Effective date: November 14, 2022
Welcome to Prisma Labs, Inc. (“Company,” “we,” “us” or “our”), a mobile technology company specializing in deep learning-related products. Our goal is to move forward mobile photography and video creation to the next level using neural networks, deep learning and computer vision technics. We aim to create new ways for people to express their emotions through the camera.
Our websites and other apps, and these other third parties may have their own privacy policies, which we encourage you to read before providing information on or through them.
We may collect several types of information, including but not limited to Personal Data, from and about you:
When you Use Prisma, we may ask you to provide certain information, including your Personal Data:
Your photos are Posted and transmitted to others at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of third parties with whom you may choose to share your photos. Therefore, we cannot and do not guarantee that your photos will not be viewed by unauthorized persons.
When you Use Prisma, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). If you do not want us to collect this information, do not download Prisma or delete it from your device.
If the information covered by this Section 3 is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, we may use it for any business purpose.
The technologies we use for automatic data collection may include:
Third-party analytics. We use third-party analytics tools, such as Google Firebase, Facebook Analytics, AppsFlyer and Amplitude, to help us measure traffic and usage trends for Prisma. These tools collect information sent by your device or Prisma, including the web pages you visit when following the links available to you on Prisma. We collect and use this analytics information with analytics information from other Users so that it cannot reasonably be used to identify any particular individual User. For information on how third-party analytics tools collect and process your data and to opt out of such collection and processing, generated by your Use of Prisma, please visit the following link.
For the users of Safari on iOS.
However, if you select these mobile browser settings you may be unable to access certain parts of Prisma. Unless you have adjusted your mobile browser setting, our system will issue cookies when you direct your browser to Prisma.
Log file information. Log file information is automatically reported by your mobile browser each time you make a request to Use Prisma. When you Use Prisma, we and our Service Providers may automatically record certain log file information, including your web request, IP address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on and through Prisma, domain names, landing pages, pages viewed, and other such information. The information allows us to receive more accurate reporting and improve Prisma.
Device identifiers. When you use a mobile device like a tablet or phone to Use Prisma, we may access, collect, monitor, store on your device, and/or remotely store one or more “device identifiers”. Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may identify data stored in connection with the device hardware, operating system or other software, or data sent to the device by us. A device identifier may deliver information to us or to our Service Providers about how you Use Prisma and may help us and others (on our request) produce a report on such Use.
Some features of Prisma may not function properly if use or availability of device identifiers is impaired or disabled. Among others we collect the following device identifiers:
Metadata. Metadata is a technical data that is associated with your photos. For example, metadata may describe when and on which device your photo has been taken and how such photo is formatted. You may add or may have metadata added to your photos. Please note that metadata associated with your photos is deleted automatically with your photos within 24 hours after we apply styles to them.
Registered Users. If you are a registered User, we may collect more Personal Data about you including the following:
Your photos. We do not use photos you provide when you Use Prisma for any reason other than to apply different stylized filters or effects to them, unless you have given us your explicit consent to use the photos for a different purpose.
Please note that to apply different stylized filters or effects to your photos we may upload such photos to the cloud providers we use (Google Cloud Platform and Amazon Web Services), in which case, the photos: (i) become available to us anonymously and (ii) are automatically deleted within 24 hours after being processed by Prisma, unless you have given us your explicit consent to use the photos for a different purpose.
Other information. We may use your information other than photos for the following purposes:
We will not process your Personal Data in a way that is incompatible with the purposes for which it has been collected or authorized by you in accordance with this Section 4 or collect any Personal Data that is not required for the mentioned purposes (“purpose limitation principle”).
For any new purpose of processing, we will ask for your separate explicit consent. To the extent necessary for those purposes, we take all reasonable steps to ensure that your Personal Data is reliable for its intended use, accurate, complete and current. We also undertake to collect only such amount and types of your Personal Data that are strictly required for the purposes mentioned in this Section 4 (“data minimization principle”).
Access, modification, correction and erasure. You can send us an email at [email protected] to request access to, modification, correction, update, erasure or deletion of any Personal Data that you have provided to us and that we have about you. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
EEA/UK residents. Individuals residing in the European Economic Area (“EEA”) and the United Kingdom (“UK”) have certain statutory rights in relation to their Personal Data including under the General Data Protection Regulation (Regulation (EU) 2016/679) (“EEA GDPR”) and the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2020 (SI 2020/1586), as may be amended from time to time (“UK GDPR”) (collectively, the “GDPR”), including the rights specified below. You can exercise these rights by contacting us (for contact information, please, see How to Contact Us Section).
Please keep in mind that in case of a vague access, erasure, objection request or any other request in exercise of the mentioned rights we may engage you in a dialogue to better understand the motivation for the request and to locate responsive information. In case this is impossible, we reserve the right to refuse granting your request.
Following the provisions of the GDPR, we might also ask you to prove your identity (for example, by requesting an ID or other proof) in order for you to invoke the mentioned rights. This is made to ensure that no right of third parties are violated by your request, and the mentioned rights are exercised by an actual Personal Data subject or an authorized person.
Please note that we will grant your request within 30 days after receiving it, but it may take up to 90 days in some cases, for example for full erasure of your Personal Data stored in our backup systems - this is due to the size and complexity of the systems we use to store data.
Opting Out of Promotional Emails
IF REQUIRED BY LAW, WE WILL ASK FOR YOUR CONSENT TO SEND YOU PROMOTIONAL AND MARKETING EMAILS. IF YOU WISH TO OPT OUT OF OUR PROMOTIONAL AND MARKETING EMAILS, YOU CAN OPT OUT FROM OUR PROMOTIONAL AND MARKETING EMAIL LIST BY USING ANY OF THE FOLLOWING METHODS:
Bases for Using Your Personal Data. If you reside in the EEA or the UK we are only allowed to use your Personal Data when certain conditions apply. These conditions are called “legal bases” and we typically rely on one of four:
Your California Privacy Rights. If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Data. To learn more about your California privacy rights, visit (i) the following link and (ii) our CCPA Privacy Notice for California Residents.
We may disclose aggregated information about our Users and information that does not identify any individual without any restriction. We may remove parts of data that can identify you and share anonymized data with any persons.
We do not rent or sell your Personal Data, including photos, to any third parties outside the Company or its Affiliates (as defined below).
Meta API Conversions. We also utilize Meta API service called “API Conversions” which creates a connection between our marketing data and Meta systems. Meta API Conversions, among other things, help us in optimizing ad targeting. According to these purposes, we send your hashed email addresses to Meta API Conversions service.
Responding to legal requests and preventing harm. We may access, preserve and share your information in response to a legal (like a search warrant, court order or subpoena), government or regulatory request if we have a good faith belief that the law requires us to do so. This may include responding to legal, government or regulatory requests from jurisdictions outside of the United States where we have a good faith belief that the response is required by law in that jurisdiction, affects Users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: (i) detect, prevent and address fraud and other illegal activity; (ii) protect ourselves, you and others, including as part of investigations; and (iii) prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
We use reasonable and appropriate information security safeguards to help keep the collected information secure and to secure it from accidental loss and unauthorized access, use, alteration and disclosure. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your collected information, we cannot guarantee the security of the collected information transmitted to or through Prisma or an absolute guarantee that such information may not be accessed, disclosed, altered, or destroyed. Any transmission of your collected information is at your own risk. We are not responsible for circumvention of security measures contained in Prisma. Please understand that there is no ideal technology or measure to maintain 100% security. Among others, we utilize the following information security measures:
The safety and security of your information also depends on you. Your privacy settings may also be affected by changes the social media services, through which you may share your photos, make to their services. We are not responsible for the functionality, privacy or security measures of any other organization.
Contacting us. You can provide your feedback or report a technical issue by using “Send Feedback” button in Prisma settings. The email will be sent from your personal email to [email protected], and the message will contain the following diagnostics information that will help us to resolve your issue/address your request:
This information is used to assess your feedback and/or identify the problem if you are reporting one and is NOT USED to identify Users individually.
We retain your Personal Data for as long as we need it for the purposes for which it was obtained or until you ask us to delete it. We also may retain your Personal Data for a longer period of time on the basis of our legitimate interests, for example, as necessary to comply with our tax and legal obligations, to resolve disputes, and to enforce our agreements. Even if we delete some or all of your Personal Data, we may continue to retain and use aggregated or anonymous data previously collected that can no longer be used for personal identification.
The Company is based in the United States. Accordingly, your Personal Data may be transferred to and stored on servers in the United States. Your Personal Data may be transferred to any country where Google Cloud Platform and Amazon Web Services have/use servers. As the Company has a development and marketing team based in Cyprus, your Personal Data also may be transferred to and stored on servers in Cyprus.
The data protection and privacy laws of the United States, Cyprus and other counties may not be as comprehensive or offer the same protections as the laws in your country. For example, personal data transferred to the United States and Cyprus may be subject to lawful access requests by legal authorities. You nevertheless consent to the transfer of your Personal Data to the United States, Cyprus and other countries where the Company is located, or is providing products or services, or from where its Affiliates and Service Providers provide their products and services to the Company and its Affiliates.
In appropriate cases, the Company will enter into standard contractual clauses as approved under the European Commission Decision C(2010)593 or decision 2004/915/EC, as applicable, to permit the transfer of your Personal Data to the United States, Cyprus or another country that has not been deemed to provide adequate level of data protection.
General age limitation. Prisma is not intended for or directed at children under 13, and we do not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to Use Prisma. If you are under 13, do not: (i) Use or provide any information in Prisma or through any of its features, or (ii) provide any information about yourself to us, including your name, address, telephone number or email address. In the event that we learn that we have collected or received any Personal Data from a child under 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe we might have any information from or about a child under 13, please contact us (for contact information, please, see How to Contact Us Section).
Age limitation for EEA residents. Due to requirements of the EEA GDPR you shall be at least 16 years old in order to Use Prisma. To the extent prohibited by applicable law, we do not allow Use of Prisma by the EEA residents younger than 16 years old. If you are aware of anyone younger than 16 Using Prisma, please contact us (for contact information, please, see How to Contact Us Section) and we will take required steps to delete information provided by such persons.
Prisma Labs, Inc.
440 N Wolfe Rd
Sunnyvale, CA 94085.
Oval Krinou 3
4103 Limassol, Cyprus
Email: [email protected].