Applications Mobiles Overview Inc.

525-1744 rue William,

Montreal, QC, Canada, H3J 1R4.

info@vyoo.ai

Privacy Policy

 Version 2 – May 2024

 

Principles

Applications Mobiles Overview Inc (“VyoO”, “Us”, “We”, and “Our”) is providing this privacy policy (“Policy“) to you, the end user, who engages VyoO (“You”) for the provision of Services (as defined below) made available on the mobile and web versions of Our application named “VyoO” (the “Application”).

We have developed and deployed the Application for the purposes of producing accurate digital body measurements through 3D technology (the “Services”). The Application is capable of producing results that may be used for personal use or by third party providers in various fields including, e-commerce, retail, industrial and/or healthcare (“Providers”). In certain cases, the Application is capable of interfacing with the Providers who will receive the 3D body measurements generated by the Application for the purposes of matching such measurements with the right size of the item or service of interest. Once generated, the 3D body measurements are added to Your user profile, and are available for Your personal consultation, or for Your next purchases or usages with a Provider. In order to learn more about the Application and the parameters surrounding Your use thereof, we invite you to visit our Terms of Use at vyoo.ai.

This Policy is effective as of the date set forth above and is only applicable to the Services and not to any other website or application that you may be able to access from the Application which may have its own data collection and use practices and policies. This Policy describes in clear and simple terms the manner in which we respect our obligations in terms of protection of personal information and more specifically our practices regarding the collection, use, disclosure, retention and destruction of your personal information. Our person in charge of the protection of personal information (the “Privacy Officer”), whose full contact details can be found below, ensures compliance and implementation of the Policy.

In order to ensure the implementation of the Policy, be assured that we have put in place internal practices concerning the management of your personal information. These practices include a framework on:

  • The security of your personal information;
  • Management and prevention of confidentiality incidents;
  • Performing privacy impact assessments;
  • Retention of your information throughout its life cycle.

Our commitment to you is clear :

  • Be concise, clear and transparent;
  • Obtain your consent when necessary;
  • Allow you to exercise your rights regarding your personal information;
  • Protect the confidentiality of your personal information.

Our Policy has been developed in compliance with applicable privacy laws, including the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5, the Act respecting the protection of personal information in the private sector, RLRQ, c. P-39.1 and similar provincial legislation.

To Whom The Policy Concerns

The Policy applies to personal information collected in the course of all Our activities, with the exception of personal information collected in respect of our employees, former employees and applicants for employment with us.

The Policy applies in particular to personal information collected when You use the Application and when You contact us by any other means of communication. The Policy therefore applies, for example:

  • To our past, present and future customers;
  • To all users of the Application;
  • To all persons contacting us.

Please note, however, that You are still responsible for protecting Your personal information when You visit other third-party websites. Our Policy does not apply to the collection, use, disclosure or retention of your personal information by other websites, although some links on our website may allow you to access content from other third parties. We are not responsible for their policy regarding the protection of personal information and we encourage you to read the privacy notices or policies regarding the protection of personal information governing these third parties.

This Policy does not apply to the personal information of our employees, former employees or applicants for employment with us in the context of their employment, past, present or future, as another policy applies specifically to them and is available to them by contacting the Privacy Officer.

Collection of Information

Personal information is any information which relates to a natural person and allows directly or indirectly that person to be identified, whether taken separately or in combination with other information. For greater clarity, personal information is any information which allows you to identify:

  • a person directly, for example an identifier such as a name, location data, government ID; or
  • indirectly through the combination of several specific elements specific to its physical, physiological, genetic, psychic, economic, cultural or social identity.

Please note that we collect only the personal information necessary to provide you with our services. Below are the categories of personal information we collect and examples for each category. This information is all collected for a specific purpose detailed below.

Specifically, by using the Services, You consent to the collection of the following personal information:

Information provided by You

  • Contact details (name, email, phone number, physical address).
  • Personal details (gender or most common gender-related body type, preferred unit system, preferred language).
  • Login details.
  • Photographs and/or depth-sensors-based feature points of full or partial various parts of a human body.

Information We collect automatically when You use Your account

  • Your internet protocol address, device, browser type, operating system, the date and time of Your visit, information about the links You click and pages You view when using the Services, server log information.
  • Device information regarding Your mobile phone or GPS signal.
  • Diverse information collected from the different sensors of Your mobile phone as position in space, angle, tilt, roll, speed of movement, height, among many other.

Only information necessary to the complete and proper provision of the services would be collected; any other information would be optional for You to provide.

TYPES OF PERSONAL INFORMATION EXAMPLES PURPOSES RETENTION PERIODS
Identity and contact information

·    First and last name.

·    Email address.

·    Phone number.

·    Postal address.

·    For identification or authentication purposes.

·    Contacting you.

·    Meet our legal and regulatory obligations.

Throughout our business relationship with you and for 2 years afterwards.
Information about your communications with us

·    History and report of our discussions with you.

·    Email exchanges.

·    Online chat

·    Customer service telephone recordings.

·    Surveillance camera recordings.

·    Contacting you.

·    To provide you with our products and services.

Throughout our business relationship with you and for 2 years afterwards.
Information about your digital interactions

·    Information about your devices.

·    Length of the scans made using your device.

·    Position, trajectory and speed of the movement of the device while performing the scan.

·    To provide you with our products and services.

Throughout our business relationship with you and for 2 years afterwards.

 

Photographs and/or depth-sensors-based feature points

 

·    Photographs of the full body or parts of the body.

·    3D point cloud reconstruction of the full body or parts of the body.

·    To provide you with our products and services.

Throughout our business relationship with you and for a maximum of 2 years afterwards.

 

 

We collect your personal information, to the extent permitted by law, for:

Identification or Authentication Purposes

When we wish to register You as a new customer, we require certain information to identify You. This information will be used in particular to find Your file and to ensure that Your information is associated with Your account when You wish to benefit from our products and services and the associated guarantees.

In general, we collect Identity and contact Information to fulfill this purpose. Your information may also be used in certain cases to authenticate you, for example to ensure that you are the right person when you wish to access your file. As such, we can, for example:

  • Use a one-factor authentication system (such as a password).
  • Use a two-factor authentication system (such as a code received by text message).
  • Ask for personal security questions answers.

Providing You with Our Services

When You do business with Us, it is necessary for Us to process some of Your information in order to determine Your eligibility for our Services, to advise You appropriately based on Your needs, to answer any questions You may have, to handle Your complaints and to assist You in all Your dealings. In achieving this purpose, it is possible that:

  • We may use the depth sensors (RGB-D camera) of your smartphone to enable the possibility to obtain an up-to-scale 3D model of your body or parts of your body locally on the device. In other words, the 3D reconstruction of your body or parts of your body is the only data sent to the servers to compute measurements and analysis; no videos or pictures will be sent.
  • If no depth sensor(s) are available, or if you chose not to use these, we use RGB cameras of your smartphone are used, requiring sending videos or pictures to the servers.

Specifically in the provision of the Services, VyoO will use the photographs and/or depth-sensors-based feature points You submit to improve the Services and to improve our technology and provide more customized service to our End-Users. This use of photographs and/or depth-sensors-based feature points will NOT be associated with Your personal identifiable information such as Your name, address, email address or account number. If You have questions about the use of Your photographs and/or depth-sensors-based feature points or should You wish to opt out of this usage please contact Our Privacy Officer at “privacyofficer@vyoo.ai” and indicate the email address used to create the account and Your desire for Your photographs and/or depth-sensors-based feature points not to be used for application optimization purposes.

In addition to the above uses, We will use Information to prevent prohibited or illegal activity on the Application or in using the Services in accordance with Our terms of use.

Contacting You

As part of our business relationship with You, we may need to contact You from time to time to:

  • Inform You of important changes applicable to Your chosen Services;
  • Inform You of changes to our Terms of Use or Policy;

Managing Our Risks  

As a business, we need to take a number of preventive actions to manage the risks associated with Our activities, in order to avoid financial losses, operational breakdowns and internal and external fraud. To this end we:

  • Monitor any suspicious activity in Your account;
  • Develop dashboards to monitor Our operations;
  • Develop descriptive and predictive models to identify any trends that may put Our organization at risk;

Meeting Our Legal and Regulatory Obligations

In operating Our business and due to the nature of our activities, we must comply with certain legal and regulatory obligations. We are therefore obliged to use your information in order to, for example:

  • Comply with the Income Tax Act;
  • Defend ourselves in the event of legal claims or demands;
  • Comply with the requirements of the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC);
  • Comply with the requirements of the Autorité des marchés financiers (AMF);
  • Perform due diligence;

Send you advertising offers, promotions or any other communications by email, paper mail or telephone

In order to offer You a more personalized service, we may use your personal information to communicate offers likely to meet Your needs, our latest promotions, newsletters or surveys, for example.

In order to adequately personalize these communications, we may analyze Your personal information for profiling purposes. This allows Us to avoid sending you communications that do not correspond to Your expectations.

Please note that We will only send you these communications if You have, where required by law, chosen to receive them, and that You may withdraw Your consent at any time.

Cookies, pixel tags, and similar technology

We may use cookies, pixel tags and similar technology to automatically collect Information You provide and Information automatically collected. Cookies are information stored by Your computer’s web browser. Pixel tags are small images or pieces of data embedded in images to recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from Your computer or device.

Flash cookies may be larger than cookies and are downloaded to a computer or mobile device by Adobe Flash media player. By using the Services, You consent to Our use of cookies and similar technologies. You may modify the use of cookies on Your browser through the settings area of Your browser; however, Your experience with the Services may not work properly if You turn off all or some cookies.

Information from Non-Health Related Sources

In certain cases, and where You have previously consented, We may receive information about You from third-party services and organizations. We may combine information and data we have with other source data to use to contact You.

Children’s Privacy

We do not knowingly collect personal information from children under 14, or allow them to create an account for the Services.

Sharing Information

Within Our company, access to Your personal information is limited to those employees who require access in order to perform their duties. These employees are made aware of the need to protect personal information, and policies are in place to ensure their protection.

However, in order to offer You quality services, we must communicate some of Your personal information outside Our company. Rest assured that we require third parties to whom we disclose your personal information to respect the standards set by law and the security measures required to protect Your personal information. We never sell your personal information, and will only disclose it where required by law or with Your consent.

To Providers

In order to carry out certain purposes described in the Policy, we do business with Providers to whom we may communicate or give access to your personal information when necessary for the performance of their service contract.

However, rest assured that we put in place written contracts with our Providers in order to:

  • Guarantee the confidentiality of your personal information;
  • Ensure that the information is used only to perform the service;
  • Ensure that the service provider does not retain any personal information when it is no longer required for the performance of the service, with the exception of information contained in backup systems, which will be deleted according to the deletion cycle predetermined by the service provider;
  • Ensure that the service provider communicates with us immediately in the event of a confidentiality incident or any attempt to do so.

Other service providers with whom we do business include the following:

  • Computer and technical services.
  • Communication and marketing firms.
  • Accounting firms.
  • Law firms.
  • Printing service.
  • Mail delivery service.
  • Application developer.
  • Cloud hosting service.

We may also share Your personal information with our various legal entities within the same Our group where necessary to comply with our legal and regulatory obligations and to provide You with Our Services.

To Courts, Law Enforcement Authorities, Regulators, Governmental Officials or Prosecutors

More specifically, we may disclose Your personal information to comply with a search warrant, to respond to an investigative body, to comply with a court order, if we believe disclosure is necessary to comply with applicable laws, if required by law, to pursue a legal claim or to assert a defence.

To Other Third Parties

We may need to disclose Your personal information to other third parties in certain specific circumstances, always within the limits permitted by law or after obtaining Your consent, for example:

  • As part of a business transaction (a merger, an acquisition by another enterprise, obtaining a loan or financing, for example).
  • In the event of insolvency or bankruptcy.
  • To credit rating agencies.

If You use third party services such as social media or Google to login or to share Your experience about the Services with others, We may be able to collect this information about You and Your activity– this may notify Your connections on said third party service platforms about Your use of the Services or the website wherein You are entering Your Information.

Security

The security measures we use to protect the data and Information We collect, use and create are proportional to the sensitivity of the information collected. We are not able to guarantee 100% security at all times.

TYPES OF MEASURES EXAMPLES OF MEASURES
Technical measures

·       Use of strong internal passwords.

·       Two-factor authentication.

·       Encryption of the data in transit using HTTPS.

·       Access logs.

·       Encryption at rest.

·       Depersonalization.

·       Cloud hosting services are controlled and monitored.

Administrative measures

·       Access management on a “need-to-know” basis.

·       Internal policies and training on the protection of personal information.

·       Our employees are bound by confidentiality undertakings that survive the end of their employment.

Material measures

·       Access to offices limited by virtual access cards.

·       Surveillance cameras.

After a period of 2 (two) years of inactivity by You, Your Information will be transferred to cold storage in the Cloud until the minimum number of required years of retention has expired – after which Your Information shall be destroyed.

Information collected and used by third parties, such as the Providers through which websites you accessed VyoO, are subject to different security practices and You should read their policies and terms to this effect before using their services.

Please note, however, that the transmission of personal information over the Internet is never completely secure. Although we take every precaution to protect your personal information, we cannot guarantee the security of personal information transmitted over the Internet. You choose to transmit information through this channel at your own risk.

If you believe that your personal information has been compromised or if you have any concerns in this regard, we invite you to contact our Privacy Officer

Transfer of Personal Information Outside Quebec or Canada

The subcontractors with whom we do business and other third parties to whom we disclose your personal information may operate outside Quebec and Canada.

In all cases where we disclose your personal information outside Quebec or Canada, we ensure that your personal information is handled securely and in compliance with this Policy, and that a written agreement exists with the third party regarding the handling of your personal information. In addition, before disclosing your personal information outside Quebec, we always conduct a privacy impact assessment to evaluate, among other things, the risks inherent in the disclosure as well as the applicable legal regime of the state where your information would be disclosed.

We will not disclose your personal information unless we are satisfied that it will be adequately protected.

We also ensure that third parties to whom we disclose your personal information undertake to:

  • Restrict access to personal information only to those employees who require access in order to perform their duties;
  • Destroy personal information once the purpose of the communication has been fulfilled, with the exception of information contained in backup systems, which will be deleted according to the deletion cycle predetermined by the third party;
  • Notify us immediately if a confidentiality incident occurs;
  • Not use personal information for purposes other than those expressly provided for.

End-User Rights

With respect to any of the following rights, please contact Us at info@VyoO.ai to exercise these rights. VyoO endeavors to respect the rights listed below within 15 business days from the date of request.

End Users have the right to have their Information deleted from VyoO’s databases. This Information does not include data which VyoO is required to maintain for government or other legal reasons, and may include Information VyoO has rendered incapable of being read in such a manner as to identify a specific End User.

End Users have the right to obtain access to their Information in a digital format they can easily read. Such access shall be provided free of charge and within a reasonable period and You shall be notified if the request is too onerous to provide access. You will be required to provide proof of identity before such access is granted.

End Users have the right to have their Information transferred to a third-party of their choice in a secure manner. You will be required to provide proof of identity before such Information is transferred.

End Users have the right to rectify any errors in the Information collected about them. In some circumstances, You may be required to provide proof of identity before such changes may be made.

You may request Your account be deactivated at any time. This request will not result in the deletion of any Information but rather the inability for You to access or use Your account. Your Information shall saved securely for an appropriate retention period.

When you give your consent for secondary purposes, in other words, purposes that are not essential to offer you the Services, you may withdraw it at any time, without any consequence.

However, if you refuse to provide us with personal information that is necessary for us to offer you our Services or that is required by law, we may no longer be able to provide you with some of our Services. In this case, we may have to cancel our commitment to You. You will, however, be informed of the occurrence of such a situation.

De-indexing, re-indexing and ceasing to distribute your personal information

You have the right to require us to cease the distribution of Your personal information or to de-index any hyperlink attached to Your name allowing access to your information by a technological mean if the dissemination of your information contravenes the law or a court order.

The right also exists when:

  • The distribution of the information causes you serious prejudice in relation to the respect of your reputation or privacy;
  • This prejudice outweighs the interest of the public in knowing the information or the interest of any person in expressing themselves freely;
  • The cessation of distribution, re-indexation or de-indexation does not exceed what is necessary for preventing the perpetuation of the prejudice.

You may exercise Your right by contacting our Privacy Officer. We generally respond to such requests within 30 days of receiving all necessary information. If We are unable to respond to your request, or if additional time is required to satisfy a request, We will inform you in writing.

General Provisions

This Policy shall be governed and construed in accordance with the laws of the province of Quebec and Canada without regard to principles of conflicts of law. You agree, any claim or dispute against Us arising out of or relating to the Services must be resolved by arbitration before one arbitrator in Montreal, Quebec. Any changes to the Policy shall be effective seven days after the Last Revised date indicated above. By using the Services, You agree to any changes made to the Policy.

Our Privacy Officer is the Chief Operating Officer, who can be contacted at “privacyofficer@vyoo.ai”.

You may contact Us at any time via email at info@vyoo.ai, by mail at: 525-1744 rue William, Montreal, QC, H3J 1R4, Canada.

This Policy takes effect on the date mentioned at the top of the page and replaces all previous versions. The history of previous versions of the Policy can be obtained by request to our Privacy Officer.

The Policy may be updated at our sole discretion based on changes in our practices and legislation on protection of personal information. When the Policy is updated, the changes will be specifically brought to your attention and a notice will be available on the home page of our website. When the changes are of a material nature or require your consent, we will notify you by email if we have your email address.