Privacy Policy

Last updated: June 25, 2024

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You. We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions
For the purposes of this Privacy Policy:

Account means a unique account created for You to access Our Service or parts of Our Service.
Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to Bootloader Studio Pte. Ltd, 68 Circular Road, #02-01 Singapore (049422).
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to Singapore.
Device means any device that can access the Service such as a computer, a cell phone or a digital tablet.
Personal Data is any information that relates to an identified or identifiable individual.
Service refers to the website and the app.
Services Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Website refers to Bootloader Studio, accessible from https://bootloader.studio.
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

We collect, use, and are responsible for certain personal information about You. The practices described in this policy are subject to applicable laws in the places in which We operate. This means that We only engage in the practices described in this policy in a particular country or region if permitted under the laws of those places. When We offer Our Service to individuals in Singapore, We are subject to the Singapore Personal Data Protection Act 2012 (No. 26 of 2012). In the European Economic Area (EEA), We are subject to the EU General Data Protection Regulation (EU GDPR), which applies across the entire European Union. For California consumers, We are subject to the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA). We are responsible as a “controller” of that personal information for the purposes of the GDPR. We are responsible for Your personal information as a “business” under the CCPA/CPRA.

Types of Data Collected

Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Email address
First name and last name
Phone number
Age
Address, State, Province, ZIP/Postal code, City, Country

Usage Data
Usage Data is collected automatically when using the Service. Usage Data may include information such as Your device's IP address, browser type, operating system, the web page You were visiting before accessing Our Service, the pages of Our Service which You browsed or the features You used, and the time spent on those pages or features, the links on Our Service that You click on, device and advertising identifiers, age, gender, as well as actions You take during Your session, Your in-app user settings, preferences, and Your in-app purchases to learn about Our users, and understand who is using Our Service and how. We may also collect other information that Your browser sends whenever You access the Service by or through any device.

Other Specific App Data We May Collect

Hand landmarks
Head positions
Voice data
OS pointer data
Account identifiers
Device locationIn-app actions
Device identifiers
Anchoring locations

We collect these data to improve the features that We offer You through the Service, or to provide You with new or additional features for Our Service. We collect and use Your device location information as You use Our Service, including how You move around and events that occur during in-app activity.

Tracking Technologies and Cookies
We use Cookies and similar tracking technologies to track the activity in Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:

Cookies or Browser Cookies: A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of Our Service. Unless You have adjusted Your browser setting so that it will refuse Cookies, Our Service may use Cookies.
Web Beacons: Certain sections of Our Service and Our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser.

Use of Your Personal Data
The Company may use Personal Data for the following purposes:

To provide and maintain Our Service, including to monitor the usage of Our Service.
To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or the Service You have purchased or of any other contract with Us through the Service.
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted Service, including the security updates, when necessary or reasonable for their implementation.
To provide You with news, special offers and general information about other goods and events which We offer that are similar to those that You have already purchased or enquired about unless You have opted not to receive such information.
To manage Your requests: To attend and manage Your requests to Us.
For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about Our Service users is among the assets transferred.
For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of Our promotional campaigns and to evaluate and improve the Service, products, marketing and Your experience.
To comply with Our legal and regulatory obligations.
For the performance of Our contract with You or to take steps at Your request before entering into a contract.
For Our legitimate interests or those of a third party where You have given consent. A legitimate interest is when We have a business or commercial reason to use Your information, so long as this is not overridden by Your own rights and interests.

We may share Your personal information in the following situations:

With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of Our Service, to contact You.
For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
With affiliates: We may share Your information with Our affiliates, in which case We will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
With business partners: We may share Your information with Our business partners to offer You certain products or promotions.
With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
With Your consent: We may disclose Your personal information for any other purpose with Your consent.

We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on Service Providers relating to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, e.g., in relation to ISO [Investors in People] accreditation and the audit of our accounts.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations. We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a restructuring. We will typically anonymize information, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

Retention of Your Personal Data
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

Transfer of Your Personal Data
Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Delete Your Personal Data
You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You. Our Service may give You the ability to delete certain information about You from within the Service. You may update, amend, or delete Your information at any time by signing in to Your Account, if You have one, and visiting the account settings section that allows You to manage Your personal information. You may also contact Us to request access to, correct, or delete any personal information that You have provided to Us. Please note, however, that We may need to retain certain information when We have a legal obligation or lawful basis to do so.

Disclosure of Your Personal Data
Business Transactions: If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law Enforcement: Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other Legal Requirements: The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

Comply with a legal obligationProtect and defend the rights or property of the Company
Prevent or investigate possible wrongdoing in connection with the Service
Protect the personal safety of Users of the Service or the publicProtect against legal liability

Security of Your Personal Data
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers. If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

California & EU Residents

Your Rights Under the CCPA/CPRA:

Disclosure of Personal Information We Collect About You

You have the right to know, and request disclosure of:

The categories of personal information We have collected about You, including sensitive personal information
The categories of sOurces from which the personal information is collected
The categories of third parties to whom We disclose personal information, if any –and–
The specific pieces of personal information We have collected about You

Please note that We are not required to:

Retain any personal information about You that was collected for a single one-time transaction if, in the ordinary cOurse of business, that information about You is not retained
Reidentify or otherwise link any data that, in the ordinary cOurse of business, is not maintained in a manner that would be considered personal information –or–
Provide the personal information to You more than twice in a 12-month period

Disclosure of Personal Information Sold, Shared, or Disclosed for a Business Purpose

In connection with any personal information We may sell, share, or disclose to a third party for a business purpose, You have the right to know:

The categories of personal information about You that We sold or shared and the categories of third parties to whom the personal information was sold or shared –and–
The categories of personal information that We disclosed about You for a business purpose and the categories of persons to whom the personal information was disclosed for a business purpose

You have the right to opt-out of the sale of Your personal information or sharing of Your personal information for the purpose of targeted behavioral advertising. If You exercise Your right to opt-out of the sale or sharing of Your personal information, We will refrain from selling or sharing Your personal information, unless You subsequently provide express authorization for the sale or sharing of Your personal information.

Right to Limit Use of Sensitive Personal Information

You have the right to limit the use and disclosure of Your sensitive personal information to the use which is necessary to:

Perform the Services or provide the goods reasonably expected by an average consumer who requests those goods or Services
To perform the following Services: (1) Helping to ensure security and integrity to the extent the use of the consumer's personal information is reasonably necessary and proportionate for these purposes; (2) Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer's current interaction with the business, provided that the consumer's personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer's experience outside the current interaction with the business; (3) Performing Services on behalf of the business, including maintaining or servicing accounts, providing customer Service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic Services, providing storage, or providing similar Services on behalf of the business; and (4) Undertaking activities to verify or maintain the quality or safety of a Service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the Service or device that is owned, manufactured, manufactured for, or controlled by the business –and–
As authorized by further regulations

You have a right to know if Your sensitive personal information may be used, or disclosed to a Service provider or contractor, for additional, specified purposes.

Right to Deletion

Subject to certain exceptions set out below, on receipt of a verifiable request from You, We will:

Delete Your personal information from Our records –and–
Delete Your personal information from Our records –and–Direct third parties to whom the business has sold or shared Your personal information to delete Your personal information unless this proves impossible or involves disproportionate effort

Please note that We may not delete Your personal information if it is reasonably necessary to:

Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or Service requested by You, or reasonably anticipated within the context of Our ongoing business relationship with You, or otherwise perform a contract between You and us
Help to ensure security and integrity to the extent the use of the consumer's personal information is reasonably necessary and proportionate for those purposes
Debug to identify and repair errors that impair existing intended functionality
Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law
Comply with the California Electronic Communications Privacy Act
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when Our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided We have obtained Your informed consent
Enable solely internal uses that are reasonably aligned with Your expectations based on Your relationship with us
Comply with an existing legal obligation –or–
Otherwise use Your personal information, internally, in a lawful manner that is compatible with the context in which You provided the information

Right of Correction

If We maintain inaccurate personal information about You, You have the right to request us to correct that inaccurate personal information. Upon receipt of a verifiable request from You, We will use commercially reasonable efforts to correct the inaccurate personal information.

Protection Against Retaliation

You have the right to not be retaliated against by us because You exercised any of Your rights under the CCPA/CPRA. This means We cannot, among other things:

Deny goods or Services to You
Charge different prices or rates for goods or Services, including through the use of discounts or other benefits or imposing penalties
Provide a different level or quality of goods or Services to You –or–
Suggest that You will receive a different price or rate for goods or Services or a different level or quality of goods or Services

Please note that We may charge a different price or rate or provide a different level or quality of [goods and/or Services] to You, if that difference is reasonably related to the value provided to Our business by Your personal information. We may also offer loyalty, rewards, premium features, discounts, or club card programs consistent with these rights or payments as compensation, for the collection of personal information, the sale of personal information, or the retention of personal information.

Your Rights Under the EU GDPR:

Right to Access

The right to be provided with a copy of Your personal information (the right of access).

Right to Rectification

The right to require us to correct any mistakes in Your personal information.

Right to be Forgotten

The right to require us to delete Your personal information—in certain situations.

Right to Restriction of Processing

The right to require us to restrict processing of Your personal information—in certain circumstances, e.g., if You contest the accuracy of the data.

Right to Data Portability

The right to receive the personal information You provided to us, in a structured, commonly used, and machine-readable format and/or transmit that data to a third party—in certain situations.

Right to Object

The right to object:At any time to Your personal information being processed for direct marketing (including profiling)In certain other situations to Our continued processing of Your personal information, e.g., processing carried out for the purpose of Our legitimate interests.

Right Not to be Subject to Automated Individual Decision-Making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning You or similarly significantly affects You.

For further information on each of those rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioner's Office (ICO) on individual rights under the EU General Data Protection Regulation.

How to Exercise Your Rights:

If You would like to exercise any of Your rights as described in this Privacy Policy, You can do so by emailing us at: privacy@bootloader.studio
Please note that You may only make a CCPA/CPRA-related data access or data portability disclosure request twice within a 12-month period
If You choose to contact us directly by email, You will need to provide us with:
Enough information to identify You [(e.g., Your full name, address and customer or matter reference number)]
Proof of Your identity and address (e.g., a copy of Your driving license or passport and a recent utility or credit card bill) –and–
A description of what right You want to exercise and the information to which Your request relates
We are not obligated to make a data access or data portability disclosure if We cannot verify that the person making the request is the person about whom We collected information or is someone authorized to act on such person's behalf
Any personal information We collect from You to verify Your identity in connection with Your request will be used solely for the purposes of verification

Where Your Personal Information is Held:
Information may be held at Our offices, third party agencies, Service Providers, representatives and agents as described above. Some of these third parties may be based outside the European Economic Area. For more information, including on how We safeguard Your personal information when this occurs, see “Transferring Your Personal Information Out of the EEA.”

Promotional Communications:
We may use Your personal information to send You updates (by email, text message, telephone, or post) about Our Service, including exclusive offers, promotions or new products. We have a legitimate interest in processing Your personal information for promotional purposes. This means We do not usually need Your consent to send You promotional communications. However, where consent is needed, We will ask for this consent separately and clearly. We will always treat Your personal information with the utmost respect and never sell or share it with other organizations for marketing purposes.You have the right to opt out of receiving promotional communications at any time by:

Contacting us at privacy@bootloader.studio
Using the “Unsubscribe” link in emails

Transferring Your Personal Information Out of the EEA:
To deliver the Service to You, it is sometimes necessary for us to share Your personal information outside the European Economic Area (EEA), e.g.:

With Our offices outside the EEA
With Your and Our Service providers located outside the EEA
If You are based outside the EEA

These transfers are subject to special rules under European and UK data protection law. Non-EEA countries do not have the same data protection laws as the United Kingdom and EEA. We will, however, ensure the transfer complies with data protection law and all personal information will be secure. Our standard practice is to use standard data protection contract clauses that have been approved by the European Commission. If You would like further information, please contact us (see “Contact Us” below).

Keeping Your Personal Information Secure:
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to Your personal information to those who have a genuine business need to access it. Those processing Your information will do so only in an authorized manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify You and any applicable regulator of a suspected data security breach where We are legally required to do so.

[If You want detailed information from Get Safe Online on how to protect Your information and Your computers and devices against fraud, identity theft, viruses, and many other online problems, please visit www.getsafeonline.org]

How to File a GDPR Complaint:
We hope that We can resolve any query or concern You raise about Our use of Your information. The General Data Protection Regulation also gives You the right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where You work, normally live, or where any alleged infringement of data protection laws occurred. The supervisory authority in Singapore is the Bootloader Studio Holdings Pte. Ltd. who may be contacted through the contact details below.

Collecting and Using Your Personal Data
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page. We may let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date on this Privacy Policy page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us
If you have any questions about this Privacy Policy, you can contact us:

By email: privacy@bootloader.studio
Or fill out the form