.
  • Serve administrative purposes, such as: pursuing legitimate interests, such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;
  • Measuring interest and engagement in the Services;
  • Improving our products and Services;
  • Developing new products and services;
  • Ensuring internal quality control and safety;
  • Authenticating and verifying individual identities;
  • Carrying out audits;
  • Communicating with you about your account, activities on the Services and Privacy Policy changes;
  • Preventing and prosecuting potentially prohibited or illegal activities;
  • Enforcing our agreements; and
  • Complying with our legal obligations.

Marketing Our Products and Services. We may use personal information to tailor and provide you with content and advertisements. We may provide you with these materials as permitted by applicable law. If you have any questions about our marketing practices or if you would like to opt out of the use of your personal information for marketing purposes, you may contact us at any time as set forth below.

Consent. We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent. At any time you have the right to revoke your consent with respect to our collection, use or disclosure of your personal information

De-identified and Aggregated Information Use. We may use personal information and other information about you to create de-identified and/or aggregated information, such as de-identified demographic information, de-identified location information, de-identified or aggregated trends, reports, or statistics, or other analyses we create., and we may use and disclose such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes.

Sharing Content with Friends or Colleagues. We offer various tools and functionalities for sharing Content and personal information with others. For example, we allow you to integrate Synantoo with popular business tools such as Google Drive and Slack, and to upload Content from applications into Rooms to enhance your use of the Services. You control which users you share this Content and information with, how long you use the Content and information, and when to delete it or cease using it. Synantoo only accesses and stores the Content and personal information on your behalf that you specifically import into the Services, and we do not share this data outside of the context of your use, i.e., your use in Rooms with other individuals of your choosing, except for certain special cases listed herein (e.g., law enforcement requirement). Moreover you even have the right to disconnect Synantoo from these third party services, such as Google Drive, removing our access completely. In addition, we may allow you to provide personal information about your friends through our referral services. Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services.

How We Use Automatic Collection Technologies. Our uses of the automatic collection Technologies fall into the following general categories:

  • Operationally Necessary. This includes Technologies that allow you access to our Services that are required to identify irregular behavior, prevent fraudulent activity and improve security or that allow you to make use of our functions;
  • Performance Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how our visitors use the Services;
  • Functionality Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services and keeping track of your specified preferences or past pages viewed; and
  • Advertising or Targeting Related. We may use first-party or third-party Technologies to develop and deliver content, including ads relevant to your interests, on our Services or on third-party sites. Depending on applicable law, we will seek your express consent to such ads. We do not sell your personal information.

Cross-Device Tracking. Your browsing activity may be tracked across different websites and different devices or apps. For example, we may attempt to match your browsing activity on your mobile device with your browsing activity on your laptop. To do this our technology partners may share data, such as your browsing patterns, geo-location and device identifiers, and will match the personal information of the browser and devices that appear to be used by the same person.

DISCLOSING YOUR INFORMATION TO THIRD PARTIES

We may share your personal information with the following categories of third parties:

Service Providers. We may share any personal information we collect about you with our third-party service providers. The types of service providers to whom we entrust information include service providers for: (i) the provision of the Services; (ii) the provision of information, products, and other services you have requested; (iii) marketing and advertising; (iv) payment and transaction processing; (v) customer service activities; and (vi) the provision of IT and related services. We do so in accordance with applicable law, which may require data processing agreements or addenda.

Business Partners. We may provide personal information to business partners to provide you with a product or service you have requested. We may also provide personal information to business partners with whom we jointly offer products or services.

Advertising Partners. Through our Services, we may allow third party advertising partners to set Technologies and other tracking tools to collect personal information regarding your activities and your device (e.g., your IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit third party services within their networks. This practice is commonly referred to as “interest-based advertising” or “personalized advertising.” Depending on your place of domicile and applicable law, we may request your express consent to undertake such activities. If you prefer not to share your personal information with third party advertising partners, you may follow the instructions below.

Information Shared with Other Users. When you use the Services, including when you use our teleconferencing services, certain personal information may be shared with other users. This personal information may include your account information (such as your name and your profile picture or avatar), Content you choose to present, including any audio or images of you or your surroundings that your AR/VR device sensors capture while you engage in teleconferencing. Please be aware that Synantoo has little or no control over how individuals may use the Content you share. You choose with whom you wish to share your Content in Rooms while using the Services.

APIs and Software Development Kits. We may use third party APIs and software development kits (“SDKs”) as part of the functionality of our Services. APIs and SDKs may allow third parties to collect your personal information, subject to applicable law, to provide Content that is more relevant to you. For more information about our use of APIs and SDKs, please contact us as set forth below.

Apple Specific Apis We use certain biometric and audio data provided by the microphone, front and rear facing cameras, and TrueDepth and ARKit to locate and transmit the user’s voice, camera video feed, 3D physical position and facial expression. Data, including personal data, is transmitted through our Services and trusted and verified third-party services to other participants on your current call. All data is encrypted in transit, is never stored on Synantoo servers and is not used for marketing or advertising purposes.

We also provide “Scan Functionality” which allows you to create a 3D scan of your environment. We use the Camera API and the TrueDepth camera to collect depth and color data to generate 3D scans (“Scan Data”). Synantoo does not use any Face Data, as that term is defined in Apple Developer Program License (“Face Data” means information related to human faces (e.g., face mesh data, facial map data, face modeling data, facial coordinates or facial landmark data, including data from an uploaded photo). Scan Data is not shared with third parties. Scan Data is stored locally on the device within the app’s container. Additionally, if you create an account and sign in, Scan Data is synced using encryption to Synantoo’s secure servers, where you are able to log in and download scans. We will retain this data until you delete your account with Synantoo, or specifically delete data items. You can remove data by visiting the content portal or by emailing support@synantoo.com.Subsequent dissemination or sharing of Scan Data from the app or our cloud platform is exclusively in your control.

You may choose to use the Application to record scans or images of your face (“Face Data”), but note that you are not required to do so in order to use Synantoo (or any other part of the Services).

Disclosures to Protect Us or Others. We may access, preserve, and disclose any personal information we store in association with you to external parties if we, in good faith, believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) protect your, our, or others’ rights, property, or safety; (iii) enforce our policies or contracts; (iv) collect amounts owed to us; or (v) assist with an investigation and prosecution of suspected or actual illegal activity.

Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your personal information may be transferred as part of such a transaction as permitted by law and/or contract.

INTERNATIONAL DATA TRANSFERS

You agree that all personal information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, the United States and other countries which may have data protection laws that are different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws. If you are a resident of the European Economic Area (EEA) and provide personal data to us, we will either seek your express consent to such transfer if you are an individual data subject in accordance with applicable law, or we will rely on mechanisms such as Standard Contractual Clauses.

YOUR CHOICES

General. You may have the right to opt into certain uses of your personal information, or based on type of use and/or your geographic location, to object to or opt out of certain uses of your personal information. Where you have consented to the processing of your personal information, you may withdraw that consent at any time by contacting us as described below.

Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to this Privacy Policy).

Mobile Devices. We may send you push notifications through our Apps. You may at any time opt out from receiving these types of communications by changing the settings on your mobile device. With your consent, we may also collect precise location information if you use our Apps. You may opt out of this collection by changing the settings on your mobile device.

“Do Not Track”. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Cookies and Interest-Based Advertising. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. Depending on your domicile and applicable law, we may seek your express consent to the placement of cookies. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt out of personalized advertisements on some mobile applications by following the instructions for Android and iOS. The online advertising industry also provides websites from which you may opt out of receiving targeted ads from advertisers that participate in self-regulatory programs. You can access these, and also learn more about targeted advertising and consumer choice and privacy, at http://www.networkadvertising.org/managing/opt_out.asphttp://www.youronlinechoices.eu/ and http://www.aboutads.info/choices/.

Please note you must separately opt out in each browser and on each device.

YOUR PRIVACY RIGHTS

Depending upon your location and in accordance with applicable laws, such as if you are resident in the EEA or in California,U.S.A. you may have the right to:

Access personal information about you consistent with legal requirements. In addition, you may have the right in some cases to receive or have your electronic personal information transferred to another party.

Request Correction of your personal information where it is inaccurate or incomplete.

Request Deletion of your personal information, subject to certain exceptions prescribed by law.

Request Restriction or Object to Processing of your personal information, including the right to opt in or opt out of the sale of your personal information to third parties.

Not be Discriminated Against by us for exercising your privacy rights.

If you would like to exercise any of these rights, please contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.

DATA RETENTION

We retain the personal information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

SECURITY OF YOUR INFORMATION

We take steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy. We use reasonable administrative, logical, physical and managerial measures to safeguard your personal information against loss, theft and unauthorized access, use and modification. These measures are designed to provide a level of security appropriate to the risks of processing your personal information. Unfortunately, no measures can be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us.

To the extent permitted by applicable law, by using the Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by sending a notice through the Services or by sending an e-mail to you.

THIRD PARTY WEBSITES/APPLICATIONS

The Services may contain links to other websites/applications and other websites/applications may reference or link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen or approve, and are not responsible for the privacy practices or content of, such other websites or applications. Visiting these other websites or applications is at your own risk.

CHILDREN’S INFORMATION

The Services are not directed to persons under 16 (or to children as required by applicable law), and we do not knowingly collect personal information from children. We will try to establish that you are at least 16 years old, and we require that if you are not, please do not misrepresent your age or use the Services. If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below. If we learn that we have collected any child’s personal information in violation of applicable law, we will promptly take steps to delete such information.

SUPERVISORY AUTHORITY

If you are located in the European Union or the UK, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law.

CHANGES TO OUR PRIVACY NOTICE

We may revise this Privacy Policy from time to time in our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use the Services after the new Privacy Policy takes effect.

CALIFORNIA CONSUMER PRIVACY ACT (CCPA) PRIVACY NOTICE

This CCPA Privacy Notice applies to California consumers and supplements the Privacy Notice.

We do not sell personal information. For purposes of the CCPA, we have collected the following categories of consumers’ personal information in the last 12 months:

Category of Personal Information Category of Source(s)
Identifiers. You, both directly and indirectly via the Services.
Our service providers, business partners, third party services, and advertising partners.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). You, both directly and indirectly via the Services.
Our service providers, business partners, third party services, and advertising partners.
Protected classification characteristics under California or federal law. You, both directly and indirectly via the Services.
Our service providers, business partners, third party services, and advertising partners.
Commercial information. You, both directly and indirectly via the Services.
Our service providers, business partners, third party services, and advertising partners.
Internet or other electronic network activity. You, both directly and indirectly via the Services.
Our service providers, business partners, third party services, and advertising partners.
Geolocation data. You, both directly and indirectly via the Services.
Our service providers, business partners, third party services, and advertising partners.
Professional or employment-related information. You, directly.
Education information. You, directly.
Inferences drawn from other personal information to create a profile about a consumer. You, both directly and indirectly via the Services. Our service providers, business partners, third party services, and advertising partners.

We use the collected personal information for the following commercial and business purposes: (1) to provide and improve the Services; (2) for marketing purposes; (3) for fraud prevention and legal purposes; (4) to secure the Services; and (5) for audit purposes. Personal information within each of the categories may be shared with the following categories of third parties: (1) service providers; (2) business partners; (3) advertising partners; and (4) other users. The categories of personal information are shared for the commercial and business purposes listed above.

CONTACT US

If you have any questions about our privacy practices or this Privacy Notice, please contact us at:

Synantoo S.A.S
61 avenue Simone Veil Immeuble Premium CEEI NCA
06200 Nice
France

support@synantoo.com