Upgrade VR Privacy Policy
This Privacy Policy (hereinafter referred to as the Policy) defines the general principles and procedures for processing of the Personal Data of the Mobile Application and Platform Users and measures to ensure their security.
From time to time, Operator may develop new or offer additional services. If the introduction of these new or additional services results in any material change to the way the Operator collects or processes your Personal Data the Operator will provide you with more information on additional terms or policies. Unless stated otherwise, when we introduce these new or additional services, they will be subject to this Policy.
The aim of this Policy is to:
- Ensure that you understand what Personal Data we collect about you, the reasons why we collect and use it, and who we share it with;
- Explain the way we use the Personal Data that you share with us in order to give you a great experience when you are using the Mobile Application and Platform; and
- Explain your rights and choices in relation to the Personal Data we collect and process about you and how we will protect your privacy.
TERMS AND DEFINITIONS
Parties use the following terms in the following meaning:
Legislation – legislation of the United Arab Emirates.
Operator – UPGRADE VR – FZCO, organising the processing and (or) processing the Personal Data, independently or jointly with other persons, as well as determining the purposes of Personal Data processing, the content of Personal Data to be processed, actions (operations) performed with the Personal Data.
Personal Data – any information relating to an identified or identifiable natural person (User).
User – a person who uses Mobile Application or Platform.
Mobile Application – an auxiliary and satellite mobile application to the UPGRADE VR Platform that provides the User with the statistics, tracking, metrics, progress-bars and other functions.
Platform –a digital VR service UPGRADE VR where the User can use the available tests of User’s choice.
1. General Provisions
1.1. The Privacy Policy regulates the processing of Mobile Application and Platform Users’ Personal Data.
2. Principles relating to processing personal data
2.1. The processing of the Personal Data by the Operator is carried out in accordance with the following principles:
2.1.1. Lawfulness of processing of the Personal Data. The Operator takes all necessary measures to comply with the requirements of the Legislation, does not process the Personal Data in cases where this is not allowed by the Legislation, does not use the Personal Data to the detriment of the User.
2.1.2. Processing of the Personal Data meets the declared purposes of processing: compliance of the content and scope of the Personal Data in processing with the specified processing purposes. The Operator prevents the processing of the Personal Data incompatible with the purposes of collecting the Personal Data, as well as processing of the Personal Data that are excessive in relation to the specified purposes of the processing.
2.1.3. Ensuring the accuracy, sufficiency and relevance of the Personal Data in relation to the purposes of processing. The Operator takes all reasonable measures to maintain the relevance of the Personal Data being processed, including but not limited to the exercise of User’s right to get information relating to processing to the User’s Personal Data and require the Operator to specify, block or destroy the Personal Data if the Personal Data are incomplete, out-dated, inaccurate, illegally obtained or not necessary for the specified processing purposes.
2.1.4. Storage of the Personal Data in a form that allows to define the User no longer than the purpose of the Personal Data processing requires, unless the period of storage of the Personal Data is established by Legislation, a contract to which the User is a party or a beneficiary.
3. Conditions of the personal data processing
3.1. Processing of the Personal Data by the Operator is allowed in the following cases:
3.1.1. A consent of the User is given for the processing of the Personal Data related to the User.
3.1.2. For performance of a Contract (e.g. Licence Agreement, Terms of Use).
3.1.3. Legitimate interest of the Operator.
3.1.4. Compliance with legal obligations.
3.2. The Operator does not process special categories of the Personal Data (sensitive information):
– race
– ethnic background
– political opinions
– religious beliefs
– trade union membership
– genetics
– biometrics
– health or medical data
– sex life or orientation.
3.3. By providing Users the opportunity to use the Mobile Application or Platform, the Operator, acting reasonably and in good faith, believes that the User has all the necessary rights that allow him to use it.
3.4. The Operator does not verify the accuracy of the received (collected) Personal Data about the Users, except in cases where such verification is necessary in order to comply with the provisions of Legislation and / or obligations to the User.
4. Collecting and processing of the personal data
4.1. The Operator processes the Personal Data in order to:
– Perform the Operator’s contractual obligations to the User.
– To provide User the ability to use Mobile Application or/and Platform.
– For other purposes based on User’s consent.
4.2. The Operator processes the following Personal Data:
To use the Mobile Application and the Platform: avatar (photo or picture), gender, age, name (alias), email address.
4.3. Personal Data may be shared with the following recipients: 4.3.1. Law enforcement and Data protection authorities. Operator shares Personal Data when Operator in good faith believes it is necessary for Operator to do so in order to comply with a legal obligation under applicable law, or respond to valid legal process, such as a search warrant, a court order, or a subpoena. Operator also shares User’s Personal Data where Operator in good faith believes that it is necessary for the purpose of his own, or a third party’s legitimate interest relating to national security, law enforcement, litigation, criminal investigation, protecting the safety of any person, or to prevent death or imminent bodily harm, provided that Operator deems that such interest is not overridden by Users interests or fundamental rights and freedoms requiring the protection Personal Data.
4.3.2. Purchasers of Operator’s business. Operator will share Personal Data in those cases where Operator sells or negotiates to sell business to a buyer or prospective buyer. In this situation, Operator will continue to ensure the confidentiality of Personal Data and give the User notice before Personal Data is transferred to the buyer or becomes subject to a different privacy policy.
5. Confidentiality and personal data
5.1. The Operator shall ensure the confidentiality of the Personal Data processed in the manner prescribed by the Legislation. Confidentiality is not required for:
– The Personal Data after their depersonalisation.
– The Personal Data that is subject to publication or mandatory disclosure in accordance with the Legislation.
5.2. It does not violate the confidentiality of the Personal Data if the Operator provides them to third parties acting on the basis of an agreement with the Operator to fulfil contractual obligations to the User.
5.3. The security of the Personal Data is achieved, in particular, but not limited to the following measures:
– identifying threats to the security of the Personal Data when they are processed in the Personal Data information systems;
– adoption of organisational and technical measures to ensure the security of the Personal Data during their processing in the Personal Data information systems necessary to meet the requirements for the protection of the Personal Data;
– application of the procedure for assessing the compliance of information security tools in accordance with the established procedure;
– evaluation the effectiveness of measures taken to ensure the security of the Personal Data prior to the exploitation of the Personal Data information system;
– audit electronic Personal Data mediums;
– detection of unauthorised access to the Personal Data and taking relative action;
– restoration of Personal Data modified or destroyed due to unauthorised access to one;
– establishment of rules for access to the Personal Data processed in the Personal Data information system, as well as ensuring the registration and recording of all actions performed with the Personal Data in the Personal Data information system;
– control over measures taken to ensure the security of the Personal Data and the level of security of the Personal Data information systems.
– other measures to ensure the confidentiality of the Personal Data.
6. Rights of the users
6.1. The User has the right to receive information concerning the processing of the Personal Data and (or) request access to it (Right of access).
6.2. The User has the right to require the Operator to clarify the Personal Data, to block or destroy them if the Personal Data is incomplete, out-dated, inaccurate, illegally obtained or not necessary for the stated purpose of processing (Right of ratification and erasure).
6.3. The User has the right to copy, transfer the Personal Data to another platform / service (Right to Data portability).
6.4. The User has the right, at any time, to object to the Operator processing Personal Data on the grounds relating to User’s particular situation and the right to object to Personal Data being processed for direct marketing purposes (Right to object).
6.5. The User has the right to request the Operator temporarily or permanently to stop processing all or some of Personal Data (Right to restrict).
6.6. The User has the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on the User or produce a similarly significant effect (Right not to be subject to automated decision-making).
6.7. If the User believes that the Operator processes the Personal Data in violation of the requirements of the Legislation or otherwise violates his rights and freedoms, the User has the right to appeal against the actions or omissions of the Operator to the authorized body for the protection of the rights of the Personal Users or in court.
6.8. Upon receipt of the request the Operator shall, within 5 (five) calendar days of its receipt, erase the Personal Data.
6.9. The address for any requests with regard to Users’ Personal Data is [email protected].
6.10. User has the option of deleting his own Personal Data at his discretion by choosing the option “Delete the profile” that is available in his account.
7. Personal data of third parties used by users
7.1. The User undertakes to obtain the prior consent of a third party to process the data. The User is solely responsible for the absence of such consent and is obliged to compensate the Operator for the losses occurred due to the absence of consent.
7.2. The Operator undertakes to take the necessary measures to ensure the safety of the Personal Data of third parties entered by the User.
8. Other provisions
8.1. All possible disputes are subject to resolution in accordance with the Legislation. Before applying to court, the User must follow the mandatory pre-trial procedure and send the relevant claim to the Operator in writing. The deadline for responding to a claim is 30 (thirty) business days.
8.2. If for any reason any provision of the Privacy Policy is deemed invalid or unenforceable, it does not affect the validity or applicability of the remaining provisions of the Privacy Policy.
8.3. The Operator has the right at any time to change this Privacy Policy (in whole or in part) unilaterally without prior approval from the User. All changes take effect the next day after posting on the Mobile Application/Platform. When the Operator makes material changes to this Policy, he’ll provide the User with prominent notice as appropriate under the circumstances, e.g., by displaying a prominent notice within the Mobile Application/Platform.
8.4. The User undertakes to independently monitor the changes in the Privacy Policy by acquainting the current edition.
9. Contact information of the operator
To exercise their rights, the User has the right to contact the Operator by email [email protected]
Company: UPGRADE VR – FZCO
E-mail: [email protected]
Address: DSO-IFZA, Dubai Digital Park, Dubai, UAE.
