Hyper Privacy Policy

Last Updated: 20/02/2025

This Privacy Policy (“Policy”) explains how Hyper AR Ltd (“Hyper AR,” “we,” “us,” or “our”) collects, uses, stores, and discloses information about you when you access or use our website, mobile applications (including Hyper View and Hyper app), our SDK, and any related services (collectively, the “Services”). By accessing or using our Services—including creating an account or otherwise providing data—you agree to the terms of this Policy. If you do not agree, please do not use our Services.

1. INFORMATION WE COLLECT 1.1 Personal Information. When you create an account, we collect your name and email address. Additionally, during organization setup and venue creation, we collect details such as your organization’s name and type, venue information (including venue name, address, and contact details), and any computer-aided design (CAD) files (e.g., .dwg files) you provide for generating a Digital Map. 1.2 Survey and Mapping Data. We collect data generated during the on-site survey process, including WiFi scan data and location information necessary for our indoor location technology. This data is retained until you delete the associated venue or your account. 1.3 Application and Device Data. When using our mobile applications and SDK (on Android and iOS), we may automatically collect technical information such as:   – User login details (managed via AWS Cognito)   – Device information (model, operating system, and system details)   – App usage data (app version, battery status, device motion data, etc.)   – Location data used to retrieve nearby venues and, in aggregate form, for analytics (e.g., generating heatmaps) For debugging and crash reporting, we use Sentry (which collects data anonymously) and AWS CloudWatch for log collection. 1.4 Payment Information. Payment processing is handled by Stripe. We do not store payment details on our systems; all payment-related data is managed in accordance with Stripe’s privacy policies.

2. HOW WE USE YOUR INFORMATION We use the information we collect to: 2.1 Provide, maintain, and improve our Services—including converting your CAD files into Digital Maps and processing survey data. 2.2 Manage your account, process payments, and communicate with you about account activity, product updates, and Service-related notifications. 2.3 Analyze aggregate, anonymized data (e.g., location and WiFi scan data) to enhance our indoor positioning solutions and generate analytics such as heatmaps. 2.4 Website Analytics and User Experience. We collect and analyze session information, user journey data, and error data to improve our website's functionality and user experience. This includes: – Session duration and pages visited – User interaction patterns and navigation flows – Feature usage and engagement metrics – Error occurrences and performance data This information helps us understand how users interact with our Services, identify areas for improvement, and optimize the overall user experience. All analytics data is collected and processed in an aggregate, anonymized form. 2.5 Enhance our mapping and survey processes through insights drawn from the CAD files and survey data.

3. DATA RETENTION 3.1 Account Data. Personal information provided during account creation is retained for as long as your account is active or as necessary to provide our Services. 3.2 Venue Data and CAD Files. Venue information and CAD files are retained until you delete the associated venue or terminate your account. Digital Maps generated from your CAD files may continue to be hosted until you elect to remove them. 3.3 Survey and Application Data. Data collected from on-site surveys and via our mobile applications is retained until you request deletion of the specific data or terminate your account. 3.4 Backups. We perform daily backups of our Mongo database to protect your data.

4. DATA SHARING AND DISCLOSURE 4.1 Third-Party Service Providers. We share your information only with trusted third-party service providers necessary for operating our Services. These include:   – Stripe for payment processing   – AWS for hosting, storage (with data stored in the United Kingdom), and backup operations (with data processing servers located in Ireland)   – Sentry and AWS CloudWatch for crash reporting and logging (with data anonymized or minimized where possible) 4.2 No Commercial Sharing. We do not share your CAD files, venue data, or personal information with partners for commercial purposes. 4.3 Legal Disclosures. We may disclose your information if required by law, to comply with legal processes, or to protect the rights, property, or safety of Hyper AR, our customers, or others.

5. DATA STORAGE AND SECURITY 5.1 Storage Locations. Your information is processed on servers located in Ireland and stored on AWS infrastructure in the United Kingdom. 5.2 Security Measures. We implement robust security practices, including a zero-trust approach. Access to sensitive data is controlled via AWS Cognito, and payment processing is secured via Stripe. We secure our database connections using signed URLs and strict access controls and take commercially reasonable measures to protect your data from unauthorized access, disclosure, alteration, or destruction.

6. INTERNATIONAL DATA TRANSFERS By using our Services, you consent to the transfer of your information to countries outside your country of residence, including the United Kingdom and Ireland, where data protection laws may differ from those in your jurisdiction. We take appropriate measures to ensure that such transfers comply with applicable data protection laws.

7. YOUR RIGHTS AND CHOICES 7.1 Access, Correction, and Deletion. You may request access to, correction of, or deletion of your personal data by contacting us at support@hyperar.com. If you terminate your account, your personal data, venue data, CAD files, and survey information will be deleted as described, though Digital Maps may remain hosted until you elect to remove them. 7.2 Opting Out of Communications. You may opt out of marketing communications by following the unsubscribe instructions provided in our emails; however, you will continue to receive essential communications related to your account and our Services. 7.3 GDPR Rights. If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the rights to data portability, to object to processing, and to lodge a complaint with a supervisory authority.

8. CHILDREN’S PRIVACY Our Services are not intended for children under 13 years of age. We do not knowingly collect personal information from individuals under 13. If we become aware that we have inadvertently collected such information, we will promptly delete it.

9. ACCESS TO THIS POLICY This Privacy Policy is readily accessible on our website. In addition, when integrating our Hyper SDK, a Hyper watermark is displayed on the interface, providing end users with direct access to this Privacy Policy at all times.

10. CHANGES TO THIS PRIVACY POLICY We may update this Privacy Policy periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any updates will be posted on our website with a revised “Last Updated” date. Your continued use of our Services after such changes constitutes your acceptance of the updated Policy.

11. CONTACT US If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: Email: support@hyperar.com

ONLINE ACCEPTANCE By using our website or Services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.