Skip to content

VRSTATE Metaverse Camera App Privacy Policy

This "VRSTATE Metaverse Camera App Privacy Policy" (hereinafter referred to as the "Policy") aims to protect the privacy rights of personal data subjects. Inventec Corporation (hereinafter referred to as "the Company") is committed to protecting your privacy rights in accordance with the Personal Data Protection Act and implementing appropriate protective measures. By accessing or using this application (hereinafter referred to as "the App"), you signify that you have read, understood, and agree to accept all the contents of this Policy. The Company may modify or change this Privacy Policy at any time. The revised content will be published on the VRSTATE Metaverse official website without individual notice. You are advised to check for updates regularly. If you do not agree with this Policy or its revisions, please cease using the App services immediately.

Article 1: Applicable Subjects

The subjects to whom this Policy applies include: users of the App services (hereinafter referred to as "You"); and minors under the age of 14 must obtain the consent of a legal guardian to use this App.

Article 2: Definition of Personal Data

Personal Data includes, but is not limited to: name, gender, date of birth, address, telephone number, email, occupation, and any other data that can directly or indirectly identify an individual.

Article 3: Collection, Processing, Storage, and Use of Personal Data

I. When you use the App, the Company may collect or obtain your Personal Data under the following circumstances:

  1. When you provide information to the Company (e.g., when you proactively contact the Company);
  2. Personal Data you publicly disclose (e.g., information you make public on social media);
  3. When you interact with third-party content or advertisements within the App.
  4. When the Company obtains your Personal Data from a third party (e.g., law enforcement agencies).
  5. Image Data: When you upload photos to the App, the images will be uploaded to servers for 3D image conversion processing.
  6. Device Information: Includes, but is not limited to, device model, operating system version, device identifier, and other technical information.
  7. Usage Logs: Such as operation time, processing status, error records, etc., used solely for service maintenance and quality improvement.

II. The Company collects and processes your Personal Data for the following purposes: to provide you with the App, products, and services; conducting surveys; judicial investigations; compliance with relevant laws; improving the App, products, and services; fraud prevention; and where necessary to assert, exercise, or protect legal rights. Furthermore, regarding the image data you upload, the Company will adhere to the following principles:

  1. Images are used solely for performing 3D image processing (e.g., modeling, rendering, special effects synthesis).
  2. Images will be temporarily stored on servers to complete the processing procedure and will be automatically deleted upon completion.
  3. Image data will not be permanently stored, backed up, or used for other purposes.
  4. The Company will not perform image content recognition, use it for artificial intelligence training, or conduct commercial purpose analysis.

III. The collection, processing, and use of Personal Data shall adhere to the principle of not exceeding the specific purpose, and secondary use will not be conducted. However, the Company may use the data you provide for purposes beyond the original specific purpose in order to comply with legal requirements, requests from competent authorities or judicial units, assist in investigations and prevent illegal activities, or to preserve or defend legal claims. The data collected by the Company will only be used for the following purposes:

  1. Providing functions such as image uploading, 3D processing, and cross-device push notifications;
  2. Optimizing App operation performance and user experience;
  3. Conducting troubleshooting and system maintenance;
  4. Handling matters in accordance with relevant laws and regulations.

IV. The Company will retain your Personal Data for the period necessary to fulfill the purpose for which it was collected. Personal Data may continue to be retained and used, but you have the right to request the Company to delete your Personal Data according to Clause 6 of Article 6 of this Policy.

Article 4: Protection of Personal Data and Information Security Management Mechanism

I. Only authorized personnel may access your Personal Data, and such personnel are required to comply with the Company's relevant policies and regulations to protect your Personal Data.

II. To prevent Personal Data from accidental or unlawful destruction, loss, or alteration, the Company employs necessary technical and organizational protective measures, including but not limited to equipment security management and data security audit mechanisms (e.g., encryption mechanisms, firewalls), to protect Personal Data, prevent unlawful intrusion, and avoid unauthorized access. If you believe the security of your Personal Data has been compromised, you may contact the Company immediately.

III. If the Company entrusts a third party to provide services due to business needs, the Company will strictly require them to comply with this Policy and implement necessary inspection procedures to ensure their compliance.

IV. The Company adopts a zero-tolerance policy towards acts that infringe upon privacy rights and Personal Data protection. If an investigation confirms a violation of relevant privacy protection and Personal Data protection laws and regulations, the Company will impose penalties on the violator according to regulations and pursue legal liability when necessary.

V. To enhance the protection of your Personal Data, the Company implements the following technical and administrative measures:

  1. Using HTTPS encryption for data transmission.
  2. Restricting server access permissions and implementing log control management.
  3. Automatically clearing temporary files and intermediate files.
  4. Employing automated deletion mechanisms to prevent data retention.

Article 5: Principles for Sharing Personal Data with Third Parties

I. The Company undertakes that it will not arbitrarily provide, exchange, lease, or sell any of your Personal Data to other third parties. Exceptions apply where the recipient is one to whom you have consented, a party bound by a confidentiality agreement with the Company, an entity with legal grounds or contractual obligations, and/or where such sharing complies with the provisions of this Policy.

II. Sharing Personal Data with third parties shall comply with the following principles:

  1. Ensuring the third party agrees to and complies with this Policy;
  2. Sharing only the minimal data necessary to achieve the purpose of the cooperation;
  3. Regularly reviewing the third party's Personal Data protection measures.

Article 6: Your Rights

Regarding your Personal Data, you may exercise the following rights towards the Company under lawful circumstances:

I. You have the right to decide whether to provide the Company with your Personal Data. When the Company requests Personal Data, you have the right to refuse. However, if you choose not to provide your Personal Data, the Company may be unable to fully provide the relevant functions or services of this App.

II. The Company processes your Personal Data based on your consent. Nevertheless, you have the right to withdraw your consent at any time. Such withdrawal does not affect the lawfulness of the Company's collection and processing of your Personal Data prior to the withdrawal.

III. Query or request access to your Personal Data.

IV. Request a copy of your Personal Data.

V. Request supplementation or correction of your Personal Data.

VI. Request deletion, or cessation of the collection, processing, or use of your Personal Data.

VII. Where technically feasible and necessary to exercise your rights, you may request the transfer of your Personal Data in an electronic and machine-readable format to a designated third-party service provider. For example: Residents of the European Economic Area (EEA) have the right, under the GDPR, to object to or request restriction of the Company's processing of their Personal Data.

VIII. Lodge a complaint or report any violation, suspected violation, or situation that may lead to infringement of privacy rights or Personal Data protection.

Article 7: Cross-Border Transfer

As the Company is a multinational enterprise, there may be circumstances involving cross-border transfer and use of Personal Data. Such activities will occur without exceeding the specific purpose for which the Personal Data was originally collected, processed, and used, and within the scope of this Policy. The Company will adhere to this Policy and comply with the privacy protection and Personal Data protection laws and regulations applicable in the regions involved in the cross-border transfer.

Article 8: Risk Management Policy and Procedures

I. Risk Assessment

In accordance with its risk management policy and procedures, the Company regularly conducts privacy protection risk management to identify and assess factors that may pose risks. These risks include: unauthorized access, data breaches, data corruption, and other cybersecurity threats.

II. Risk Mitigation Measures

For identified risks, the Company will implement appropriate mitigation measures, including:

  1. Strengthening data encryption technologies;
  2. Enhancing cybersecurity protection levels;
  3. Conducting regular security audits and penetration testing;
  4. Developing and updating response plans and measures.

III. Risk Monitoring

The Company will continuously monitor and assess privacy protection risks and promptly adjust relevant measures based on changes in risks to ensure the security and integrity of Personal Data.

IV. Risk Audits

The Company conducts regular and ad hoc internal and external audits to verify whether Personal Data protection measures and related procedures comply with relevant laws, regulations, and management systems, thereby continuously enhancing the effectiveness of the Personal Data management mechanism.

Article 9: Governing Law and Jurisdiction

The interpretation and application of this Privacy Policy, as well as any disputes related to this Privacy Policy, shall be governed by the laws of the Taiwan. If litigation becomes necessary, both parties agree that the Taiwan Shilin District Court shall be the court of first instance.

Article 10: Incident Contact

If you wish to exercise your rights under Article 6 of this Policy, if an incident or situation arises that may cause damage to your rights and interests, or if you discover any suspected violation of this Policy, you may contact the Company through the following means:

  • Email: [email protected]
  • Address: Metaverse Technology Department, Inventec Corporation, No. 166, Sec. 4, Chengde Rd., Shilin Dist., Taipei City 11167

Last updated:

FAQ