Privacy Policy of Even Realities App
Effective Date: June 18th, 2024
This Privacy Policy of Even Realities App (the “Policy”) explains how we collect, use, store, disclose and share (collectively, “process”) your personal data when you use Evena Realities digital glasses and its companion mobile application “Even Realities App” (collectively, the “Products”) to interact with your environment such as routes navigation, real-time translation, and other services provided by Even Realities (collectively, the “Services”). We respect your privacy and will take security protection measures to protect your personal data. Please note, our Services may involve integrations with websites, applications, and services managed by third parties. By interacting with these third parties, you are providing information directly to the third party and not us and subject to the third party’s privacy policy. Please read their data usage policies or other documentation. Our linking to another site or service doesn’t mean we endorse that third party.
In this Policy, “Even Realities”, “we”, “us” or “our” refers to Even Realities GmbH, a company registered in Berlin with its registered address located at Friedrichstraße 79, 10117 Berlin, Germany if you are accessing the Services within EEA and within the United States.
This Policy may be updated from time to time and therefore please check back periodically for the latest version of the Policy, as indicated below. If there will be any significant changes made to the use of your personal data in a manner different from that stated at the time of collection, we will notify you by posting a notice on our App or by other means.
Here is a summary of the information contained in this Policy. This summary is to help you navigate the Policy and it is not a substitute for reading everything. You can view the particular sections for more detailed information.
Ÿ What data do we collect about you? If you register an account to use the Services, we will need some personal data from you to set this up. We will also collect and create personal data about you when you use certain functions of the Products (e.g., when you use the navigation service or real-time translation service through Even Realities smart glasses). For more information, please refer to 1 What data do we collect about you?.
Ÿ How do we use your data? We process your personal data to manage the contract you have refused/agreed to and to provide functions related to account management, routs navigation, real-time translation, and other services. For more information, please refer to 2 How do we use your data?
Ÿ How do we retain your data? Your personal data is stored on servers located in Netherlands, and we take every reasonable step to ensure that your personal data is only processed for the minimum period necessary for the purposes set out in this Policy. For more details on the location and duration of the retention of your personal data, please refer to 3 How do we retain and protect your data?
Ÿ How will we disclose and transfer your data globally? We may disclose your personal data to affiliates and some third-party service providers (e.g., technology services and business support) who help us deliver the Services. We may also be required to disclose certain personal data about you in response to any legal procedures or requests from regulatory authorities, for audit purposes, in the event of mergers, acquisitions, sale of assets, or transfer of services, and in other circumstances specified under 4 How will we disclose your data?. Due to the international operation of our business, your personal data may be accessed from and transferred to jurisdictions outside of where you are located. In the event of a cross-border transfer of personal data, we take appropriate measures to provide an adequate level of protection for your personal data. For more information, please refer to 5 How will we transfer your data around the world?
Ÿ What are your rights regarding the processing of your personal data? Depending on where you are, you may have certain rights with respect to your personal data, such as rights of access and data portability, to correct or delete your personal data, to withdraw your consent, restrict or object to our processing of your personal data, or to lodge complaints with an applicable authority for any breach of data protection laws. For more information, please refer to 6 What are your data subject rights and choices? In particular, if you are a California resident, certain state data privacy legislations may entitle you to additional rights as detailed under 8 Notice to California Residents.
Ÿ How do we protect minors? We do not aim to provide Services for minors, and we do not intentionally collect or maintain information from minors. For more information, please refer to 7 How do we protect minors?
Ÿ Contact Us. If you have any questions or comments regarding this Policy and/or other privacy practices, want to exercise any rights you may have, please contact us by using the information detailed under 10 How to contact us?
1 What data do we collect about you?
2 How do we use your data?
3 How do we retain and protect your data?
4 How will we disclose your data?
5 How will we transfer your data around the world?
6 What are your data subject rights and choices?
7 How do we protect minors?
8 Notice to California Residents
9 How to contact us?
10 How do we update this Policy?
1. What data do we collect about you?
For the purpose of this Policy, “personal data” means any information relating to an identified or identifiable individual. To the extent that our processing of your personal data is subject to certain data privacy protection laws (including, but not limited to the General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act of 2018 (“CCPA”) and California Privacy Rights Act of 2020 (“CPRA”), collectively hereafter “appliable laws”), we will also notify you about the legal basis on which we process your personal data and your rights under such laws.
We collect the following categories of personal data from you:
1.1. For registration and login to an Even Realities Account
Ÿ Requested Registration Information: when you create an account to our Services, we will collect your country, email address and verification code.
Ÿ Requested Technical Information: when you register or log in to your account, we will collect some technical information automatically including 1) Device Information: the device ID, device manufacturer, device model, device platform, device brand, device identification code (IMEI, IDFA, Android ID, MAC, OAID, Advertising ID, Serial Number, IMSI, UAID, ICCID, IDFV, BSSID, SSID), installed app list, operating system name, operating system version, device size. 2) Network Information: IP address, Wi-Fi information, base station information, operator information, and location-related information.
Ÿ Optional Profile Information: After you create an account, you can fulfill your profile information including nick name, date of birth and gender.
1.2. While using our services and products
Ÿ Location Information: When you choose to share your mobile device’s location with Even Realities by turning on the location services device setting, we collect location related information that you allow us to receive.
Ÿ Other Interaction Information: To enable you to use the functions of our Services and Products, such as real-time translation and Quicknote, we will collect your head posture and audio recordings which are your inputs during the usage of real-time translation and other services.
Ÿ Device Firmware Information: During device firmware updates, we will collect information on the updated firmware and zip packages.
Ÿ Even Realities smart glasses Settings Information: When collecting diagnostic and usage data to improve the Products and Services and to troubleshoot issues, we will collect your Even Realities smart glasses settings information, including the brightness settings, the features settigs of Even Realities smart glasses.
1.3. Access permission which we can request
During the provision of services, we may access the main device permissions as follows:
Ÿ Permission to access the local network
Ÿ Permission to push notifications
Ÿ Permission to obtain location information
Ÿ Permission to turn on the Bluetooth
Ÿ Permission to view calendar events
Ÿ Permission to read clipboard contents
Ÿ Permission to run background services
Ÿ Permission to retrieve installed application lists
You can choose to disable part of or all permissions in the device settings. Disabling only affects the corresponding function and does not affect the other functions of the Services.
The way permissions are displayed and disabled may vary on different devices. Please refer to the instructions or guidelines provided by the device and system developers for information on how to disable permissions.
2. How do we use your data?
We will only use your personal data when the applicable laws allow us to. Our legal bases for collecting and using the personal information described in this Policy depends on the personal data we collect and the specific context in which we collect the information:
Ÿ We need to perform a contract with you;
Ÿ You have given us consent to do so;
Ÿ Processing your personal data is in our legitimate interests, including
§ providing, maintaining and marketing our Services;
§ detecting, preventing and enforcing violations of our [Terms of Service] including misuse of services, fraud, abuse, and other trust and safety protocols; and
§ protecting our legal rights and the rights of others.
Ÿ We need to comply with our legal obligations under the applicable laws.
The purposes for which we process personal data, subject to applicable laws, and the legal basis on which we perform such processing, are as follows:
Purpose | Type of Personal Data | Legal Basis |
To provide you with functions related to user account management, such as account registration, account deletion, account login, and modification of account information | Ÿ Requested Registration Information Ÿ Requested Technical Information Ÿ Optional Profile Information | Performance of contract |
To provide and facilitate the Services with you, so that you could use the functions of Even Realities smart glasses | Ÿ Location Information Ÿ Other Interaction Information | Performance of contract |
To provide firmware updates, maintenance services and supports for your devices | Ÿ Device Firmware Information | Performance of contract |
To identify the abnormal status, ensure the stability and security of our Services, and to meet governmental and institutional policy obligations | Ÿ Requested Registration Information Ÿ Requested Technical Information | Legitimate interests & Legal obligations |
To investigate and resolve security issues, and to enforce our Terms of Service | Ÿ Requested Registration Information Ÿ Interaction Information Ÿ Even Realities smart glasses Settings Information | Legitimate interests & Performance of contract |
To improve the product experience and hardware performance based on your usage of our Services and the device status | Ÿ Even Realities smart glasses Settings Information | Legitimate interests |
3. How do we retain and protect your data?
3.1. Where would we keep your data
If you use the Products and Services, your data will be processed on servers located in Netherlands. Additionally, we will only transfer your personal data to our partners, service providers and other third parties when necessary. In such cases, your personal data may be stored on those third parties’ servers.
3.2. How long do we store your data
We adhere to retention policies for the personal data we collect to ensure that it is not retained longer than necessary for the intended purpose. Different retention periods are applied to the various types of personal data collected by us in accordance with the service needs and regulatory requirements.
Upon expiration of the retention period, we will either delete or anonymize your personal data. Measures will be taken to render the information irrecoverable or irreproducible.
When assessing how long your personal data is retained, we consider criteria such as: (i) the nature of the personal data and the activities involved; (ii) when and for how long you use the Products; and (iii) our legitimate interests and our legal obligations.
3.3. How do we protect your data
We have implemented appropriate technical and organizational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access, and other unlawful or unauthorized forms of processing, in accordance with applicable laws. When using an App account, it is important that you select a strong password and do not share it with others. If you have any concerns that your App account or personal data has been put at risk, for example if someone could have found out your password, please contact us by using the contact details provided in Section 9 below.
Please note, the Internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your personal data, we cannot guarantee the security of your data transmitted to us using the internet – any such transmission is at your own risk, and you are responsible for ensuring that any personal data that you send to us are sent securely.
4. How will we disclose your data?
In order to provide you with more comprehensive and high-quality Products and Services, we will authorize our commercial partners to provide certain services to you. In such cases, we may share some of your personal data with these partners.
We will only share your personal data for lawful, legitimate, necessary, specific, and explicit purposes, and we will only share the personal data required to provide the Services. We will require our partners, through agreements, to retain data only for the necessary period and to implement adequate security measures to protect data security.
We will disclose personal data to the following categories of third parties for the purposes explained in this Policy:
· Affiliates and corporate partners. We disclose the categories of personal data described above between and among our affiliates and related entities, for legitimate business purposes and the operation of the Services, in accordance with applicable laws.
· Service providers and business partners. Third-party service providers who provide us with technology services (such as cloud storage service, real-time voice translation, ASR voice) and business support (such as navigation service, AI service and weather service) may need to process your data. These third parties will process your personal data on our behalf under relevant contracts.
· Law enforcement agencies, public authorities or other judicial bodies and organizations. We disclose Information if we are legally required to do so, or if we have a good faith belief that such use is reasonably necessary to comply with a legal obligation, process or request; enforce our [Terms of Service] and other terms, policies, and standards, including investigation of any potential violation thereof; detect, prevent or otherwise address security, fraud or technical issues; or protect the rights, property or safety of us, our users, a third party or the public as required or permitted by applicable laws (including exchanging information with other companies and organizations for the purposes of fraud protection).
· Change of corporate ownership. If we are involved in a merger, acquisition, bankruptcy, reorganization, partnership, asset sale or other transaction, we may disclose your Information as part of that transaction.
5. How will we transfer your data around the world?
Since we maintain servers located in Netherlands, your personal data may be processed on servers located outside of the country where you live. Meanwhile, due to the international nature of our business, your personal data may also be accessed by our affiliates or be transferred to third-party service providers and business partners, in connection with the purposes set out in this Policy. For this reason, we transfer personal data to other jurisdictions that may have different laws and data protection compliance requirements to those that apply in the jurisdiction in which you are located.
In the event of an international transfer of personal data, when required by applicable laws, we will provide an adequate level of protection for your personal data using various means, including where appropriate, implementing the European Commission approved Standard Contractual Clauses and UK International Data Transfer Agreement between our affiliates and third parties (where applicable) or any other lawful approach that permits the lawful transfer of personal data from those countries.
6. What is your data subject rights and choices?
Subject to applicable law and depending on where you reside, you may have some rights regarding your personal data, as described further below. You may exercise some of your right in the Apps via “Settings > Account”. If you have any other requests relating to the access of your personal data, please contact us.
6.1. Data Access
You may have the right to know what personal data we process about you, including the categories of personal data, the business or commercial purposes for collection, and the categories of third parties to whom we disclose it.
6.2. Data Correction
You may have the right to request that we correct inaccurate personal data that we retain about you, subject to certain exceptions.
6.3. Data Portability
You may contact us to request the personal data you have provided to us in a structured, commonly used and machine-readable format and have it transferred to another controller, to the extent applicable.
6.4. Data Deletion
You have the right to delete your account and erase your personal data. Upon deleting your account, all your personal data will be deleted. Additionally, you may also request deletion of the personal data you provide by contacting us. If some of your personal data cannot be deleted, we will inform you of the reasons for not taking action.
Please note that we reserve the right to retain some of your personal data where there are valid grounds for us to do so under applicable laws.
6.5. Withdrawal of Consent
Where we process your personal data on the basis of your consent, you may withdraw your consent by contacting us. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
6.6. Objection to the Processing
Subject to applicable laws, you may object to the processing of your personal data based on our legitimate interests where there are grounds relating to your particular situation by contacting us. Please note that we may have an overriding legitimate interest to keep processing your personal data, but we will let you know where this is the case.
6.7. Restriction to the Processing
If you would like to restrict our processing of your personal data, you may contact us. You have the right to restrict the processing of your data where one of the following applies:
Ÿ the processing is unlawful and you oppose the erasure of relevant personal data;
Ÿ for the purpose of establishment, exercise or defense of legal claims, you request us to retain your personal data that we were supposed to delete;
Ÿ your objection regarding the accuracy of your personal data is pending our verification;
Ÿ your request to object to the processing of your personal data is pending our verification.
6.8. Other Rights
Depending on your jurisdiction, you may be entitled to additional rights in relation to your personal data. For example, you may also have the right to lodge complaints with an applicable data protection authority if you consider that the processing of your personal data infringes any applicable data protection laws (for example, the EU General Data Protection Regulation). For California residents, please find more details of your rights in Section 8 below.
If you would like to contact us to exercise one or more of these rights, to ask a question about these rights or any other provision of this Policy or about our processing of your personal data, or to file a complaint about how we process your personal data, you may use the contact details provided in Section 9 below. When submitting a right request, please specify the scope and basis of your request and provide us with the necessary information to verify your identity. We may contact you to confirm your identity in order to handle your request. We will respond to your request or complaint in due course under applicable data protection laws.
7. How do we protect minors?
Our Services are not directed towards, and we do not knowingly collect, sell, or share any information about children. If you become aware that a child has provided any personal data to us while using our Services, please email us at the contact details provided in Section 9 below, and we will investigate the matter and, if appropriate, delete the personal data.
8. Notice to California Residents
If you are a California resident, the California Privacy Rights Act or other California privacy laws described below require us to provide you with the following additional information:
8.1. Collection and Use of Your Personal Data. We collect personal data from and about you in the preceding 12 months as described in Section 1 above.
8.2. Disclosure of Personal Data. We disclose personal data with third parties for business purposes in the preceding 12 months as below:
Categories of personal data | Disclosed to which categories of third parties |
All categories detailed in Section 1 above | Cloud storage services provider and our affiliates |
Location information | Navigation service provider and Weather service provider |
Voiceprints and audio recordings | Real-time translation service provider and IOS ASR voice service provider |
Other Interaction Information | AI service provider |
8.3. Your California Rights and Choices. As a California resident, you may be able to exercise the following rights:
Ÿ the right to know any or all of the following information relating to your personal data we have collected and disclosed in the last 12 months, upon verification of your identity:
§ The specific pieces of personal data we have collected about you,
§ The categories of personal data we have collected about you,
§ The categories of sources of the personal data,
§ The categories of personal data that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed,
§ The categories of personal data we have sold and the categories of third parties to whom the information was sold, and
§ The business or commercial purposes for collecting or selling personal data.
Ÿ the right to correct any inaccurate personal data we have about you.
Ÿ the right to request deletion of personal data we have collected from you, subject to certain exceptions.
Ÿ the right to opt-out of the sale and/or the sharing of your personal data and sensitive personal data to third parties now or in the future.
You also have the right to be free of discrimination for exercising these rights. However, please note that the exercise of these rights may limit our ability to process personal data. For example, if you submit a deletion request, we may no longer be able to provide you with our Services.
8.4. Limit the Use of Sensitive Personal Data. You also have the right to request limitation of use and disclosure of your sensitive personal data, subject to certain exceptions. If you would like to limit the use of your sensitive personal data, please contact us by using the contact details provided in Section 9 below.
The location, biometric information, and verification code are sensitive personal data as defined by the CPRA. Currently, we use and disclose such data to third-party service providers for the purpose necessary to provide Services to you, supporting your account management, calculating the parameters for your Even Realities smart glasses, enabling the functions of Even Realities smart glasses including navigation, real-time translation. We do not “sell” or “share” (as defined under the CPRA) your sensitive personal data.
8.5. Do Not Sell or Share My Personal Data. Based on the definition of “sell” and “share” under the CPRA, we do not believe that we engage in such activity and have not engaged in such activity in the past 12 months from the effective date of this Policy.
8.6. To submit your California Consumer Rights Requests. You may submit a request to exercise your California Consumer Rights by contacting us using the contact details provided in Section 9 below. We will need to verify your identity before processing your request, which may require us to request additional personal data from you or require you to log into your account, if you have one. In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity or locate your information in our systems, or as permitted by law. Subject to certain restrictions, you can have an agent exercise your rights for you. If you have an agent exercising your rights, we must be provided with your written authorization allowing that person to make such a request on your behalf. We reserve the right to deny the agent’s request if we are not reasonably able to confirm proper authorization and/or verify your identity as the requestor.
8.7. Appeal. You may appeal our refusal to take action on a request by contacting us using the contact details provided in Section 9 below. If your appeal is denied and you are a California resident, you may contact the California Attorney General about the results of the appeal by submitting a complaint by clicking here: https://oag.ca.gov/contact/consumer-complaint-against-business-or-company.
8.8. California’s “Shine the Light” Law. California’s “Shine the Light” law (Civil Code Section §1798.83) provides certain rights to California residents who have an established business relationship with us with regard to the disclosure of certain types of personal data to third parties for their direct marketing purposes. We do not disclose personal data to third parties for their direct marketing purposes.
9. How to contact us?
For more information about your data subject rights, or how we process your personal data, please contact us by using the information below.
Controller: Even Realities GmbH
Contact Details: Friedrichstraße 79, 10117 Berlin, Germany
Website: evenrealities.com.
Phone: +49 30 837 90777
10. How do we update this Policy?
We will update this Policy in a timely manner, and we recommend that you regularly check the latest version of this Policy via “Privacy and Legal” of the App. If there are any substantial changes to this Policy, depending on the nature of such changes, we will notify you in advance through pop-ups, push notifications, emails, and other appropriate means.