Legal

Privacy statement

Last updated:

Jul 16, 2024

Avatarz Privacy Statement

This Privacy Statement explains how Personal Information about our (potential) customers and other individuals using our services is collected, used and disclosed by Avatarz Technologies SA and its affiliates (“Avatarz”, “we”, “us” or “our”). It describes our privacy practices in relation to the use of our websites (including any customer portal or interactive website), our software and SaaS solutions (including Storiz™, Avatarz Studio™, Enterprise SDK and FanzClub™), tools, and related applications, programs, research and marketing activities (collectively, the “Services”), as well as your choices regarding use, access, storage and correction of Personal Information. It also describes how we collect, use, disclose and otherwise process Personal Information in relation to the Services and in the course of our business activities.

By signing up to our Services and by agreeing to our Terms of Service, you agree to the collection, use, storage and disclosure of information described in this Privacy Statement.

Our Services may contain links to other websites or services; information practices and/or the content of such other websites or services are governed by the privacy statements of those websites or services.

We may change this Privacy Statement from time to time. If we make changes, we will notify you by revising the date at the top of the statement and, where appropriate, by providing additional notice (e.g., a notice on our homepage or an in-product notification). We encourage you to review this Privacy Statement whenever you use our Services to stay informed about our information practices and the ways you can help protect your privacy.

Personal Information Collection

We only use your Personal Information to provide you with the Services or to communicate with you about the Services.

With respect to any documents, media, avatars, stories or other content you choose to upload or generate via the Services, we take the privacy and confidentiality of such content seriously and employ industry-standard safeguards to protect against unauthorized access to data we store, including Personal Information.

We do not share Personal Information you have provided to us without your consent, unless:

  • doing so is appropriate to carry out your own request;

  • we believe it is needed to enforce our Terms of Service or is legally required;

  • we believe it is needed to detect, prevent, or address fraud, security or technical issues; or

  • it is necessary to protect our property and legal rights, or those of others.

As part of our normal business operations, your use of the Services, our administration of you as a customer and to comply with applicable laws and regulations, we collect your Personal Information. We will not process Personal Information for purposes other than those described in this Privacy Statement.

Personal Information You Provide to Us

While using our Services, we may ask you to provide certain personally identifiable information that can be used to contact or identify you. For example, we collect information when you create an account, request customer support or otherwise communicate with us. The types of information we may collect include basic user information (such as your name, email address, social media avatar, telephone number and photograph), company information and any other information you choose to provide.

Payments. We do not collect or store your full payment card details. Payments for paid Services are handled by third-party payment processors. Such processors will process your payment information in accordance with their own privacy statements and applicable law.

Personal Information We Collect Automatically When You Use the Services

When you access or use the Services we automatically collect information about you, including:

Log Information. We collect information about your use of the Services, including browser type and version, device information, access times, pages viewed, IP address, referring/exit pages, launches, usage metrics and diagnostics.

Cookies and Similar Technologies. We use cookies and similar technologies to operate and improve the Services, understand which areas and features are popular and count visits. You can instruct your browser to refuse cookies or to indicate when a cookie is being sent; some features may not function properly without cookies.

Web Beacons/Tracking Pixels (with consent where required). We may use web beacons in our Services or notifications to help deliver cookies, count visits, understand usage and campaign effectiveness and determine whether a notification has been opened and acted upon.

Analytics and Service Tools. We may use analytics and support tools operated by third parties to help us understand usage and improve the Services.

Social Sharing Features. Our Services may offer social sharing features that let you share Experiences (e.g., stories, prototypes or avatar media) from the Services with other media, and vice versa. Your use of such features enables the sharing of information with your contacts or the public, depending on your settings with the social provider. We may, in accordance with this Privacy Statement, collect and use Personal Information from other media if you use social sharing features. Please review the privacy statements of the companies that provide these features.

Third-Party Sources. We may also obtain Personal Information about you from third parties (e.g., professional networks or other publicly accessible sources) as permitted by law.

Support and Service. When you contact us for support or other customer service requests, we may maintain records related to such requests, including any information you provide.

Our Access to Your Content. Where permitted by law, we will only access, view, or listen to your Content (as defined in our Terms of Service) in limited ways, for example to: (A) respond to feedback or support requests; (B) detect, prevent, or address fraud, security, legal, or technical issues; and (C) enforce the Terms. Our automated systems may analyze Content using techniques such as machine learning in order to improve our Services and the user experience (e.g., to enhance avatar quality, reduce abuse, or improve performance), in accordance with applicable law and your settings.

Marketing Communications. If you subscribe to our newsletter or otherwise consent to receive marketing, we may use your Personal Information to contact you with marketing or promotional materials related to Avatarz. You may opt out at any time using the unsubscribe link in our emails or by contacting us. We will process such requests promptly.

Personal Information We Use (Legal Bases)

For individuals in the European Economic Area, United Kingdom and Switzerland, our processing of your Personal Information is justified on the following legal bases:

  • the processing is necessary to perform an agreement with you or take steps at your request prior to entering into an agreement;

  • the processing is necessary for us to comply with relevant legal obligations;

  • the processing is in our legitimate interests (e.g., securing and improving the Services, communicating with you, preventing fraud) and those interests are not overridden by your data protection rights; and/or

  • you have given consent (e.g., for certain marketing, cookies or analytics where required).

We collect and use Personal Information to:

  • perform our agreement with you and others and provide the Services;

  • process, evaluate, and complete transactions involving the Services;

  • operate, evaluate, maintain, improve, customize and develop the Services (including monitoring and analyzing trends, usage and security);

  • provide documentation, communications or other services you request;

  • correspond with you to resolve queries or complaints;

  • protect and enforce our intellectual property and contractual rights;

  • manage, protect against and investigate fraud, risk exposure, claims, and other liabilities; and

  • comply with legal obligations worldwide.

Personal Information We Disclose

We operate globally and may share Personal Information with our affiliated companies as part of our business operations, Service administration and compliance with law. We also engage third-party service providers (acting under our instructions) to provide information, products or services to you, to help conduct and manage our business, or to manage and improve the Services. We may share Personal Information with these affiliates and third parties to perform services on our behalf, subject to appropriate contractual restrictions and security measures. We may also disclose Personal Information if reasonably necessary to prevent harm or loss, to investigate suspected or actual illegal activities, or as otherwise required by law.

We reserve the right to share information that is not Personal Information or is not otherwise subject to contractual restrictions.

International Transfers. Where Personal Information is transferred outside the European Economic Area, United Kingdom or Switzerland to our affiliates or to service providers, we will ensure appropriate safeguards, such as the European Commission’s Standard Contractual Clauses (and UK equivalents), are in place. We contractually require agents, service providers and affiliates who may process Personal Information related to the Services to provide at least the same level of protection required under applicable data protection laws (e.g., GDPR).

Processor/Subprocessor Commitments. Where Avatarz acts as a data processor or subprocessor on behalf of a Customer, we will:

  • process Personal Information only on documented instructions from the Customer;

  • promptly inform the Customer if we cannot comply with their instructions due to applicable law;

  • implement appropriate technical and organizational measures to protect Personal Information;

  • notify the Customer without undue delay of any legally binding request for disclosure by law enforcement, or any accidental or unauthorized access to Personal Information, as well as data subject requests we receive that relate to the Customer’s data;

  • support audits and provide necessary information to demonstrate compliance;

  • obtain consent from the Customer for use of any sub-processors and bind such sub-processors to equivalent obligations; and

  • provide copies or summaries of applicable processing terms to individuals unable to obtain them from their organization, where required by law.

Corporate Events. We may share Personal Information with third parties in connection with a potential or actual sale, merger, acquisition, financing, reorganization or similar event involving our company. Personal Information may be among the transferred assets.

Legal Requests. We may process or disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, or as otherwise required by applicable law.

Security

We aim to safeguard and protect your Personal Information from unauthorized access, improper use or disclosure, unauthorized modification, unlawful destruction or accidental loss. We utilize and maintain reasonable administrative, technical and physical safeguards. Our personnel may access or process Personal Information only as reasonably required for work-related tasks, to fulfill your requests or to meet legal obligations.

Please remember that no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee absolute security, and we are not responsible for unauthorized or unintended access beyond our control.

International Transfers (reiterated). Where Personal Information is transferred internationally, we apply appropriate safeguards as described above.

Personal Information Breach. In the case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information processed by us, we shall, without undue delay and, where feasible, not later than 72 hours after becoming aware of it, notify the competent supervisory authority unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the breach is likely to result in a high risk, we shall communicate the breach without undue delay, unless remediation measures (such as effective encryption) render the data unintelligible or subsequent measures ensure the high risk is no longer likely to materialize.

Data Subject Rights (EEA/UK/CH and where applicable)

Subject to applicable law, you may have the right to request access to, rectification or erasure of your Personal Information; to restrict or object to its processing; to data portability; and to withdraw consent at any time (without affecting the lawfulness of processing before withdrawal). You also have the right to lodge a complaint with a supervisory authority.

You may exercise your rights by contacting us using the details below. We will respond in accordance with applicable law.

Data Retention

We retain Personal Information for as long as necessary to provide the Services, comply with our legal obligations, resolve disputes and enforce our agreements, and for legitimate business purposes. Retention periods may vary depending on the type of data and our contractual or legal obligations.

Children’s Privacy

Our Services are not directed to children under the age where parental consent is required under applicable law, and we do not knowingly collect Personal Information from such children. If you believe a child has provided us Personal Information, please contact us and we will take appropriate action.

Controller, Contact and Questions

Unless otherwise stated in a specific Service or contract, Avatarz Technologies SA is the controller of your Personal Information processed in connection with the Services.

If you have questions about this Privacy Statement or our practices, or if you wish to exercise your rights, please contact us at:
Email: hello@avatarz.com
Postal: Avatarz Technologies SA, [Full Address], Lausanne, Switzerland

Legal

Privacy statement

Last updated:

Jul 16, 2024

Avatarz Privacy Statement

This Privacy Statement explains how Personal Information about our (potential) customers and other individuals using our services is collected, used and disclosed by Avatarz Technologies SA and its affiliates (“Avatarz”, “we”, “us” or “our”). It describes our privacy practices in relation to the use of our websites (including any customer portal or interactive website), our software and SaaS solutions (including Storiz™, Avatarz Studio™, Enterprise SDK and FanzClub™), tools, and related applications, programs, research and marketing activities (collectively, the “Services”), as well as your choices regarding use, access, storage and correction of Personal Information. It also describes how we collect, use, disclose and otherwise process Personal Information in relation to the Services and in the course of our business activities.

By signing up to our Services and by agreeing to our Terms of Service, you agree to the collection, use, storage and disclosure of information described in this Privacy Statement.

Our Services may contain links to other websites or services; information practices and/or the content of such other websites or services are governed by the privacy statements of those websites or services.

We may change this Privacy Statement from time to time. If we make changes, we will notify you by revising the date at the top of the statement and, where appropriate, by providing additional notice (e.g., a notice on our homepage or an in-product notification). We encourage you to review this Privacy Statement whenever you use our Services to stay informed about our information practices and the ways you can help protect your privacy.

Personal Information Collection

We only use your Personal Information to provide you with the Services or to communicate with you about the Services.

With respect to any documents, media, avatars, stories or other content you choose to upload or generate via the Services, we take the privacy and confidentiality of such content seriously and employ industry-standard safeguards to protect against unauthorized access to data we store, including Personal Information.

We do not share Personal Information you have provided to us without your consent, unless:

  • doing so is appropriate to carry out your own request;

  • we believe it is needed to enforce our Terms of Service or is legally required;

  • we believe it is needed to detect, prevent, or address fraud, security or technical issues; or

  • it is necessary to protect our property and legal rights, or those of others.

As part of our normal business operations, your use of the Services, our administration of you as a customer and to comply with applicable laws and regulations, we collect your Personal Information. We will not process Personal Information for purposes other than those described in this Privacy Statement.

Personal Information You Provide to Us

While using our Services, we may ask you to provide certain personally identifiable information that can be used to contact or identify you. For example, we collect information when you create an account, request customer support or otherwise communicate with us. The types of information we may collect include basic user information (such as your name, email address, social media avatar, telephone number and photograph), company information and any other information you choose to provide.

Payments. We do not collect or store your full payment card details. Payments for paid Services are handled by third-party payment processors. Such processors will process your payment information in accordance with their own privacy statements and applicable law.

Personal Information We Collect Automatically When You Use the Services

When you access or use the Services we automatically collect information about you, including:

Log Information. We collect information about your use of the Services, including browser type and version, device information, access times, pages viewed, IP address, referring/exit pages, launches, usage metrics and diagnostics.

Cookies and Similar Technologies. We use cookies and similar technologies to operate and improve the Services, understand which areas and features are popular and count visits. You can instruct your browser to refuse cookies or to indicate when a cookie is being sent; some features may not function properly without cookies.

Web Beacons/Tracking Pixels (with consent where required). We may use web beacons in our Services or notifications to help deliver cookies, count visits, understand usage and campaign effectiveness and determine whether a notification has been opened and acted upon.

Analytics and Service Tools. We may use analytics and support tools operated by third parties to help us understand usage and improve the Services.

Social Sharing Features. Our Services may offer social sharing features that let you share Experiences (e.g., stories, prototypes or avatar media) from the Services with other media, and vice versa. Your use of such features enables the sharing of information with your contacts or the public, depending on your settings with the social provider. We may, in accordance with this Privacy Statement, collect and use Personal Information from other media if you use social sharing features. Please review the privacy statements of the companies that provide these features.

Third-Party Sources. We may also obtain Personal Information about you from third parties (e.g., professional networks or other publicly accessible sources) as permitted by law.

Support and Service. When you contact us for support or other customer service requests, we may maintain records related to such requests, including any information you provide.

Our Access to Your Content. Where permitted by law, we will only access, view, or listen to your Content (as defined in our Terms of Service) in limited ways, for example to: (A) respond to feedback or support requests; (B) detect, prevent, or address fraud, security, legal, or technical issues; and (C) enforce the Terms. Our automated systems may analyze Content using techniques such as machine learning in order to improve our Services and the user experience (e.g., to enhance avatar quality, reduce abuse, or improve performance), in accordance with applicable law and your settings.

Marketing Communications. If you subscribe to our newsletter or otherwise consent to receive marketing, we may use your Personal Information to contact you with marketing or promotional materials related to Avatarz. You may opt out at any time using the unsubscribe link in our emails or by contacting us. We will process such requests promptly.

Personal Information We Use (Legal Bases)

For individuals in the European Economic Area, United Kingdom and Switzerland, our processing of your Personal Information is justified on the following legal bases:

  • the processing is necessary to perform an agreement with you or take steps at your request prior to entering into an agreement;

  • the processing is necessary for us to comply with relevant legal obligations;

  • the processing is in our legitimate interests (e.g., securing and improving the Services, communicating with you, preventing fraud) and those interests are not overridden by your data protection rights; and/or

  • you have given consent (e.g., for certain marketing, cookies or analytics where required).

We collect and use Personal Information to:

  • perform our agreement with you and others and provide the Services;

  • process, evaluate, and complete transactions involving the Services;

  • operate, evaluate, maintain, improve, customize and develop the Services (including monitoring and analyzing trends, usage and security);

  • provide documentation, communications or other services you request;

  • correspond with you to resolve queries or complaints;

  • protect and enforce our intellectual property and contractual rights;

  • manage, protect against and investigate fraud, risk exposure, claims, and other liabilities; and

  • comply with legal obligations worldwide.

Personal Information We Disclose

We operate globally and may share Personal Information with our affiliated companies as part of our business operations, Service administration and compliance with law. We also engage third-party service providers (acting under our instructions) to provide information, products or services to you, to help conduct and manage our business, or to manage and improve the Services. We may share Personal Information with these affiliates and third parties to perform services on our behalf, subject to appropriate contractual restrictions and security measures. We may also disclose Personal Information if reasonably necessary to prevent harm or loss, to investigate suspected or actual illegal activities, or as otherwise required by law.

We reserve the right to share information that is not Personal Information or is not otherwise subject to contractual restrictions.

International Transfers. Where Personal Information is transferred outside the European Economic Area, United Kingdom or Switzerland to our affiliates or to service providers, we will ensure appropriate safeguards, such as the European Commission’s Standard Contractual Clauses (and UK equivalents), are in place. We contractually require agents, service providers and affiliates who may process Personal Information related to the Services to provide at least the same level of protection required under applicable data protection laws (e.g., GDPR).

Processor/Subprocessor Commitments. Where Avatarz acts as a data processor or subprocessor on behalf of a Customer, we will:

  • process Personal Information only on documented instructions from the Customer;

  • promptly inform the Customer if we cannot comply with their instructions due to applicable law;

  • implement appropriate technical and organizational measures to protect Personal Information;

  • notify the Customer without undue delay of any legally binding request for disclosure by law enforcement, or any accidental or unauthorized access to Personal Information, as well as data subject requests we receive that relate to the Customer’s data;

  • support audits and provide necessary information to demonstrate compliance;

  • obtain consent from the Customer for use of any sub-processors and bind such sub-processors to equivalent obligations; and

  • provide copies or summaries of applicable processing terms to individuals unable to obtain them from their organization, where required by law.

Corporate Events. We may share Personal Information with third parties in connection with a potential or actual sale, merger, acquisition, financing, reorganization or similar event involving our company. Personal Information may be among the transferred assets.

Legal Requests. We may process or disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, or as otherwise required by applicable law.

Security

We aim to safeguard and protect your Personal Information from unauthorized access, improper use or disclosure, unauthorized modification, unlawful destruction or accidental loss. We utilize and maintain reasonable administrative, technical and physical safeguards. Our personnel may access or process Personal Information only as reasonably required for work-related tasks, to fulfill your requests or to meet legal obligations.

Please remember that no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee absolute security, and we are not responsible for unauthorized or unintended access beyond our control.

International Transfers (reiterated). Where Personal Information is transferred internationally, we apply appropriate safeguards as described above.

Personal Information Breach. In the case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information processed by us, we shall, without undue delay and, where feasible, not later than 72 hours after becoming aware of it, notify the competent supervisory authority unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the breach is likely to result in a high risk, we shall communicate the breach without undue delay, unless remediation measures (such as effective encryption) render the data unintelligible or subsequent measures ensure the high risk is no longer likely to materialize.

Data Subject Rights (EEA/UK/CH and where applicable)

Subject to applicable law, you may have the right to request access to, rectification or erasure of your Personal Information; to restrict or object to its processing; to data portability; and to withdraw consent at any time (without affecting the lawfulness of processing before withdrawal). You also have the right to lodge a complaint with a supervisory authority.

You may exercise your rights by contacting us using the details below. We will respond in accordance with applicable law.

Data Retention

We retain Personal Information for as long as necessary to provide the Services, comply with our legal obligations, resolve disputes and enforce our agreements, and for legitimate business purposes. Retention periods may vary depending on the type of data and our contractual or legal obligations.

Children’s Privacy

Our Services are not directed to children under the age where parental consent is required under applicable law, and we do not knowingly collect Personal Information from such children. If you believe a child has provided us Personal Information, please contact us and we will take appropriate action.

Controller, Contact and Questions

Unless otherwise stated in a specific Service or contract, Avatarz Technologies SA is the controller of your Personal Information processed in connection with the Services.

If you have questions about this Privacy Statement or our practices, or if you wish to exercise your rights, please contact us at:
Email: hello@avatarz.com
Postal: Avatarz Technologies SA, [Full Address], Lausanne, Switzerland