Last update: August 30, 2021
For the purposes of EU data protection laws (“Data Protection Legislation”), Matterport is a data controller (i.e., the company that is responsible for, and controls the processing of, your personal information).
3D-VR media Limited.
Alternatively, you may contact our customer support team via our social media outlets.
What information do we collect?
This section describes the types of personal information we may collect about you. We use the personal information we collect to carry out our obligations arising from any contracts entered into between you and us and to provide you with the Services that you request from us.
Information you provide us directly
Contact and account information. We may collect personal information, such as your name, phone number, address, industry type, company, and e-mail address when you register for our Services, purchase products, sign up for our mailing lists, or otherwise communicate with us.
Payment and transaction information. Information such as the model of camera purchased, subscription plans purchased, date and time of your transaction, and payment information, such as your credit card or bank account details.
Online Inquiries and Correspondence. You may submit an inquiry via the Service, or via email or written mail. For example, when requested Customer Support services, when requesting additional information about our products and the Service, and any other general correspondence. We may ask for your first and last name, physical address, email address, phone number, company name, industry type, details about your current product usage, and certain other information from time to time. You should ensure that you do not include any personal information beyond what we have requested in any online inquiries or correspondence.
Images stored and processed. When you capture images using a Matterport camera or other devices, or if you provide images from any other source and upload them to the Matterport Cloud (as described in the Matterport Cloud Subscription Agreement), we may collect personal information which is depicted within the imagery you submit.
Automatically collected information
URL, IP addresses, Device Information and Frequency of Use. Like many other online service providers, we collect and analyze information about our users’ utilization and navigation of our Services. This information helps us to design our Services to better suit our users’ needs, and we also use this information to share aggregated, anonymous information on the effectiveness of our Services with content owners and creators. This information is collected automatically and may include the URL you came from prior to using the Services, the Internet Protocol address (IP address) of your computer or mobile device, the type, and version of the internet browser you are using, the make, OS model and unique identifier of your computer or mobile device, and your usage patterns associated with the Services.
Location data. When you use a Matterport camera in conjunction with our mobile applications your current location may be captured and processed from location information provided from the camera or mobile devices built-in GPS sensors, and from information derived from cell tower triangulation. Additionally, we may use your IP address information to determine your approximate location. The mobile device OS will always prompt you for permission to use location data and we do not bypass this OS provided permission functionality in our mobile applications.
Information from other sources
Cookies and similar technologies
Collection and processing of sensitive information
The Service does not collect or process ‘sensitive information’, defined as data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation. As such, you should not provide any such information as part of your user profile, as part of any correspondence, when you upload images, or by any other means with your use of the Service.
How do we use personal information?
Contact and account information. We use your contact and account information to enable us to provide a secure and personalized Service. We also use your personal information to improve our services, to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about, or to notify you about changes to our Services.
Payment and transaction information. We use this information to facilitate transactions, detect and prevent fraud and keep a record of your purchases so we can provide you Customer Support and warranty services, and for financial purposes as required by law. We do not process your credit card information directly, but rather this information is processed by one or more 3rd-party payment processors.
Online Inquiries and Correspondence. We use the personal information you provide so we may communicate with you regarding your inquiry and to satisfy other requests. If you provide your phone number, we may use that information to make direct dial calls, autodialed and prerecorded message calls, and to send text messages, from Matterport relating to our products and services. If you correspond with us via email or by written mail, we may store the information you submit in a manner specific to you, for example in an electronic file indicating you are the sender.
URL, IP addresses, Device Information and Frequency of Use. We use this personal information to better understand how frequently you use the Services, the time you spend actively using the Services, and the pattern of actions you take in using the Services, We also track the URL that you visited before you came to our Services, the URL to which you next go to, information about the browser through which you are accessing the Services, and your Internet Protocol (IP) address. We use this information to administer and improve our Services, help diagnose problems with our Services, and to better understand your use of the Services. Your IP address may also be used to help identify you and to gather broad location and demographic information.
Location data. We use location data to autofill the address of a location being scanned when using the Service. We also use location data to assist the processing of image data and to better understand how multiple scan locations are related to each other. We also use location data to provide aggregated analytics to better understand how and where the Service is being used, to provide a customized and localized experience when using the Service, and to prevent access to the Services where required by law.
Legal basis for processing in the EU
If you are a resident in the EU, we need to tell you the legal basis on which we collect and use your personal information. In the EU, the purposes for which we process your personal data are:
Where we need to perform the contract we are about to enter into or have entered into with you for the Service;
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
Where we need to comply with a legal or regulatory obligation in the EU.
The legal basis depends on the category of personal data being process, and the purpose for that processing the following table indicates each category of personal data we process, and the legal bases we rely on to do so. Where legitimate interest has been used as the legal basis for processing, the specific legitimate interest we use has been described. Please contact us if you need details about the specific legal basis we are relying on to process your personal data where one or more legal bases has been indicated.
Category of Personal Data Legal Basis for Processing
Contact and account information
The performance of a contract and to take steps prior to entering into a contract;
Our legitimate interests, namely, administering the Service, for marketing purposes and communicating with users.
Payment and transaction information.
Performance of a contract;
Our legitimate interests, namely providing Customer Support and the detection and prevention of fraud.
Online Inquiries and Correspondence Legitimate interest, namely for marketing purposes and to respond to inquiries
Images stored and processed Performance of a contract;
URL, IP addresses, Device Information and Frequency of Use Our legitimate interests, namely providing, administering and improving the Service
Location data Our legitimate interests, namely providing, administering and improving the Service
When do we share your personal information?
3D-VR media will not share, rent, sell or otherwise disclose any of the personal information that we collect about you, except when we have your permission or in any of the following situations:
We may disclose the results of aggregated data about you for marketing or promotional purposes, as further described below. We may disclose, to the owners of certain content available through the Services, or their representatives, the following types of aggregated data about usage of such content: the number of views and the number of users who view the content, statistical information about users who view the content by geography, the referring URLs of users who view the content, the number of users who interacted with the content in specific ways, and other similar aggregated information relating to usage of the content. We may also disclose to third parties certain algorithms developed from analytics and machine learning conducted on user information collected in aggregated form, but these algorithms do not contain or disclose any personal information that is identifiable to you.
We may disclose your personal information to partners and resellers in order to facilitate sales in situations where Matterport does not directly sell our products and Services due to location, industry type or any other reason as determined solely by 3D-VR media.
We may disclose information about you as part of a bankruptcy, corporate reorganization, merger, acquisition or other sale or transfer of our assets or business.
We may be legally obligated to disclose information about you to the government or to third parties under certain circumstances, such as in connection with illegal activity related to our Services or to respond to a subpoena, court order or other legal process, including to meet national security requirements. We reserve the right to release information that we collect to law enforcement or other government officials, as we, in our sole and absolute discretion, deem necessary or appropriate.
From time to time, we may contact you with information about our products and services. Most marketing messages we send will be by email. For some marketing messages, we may use personal information we collect about you to help us determine the most relevant marketing information to share with you. In most cases our processing of your personal data for marketing purposes is based on our legitimate interest to provide you information about our current and future products, services and events.
Please be aware that if you opt-out of receiving marketing email from us, it may take up to ten business days for us to process your opt-out request, and you may receive marketing email from us during that period. Additionally, even after you opt-out from receiving marketing messages from us, you will continue to receive administrative and transactional messages from us regarding your use of the Service.
Where do we process your personal information?
International Transfers of your personal information. As we are primarily located in the USA, any information you provide will initially be collected processed and stored in the USA. If you are in the EU or EEA, this may mean that your personal information will be stored in a jurisdiction that offers a level of protection that may, in certain instances, be less protective of your personal information than the jurisdiction you are typically resident in.
Jurisdiction and Enforcement
We are subject to the investigatory and enforcement powers of the US Federal Trade Commission (“FTC”).
For European Union residents, you also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
We have further committed to refer unresolved privacy complaints under an independent dispute resolution mechanism.
How do we use online analytics services and tailored online marketing?
In our Services, we use Google Analytics and other third-party web analytics services. These third-party services use the kinds of technology described in the preceding sections to help us analyze how users use the Services, including by noting the URL that users visited before they came to our Services. These service providers will receive or directly collect the information collected by the technology, which they will use to evaluate your use of the Services. As described in the following paragraphs, we also use Google Analytics with the Services for certain purposes related to online marketing. You may wish to install the Google Analytics Opt-Out Browser Add-on, available at: https://tools.google.com/dlpage/gaoptout, to prevent Google Analytics from using your information for analytics.
We also allow other third parties, such as Google Analytics, Facebook and other ad networks and ad servers, to access their own cookies or other tracking technologies on your computer, mobile phone, or other device you use the Services. These tracking technologies enable these third parties to serve our tailored marketing to you while viewing other areas of the Internet, based on anonymous information collected while you are using the Services. We have implemented the following Google Analytics advertising features based on interests and location for the purposes of remarketing: retargeting and enhanced demographic tracking, including affinity audiences, custom affinity audiences, in-market audiences, similar audiences, demographic and location targeting, and demographics and interest reports. The parties that provide these technologies may offer you a way to opt out of targeted marketing as described below. Click the following link for more information on how Google uses data when you use the Site: https://policies.google.com/privacy
You may visit the Network Advertising Initiative’s Consumer Opt-Out Link and/or the Digital Advertising Alliance’s Consumer Opt-Out Link to opt-out of receiving tailored marketing from companies that participate in those programs, and if you are interested in learning about tailored browser marketing and how you can generally control cookies from being put on your computer to deliver tailored marketing (i.e., not just for our Site). You may also visit the Google Ads Settings page to opt-out of Google Analytics for Display Advertising or customize Google Display Network ads. Please also see additional information here about Google Ad Settings for mobile apps. Be aware that you may still receive marketing content that is not tailored to your interests, even if you opt-out of tailored marketing, to the extent marketing technology is integrated into our Site. In addition, we are not responsible for any choices you make using any of the above opt-out links, and we do not control these opt-out methods or their continued availability or accuracy.
You may also receive tailored in-application marketing content when using an application on a mobile device. Each mobile operating system provides its own instructions on how to prevent or opt-out of the delivery of tailored in-application marketing content.
California privacy disclosures
The California Consumer Privacy Act
We are required disclose the information we collect, our uses of that information, and your rights with regard to that information as defined by the California Consumer Privacy Act of 2018 (the “CCPA”), California Civil Code Sec. 1798.100 et seq.
When you use the Services, we collect personal information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your device.
Personal information does not include information publicly available from government records, de-identified or aggregated consumer information, information relating to our employees, contractors, and other personnel, and information excluded from the CCPA’s scope such as personal information covered by certain sector-specific privacy laws such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the California Confidentiality of Medical Information Act (CMIA), the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
The categories of information we collect
Specifically, we have collected the following categories of personal information from you within the last twelve (12) months:
Category Examples Collected?
Category A: Identifiers First and last name, email address, IP address, or similar identifiers. Yes
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. Yes
Category C: Protected classification characteristics under California or federal law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). No
Category D: Commercial information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes
Category E: Biometric information Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No
Category F: Internet or other similar network activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. Yes
Category G: Geolocation data Physical location or movements. Yes
Category H: Sensory data Audio, electronic, visual, thermal, olfactory, or similar information. Yes
Category I: Professional or employment-related information Current or past job history or performance evaluations. No
Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No
Category: K. Inferences drawn from other personal information Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Yes
We collect the categories of personal information listed above from the following categories of sources:
Directly from you, for example when you sign up for the Service.
Indirectly from you, for example by observing or analysing your use of the Service via our websites and mobile applications.
Use of personal information for California Residents
Sharing personal information for California Residents
We may disclose your personal information to third-parties for business purposes. In the preceding twelve (12) month we have disclosed the following categories of personal information for business purposes:
Category A: Identifiers
Category B: Personal information categories listed in the California Customer Records statute
Category D: Commercial information.
Category F: Internet or other similar network activity
Category G: Geolocation data
Category H: Sensory data
Category: K. Inferences drawn from other personal information
We disclose your personal information for business purposes to service providers and to third-parties to whom you or your agents authorize us to do so.
We do not “sell” personal information as most people would typically understand that term. However, we do allow certain third-party partners and providers to collect information about consumers directly through our services for purposes of analysing and optimizing our services and advertisements (ads), providing content and ads that are more relevant, measuring statistics and the success of ad campaigns, and detecting and reporting fraud. To the extent this practice is interpreted to constitute a “sale” under the CCPA, please see our ‘Cookies and Similar Technologies’ section above for more information including how to exercise your rights to opt-out of cookies, analytics and personalized advertising.
Rights and choices for California Residents
The CCPA provides California Residents with specific rights regarding their personal information. This section describes your rights and how to exercise them.
Access to your information and data portability rights. You have the right to request information about our collection and use of your personal information over the past 12 months. You also have the right to receive a copy of your personal information in a portable format to enable you to better understand our use of your personal information and to allow you to transfer your personal information to an alternative service provider of your choice.
Deletion request rights. You have the right to request that we delete your personal information that we have collected from you, subject to certain exceptions. We may deny your deletion request if retaining your information is necessary for us or one of our service providers to, for example:
Complete a transaction with you
Detect security incidents to protect against malicious, deceptive, fraudulent or illegal activity
Debug the Service and to identify and repair errors
Exercise free speech or to exercise another right provided by law
Use the personal information solely for internal uses that are reasonably aligned with your expectation based on your relationship with us
Comply with a legal obligation
Make other internal and lawful uses of your personal information that are compatible with the context with which you provided it
Personal information sales rights. You have the right to direct us not to sell your personal information.
Non-discrimination right. You have the right not to be discriminated against when you exercise any of the rights under the CCPA. Unless permitted by the CCPA, we will not:
Deny you goods or services
Actually charge, or suggest we charge you different prices or rates, or provide different levels of quality for goods and services.
However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you our products and services or engage with you in the same manner.
We may, where permitted by the CCPA, offer certain financial incentives related to the personal information you provide that can result in different prices, rates and quality levels. Such financial incentives will be reasonably related to the value of the personal information that you have provided, and in such cases, we will provide written terms that describes such an incentive programs material aspects.
Exercising access, data portability and deletion rights
You may only make a verifiable consumer request to exercise your access or data portability rights or your deletion right once free-of-charge within a 12-month period, and such requests must provide sufficient information that allows us to reasonably identify you, or identify you as an authorized representative. We will need to verify your identity before processing your request, which may require us to request additional personal information from you or require you to log into your account, if you have one. You must also provide sufficient detail in your request such that we can properly understand, evaluate and respond to it.
In certain circumstances, we may decline a request to exercise the rights described above, particularly where we are unable to verify your identity or locate your information in our systems. If we are unable to comply with all or a portion of your request, we will provide a brief explanation.
We endeavor to respond to verifiable consumer requests within forty-five (45) days of receipt. If we require more time, we will inform you of the reason and extension period. We will deliver our written responses to these requests either by mail or electronically, at your option. The response may also explain the reason we cannot comply with the request.
Additional California disclosures
California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn’t an industry or legal standard for recognizing or honoring DNT signals, we don’t respond to them at this time. We await the result of work by the privacy community and industry to determine when such a response is appropriate and what form it should take.
EU privacy rights
If you are located in the EU, you have the following rights in respect of your personal data that we hold:
Right of access. You have the right to access the personal information that we hold about you.
Right to rectification. You may have the right to require us to correct any inaccurate or incomplete personal information we hold about you.
Right to erasure. In certain circumstances you may have the right to the erasure of your personal data we hold about you (for example where it is no longer necessary in relation to the purposes for which it was collected or processed).
Right to restriction. You may have the right to request that we restrict processing of you personal information in certain circumstances (for example where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of that personal data).
Right to portability. In some limited circumstances, you may have the right to portability which allows you to move, copy or transfer personal data from one organization to another.
Right to object. You have a right to object to us processing your personal information when the processing is based on legitimate interests and also to stop us sending you direct marketing.
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Matterport has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by:
Using EDPO’s online request form: https://edpo.com/gdpr-data-request/
Writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
Automated decision-making and profiling
Automated decision making refers to a decision that is taken solely on the basis of automated processing of your personal data, for example using software, artificial intelligence or other rating or scoring algorithms. Profiling uses automated processing which sometimes results in automated decision making, and in some cases does not.
When you sign up to use the Services, we may use certain personal information, for example your first name, last name, address and IP address to verify you are eligible to use the Services and to restrict your access if you are not, for example if you are resident in a country or region that is subject to a U.S. government embargo. We will also restrict access by use of automated decision-making and profiling to anyone on or, directly or indirectly, owned, in whole or part, by any person or persons on the U.S. Treasury Department’s List of Specially Designated Nationals and Blocked Persons or any other U.S. government list of parties with respect to transactions that are forbidden or restricted.
Your right not to be subject to automated decision making and profiling does not apply if the decision was necessary for entering into or performing a contract with you or is authorized by law and there are suitable safeguards for your rights and freedoms. However, in these situations, you can still obtain human intervention in the decision-making process and will make sure there are methods in place for you to express your point of view.
How do we secure your personal information?
We take steps to help protect your data, including your personal information. The steps include protecting this data against accidental loss, unauthorized use, disclosure, and restricting access to personal information by our staff. The Service is hosted by a third-party hosting company that we have determined maintains various security controls and utilizes TLS encryption for all internet communication with the Service. We also require all staff that administer and develop the service follow a series of controls, including strong passwords, the use of anti-virus and anti-malware software, disk encryption and other practices.
We use various 3rd party processors to enable us to provide the Service, and as part of our vendor due-diligence, we review the security controls these processors have in place for appropriateness in relation to the type of data we collect.
You should keep in mind, however, that the Service utilizes software, hardware, and networks, which from time to time require maintenance and experience problems beyond our control. Note that no data transmission over the public internet or encryption method can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.
How long do you retain personal information?
What is our policy on deletion of personal information?
Customers can request through support to delete the personal (PII) data at any time. To exercise the access and deletion rights described above, the account owner should submit a verifiable consumer request to us using the information in the ‘Contact us’ section.
Rights to access
You may correct or update information collected about you by contacting Matterport at the email or mailing address noted below. We will use commercially reasonable efforts to correct or update our records. For our records, we may retain original and updated information for reasons such as technical constraints, dispute resolution, troubleshooting, and agreement enforcement.
You have the right to access personal information about you. We may request a fee to meet our costs in providing you with details of the information we hold about you, as permitted by law. We may decline to process requests that are frivolous, vexatious, jeopardize the privacy of others, are extremely impractical, or not otherwise required by local law.
Links to third-party websites, apps or services?
Updates to this Policy
What is our policy on children users of the Services?
We do not knowingly collect or maintain personal information from persons under 16 years old. Our Services are intended for use by a general audience, and no part of our Services is directed to children under 16. If Matterport learns that personal information of children less than 16 years old has been collected without verifiable parental consent, then Matterport will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under the age of 16 has obtained an account on the Services or otherwise provided us with personal information without your consent, then you may alert Matterport at the address below and request that we delete that child’s personal information from our systems