Effective date: 15 October 2023

This Privacy Policy (the “Privacy Policy”) is intended to inform you (the “User” or “you”) about our practices regarding the collection and use of your personal data that you may submit to us through our websites "https://www.augg.io, https://cms.augg.io"(the “Website”) and/or the applications: "Trafo – AR Kunsthalle Praha, DOX by augg.io, augg.io LiDAR  Scanning App"(collectively the “Platforms”) and when using our services as advertised on the Platforms (the “Services”). An integral part of this Privacy Policy is our Cookies Policy. Please read the Privacy Policy carefully!

(A) This Privacy Policy may be updated from time to time to reflect changes in legislation, so please review it now and then. You can always find the most recent version at our Website. If we make substantial changes, we will try to provide at least a 30-day notice prior to any changes taking effect. What constitutes a substantial change will be determined at our sole discretion. By continuing to access or use our Platforms or Services after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Platforms.

(B) We process your data with due care, in accordance with all applicable laws and regulations, including the regulation (EU) 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation (the “GDPR”).

(C) This Privacy Policy only covers data processing carried out by us. This Privacy Policy does not address, and we are not responsible for, the privacy practices of any other parties.

1. Who processes your personal data? 

1.1 Your personal data is being processed by our company augg.io s.r.o., with its registered seat at Světova 523/1, 180 00 Prague 8, Czechia, ID No. (IČO): 173 94 155, registered in the Commercial Register maintained by the Municipal Court in Prague, File No.: C 371077 (the “Controller“, “we”, “us” or “our”). 

1.2 To learn more about our personal data management or to exercise your rights outlined in this Privacy Policy, please contact us at hello@augg.io. When exercising your rights, please note that we will need to verify your identity (confirm ownership of the respective e-mail).

2. What personal data is processed?

We may collect and further process the following types of personal data, provided directly by you or obtained from third parties, specified in Art. 4.2 hereof, or automatically as you use the Platforms:

• Contacts and identifiers

  • contacts (e.g. name, e-mail) and identifiers (e.g. user ID, device ID)

• Usage data

  • usage data (e.g. app interaction) and user content (including user support)

• Technical data

  • diagnostics (e.g. crash logs, performance data) and approximate location

• Anonymised and aggregated analytics and statistics

  • We may anonymise and aggregate analytics and statistics generated from the Platforms usage to get the insights that may be used for research and development purposes

    
    

3. What are the purposes and legal bases for processing your personal data?

3.1 We process your personal data to:

3.1.1 Perform the contract between you and us on the Services (Art. 6 (1) (b) of the GDPR)

This purpose includes mainly providing access to the Services, informing you about any updates and new features of our Services and responding to your queries.

3.1.2 comply with our legal obligations (Art. 6 (1) (c) of the GDPR)

This purpose includes mainly tax compliance and responding to any law enforcement requests.

3.1.3 keep our Platforms safe (Art. 6 (1) (f) of the GDPR)

This purpose includes mainly monitoring the Platforms traffic to prevent their misuse.

3.1.4 improve our Platforms and the Services (Art. 6 (1) (f) of the GDPR)

This purpose includes mainly analyzing technical and usage data and subsequent gathering of insights.

3.1.5 market our Services (Art. 6 (1) (a) / (f) of GDPR)
We may market to you our current or future Services if you subscribe to our newsletter at our Website or as part of our contractual relationship.

4. Who we share your personal data with?

4.1 We do not share your personal data with any recipients outside the Controller unless one of the following circumstances applies:

4.1.1 it is necessary to provide our Services to you

To the extent that our external service providers (sub-processors) need access to your personal data to help us perform our Services for you, we have taken the appropriate contractual and organisational measures to ensure that your personal data is processed in accordance with all applicable laws and regulations. 

Below is a list of our sub-processors:

• Unity Software Inc. (analytical services provider);

• Google LLC (provider of ARCore, an augmented reality integrator);

• Fauna Inc. (database services provider);

• MongoDB Inc. (database services provider);  

• essential infrastructure providers (office suite, communication tools, hosting).

The list of these sub-processors may change from time to time as we change or remove some of the providers listed above and/or put in place other providers to assist us in providing the Services.

4.1.2 it is necessary for public or other legitimate interest

We may share your personal data with recipients outside the Controller if we have a good-faith belief that access to and use of your personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of the Controller, our Users or the public as far as in accordance with the law. When possible, we will inform you about such processing.

4.1.3 it is needed to improve our Services

In order to improve our Platforms and Services we may use third-party providers such as those listed below to help us collect and analyze your data.

• Google LLC (provider of Google Analytics);

The list of these sub-processors may change from time to time as we change or remove some of the providers listed above and/or put in place other providers to assist us in providing the Services.

4.2 In connection with your use of the Platforms, we may receive your data from the following entities:

• Apple Inc. (App Store operator);

• Google LLC (Google Play operator);

  
  

5. Do we transfer your data to countries outside the EEA?

5.1 Our primary place of business is Czechia. The Controller may transfer your personal data to countries outside the European Economic Area (EEA) where we engage with external service providers. In such a case, we transfer your personal data only if there are appropriate safeguards in place. Regardless of the country in which your personal data is processed, the Controller takes reasonable technical, legal and organisational measures to ensure that the level of protection is the same as in the European Union. If you wish to know more about international transfers of your personal data, please feel free to contact us.

6. What is the storage period?

6.1 The Controller stores your personal data only if it is legally permitted and necessary for the purposes for which the data were collected, however, no longer than 5 years after you use our Platform for the last time.

7. What are your rights?

7.1 Right of access - You may request from us a confirmation whether or not your personal data is being processed and if so, you may request access to your data.

7.2 Right to rectification - You may request that we rectify any inaccurate personal data about you that we process.

7.3 Right to erasure - You may ask us to erase your personal data from our systems. We will comply with such requests unless we have a legitimate ground to not delete your personal data. 

7.4 Right to restriction of processing - You may request us to restrict certain processing of your personal data. If you restrict certain processing of your personal data, this may lead to fewer possibilities to use our Services and/or Platforms.

7.5 Right to object - You may object to the processing carried out on a legal basis other than consent.

7.6 Right to withdraw consent - If our processing is based on your consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on the consent given before its withdrawal.

7.7 Right to data portability - You have the right to receive your personal data from us in a structured, commonly used and machine-readable format in order to transmit the personal data to another controller.

8. May you complain?

8.1 In case you consider our processing activities of your personal data to be inconsistent with the applicable data protection laws, you may lodge a complaint with the local supervisory authority for data protection, the Office for Personal Data Protection seated in Czechia, which can be contacted at: posta@uoou.cz

9. Is your data secure?

9.1 Taking into account the state of the art, scope, context and purposes of processing of your personal data as well as the risk of varying likelihood and severity for your rights and freedoms, we take reasonable steps to protect your personal data against unauthorized access or disclosure. We review our business practices periodically for data protection compliance. 

10. Children’s privacy

10.1. The Platforms are not directed at children under the age of 13. We do not knowingly collect or solicit any data from anyone under the age of 13. If You believe that We might have any personal data from or about a child under 13, please contact us.

11. Notice for California residents

11.1 We do not respond to Do Not Track signals. We do not track the Users over time and across third party websites or online services and We are not aware of any third party that would do so.