YourFit Privacy Policy
Last Revised: October 12, 2023
3DLOOK Inc. (“3DLOOK”, “Company,” “we,” or “us”) is committed to respecting privacy rights of our customers and users. Please read this privacy policy carefully to understand our practices and policies regarding information about you. This privacy policy (“Policy”) sets out how 3DLOOK uses and protects any personal data that you provide to 3DLOOK when accessing and/or using YourFit solution (“YourFit” or “Service”) in the form or web-widget and/or application.
This Policy does not apply to any information collected: (i) through any other means, including any other service, application or website operated by 3DLOOK or any third party, or (ii) by any third party, including through any application or content (including advertising) that may be linked to or be accessible from the Service. Please, note that any collection and use of Personal Data (as defined below) by a third party conducted via their products or digital platforms that utilize or otherwise contain the Service’s functionality is subject to such third party’s policies and terms. This Policy may apply to such services only with respect to information collected directly via YourFit and obtained by us.
Please read this Policy carefully. By accessing, visiting, or using YourFit, you agree to this Policy. Please note that if you disagree with anything contained in this Policy, you should not use the Service.
1. DEFINITIONS
“Personal Data” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual (consumer) or household. However, personal information does not include publicly available, de-identified, or aggregate information.
“Personal Data Processing” or “processing” means any operation or set of operations performed upon Personal Data or sets of Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
“Law” means the applicable law, statute, subordinate legislation, regulation, order, mandatory guidance or code of practice, a judgment of a relevant court, or directives or requirements of any regulatory body which relates to the protection of individuals with regard to the processing of Personal Data, including General Data Protection Regulation (“GDPR”) and California Consumer Privacy Act, as amended by the California Privacy Rights Act and other applicable California privacy laws (“CCPA”).
“You” or “User” means the individual accessing or using the Service.
2. TYPES OF INFORMATION WE COLLECT
The categories of information (including Personal Data) we collect depend on how You use and interact with the Service. We collect the information You provide to us and information we obtain automatically when you use our Service or otherwise interact with it.
Information You Provide to Us Directly. When You’re creating an account (if applicable), we may ask You to provide us with certain information (including Personal Data) to set up your account/profile, such as name, email address, phone number, and profile information. Provision of such information is voluntary, unless the relevant form points out the information is necessary to use the Service.
To provide You with the ability to use YourFit’s features, we also need to process Your photos (initial images, front and side photos). Given the above, the Service can access the camera on your device (only subject to your permission) to make and receive the photos. After the photos are processed, we will receive the information on your body parameters. If You utilize the virtual try-on functionality of YourFit, we will also receive the images generated as a result of such interaction. Some forms in the Service may also request information about your height and weight. By using YourFit, You hereby certify that You have the full legal capacity and all the necessary authorizations to take, upload, share and/or disseminate the photos representing You and/or someone else who has expressly authorized You to do so.
We may collect Personal Data provided by You when You request information about our Service or request customer or technical support in connection with the Service.
Likewise, we may collect Personal Data that You voluntarily decided to share with us. We are asking You not to provide us with Personal Data that is intended for a limited circle of people or that falls under the definition of Sensitive Data. For the purposes of this Policy “Sensitive Data” means any information about your: (i) racial or ethnic origin; (ii) political, religious or philosophical beliefs; (iii) membership in political parties and trade unions; (iv) sentencing to criminal penalties; (v) health, sexuality; and (vi) biometric or genetic data.
Information Collected Automatically. In addition to any information that we collect directly from You, we may use a variety of technologies that automatically (or passively) collect certain information or data while using YourFit, or whenever You interact with YourFit on third-party websites, platforms, and services, and such websites, platforms, and services contain YourFit functionality and a link to this Policy. We may collect transactional information such as information about your orders, products viewed and added to a shopping cart, returns made via the website, platform, or service where You utilize YourFit functionality. Likewise, we may also collect the following information using automated technologies: IP address, device or mobile ID, browser type and operating system, language preferences, duration of your activities, your history of using the app, and other information about how You use the Service.
We do not treat information collected by automated data collection technologies as Personal Data. However, to the extent that these identifiers are considered Personal Data under the applicable Law, we will also treat these identifiers as Personal Data. Similarly, to the extent that information or data we collect that is not considered to be Personal Data is combined with Personal Data, we treat the combined information as Personal Data for the purposes of this Policy and compliance with the applicable Law.
3. HOW WE MAY USE INFORMATION ABOUT YOU
We use your information for various business purposes as described below.
Provision of Services. We use your account information and contact details to provide You with access to the Service and its features (certain functionality or areas) to manage your account (where applicable). For example, we use the contact details You provide when downloading our app and signing up for the Service to create your user account in the app. We will process your images (photos) to provide You with the requested services. We will not disclose or share your images with third parties; your photos (including the results of the virtual garments fitting) are only visible to You, and You have full control over them. The images can only be shared by You, e.g., if You’re utilizing sharing features integrated into the Service, like social media sharing or cross-app sharing (if any). Your photos (including the results of the virtual garments fitting) will be stored to provide You with the requested services, but not more than thirty (30) days. All the photos are deleted in 30 days of the initial collection. If You’re using the size recommendation functionality of YourFit, your images will be processed and converted into the body parameters/measurements instantly after uploading them into the Service.
Where You access the Service via third-party websites, products, platforms, or services, we may only provide anonymized information about your body parameters, corresponding size recommendations (without any identifiers), and 3D avatars (3D model of your body with blurred face) to such third parties for the provision of such third-party services to You. When You access and continue to use YourFit via such third-party sites, products, platforms, and/or services, who is 3DLOOK’s client, You agree to a data transfer to such third party. Where You switch between the third-party websites, products, platforms, or services where the Service is available, your information (which is stored in your web browser) may be dynamically shared between these websites and platforms; provided, however, that your images will only be visible to You, while third-party may only receive anonymized information about your body parameters, corresponding size recommendations (without any identifiers), and 3D avatars (3D model of your body with blurred face).
Analytics, Service & Technology Improvement. We may use any information collected from You, including information that does not qualify as Personal Data to: (i) to personalize user’s experience and to allow us to deliver the type of content and product offerings in which You may be most interested; (ii) to improve our technology and services to serve you better and/or to provide services more effectively; (iii) to ensure continuous improvement and development of our technology and services; (iv) to administer our apps and accompanying services; and (v) to diagnose possible problems.
We also collect data about how our Service is used. We use this information to develop and improve our products and services. For example, we utilize usage data to assess trends and usage across our products and services to help us determine what new features or integrations our users may be interested in. We may share usage data externally but will only do so in an anonymized and/or aggregated manner to build and improve product features.
We may also use anonymized/aggregated data for machine learning that supports certain product features and functionality with the Service, analyses, improvement of size recommendation algorithms, and similar purposes to serve You better and/or to provide the services more effectively.
We may collect, use, transfer, and disclose “publicly available” information and/or non-Personal Data, which includes information lawfully made available from federal, state, or local government records, or information in a form that does not, on its own, permit direct association with you for any purpose pointed in this Policy.
If we combine information or data in a form that does not, on its own, permit direct association with any specific individual with the Personal Data, the combined information will be treated as Personal Data for as long as it remains combined.
Communication. We may use the data You provide to us when signing up for the Service to contact You via email, SMS, or via in-app/push notification about your account, activities on our Service, policy changes, security incidents, and other administrative matters. Likewise, we may also use your information to provide customer support, such as answering requests for technical support and analyzing product outages or bugs.
If You use the Service via a mobile app, we may also send You push notifications from time to time to update You about new features of the Service, remind You of uncompleted fitting events, our promotions. If You no longer wish to receive such communications, you may turn them off at the device level.
If You receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt-out of receiving future emails. Please note that You will continue to receive transaction-related (non-promotional) emails regarding the Service or any of its features you have requested, updated to our policies.
Social Media Features. Where applicable, our Service may include social media features, such as the “like” or “share” buttons and widgets. These features may collect your IP address and set a cookie to enable the feature to function properly. This Policy does not apply to these features. Your interactions with these features are governed by the applicable privacy policy and other policies of the companies providing them.
Protection of our Interests and Safety. We may use your Personal Data when we believe it’s necessary to take precautions against liabilities, investigate and defend ourselves against any third-party claims or allegations, investigate and protect ourselves from fraud, protect the security or integrity of the technology and the Service and protect the rights and property of 3DLOOK, our clients, users and/or partners.
Compliance with Legal and Regulatory Requirements. We may also use/disclose your information (including Personal Data) collected by us to comply with applicable legal requirements, industry standards, and our policies. Likewise, we may disclose your information in situations that we believe to be: (i) emergencies involving potential threats to the physical safety of any person or property if we believe that your information in any way relates to that threat; (ii) You use the Service in a way that we believe may be illegal or inappropriate.
Business Process Management. We may provide some of your Personal Data to our partners, clients, contractors, and affiliates if necessary for performing contractual obligations or if it is an essential part of how the services work (to the extent permitted under the applicable Law). Please see Section 4 for more information about how your information may be shared with third parties.
Other. We may use Personal Data for other purposes that are clearly disclosed to You at the time You provide Personal Data or with your consent.
4. HOW WE SHARE INFORMATION WE COLLECT
We may share your information with third parties to achieve the purposes described in this Policy. We share your information with third parties for a variety of business purposes, including when it is required by functions of the Service and its features, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer, as described below.
Business Partners. We will not pass your Personal Data to third parties, except for when required by functions of the Service and its features. We may also share your information with business partners with whom we jointly offer products or services. If You access the Service via third-party sites, links, products, platforms, or services, we may provide information on your body parameters to such third parties for the aim of the provision of such third-party services to You. For example, where You access the Service via a web-widget placed on an online fashion store’s website and use the Service to try on the garments virtually and/or get your size recommendation, we will provide information on your body parameters to such third-party (online fashion store) for the aim of the provision of such third-party services to You, so you could purchase the item of the recommended size. In this case, the third party will receive only information about your measurements, corresponding recommended size, and 3D avatars (3D model of your body with blurred face); your images and any contact details are not disclosed to our business partners.
Service Providers. We may use a third party (processor, contractor, affiliate, partner, supplier, vendor, etc.) to perform certain business-related functions. Examples of such functions include, but are not limited to, data storage services, database maintenance services, user authentication, etc. When we engage such third-party service providers, we will provide them with limited access to Personal Data as needed to perform their specific function. We will make sure that each third party will be bound with contractual obligations to keep such Personal Data confidential, make necessary steps to protect such Personal Data, and not to use it for any purpose other than providing services to us and other provisions as required under the applicable Law.
We use the following third-party service providers:
Service | Service Provider | Purpose | Link to Service Provider’s Privacy Policy |
Azure Cloud | Microsoft Corporation | App service, database management | https://privacy.microsoft.com/en-us/PrivacyStatement |
Hasura | Hasura, Inc. | API management | https://hasura.io/legal/hasura-privacy-policy/ |
Auth0 | Octa, Inc. | Authentication | https://auth0.com/privacy |
Azure Cognitive Services | Microsoft Corporation | Cognitive features | https://privacy.microsoft.com/en-us/PrivacyStatement |
Twilio | Twilio Inc. | Programmable SMS, authentication | https://www.twilio.com/legal/privacy |
Postman | Postman, Inc. | API documentation testing | https://www.postman.com/legal/privacy-policy/ |
Fingerprint.js | FingerprintJS Inc. | Authentication | https://dev.fingerprintjs.com/docs/privacy-policy |
App Flow | Drifty Co.
(d/b/a Ionic) |
App delivery and updates | https://ionic.io/privacy |
We may also share your information (including Personal Data) with other service providers for the purposes above, with which we will establish cooperation.
Before transferring any Personal Data to a third party (processor, contractor, affiliate, partner, supplier, vendor, etc.), we shall make reasonable checks of such third parties regarding its compliance with the applicable Law.
Compliance With the Law. Law Enforcement. We may disclose Personal Data if required to do so by law or to comply with a legal obligation, or if we believe in good faith that such action is necessary to: (i) protect our rights or property and our customers or (ii) protect the property or safety of users of YourFit and the accompanying services, legal owners of our website, services or our intellectual property; (iii) or any third party. If we are required by law to disclose any of your Personal Data, we will use reasonable efforts to provide You with notice of that disclosure requirement unless we are prohibited from doing so by statute, court, or administrative order.
Business Transfers. We reserve the right to sell, assign, or transfer our business or assets. In any such event or similar event, including but not limiting to a corporate sale, merger, reorganization, dissolution, etc., Personal Data may be part of the transferred assets. You acknowledge that such transfers may occur and that any acquirer or successor of ours may continue to use your Personal Data as outlined in this Privacy Policy.
Subsidiaries and Affiliates. We may share your Personal Data with members of our corporate family.
Other Third Parties. We may also use certain information in a form that does not, on its own, permit direct association with You available to third parties for various purposes, including for business or marketing purposes or to assist third parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, the functionality available through the services, statistics, and other use. This information is not associated with any Personal Data that can identify any person.
California and EEA & UK residents may have additional rights and choices. Please see Section 7 below for more information.
5. HOW TO ACCESS AND CONTROL INFORMATION ABOUT YOU
We will retain your Personal Data as described in Section 6 of this Policy.
You also have certain rights in relation to your Personal Data:
- You can request access, correction, updates, or deletion of your Personal Data.
- You can object to our processing of your Personal Data, ask us to restrict processing of your Personal Data, or request portability of your Personal Data.
- If we have collected and processed your Personal Data with your consent, then You can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
To exercise any of your rights regarding your Personal Data please contact us using the contact details provided in Section 9 of this Policy.
California and EEA & UK residents may have additional rights and choices; please see Section 7 to learn more.
6. DATA RETENTION. SECURITY
We may store the Personal Data we collect as described in this Policy for as long as You use our Service or as necessary to fulfill the purpose(s) for which it was collected, provide You with access to the Service or its features, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable Law. The retention period will be determined, taking into account the type of information that is collected and the purpose for which it was collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Your photos (including the results of the virtual garments fitting) will be stored to provide You with the requested services, but not more than thirty (30) days. All the photos are deleted automatically in thirty (30) days of the initial collection.
After a reasonable period of time, we will either delete or anonymize your Personal Data. Non-Personal Data, de-identified, or anonymized data can be retained by us without limitation of time. We make no warranties that your Personal Data will be available for any specific period. Please consider that we have no obligations to notify You when deleting your Personal Data and can do it at our sole discretion.
We will maintain industry-standard physical, electronic and procedural safeguards designed to protect any data in our possession from loss, misuse, corruption, and unauthorized access or disclosure. Wherever we collect Personal Data, we make commercially reasonable efforts to provide the necessary level of encryption, Anonymization (defined below), and/or Pseudonymization (defined below), as required by applicable law or regulation. All the data is encrypted in transit and at rest. We may provide such security measures using third parties (e.g., vendors, contractors, etc.). For purposes of this Privacy Policy, “Anonymization” is defined as the processing of data with the aim of irreversibly preventing the identification of the individual to whom it relates. For purposes of this Privacy Policy, “Pseudonymization” is defined as replacing any identifying characteristics of data with a pseudonym, or, in other words, a value that does not allow the data subject to be directly identified.
The safety and security of your information also depend on You. Do not disclose your contact information, password, or other data that allows or enables unauthorized access to the Service, and keep this information confidential.
Unfortunately, no method of transmission or method of electronic storage is 100% secure. Although we do our best to protect your Personal Data, we cannot guarantee that the data stored during your use of the Service is invulnerable to hacking and will not be subject to a security breach. We make no warranty, guarantee, or representation that the Service is or will be protected from all viruses, security threats, or other vulnerabilities or that your Personal Data and other information will always be secure.
Privacy Safeguards within the Company. To ensure your Personal Data is secure, we communicate our privacy and security guidelines to our staff and strictly enforce privacy safeguards within the Company. All of our employees are bound with confidentiality obligations.
Information Transferred to Third Parties. Before transferring any Personal Data to a third party (processor, contractor, affiliate, partner, supplier, vendor, etc.), we shall make a reasonable check of such third party regarding its compliance with applicable the applicable Laws and the implementation of the appropriate safeguards.
Information Received from Third Parties. In cases where we receive your Personal Data from a third party (i.e., controller of such data) during the fulfillment of contractual obligations, we act as a processor. In order to secure such Personal Data, we treat it with the same level of security as we treat Personal Data as if we collected it, as provided in this Policy (if applicable or if we are not obliged by the relevant contract to provide additional security measures). Additionally, we do not store such received Personal Data for a period longer than necessary to fulfill the relevant contract with a third party who provided us with your Personal Data.
Technical Measures. All the data (including Personal Data) is encrypted in transit and at rest. We’re protecting your Personal Data with two-way encryption, which uses two separate cryptographic keys: a public key and a private key. Data cannot be decrypted and accessed without both keys. Likewise, we use web cryptography technology and 256-bit SSL encryption for additional security. The Service is hosted on a leading cloud infrastructure provider. Vulnerability scanning is conducted regularly.
7. SPECIFIC NOTICES
Children
YourFit is not intended for children under 16 years of age (or age equivalent in the relevant jurisdiction). No one under the age of 16 shall provide any information to or on YourFit. We do not knowingly collect Personal Data from minors. If You are under 16 (or age equivalent in the relevant jurisdiction), please do not use or provide any information to or via YourFit. If we learn that we have collected or received Personal Data from a minor without verification of parental consent, we will promptly delete that information. If You believe we might have any information from or about a child under 16, please contact us via privacy@3dlook.me.
Notice to European Economic Area (EEA) and UK Residents
This section applies only to EEA and UK residents. This Policy will govern the use of your “Personal Data,” which the GDPR defines as any information relating to an identified or identifiable data subject. Examples include data that directly, or when used in conjunction with other provided data, enables the identification of a specific individual. Personal Data does not include data in a form that does not, on its own, permit direct association with any particular individual.
If You are located in the European Economic Area or the UK, we may process your Personal Data for the purposes described in Section 3 of this Policy when:
- You have consented to the processing of your Personal Data;
- We need your Personal Data to provide You with access to the Service and its functionality as requested by You, or to respond to your inquiries;
- We have a legal obligation to use your Personal Data; or
- We have a legitimate interest in using your Personal Data. In particular, we have a legitimate interest in using your Personal Data to ensure and improve the safety, security, to suppress illegal activity on our Service, to take precautions against liabilities, investigate and defend ourselves against any third-party claims or allegations, investigate and protect ourselves from fraud, protect the rights and property of 3DLOOK, its users and/or partners, etc.
We may retain your Personal Data for as long as is required to fulfill the purposes of the processing of the Personal Data outlined in Section 3 of this Policy, or for a longer period as required under the applicable Law. The retention period will be determined taking into account the type of Personal Data collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused data at the earliest reasonable time. In general, we store your Personal Data for up to 3 years and make a revision of it after that period. During such revision, we may either delete all of your Personal Data or keep it collected for the additional 10 years if: You’re using the Service; we are in the middle of a dispute, or You are our debtor; such information is still necessary for the purposes we collected it. We can delete your Personal Data at any time and not wait for such a period to end if the purpose we collected it for no longer applies. The functionality of the Service may also allow exercising your deletion rights via the Service interface. You can initiate the deletion of your Personal Data at any time. We do not guarantee that your Personal Data will be available for any specific period of time (3 years, 10 years, or less or more, etc.). Please consider that we have no obligations to notify You when deleting your Personal Data, and we can do it at our sole discretion.
Before transferring any Personal Data to a third party (processor, contractor, affiliate, partner, contractors, suppliers, vendors, etc.), we shall make a reasonable check of such third party to make sure that such party has implemented appropriate safeguards (including appropriate contractual and organizational measures) and your Personal Data will remain protected wherever it is transferred. We will make commercially reasonable efforts to store the Personal Data of individuals in the regions where they live or operate. Still, if such storage is not commercially reasonable, we will ensure that third-party processors are bound by an agreement that contains obligations of the processor to provide at least a minimum necessary level of security and other provisions as required under the Law. We will also ensure that the applicable contracts contain the obligation of the processor to adopt necessary provisions into its agreements with sub-processors (if any). Herein You give us your free unambiguous consent to store your Personal Data (and data that does not identify You individually, if applicable) outside your country of residence (registration, domicile, center of vital interests, economic region, etc.).
We may also process certain information in a form that does not, on its own, permit direct association with You available to third parties for various purposes, including for business or marketing purposes or to assist third parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, promotions, the functionality available through the Service, statistics and other use. This type of information is not associated with any Personal Data that can identify any individual.
The GDPR provides data subjects with specific rights and choices in connection with their Personal Data. You may have the following rights according to the applicable Law:
- You can express and withdraw consent for your Personal Data processing. Please note that withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- You can request access, correction, or updates of your Personal Data.
- You can object to our processing of your Personal Data, ask us to restrict processing of your Personal Data, or request portability of your Personal Data.
- You can request the deletion of your Personal Data. You may ask to delete your Personal Data at any time, but in such case, it may lead to the impossibility to use our Service. The functionality of the Service may also allow exercising your deletion rights via the Service interface.
- You have the right to complain to a Data Protection Authority (subject to the applicable Law) about our collection and use of your Personal Data. However, we’d appreciate the chance to deal with your concerns before You approach the respective Data Protection Authority. Please contact us in the first instance by e-mailing at privacy@3dlook.me or writing to us at 55 East 3rd Avenue, San Mateo, CA 94401, Attn: Legal Department.
If You wish to exercise any of the aforementioned rights or receive more information, please contact us using the contact details provided in Section 9 of this Policy.
To fulfill your request, we are required to verify your identity so that your Personal Data does not go to an unauthorized person. As a way of example, but not limited to: if You send a request from the same e-mail You used during registration, and with the same signature you usually use in your e-mails (if there were any between us), we reasonably consider that it is You, who asks for your Personal Data. If You use another e-mail address or someone makes a request on your behalf, we may ask for additional verification.
Within one month of receiving your request, we will provide You with information about the actions taken in connection with your request. If we require more time (up to 45 days), we will inform You of the reason and extension period in writing.
If You found out that someone has illegally provided us with your Personal Data, please, contact us promptly using the contact details provided in Section 9 of this Policy. Upon your request, we will delete your Personal Data without undue delay, but in any case, within one month from the day of receipt of your request (or more due to the complex nature of the request or the number of requests). We will only retain such copies of the information necessary for us to comply with the Law for such cases.
Please kindly note that if your request turns out to be unreasonable or excessive, in particular, due to its repeated nature, we may request a reasonable fee for the fulfillment of the request or refuse to take action in connection with the request.
In case of a security breach, which leads to unauthorized access to your Personal Data, we will let You and the relevant Data Protection Authority know about this incident without undue delay as soon as we become aware of such breach and make all reasonable efforts to minimize the harm and restore necessary safety measures. We can inform You about the breach affecting your Personal Data at our sole discretion in the following ways we consider most appropriate: via your contact e-mail, by phone, in your account, via the Service, in national news, on our website, or any other way which allows You to take necessary steps to minimize the possible harm without undue delay. Such notification will include general information about the breach, potential risks, and our actions to mitigate them (to the extent possible in relevant circumstances). You are solely responsible for notifying your third parties if their Personal Data is part of such breach (if You are the one who provided such information to us). Our notifications shall not constitute our acknowledgment of any fault (guilt, liability) for the breach.
Notice to California Residents
This section applies only to California residents. This Policy will govern the use of your “Personal Information,” as defined in the CCPA. Examples include real name, an alias, postal address, e-mail address, unique personal or online identifier, internet protocol (IP address), or similar identifiers. Personal Information does not include “publicly available” information, which includes information lawfully made available from federal, state, or local government records or information in a form that does not, on its own, permit direct association with any specific individual. If You are a California resident, California law may provide You with additional rights regarding our use of your Personal Information.
We do not sell Personal Information. We may share some of your Personal Information with third parties (as more specifically described in Section 4) if those third parties are authorized service providers or business partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such Personal Information.
We have collected the following categories of Personal Information from our consumers (end-users) within the last twelve (12) months:
- Identifiers, such as name, alias, e-mail address, and phone number. We collect this information directly from You or third-party sources.
- Commercial information, such as information about your orders, products viewed and added to a shopping cart, returns made via the website, platform, or service where You utilize YourFit functionality. We collect this information directly from You or third-party sources.
- Protected classification characteristics, such as biological sex. We collect this information directly from You upon processing the images provided to us.
- Biometric information, such as biological characteristics or physical patterns. We collect this information directly from You upon processing the images provided to us.
- Internet or network information, such as information on your interaction with the Service. We collect this information directly from your device.
- Sensory data, such as your images. We collect this information directly from You.
- Other Personal Information, in instances, when You interact with us online, by phone, or mail in the context of receiving help in connection with the Service.
The purposes for which we collect this information are described in Section 3 of this Policy.
You have certain rights regarding the Personal Information we collect or maintain about You. Please note, these rights are not absolute, and there may be cases when we decline your request as permitted by law.
The right of access means that You have the right to request that we disclose what Personal Information we have collected, used, and disclosed about You in the past 12 months.
The right of deletion means that You have the right to request that we delete Personal Information collected or maintained by us, subject to certain exceptions.
The right to non-discrimination means that You will not receive any discriminatory treatment when You exercise one of your privacy rights.
You can exercise your rights yourself, or You can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Information, we will verify your identity by a method appropriate to the type of request You are making. We may also request that your authorized agent has written permission from You to make requests on your behalf. We may also need to verify your authorized agent’s identity to protect your Personal Information.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform You of the reason and extension period in writing.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow You to transmit the information from one entity to another without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell You why we made that decision and provide You with a cost estimate before completing your request.
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by please use the contact details from Section 9 below. The functionality of the Service may also allow You to exercise your deletion rights in-app, i.e., You can request the deletion of your Personal Information via the Service interface.
8. CHANGES TO THIS POLICY
We may revise this Policy from time to time at our sole discretion. If there are any material changes to this Policy, we will notify You as required under the applicable Law. You understand and agree that You will be deemed to have accepted the updated Policy if You continue to use YourFit after the updated Policy takes effect. We encourage You to review this Policy periodically.
9. HOW TO CONTACT US
YourFit is operated by 3DLOOK Inc., 55 East 3rd Avenue, San Mateo, CA 94401.
If You have any questions, concerns, or complaints regarding the way we collect and handle your Personal Data, or if You have any thoughts or questions about this Policy, or about a contact person (representative) for compliance with the applicable Law, You can contact us at: privacy@3dlook.me
or
3DLOOK Inc.
Attn: Legal Department
55 East 3rd Avenue, San Mateo, CA 94401
For EEA and UK Residents:
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:
- United Kingdom (UK)
- European Union (EU)
Prighter gives You an easy way to exercise your privacy-related rights (e.g., requests to access or erase Personal Data). If You want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://prighter.com/q/12970373