Privacy Policy

Last Updated: October 23, 2023


Illumix, Inc. (" Illumix," "we," "us," or "our") has prepared this Privacy Policy to explain what Personal Data (defined below) we collect, how we use and share that data, and your choices concerning our data practices. Through our mobile applications (the "Apps"), we provide augmented reality games that adapt to your environment (such services, including https://illumix.com/ and related websites (the "Sites") and the Apps, are referred to collectively in this Privacy Policy as the "Service").

This Privacy Policy explains what Personal Data (defined below) we collect, how we use and share that data, and your choices concerning our data practices.

Please read this Privacy Policy before using our Service or submitting any Personal Data to Illumix and contact us if you have any questions.

INFORMATION WE COLLECT

We collect information that alone or in combination with other information held by us could be used to identify you (" Personal Data") as follows:

Personal Data You Provide: We collect Personal Data when you interact with the Service or contact us. The Personal Data collected or processed during these interactions may vary based on what you choose to share with us, but it will generally include your username, password, email address, social media profile information, and contacts (including friends you have invited to the Service), and contacts stored on your device (in order to display them to you for social features).

Geolocation: We collect your location information while you use the App through various technologies, including your device IP address, the Wi-Fi access points you connect to the Service through, GPS coordinates (e.g. latitude/longitude), and mobile/cell tower triangulation methods. If you want to opt out of the collection of your location data, adjust your settings in your mobile device to limit the App's access to your location data.

In App Payments: Any payments you make through the Service are processed through your device by Apple, Inc. ("Apple") or Google, Inc. ("Google"). Such payments are subject to the privacy policies of Apple or Google, respectively, over which Illumix has no control. We do not receive financial information related to payments you make through the Service, but we may receive non-financial information such as your name, approximate physical location, and items purchased.

Personal Data We Collect Through Our Social Media Pages: We have pages on social media sites like Instagram, Facebook, Twitter, and LinkedIn ("Social Media Pages"). When you interact with our Social Media Pages, we will collect Personal Data that you elect to provide to us through your settings on the Social Media Site, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.

Personal Data We Receive Automatically When You Use the App: We receive certain information automatically when you use the App:

Personal Data We Receive Automatically When You Use the Sites: When you visit, use and interact with the Sites, we may receive certain information about your visit, use or interactions. For example, we may monitor the number of people that visit our Sites, peak hours of visits, which page(s) are visited on our Sites, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access and visit our Sites (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and Site-navigation pattern. In particular, the following information is created and automatically logged in our systems:

 

Online Tracking and Do Not Track Signals: We may, and we may allow third party service providers to, use cookies or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Sites. Our Sites currently do not respond to "Do Not Track" ("DNT") signals and operate as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will describe how we do so in this Privacy Policy.

HOW WE USE PERSONAL DATA

We use Personal Data to provide the Service and allow you to play our augmented reality games, including tracking the activities you take while playing games in the Service to provide you with gameplay experiences based on the actions you have taken. This processing is necessary to perform our contract with you.

We also use Personal Data as necessary for the following legitimate business interests:

For information about what we mean by legitimate interests and the rights of individuals in the European Union ("EU"), please see the "EU Users" section below.

We also use Personal Data with your consent, if required, to allow you to invite and connect with your friends through the Service and to track your location to provide you with gameplay experiences based on your real-world location.

Marketing. We may contact you to provide information we believe will be of interest to you. For instance, if you elect to provide your email address, we may use that information to send you promotional information about our products and services (such as to let you know that a game you are interested in is available for download). If we do, where required by law, for example if you are in the EU, we will only send you such emails if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving emails by following the instructions contained in each promotional email we send you or by contacting us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications, but we will continue to contact you regarding our Sites and Services and to respond to your requests.

HOW WE SHARE AND DISCLOSE PERSONAL DATA

In certain circumstances we may share your Personal Data with certain categories of third parties without further notice to you, unless required by the law, as set forth below:

We keep Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

UPDATE YOUR INFORMATION

If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us at privacy@illumix.com. We will address your request as required by applicable law.

CHILDREN

Our Service is not directed to children. Illumix does not knowingly collect Personal Data from children. If you have reason to believe that a child has provided Personal Data to Illumix through the Service please contact us and we will endeavor to delete that information from our databases. We consider children to be anyone younger than 16.

EU USERS

Scope. This section applies to individuals in the EU (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway, the United Kingdom, and, to the extent applicable, Switzerland).

Data Controller. Illumix is the data controller for the processing of your Personal Data. You can find our contact information, and the contact information of our EU-based representative, in the "Contact Us" section below.

Legal Bases for Processing. This Privacy Policy (the paragraph "How We Use Personal Data") describes the legal bases we rely on for the processing of your Personal Data. Please contact us if you have any questions about the specific legal basis we are relying on to process your Personal Data.

As used in this Privacy Policy, "legitimate interests" means our interests in conducting our business and developing a business relationship with you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Your Rights. Pursuant to the European Union General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:

Please see the "Contact Us" section below for information on how to exercise your rights.

Data Transfers

Illumix is based in the U.S. - transfers of your Personal Data to Illumix in the U.S. are necessary to perform the agreement we have entered into, or are about to enter into, with you.

Data Privacy Framework

Illumix Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Illumix Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Illumix Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

General. We rely on our Data Privacy Framework certification to transfer Personal Data that we receive from the EU, UK, and Switzerland to Illumix in the U.S. and we process such Personal Data in accordance with the DPF Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability ("Data Privacy Framework Principles"), as described below.

Notice and Choice. This Privacy Policy provides notice of the Personal Data collected and transferred under the DPF and the choice that you have with respect to such Personal Data. It also provides information about other DPF Principles that are set forth below.

Accountability for Onward Transfers. We may be accountable for the Personal Data we receive under the DPF that we may transfer to third-party service providers (described in the section "How We Share and Disclose Personal Data" above). If such service providers process Personal Data in a manner inconsistent with the DPF Principles, we are responsible for the harm caused.

Security. We maintain security measures to protect Personal Data as described in the "Security" section of this Privacy Policy.

Data Integrity and Purpose Limitation. We take reasonable steps to ensure that Personal Data is reliable for its intended use, and that it is accurate, complete and current for as long as we retain it. Our data retention practices are described in the "Data Retention" section of this Privacy Policy.

Access. EU and UK users have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the DPF Principles. Please see the "Your Rights" section above for more information on the rights of users in the EU (and, to the extent applicable, users in Switzerland).

Recourse, Enforcement, Liability. In compliance with the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Illumix Inc. commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  EU and UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Illumix Inc. at: privacy@illumix.com

Illumix Inc. further commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-data-privacy-framework for more information or to file a complaint.  The services of JAMS are provided at no cost to you.

If your complaint is not resolved through these channels, under certain conditions a binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms may be available. For additional information, please visit: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2l


Illumix Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF


The Federal Trade Commission has jurisdiction over Illumix Inc.’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

CALIFORNIA PRIVACY RIGHTS DISCLOSURES

Where provided for by law and subject to any applicable exceptions, California residents may have the right:

If you would like to exercise any or all of these rights, you may do so by emailing us at privacy@illumix.com or submitting a request to support@illumix.com. After we receive your request, we may request additional information from you to verify your identity. Your authorized agent may submit requests in the same manner, although we may require the agent to present signed written permission to act on your behalf, and you may also be required to independently verify your identity with us and confirm that you have provided the agent permission to submit the request.

Please contact us with questions or to request access to an alternative format of this Privacy Policy.

LINKS TO OTHER WEBSITES

The Sites may contain links to other websites not operated or controlled by Illumix, including social media services (" Third Party Sites"). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

COOKIES

We and our partners use cookies to operate and administer our Sites, make it easier for you to use the Sites during future visits, and gather usage data on our Sites.

For more information about the cookies used on our Sites, please refer to our Cookie Policy, which forms part of this Privacy Policy.

TEXT MARKETING TERMS & CONDITIONS

We are using a text messaging platform, which is subject to the following terms and conditions. By opting-in for our text marketing and notifications in, you agree to these terms and conditions. By entering your phone number in the checkout and initialising a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase. Your phone number, name and purchase information will be shared with our SMS platform "SMSBump Inc, a European Union company with offices in Sofia, Bulgaria, EU. This data will be used for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfill their delivery.

If you wish to unsubscribe from receiving text marketing messages and notifications, reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you with in any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.

For any questions please text "HELP" to the number you received the messages from. You can also contact us for more information. If you wish to opt out please follow the procedures above.

SECURITY

You use the Service at your own risk. We comply with industry standards to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Data to Illumix via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites.

YOUR CHOICES

Whether or not you provide Personal Data to us is completely up to you, but if you choose not to provide information that is needed to use some features of our Sites, you may be unable to use those features. You can also contact us to request access to your data or to ask us to update, correct, or delete your Personal Data.

CHANGES TO THE PRIVACY POLICY

The Service, and our business may change from time to time. As a result, we may change this Privacy Policy at any time. When we do we will post an updated version on this page, unless another type of notice is required by the applicable law. By continuing to use our Service or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you if applicable, you consent to the revised Privacy Policy and practices described in it.

CONTACT US

If you have any questions about our Privacy Policy or the information practices of the Sites, please feel free to contact us at our designated request address privacy@illumix.com.

EU Citizens

If you are an individual in the EU, you can also contact VeraSafe Ireland Ltd. ("VeraSafe"), who has been appointed as Illumix's representative in the EU pursuant to Article 27 of the GDPR on matters related to the processing of personal data activities that take place in the EU.

To make such an inquiry, please contact VeraSafe at:

https://verasafe.com/public-resources/contact-data-protection-representative

or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:

VeraSafe Ireland Ltd.

Unit 3D North Point House

North Point Business Park

New Mallow Road

Cork T23AT2P

Ireland

UK Citizens

If you are an individual in the UK, you can also contact VeraSafe, who has been appointed as Illumix's representative in the UK pursuant to Article 27 of the UK GDPR on matters related to the processing of personal data activities that take place in the UK.

To make such an inquiry, please contact VeraSafe at:

https://verasafe.com/public-resources/contact-data-protection-representative

 or via telephone at: +44 (20) 4532 2003.

Alternatively, VeraSafe can be contacted at:

VeraSafe United Kingdom Ltd.

37 Albert Embankment

London SE1 7TL

United Kingdom