Pico Privacy Policy

Last Updated: 24/5/2022

Pico Immersive Pte. Ltd. (“we”, “our”, or “us”) provides innovative virtual reality products and services through our websites, applications, content, hardware, and services (collectively, the “Pico Services”). This Privacy Policy outlines how we handle information that identifies or is associated with you (“personal data”), including how we collect, use, and share personal data on our Pico Services.

We are the controller responsible for your personal data. Please take a moment to familiarize yourself with our privacy practices, and contact us at privacy@picoxr.com if you have any questions.

1. Personal Data We Collect

When you interact with the Pico Services, such as when you create a Pico account, contact our customer support team, use the Pico hardware or participate in an online survey, we collect your personal data, including:

2. Our Use of Your Personal Data

We use personal data to provide the Pico Services to you, to improve the Pico Services, to market to you, for security and fraud prevention, and to comply with applicable law. We may also use personal data for other purposes as allowed under applicable law.

3. How We Share Your Personal Data

We may share personal data with developers that provide apps on the Pico Services, our affiliated companies, service providers who act on our behalf, our partners, third parties in the context of corporate transactions, with your consent, or otherwise as required or allowed by law.

Third-party content providers may also collect information from you directly through the experiences they provide. Please note that any information you share with these third parties will be subject to those third parties’ own privacy policies.

4. Your Choices and Rights

You have the following choices with respect to your personal data. Depending on the nature of the choice you would like to exercise, we may need to verify your identity before honoring your request.

5. Transferring Your Personal Data

We provide the Pico Services on a global basis. This means that the information that we collect from you may be transferred to, and stored at, a destination outside of the country you reside in, including in Singapore where we are based. It may also be processed by staff operating outside your country who work for us, for one of our service providers or one of our partners. We will take all steps necessary to ensure that your information is treated securely and in accordance with this Privacy Policy and applicable law.

6. Data Security and Retention

We take appropriate technical and organizational measures to help protect personal data from unauthorized access, use, disclosure, alteration, and destruction. Unfortunately, the transmission of information via the internet is not completely secure and, as such, we cannot guarantee the security of your information transmitted via the Pico Services.

We retain information for as long as necessary to provide the Pico Services and for the purposes set out in this Privacy Policy. We also retain information when necessary to comply with contractual and legal obligations, when we have a legitimate business interest to do so (such as improving and developing our website and app service, and enhancing the safety, security and stability of our website and app service), and for the exercise or defence of legal claims.

7. Children

Pico Services are not intended for use by children under 13 years of age or under the equivalent minimum age threshold in the relevant jurisdictions. If we learn that we have collected personal data from a child under 13 we will delete it as soon as possible.

8. Changes to This Policy

If we make changes to this Privacy Policy, we will provide notice of such changes as appropriate, such as by sending you an email notification to the address you have provided, and/or providing notice through the Pico Services. If we make an administrative change, we will update the "Last Updated" date at the top of this Privacy Policy.

9. Contacting Us

If you have questions about this Privacy Policy, please contact us by email at privacy@picoxr.com.

10. Jurisdiction-Specific Terms

In the event of a conflict between the provisions of the below Jurisdiction-Specific Terms that are relevant to your jurisdiction from which you access or use the Pico Services, and the rest of this Privacy Policy, the relevant jurisdictions’ Jurisdiction-Specific Terms will supersede and govern the data processing.

a. EEA, UK and Switzerland

The information provided in this section applies to individuals in the European Economic Area, United Kingdom and Switzerland, which we refer to in this notice collectively as “Europe”.

Legal bases for processing. We use your personal data only as permitted by law. Our legal bases for processing your personal data described in this Privacy Policy are described in the table below.

Processing purpose
Legal basis
To enable us to administer, operate, and provide the Pico Services to you including to create accounts and process your transactions and to provide you with troubleshooting. Processing is necessary to perform the contract governing our provision of the Pico Services or to take steps that you request prior to signing up for an account to use the Pico Services.
To understand how you use the Pico Services, including reviewing user feedback, to monitor, improve and develop the Pico Services and conduct product development. The processing is necessary for our legitimate interests, namely, to identify and resolve issues with the Pico Services and to improve the Pico Services.
To comply with any legal obligation, including where necessary to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority. This processing is necessary in order to comply with our legal obligations.
To communicate with you, including to notify you about changes to the Pico Services, provide customer support to you and send you other service-related messages. The processing is necessary for the performance of a contract with you.
We may use this information to send you marketing communications in accordance with your preferences. The processing is necessary for our legitimate interests, namely to promote new developments and features of our Pico Services. We will obtain your consent to send you messages where required by law.
To enforce our terms, conditions and policies, including to ensure that you are old enough to use the Pico Services. The processing is necessary for the performance of a contract with you.
To help us detect abuse, fraud, and illegal activity on the Pico Services. The processing is necessary for our legitimate interests, namely, to ensure that the Pico Services are safe and secure.

Your rights. If you are located in Europe, in addition to the rights set out in section 4 "Your Choices and Rights", you also have the following rights in relation to your personal data:

To make such requests, contact us at the email address provided in section 9 "Contacting Us".

You also have the right to lodge a complaint with your local supervisory authority, but we encourage you to first contact us with any questions or concerns.

Cross-border transfer. We have taken appropriate safeguards to ensure that your personal data will remain protected and require our third-party service providers and partners if applicable to have appropriate safeguards as well. For onward transfers of your personal data, we ensure that: (i) the personal data is transferred to countries recognized as offering an equivalent level of protection; or (ii) the transfer is made pursuant to appropriate safeguards, such as standard data protection clauses adopted by the European Commission.

UK GDPR Representative: Cosmo Technology Private Limited, whose registered office is at 2 Temple Back East, Temple Quay, Bristol, BS1 6EG, United Kingdom.

b. South Korea

 If you are using our services in South Korea, the following additional terms apply. In the event of any conflict between the following additional terms and the provisions of the main body of this policy, the following terms shall prevail.

Data security. We work hard to protect the Pico Services and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. To this end, we have in place technical, managerial and physical safeguards, including internal policies for data protection, limitation of access to personal data on a need-to-know basis and control of access to the facilities where personal data is processed.

Data retention. We destroy personal data for which the purposes of collection as consented to by you have been achieved, or for which the periods of use as consented to by you or as provided in this Privacy Policy have expired; provided, however, we will continue to store your personal data for any statutorily-prescribed periods, where applicable.

Children. The Pico Services are not intended for use by children under 14 years of age.

Destruction of personal data. We destroy your personal data in a manner that renders it unrestorable by the relevant department.

Entrustment and/or overseas transfer of personal data. We entrust your data to our affiliates and service providers, some of whom are located outside of Korea (see the  Privacy Policy Addendum (for the Republic of Korea) below for a list), subject to your consents or notifications to you, if applicable. The entities receiving and processing your data are committed to using and storing personal data in compliance with domestic and international regulations and to taking all available physical and technical measures to protect personal data.

Privacy Policy Addendum (for the Republic of Korea)

Welcome to PICO ("Platform"). This Platform is provided and supported by Pico Immersive Pte. Ltd. ("We"). We are committed to protecting and respecting your personal information. We inform you as below of the entrustment for processing or overseas transfer of your personal information by electronic means that takes place when we collect it. The retention period permitted to the transferee may vary according to the use of our services and the relevant terms, laws and regulations. We transfer your personal information with security measures as appropriate for the operation of the Platform. 

TransfereePurpose of TransferItems of personal information transferred
Alibaba Cloud (Singapore) Private LimitedCDN cache servercontent files
Broadonetech Pte. LtdCDN cache servercontent files