Policy version: 25th of October, 2021 (for previous versions of this policy see https://boyfriend.myanima.ai/legal/history)
This app is supplied by Anima AI Ltd ("Anima", "we", "us", and "our"). We build virtual companion apps.
Our company number is 13343968.
Our registered office and our place of business is C/O Pollock Accounting 3-4 Sentinel Square, Hendon, London, United Kingdom, NW4 2EL. However, please direct all correspondence related to the App to email@example.com.
"app" means the iBoy: My Virtual Boyfriend app that you download and install onto your device, and includes and all updates to such app that we make available or provide to you from time to time.
The app provides virtual companion and virtual chat functionality.
It also explains your rights in relation to your personal data and how to contact us or the relevant regulator in the event you have a complaint.
We are the controller of personal data obtained via the app, meaning we are the organisation legally responsible for deciding how and for what purposes it is used.
If you are aged under 17 (or under 18 if you are in the UK) you must not use the app as it is not designed for you. We do not intend to collect the personal data of anyone under 17. If you are aware that any personal data of anyone under 17 has been shared with the app please let us know so that we can delete that data.
What this policy applies to
The app may link to other apps, websites or services owned and operated by us or by certain trusted third parties to make additional products, information and services available to you. These other apps, websites or services may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other apps, websites or services, please consult their privacy policies as appropriate.
Personal data we collect about you
The personal data that we may collect about you broadly falls into the following categories: • Information that you provide voluntarily
Certain parts of our app may ask you to provide personal data voluntarily: for example, we may ask you to provide your contact details in order to register an account with us, to subscribe to marketing communications from us, and/or to submit enquiries to us. In chatting with your iGirl, you will inevitably be including your personal data. The personal data that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal data.
• Information that we collect automatically
When you download and access our app, we may collect certain information automatically from your device. In some countries, including the UK, this information may be considered personal data under applicable data protection laws.
Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, other internal identifiers (integers), browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our app.
Collecting this information enables us to better understand the users of our app, where they come from, and what content or functionality in our app is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our app to our users.
• Information that we obtain from third party sources
From time to time, we may receive personal data about you from third party sources (including Apple, Google, and Facebook), but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal data to us.
The types of information we collect from third parties include name, email address, external tokens/ids and we use the information we receive from these third parties to maintain and improve the accuracy of the records we hold about you.
Use of the camera on your device for augmented reality
Permission will be requested to use the camera on your device in order to enable the augmented reality features in the app.
You may disable the app’s access to the camera on your device at any time by adjusting the permissions in your device settings although that will mean that the augmented reality feature on the app is no longer available.
Data gathered by the camera for such purposes remains under your control on the device and we do not have access to it.
Legal basis for processing personal data
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it.
However, we will normally collect personal data from you only where we have your consent to do so, where we need the personal data to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and
freedoms. In some cases, we may also have a legal obligation to collect personal data from you or may otherwise need the personal data to protect your vital interests or those of another person.
If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).
Similarly, if we collect and use your personal data in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us (see ‘How to contact us’ below).
We may use your personal data to send you updates (by email, push notification and text message) about our services, including exclusive offers, promotions or new services.
We have a legitimate interest in using your personal data for marketing purposes (see above ‘Legal basis for processing personal data ’). This means we do not usually need your consent to send you marketing information. However, where consent is needed, we will ask for this separately and clearly.
You have the right to opt out of receiving marketing communications at any time by: • contacting us at firstname.lastname@example.org
• using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts
For more information on your right to object at any time to your personal data being used for marketing purposes, see ‘Your rights’ below.
Who we share your personal data with
We routinely share personal data with service providers we use to help us run our business or provide the services or functionalities in the app, including:
• Apple, Google, and Facebook;
• wasabi.com for image storage services;
• Azure Computer Vision for image processing services;
• Amplitude and RevenueCat for analytics services;
• BugSnag and Sentry for support services;
• AppsFlyer, Firebase Analytics, Apple Search Ads Attribution for the purposes of marketing performance measurements, conversion tracking and retargeting.
We only allow our group companies and service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual
obligations on service providers to ensure they can only use your personal data to provide services to us and to you.
We or the third parties mentioned above may occasionally also need to share your personal data with:
• external auditors, e.g. in relation to the audit of our accounts —the recipient of the information will be bound by confidentiality obligations
• professional advisors (such as lawyers and other advisors)—the recipient of the information will be bound by confidentiality obligations
• law enforcement agencies, courts or tribunals and regulatory bodies to comply with legal and regulatory obligations
• other parties in connection with a significant corporate transaction or restructuring, including a potential or actual merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations
If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).
We retain personal data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
Transferring your personal data out of the UK
Countries outside the UK have differing data protection laws, some of which may provide lower levels of protection of privacy.
It is sometimes necessary for us to share your personal data to countries outside the UK. In those cases we will comply with applicable UK laws designed to ensure the privacy of your personal data.
We will transfer your personal data from the UK to:
• our service providers (Sentry, Wasabi, Azure, Amplitude, AppsFlyer, RevenueCat, Firebase) located outside the UK in USA
Under data protection laws, we can only transfer your personal data to a country outside the UK where:
• the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR
• there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or
• a specific exception applies under relevant data protection law
Where we transfer your personal data outside the UK we do so on the basis of an adequacy regulation or (where such is not available) legally-approved standard data protection clauses recognised or issued further to Article 46(2) of the UK GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law.
For further information about such transfers and the safeguards we employ, including to obtain a copy of the standard data protection clauses, please contact us (see ‘How to contact us’ below).
You generally have the following rights, which you can usually exercise free of charge:
● If you wish to access, correct, update or request deletion of your personal data, you can do so at any time by contacting us using the contact details provided (see ‘How to contact us’ below).
● In addition, you can object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data. Again, you can exercise these rights by contacting us using the contact details provided (see ‘How to contact us’ below).
● You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing, then please contact us using the contact details provided (see ‘How to contact us’ below).
● Similarly, if we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
When contacting us please:
• provide enough information to identify yourself (e.g. your full name, address and email address) and any additional identity information we may reasonably request from you, and
• let us know which right(s) you want to exercise and the information to which your request relates
Keeping your personal data secure
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
Please contact us if you have any queries or concerns about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.
How to contact us
Our contact details are shown below:
Our contact details: email@example.com