DigiLens Privacy Policy

PRIVACY POLICY

DigiLens Inc. (“Company” or “We”) respects your privacy and is committed to protecting it through our compliance with this policy.

Introduction
This policy describes the types of information we may collect from you or that you may provide when you visit the website digilens.com (our “Website“) and use our products, services, software, or applications, and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

On this Website;
In email, text, and other electronic messages between you and this Website;
When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy;
When you use our products, services, or applications;
From our business partners and other third parties

It does not apply to information collected by:

Any third party that maintains its own separate privacy policy

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you disagree with our policies and practices, your choice is not to use our Website or our products and services. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time. Your continued use of this Website or our products and services after we make changes is deemed to be acceptance of those changes, so check the policy periodically for updates.

Children Under the Age of 16
Our Website is not intended for children under 16 years of age. No one under age 16 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn that we have collected or received personal information from a child under 16 without verifying parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at privacy@digilens.com.

Information We Collect About You and How We Collect It
We collect several types of information from and about customers, potential customers, and users of our Website, including information:

By which you may be personally identified, such as name, postal address(es), e-mail address, telephone number, job title, or any other identifier by which you may be contacted online or offline (“personal information”);
That is about you, but individually does not identify you, such as your employer, interest in our products and services, and/or
About your internet connection, the equipment you use to access our Website, and usage details.

We collect this information:

Directly from you when you provide it to us
Automatically, as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies
From third parties, for example, our business partners

We also collect, use, and share Aggregated Data, such as statistical or demographic data, for any purpose. Aggregated Data could be derived from your personal data, but is not considered personal data in law, as this data will not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data, which will be used in accordance with this privacy policy.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.

Information You Provide to Us
The information we collect on or through our Website may include:

Information that you provide by filling in forms on our Website. This includes information provided at the time of requesting further services. We may also ask you for information when you enter a promotion sponsored by us, and when you report a problem with our Website.
Records and copies of your correspondence (including email addresses), if you contact us.
Your responses to surveys that we might ask you to complete for research purposes.
Details of transactions you carry out through our Website and of the fulfillment of your orders.
Your search queries on the Website.

Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

Details of your visits to our Website, including traffic data, time zone setting, location data, logs, and other communication data, and the resources that you access and use on the Website.
Information about your computer and internet connection, including your IP address, operating system, hardware, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).

The information we collect automatically may include personal information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

Estimate our audience size and usage patterns
Store information about your preferences, allowing us to customize our Website according to your individual interests
Recognize you when you return to our Website
Speed up your searches

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies): A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Website. Unless you have adjusted your browser settings so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
Web Beacons: Pages of our the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Sensitive Personal Information
In addition to the personal information described above, DigiLens may collect and process certain types of Sensitive Personal Information (SPI) as defined by applicable privacy laws, including the California Privacy Rights Act (CPRA) and the General Data Protection Regulation (GDPR). Sensitive information includes data that reveals:

Government identifiers such as social security, driver’s license, or passport numbers (for employment or contracting purposes).
Precise geolocation data obtained through AR devices, mobile apps, or diagnostic reports.
Biometric information, such as eye tracking, gesture input, facial mapping, or spatial recognition data collected via DigiLens‑enabled hardware, is only collected when required for device operation or research.
Information concerning race, ethnicity, or health data, where voluntarily provided for analytics, support, or accessibility features.

Purposes of Processing Sensitive Data
DigiLens collects and uses sensitive personal information only when it is necessary to:

Deliver or improve DigiLens products, services, and device experiences.
Ensure user authentication, safety, and product integrity.
Conduct security monitoring, product diagnostics, or research and development.
Comply with legal or regulatory obligations (such as employment records).
Sensitive information is never sold or shared for cross‑context behavioral advertising.

Safeguards and Data Minimization

DigiLens limits the collection, use, and retention of SPI to what is proportionate and relevant to its business purposes.
Such data is encrypted in storage and in transit and is accessible only to authorized personnel under confidentiality obligations.
When possible, DigiLens anonymizes or aggregates SPI to prevent direct identification.

Right to Limit the Use of Sensitive Personal Information
Under the CPRA, California residents may request to limit DigiLens’ use of their sensitive personal information to essential business purposes only. Requests may be submitted by contacting DigiLens at privacy@digilens.com.

Cookies and Tracking Technologies
DigiLens and its partners use cookies, pixels, scripts, and similar tracking technologies to enhance website functionality, personalize content, analyze user engagement, and deliver targeted marketing. Cookies are small text files placed on your device to store limited amounts of information, allowing us to remember preferences and analyze site usage.

Types of Cookies We Use
We classify our cookies into the following categories for transparency and control:

Strictly Necessary Cookies: Essential for website operation and security. These enable core functions such as page navigation, access to secure areas, and user authentication.
Functional Cookies: Enhance functionality and remember preferences, such as region, default language, or login status.
Performance and Analytics Cookies: Collect aggregated data about how visitors interact with our site and applications (e.g., via Google Analytics), helping us understand usage trends and improve user experience. These operate only once consent is provided.
Advertising and Targeting Cookies: Used to deliver personalized advertising or measure campaign effectiveness. They may track activity across third-party platforms.
Social Media Cookies: Enable sharing functionality or content connection via social networks and may collect user activity across multiple sites.

Cookie Consent and Control

Upon your first visit, you will see a cookie banner that allows you to accept all, reject all, or customize cookie preferences through our Cookie Settings panel. You can modify your selections anytime by reopening cookie settings from the website footer.
Cookies requiring consent will not operate until permission is actively provided. Consent is freely given, specific, informed, and unambiguous, consistent with the GDPR and CPRA definitions.
We respect browser-level opt-out signals such as the Global Privacy Control (GPC) and automatically acknowledge these as valid consumer choices.
You may also remove previously set cookies through your browser settings or device privacy controls.

Third‑Party Cookies and Data Sharing
Some cookies and trackers are set by third parties that provide analytics, advertising, or embedded media services. These third‑party tools may collect your IP address, device identifiers, or browsing activity across different websites. DigiLens monitors these vendors to ensure compliance with our data protection requirements and contractual safeguards. Any sharing of cookie‑collected information with third parties is disclosed under CPRA as a “data sharing” activity, and users may opt out.

Retention of Cookie Data
We retain cookie data only as long as needed for its intended purpose—or until consent is withdrawn. Analytics cookie data are typically stored for no more than 26 months, while strictly necessary cookies expire automatically after each session unless required for essential functionality.

How to Contact Us About Cookies
Questions or concerns about DigiLens’ cookie use or consent management can be directed to privacy@digilens.com.

Automated Decision‑Making and Artificial Intelligence
DigiLens may utilize artificial intelligence (AI), algorithms, and automated decision-making systems to enhance product performance, service efficiency, and the customer experience. Automated systems are designed to assist human decision‑makers and are not solely responsible for any outcome that significantly affects an individual’s rights or access to services.

How We Use Automated Systems
We may use automated processes to:

Analyze sensor or device telemetry for diagnostics, predictive maintenance, and feature optimization.
Personalize content or recommendations within DigiLens products or digital platforms.
Detect fraudulent activity, security risks, or operational anomalies.
Improve marketing accuracy using anonymized or aggregated behavioral trends.

Human Oversight
Where automated tools contribute to decisions that may affect individual users—such as eligibility for a developer program, support escalation, or product recommendations—a DigiLens employee reviews and validates the outcome before it takes effect.

Your Rights and Choices
Depending on your jurisdiction (including the EU and California), you may have the right to:

Request an explanation of any significant decision made using automated processing.
Object to or restrict the use of personal data in automated profiling.
Request human review of automated outcomes.
You can exercise these rights by contacting privacy@digilens.com.

DigiLens does not use AI or automated analytics to make employment, legal, financial, or similarly significant decisions about individuals without explicit consent or human verification.

Disclosure of Your Information
We may disclose aggregated information about our users and information that does not identify any individual, without restriction. We may disclose personal information that we collect, or you provide, as described in this privacy policy:

To our subsidiaries and affiliates
To contractors, service providers, and other third parties, we use to support our business
To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of DigiLens Inc.’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by DigiLens Inc. about our Website users, customers and prospective customers is among the assets transferred
To fulfill the purpose for which you provide it. For example, if you give us an email address to request additional information, we will use your email address to provide that information to you and will transmit it to third parties as necessary to fulfill your request
For any other purpose disclosed by us when you provide the information
With your consent

We may also disclose your personal information:

To comply with any court order, law, or legal process, including to respond to any government or regulatory request
To enforce or apply our Terms of Use and other agreements, including for billing and collection purposes
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of DigiLens, Inc., our customers, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction

Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

Tracking Technologies and Advertising: You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent.
Promotional Offers from the Company: If you do not wish to have your email address/contact information used by the Company to promote our own or third parties’ products or services, you can opt out by checking the relevant box located on the form on which we collect your data or at any other time by sending us an email stating your request to privacy@digilens.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt-out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience, or other transactions.

Your California and U.S. State Privacy Rights
This section applies to residents of the United States whose personal information is processed by DigiLens Inc. in compliance with any applicable state privacy laws, including the California Consumer Privacy Act (as amended by the California Privacy Rights Act or “CPRA”), the Colorado Privacy Act (CPA), the Virginia Consumer Data Protection Act (VCDPA), the Connecticut Data Privacy Act (CTDPA), and the Utah Consumer Privacy Act (UCPA).

Because DigiLens Inc. is headquartered in California, we are primarily governed by the laws of the State of California and the United States federal privacy framework. However, DigiLens also provides products and services to customers and partners around the world. For individuals outside the United States, additional privacy protections may apply under local laws, including the EU and UK General Data Protection Regulations (GDPR) and other regional protection acts described elsewhere in this policy.

If you are a resident of California or another U.S. state with comparable rights, this section explains how to exercise your state-specific privacy rights, including the right to know what data we collect, the right to delete or correct your information, the right to opt out of data sharing or sales, and the right to limit our use of sensitive personal information.

CPRA Data Category Summary

Category	Examples (as defined by CPRA)	Business or Commercial Purpose	Source of Data	Disclosed To / Shared With	Retention Period
A. Identifiers	Name, address, phone, IP address, email, account ID numbers	Account setup, communications, authentication	Directly from users or partners	Service providers, hosting platforms, CRM tools (e.g., HubSpot)	As long as account or business relationship exists
B. Customer records	Contact info, billing details, payment tokens	Processing transactions, product fulfillment	Direct from customers, resellers	Payment processors, logistics partners	Up to 7 years for accounting and tax purposes
C. Protected classification data	Age range, gender, veteran status, citizenship (optional if provided for employment or diversity data)	Legal reporting and voluntary diversity tracking	Job applicants, employees (consent based)	HR vendors and payroll systems	Per employment record retention laws
D. Commercial information	Product usage details, order history, device serial numbers	Customer support, sales analytics, inventory	Direct interaction via website or sales	Internal marketing and analytics teams	3–5 years from last interaction
E. Biometric information (Sensitive)	Eye‑tracking data, facial coordinates, voice samples (if used for AR interfaces)	Device optimization, user authentication (consent only)	AR device sensors with explicit opt‑in	Not sold or shared; used only locally or for R&D analysis	Retained only for session duration or until user requests deletion
F. Internet or network activity	Browsing data, interaction with webpages, cookies usage	Website analytics and performance tracking	Automatically collected via cookies or scripts	Analytics providers (e.g., Google Analytics)	26 months or per cookie policy
G. Geolocation data (Sensitive)	IP‑based location, GPS data from connected devices	Fraud prevention, regional language or service adjustments	Device or network data	Infrastructure and security vendors	Removed after session completion
H. Sensory data	Audio or video recordings from support calls or demo events	Quality assurance and training	Customer service interactions	Internal training teams only	Max 2 years
I. Employment or professional data	Job title, company, business contact information	B2B engagement and support contracts	Business correspondence and partnerships	Internal sales and support	Duration of B2B relationship + 2 years
J. Education information	Resume details or credentials provided for recruitment	Recruitment and HR management	Job applicants	HR systems or recruiters	3 years post application
K. Inferences from data	Behavior profiles or preferences toward AR/VR features	Product development and marketing personalization	Derived from analytics and support data	Internal marketing teams only	Up to 2 years (aggregate only)

Consumer Rights

Right to Know/Access
Consumers have the right to request details about the personal information DigiLens has collected, used, disclosed, sold, or shared within the past 12 months. This includes:

Categories and specific pieces of personal information collected.
Sources of information.
Business or commercial purposes for collection.
Categories of third parties to whom information was disclosed or shared.

Right to Delete
Consumers may request the deletion of personal information collected by DigiLens, subject to certain exceptions (for example, data needed to fulfill contracts or comply with law). DigiLens will instruct service providers and contractors to delete such information as well, unless doing so is impossible or requires disproportionate effort.

Right to Correct Inaccurate Information
Consumers have the right to correct personal data held by DigiLens that is inaccurate or out-of-date. DigiLens may need to verify the accuracy of the requested update.

Right to Opt Out of Sale or Sharing
Consumers can direct DigiLens not to sell or share their personal information.

Right to Limit Use of Sensitive Personal Information
Consumers may restrict use of collected information solely to service delivery and core business functions.

Right to Data Portability
Upon request, consumers can receive their personal data in a readable and commonly used format, allowing them to transfer it to another organization if desired.

Right to Non-Discrimination
DigiLens will not deny service, charge different prices, offer inferior quality, or retaliate against anyone for exercising their privacy rights. Any price or service differences will only reflect data value as permitted under CPRA.

Accessing and Correcting Your Information
You may send us an email at privacy@digilens.com to request access to, correct, or delete any personal information that you have provided to us. We may not be able to delete all your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

For additional details on how we process personal information under the GDPR or other global laws, please see the preceding section titled Your GDPR Rights.

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request for erasure for specific legal reasons, which will be notified to you, if applicable, at the time of your request.
Object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object to where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- If you want us to establish the accuracy
- Where our use of the data is unlawful, but you do not want us to erase it
- Where you need us to hold the data even if we no longer require it, as you need it to establish, exercise, or defend legal claims
- You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

Data Security
We store and process data in the United States and on servers that may be located elsewhere around the world. We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

International Data Transfers

Where We Store and Process Information
DigiLens Inc. is headquartered in California, United States. Your personal information may be processed and stored in the U.S. and other countries where our affiliates, cloud service providers, or technical partners operate. Those countries may have privacy laws that are different from the laws of your country of residence, and in some cases, may not provide the same level of data protection.

Cross‑Border Transfers for Cloud and Third‑Party Services
We use global cloud infrastructure providers to enable reliable operations and support innovation across our AR and XR product ecosystem. These service providers are obligated by contract to follow our data protection and security requirements to ensure your information is handled safely and lawfully , regardless of location.

Retention
We retain information while you have an active account or as needed to provide you with services and information you requested. We will delete personal data within a reasonable time after the data is no longer necessary for the business purpose for which it was collected. We will also retain and use personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Legal References and Frameworks
DigiLens maintains compliance with applicable global privacy regulations and industry standards. This policy is drafted in accordance with the following legal frameworks and may be updated as these evolve:

United States Laws

California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) — California Civil Code §1798.100 et seq.
Other U.S. state privacy laws, including those in Colorado, Connecticut, Virginia, and Utah.

European Union and United Kingdom Laws

General Data Protection Regulation (GDPR) (EU 2016/679) and the UK GDPR.
ePrivacy Directive and related national implementations regarding online tracking and cookies.

Canada

Personal Information Protection and Electronic Documents Act (PIPEDA) and successor legislation —the CPPA (Consumer Privacy Protection Act).

International Data Transfer Frameworks

EU–U.S. Data Privacy Framework and Swiss–U.S. Data Privacy Framework.
Standard Contractual Clauses (SCCs) and Binding Corporate Rules (BCRs) under GDPR Chapter V.

Other Legislation

Relevant APAC privacy laws (e.g., Singapore PDPA, Japan APPI, Australia Privacy Act 2024) as applicable to cross‑border engagements.

Privacy Policy Review and Updates
DigiLens reviews this policy periodically to ensure compliance with emerging legislation and international data‑protection standards. All updates are posted on the official website with the effective revision date clearly shown. Substantive changes that affect how we collect or use personal information will be communicated to users through direct notification or prominent notice.

Contact Information
For questions or comments about this privacy policy and our privacy practices, contact DigiLens via:
Alan Ayer (Data Protection Officer); privacy@digilens.com
DigiLens Inc., 1276 Hammerwood Ave, Sunnyvale, CA 94089
Response time: 30 days

LAST MODIFIED: OCTOBER 2025

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

PRIVACY POLICY

TECH

ABOUT

LEGAL

SIGN UP FOR UPDATES