Last Updated: April 19, 2021
The Purpose of this Document
Who is Who
Third-Party Services. Our Services may contain links to or enable services provided by Third-Party Services. Our Services may be provided through, integrated with, access and/or utilize content, features, functionalities, and services operated by these Third-Party Services. We may share and receive information about you from these third parties in order to provide you with access to the Third-Party Services, our Services , or for support of our Services. We do not control these Third-Party Services and their policies regarding the handling of information may be different from ours. You are responsible for reviewing the privacy statements and policies of the Third-Party Service providers you choose to link to or from the Service, so that you can understand how those third parties collect, use, share and store your information.
Data Controller and Data Processor
Data Controller. ArborXR is the Controller and responsible for the personal information processed by the Services.
Data Processor. We may collect, use, and disclose certain personal information about you when we act as a service provider. If you are a Customer, you are responsible for making sure that your privacy rights and the privacy rights of your Authorized Users and End Users are respected, including ensuring appropriate disclosures about third party information collection and use. To the extent that we are acting as a data processor, we will process personal information in accordance with the terms of our agreement with you.
Other Important Information
If you disagree with the practices described in this policy, you should (a) take the necessary steps to remove cookies from your computer after leaving our Website, and (b) discontinue your use of our Services.
Information We Collect
Personal Information. We call information that identifies, or that could reasonably be used to identify, you as an individual "Personal Information" or "Personal Data". Personal Information does not include information that has been aggregated or made anonymous such that it can no longer be reasonably associated with a specific person. The information that we collect automatically, including statistical data, may not include Personal Information, but we may maintain it or associate it with Personal Information that we have collected or received from third parties.
The Personal Information that we may collect includes:
- Identity Data including personal contact details such as name and title.
- Contact Data including postal addresses and/or physical locations, telephone numbers, Skype numbers, and email addresses.
- Technical Data including usernames, passwords and login credentials, IP addresses, URLs, geographic location, and language preferences.
- Payment Data such as your billing address, credit or debit card numbers, bank account information, or payment processor account information, or tax identification numbers.
- Transaction Data including your billing and payment history, products and services you use, purchase and or access, and other information related to your User Account.
- Marketing and Communication Data including information you provide when signing up for our mailing list or newsletters and your requests to receive information, marketing materials, promotions, feedback, blog or comment posts, or other communications regarding ArborXR and/or the Services.
- Third Party Information including information about you from third party service providers such as vendors, resellers, partners, or social media platforms, including information provided to us when you use your third party account credentials to sign up for or login to our Services, or when you post content from the Services to a social network, or use various social media features.
- Employment Data , including your date of birth, photo, resume, education credentials, passport information, job history, referrals and Identity and Contact Data as described above if you are, for example, an ArborXR employee or job candidate.
Non-Personal Information. We also collect information that is not Personal Information, and we call it Non-personal Information.
Non-personal Information includes:
- Usage Information including but not limited to information regarding specific use of our Platform such as the dates, times, duration, status of the launcher.
- Content Usage Information including but not limited to information regarding the use of specific content, including Your Content, such as the dates, times, duration, revenue by title, and the devices or computers used to access the content.
- User Support Data including information regarding technical and administrative assistance.
- Content Data including information regarding virtual reality content accessed via the Platform, including Your Content, and its description, pricing, and associated marketing materials.
- Device and Software Data including information that cannot identify you individually and is related to your devices, computer hardware and software that may be automatically collected by us such as your internet protocol (IP) address, device type, operating system, browser type, domain name, access time, working directories, certain software installed or stored by you within the Services or on devices, computers, operating systems, and any referring website addresses.
- Cookie Data including information that cannot identify you individually and is technological data such as time spent on the Services, pages visited, and other anonymous traffic data.
- Business Data such as your business name and entity structure, jurisdiction, tax classifications, content or product offerings and materials, hours of operation, location, licensing agreements, license term, and the content titles you license.
How We Collect Information
Directly from You. The information we collect may come directly from you when you provide it to us:
- By filling in forms or creating User Accounts.
- By communicating with us through email, text, phone calls, business cards, chat features and other communications.
As You Use Our Services. As you use or interact with our Services, we may collect certain information that may contain Personal Information or Non-Personal Information that we may tie to Personal Information collected from other sources.
- Through User Account holders.
- Through third-party service providers or publicly available sources. We may receive Personal Information and Non-Personal Information from third parties such as Third-Party Services (e.g., Chargebee, HelpScout, Facebook, Twitter, etc.) or publicly available sources.
We may also use a web beacon to collect information. A web beacon is a small electronic file that may be contained on pages of our website and our emails that allow us, for example, to count users who have visited those pages or opened an email and to gather other related website statistics.
If You Fail to Provide Personal Information. Where we need to collect Personal Information under the terms of a contract we have with you or by law, and you fail to provide that information when requested, we may not be able to perform the contract we are trying to enter into with you. In that event, we may have to cancel a product or service you have with us, but we will notify you if this is the case at that time. It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship with us.
How We Use Information
- Where we need to perform the contract we have entered into with you;
- Where we need to comply with a legal obligation;
- Where we have your consent;
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do no override those interests; and/or
- And in rare cases, where we need to protect your interests or it is needed in the public interest.
Some of the legal basis or grounds for processing information will overlap and there may be several grounds to justify the processing of your Personal Information. The situations in which we will use your Personal Information and the lawful basis for processing that information are listed in the table below:
|Use or Purpose||Type of Personal Information/Data Processed||Lawful Basis for Processing|
|To provide and maintain our Services||Identity, Contact, Technical, Payment, Transaction, Third-Party Services, Employment, Marketing and Communication||
|Monitor and analyze use and functionality of our Services||Technical, Transaction, Marketing and Communications||
|Gain a better understanding of your usage patterns for our Services||Identity, Technical, Transaction, Cookie, Marketing and Communications||
|Improve your user experience with our Services||Identity, Contact, Technical, Payment, Transaction, Marketing and Communication||
|Provide customer, technical and administrative support||Identity, Contact, Technical, Payment, Transaction, Employment, Marketing and Communication||
|Process e-commerce transactions||Identity, Contact, Payment, Transaction, Technical, Employment||
|Communicate information about us and our Services||Identity, Contact, Technical, Marketing and Communication||
|To notify you about changes to our Services and to make recommendations to you about products or services that may be of interest to you based on your interaction with the Services and/or our other products and services||Identity, Contact, Technical, Transaction, Marketing and Communication||
|Streamline your onboarding process and the use of our Services||Identity, Contact, Technical, Payment, Third-Party Services, Marketing and Communication||
|For the administration of files, records, and reporting, including accounting||Identity, Contact, Technical, Payment, Transaction, Employment||
|To engage, hire and onboard consultant, contractors and employees||Identity, Contact, Technical, Payment, Employment||
|To prevent fraud or comply with applicable laws, regulations, and enforcement agency requests||Identity, Contact, Payment, Transaction, Technical||
|To fulfill any purpose described with your consent||Identity, Contact, Payment, Transaction, Technical, Marketing and Communication||
Marketing and Promotional Offers From Us. We may use your Personal Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have requested information from us or registered a User Account with us or if you provided us with details when you signed up for our mailing list, and in each case, you have not opted out of receiving that marketing.
Opting Out. You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time. Please note that we may still send you important administrative messages, notices or alerts that are required to provide you with our Services. ArborXR does not control the marketing communications or lists maintained by third parties not at the request of ArborXR. To opt-out of marketing communications sent by third parties not at the request of ArborXR you must use the third-party opt-out link contained within such marketing communication.
Disclosure of Information
- Our subsidiaries and affiliates;
- Our Third-Party Service providers, contractors, consultants, vendors, suppliers, employees, and third parties we use to support our business;
- Third-Party Services that you have elected to use in connection with your use of the Services;
- Our business partners and/or Third-Party Services that we have reciprocal arrangements with in connection with our provision of the Services or content and delivery of additional features and functions within the Services or content;
- Our Customers and their Authorized Users to fulfill our contractual reporting obligations;
- A buyer of our company or a division of our company or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets;
- Lawful authorities in order to comply with the law or a legal process or cooperate with investigations;
- Appropriate authorities if we believe disclosure is necessary to protect the rights, property, or safety of you, ArborXR or others;
- We do not give away, sell, rent or lease Personal Information to any merchant, advertiser, or web publisher. We may disclose aggregated information about you and the use of our Services, and information that does not identify any individual without restriction. We may disclose information relating to the use, performance, sales, downloads, uploads, installations of our Services and content accessible through our Services without restriction, as long as such information does not include your Personal Information.
We have implemented reasonable organizational, technical, and administrative measures designed to protect your Personal Information within our organization. We limit access to your Personal Information to those employees, contractors, consultants, or third parties who have a business need to know such information. They are contractually bound to only process your Personal Information on our instructions and they are subject to a duty of confidentiality. Unfortunately, even with these measures, no data transmission or storage system can be guaranteed to be totally secure. By using our Services, you acknowledge and agree that we make no such guarantee, and that you use our Services at your own risk. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at [email protected].
We will retain Personal Information for the period necessary to fulfill the purpose we collect it for unless a longer retention period is required or permitted by law. To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and whether we can achieve those purposes through other means, and the applicable legal requirements. By law for tax and business purposes, we may have to keep basic data about you for 7 years (or the applicable retention period permitted by law) even after they cease being such individuals.
Rights of Access, Correction, Erasure and Restriction
In regard to your Personal Information, under certain circumstances, by law you have the right to:
- Request access to your Personal Information (commonly known as "data subject access request"). This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it.
- Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your Personal Information. This enables you to ask us to delete or remove Personal Information where there is no good reason for use continuing to process it. You also have the right to ask us to delete or remove your Personal Information where you have exercised your right to object to processing (see below).
- Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of Personal Information about you, for example, if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your Personal Information to another party.
- Withdraw consents that you have previously provided to us to process your Personal Information.
If you want to review, verify, correct or request erasure of your Personal Information, object to the processing of your Personal Information, or request that we transfer a copy of your Personal Information to another party, please contact us by email at [email protected].
We may need to verify your identity before acting upon your request and we may have to retain certain information for legitimate business or legal purposes. In addition, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems. Generally, we will respond to your request within 30 days from the date you contact us or sooner if otherwise required by applicable law.
Right to Withdraw Consent
In limited circumstances where you may have provided your consent to the collection, processing and transfer of your Personal Information for a specific purpose, you have the right to withdraw your consent for processing at any time. To withdraw your consent, please contact us at [email protected]**. **** Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.**
Children Under the Age of 16.
Our Services are not intended for children under 16 years of age and we do not knowingly collect Personal Information from children under 16. No one under age 16 may provide any Personal Information to the Services. You shall not disclose to us any personally identifiable information from anyone under the age of 16 unless you have express parental permission to do so. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at [email protected].
Jurisdiction and Cross-Border Transfers.
European Union Data Protection. If you are located in the European Union ("EU") or the EEA, transfer of personal customer data outside of the EU or EEA is regulated by certain EU data protection laws. When required in order to effectuate the transfer of personal data, ArborXR has entered into a Data Processing Addendum ("DPA") with its Customers that includes EU Model Clauses which are standardized contractual clauses used to ensure that personal data leaving the EEA will be transferred in compliance with these laws.
Notice to California Residents/Your California Privacy Rights. If you are a resident of the State of California, we provide you with information on how to exercise your disclosure choice options such as your right to opt-out (which we may sometimes refer to as "unsubscribe") or opt-in for use of your information by third parties for marketing purposes. Therefore, pursuant to the California Civil Code, we are not required to maintain or disclose a list of the third parties that received your information for marketing purposes during the preceding year. If you are a California resident and you wish to request information about how to exercise your third party disclosure choices, please submit your request at [email protected] or by postal mail to 3750 West Main Street, Suite AA, Norman, Oklahoma 73072, Attn: Your California Privacy Rights. All requests must be labeled "Your California Privacy Rights’’ on the email subject line or envelope or postcard. For all requests, please clearly state that the request is related to "Your California Privacy Rights’’, include your name, street address, city, state, zip code and email address (your street address is optional if you wish to receive a response to your request via email) and indicate your preference on how our response to your request should be sent (email or postal mail). We will not accept requests via the telephone or by fax. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.
Data Supervisory Authority
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concern before you approach the ICO so please contact us in the first instance.
ABXR Labs, Inc.
3750 West Main Street, Suite AA
Norman, Oklahoma 73072