Real3d | Privacy Policy

1. Introduction and Scope

REAL3D ("us", "we", "our", or "Licenser") operates https://www.real3dtech.com (the "Site") and provides various software products and services. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information from users of our Site, software applications, and services. This policy applies to all REAL3D products including but not limited to VolViCon, Scanner V2, Scanner V3, Renderer, Web Viewer, and related applications.

By accessing our Site or using our software products, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this policy, you should discontinue use of our Site and software immediately.

2. Data Controller and Contact Information

REAL3D is the data controller responsible for processing your personal information. For questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:

Email: privacy@real3dtech.com
Contact Form: Online Contact Form
Data Protection Officer: dpo@real3dtech.com

3. Information We Collect

3.1. Information You Provide Directly

We collect information that you voluntarily provide when:

Account Registration: Name, email address, company name, job title, country of residence, and password
Product Purchases: Billing information, payment details (processed securely through third-party payment processors), purchase history, and license information
Customer Support: Support ticket details, correspondence content, system logs, error reports, and technical information necessary for troubleshooting
Newsletter Subscriptions: Email address, communication preferences, and subscription categories
Forum and Community Participation: Username, profile information, posts, comments, and uploaded content
Survey and Feedback Forms: Responses to surveys, product feedback, and user experience data

3.2. Information Collected Automatically

When you visit our Site or use our software, we automatically collect:

Device Information: Device type, operating system, hardware specifications, screen resolution, and device identifiers
Log Data: IP address, browser type and version, referring/exit pages, date and time stamps, and clickstream data
Usage Analytics: Pages visited, features used, time spent on pages, navigation paths, search queries, and interaction patterns
Software Telemetry: Application version, feature usage statistics, performance metrics, crash reports, and error logs
Location Data: General geographic location derived from IP address (city and country level only)

3.3. Information from Third-Party Sources

We may receive information about you from:

Cloud Storage Providers: When you connect cloud storage services (Dropbox, OneDrive, Google Drive, Box), we collect OAuth tokens, account email addresses, and access permissions (see Section 9 for details)
Payment Processors: Transaction confirmation, payment status, and fraud prevention data
Marketing Partners: Campaign performance data and referral information (anonymized where possible)
Social Media Platforms: Publicly available profile information if you interact with our social media pages

4. How We Use Your Information

We process your personal information for the following purposes:

4.1. Service Delivery and Performance

Providing access to our software products and services
Processing license activations and validations
Managing user accounts and authentication
Delivering software updates, patches, and security fixes
Enabling cloud storage integration and file synchronization
Processing payments and maintaining transaction records

4.2. Customer Support and Communication

Responding to support requests and technical inquiries
Troubleshooting software issues and resolving bugs
Sending service-related notifications (license expiration, security alerts, maintenance schedules)
Providing product documentation and training resources
Notifying you of changes to our terms, policies, or services

4.3. Product Improvement and Development

Analyzing usage patterns to improve software functionality
Identifying and fixing performance issues
Developing new features based on user behavior
Conducting A/B testing and user experience research
Generating anonymized aggregate statistics for internal analysis

4.4. Marketing and Communications (with your consent)

Sending newsletters, product announcements, and promotional offers
Delivering targeted advertisements on third-party platforms
Conducting customer satisfaction surveys
Promoting events, webinars, and training sessions

4.5. Legal and Security Purposes

Detecting and preventing fraud, abuse, and security incidents
Enforcing our terms of service and license agreements
Complying with legal obligations and regulatory requirements
Protecting the rights, property, and safety of REAL3D, our users, and the public
Resolving disputes and enforcing contractual obligations

5. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Contractual Necessity (Article 6(1)(b)): Processing required to provide services, deliver software, and fulfill license agreements
Legitimate Interests (Article 6(1)(f)): Product improvement, security monitoring, fraud prevention, and business analytics
Consent (Article 6(1)(a)): Marketing communications, optional analytics, and cloud storage integrations
Legal Obligation (Article 6(1)(c)): Tax compliance, legal record-keeping, and regulatory reporting

You may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

6. Cookies and Tracking Technologies

6.1. Types of Cookies We Use

Essential Cookies: Required for site functionality, user authentication, and security. These cannot be disabled without affecting site functionality.
Analytics Cookies: Google Analytics and similar services track site usage, visitor behavior, and performance metrics.
Marketing Cookies: Enable personalized advertising and campaign tracking across third-party platforms.
Preference Cookies: Store user settings, language preferences, and customization options.

6.2. Third-Party Tracking

We use third-party services that may place cookies on your device:

Google Analytics: Website analytics and user behavior tracking (Privacy Policy)
Google Tag Manager: Tag management and marketing pixel deployment (Privacy Policy)
Advertising Networks: Google Ads, Facebook Pixel, and other retargeting platforms

6.3. Cookie Management and Opt-Out

You can control cookies through your browser settings:

Block all cookies (may impair site functionality)
Delete existing cookies stored on your device
Set preferences for first-party and third-party cookies
Receive notifications when cookies are set

To opt out of interest-based advertising:

Google Ads Settings: https://www.google.com/settings/ads
Network Advertising Initiative: https://www.networkadvertising.org/choices/
Digital Advertising Alliance: http://www.aboutads.info/choices/

7. Information Sharing and Disclosure

7.1. Third-Party Service Providers

We share personal information with trusted service providers who perform services on our behalf:

Payment Processors: Stripe, PayPal, and merchant banks for transaction processing
Cloud Infrastructure: AWS, Microsoft Azure, or Google Cloud for hosting and data storage
Email Services: SendGrid, Mailchimp, or similar platforms for transactional and marketing emails
Customer Support Tools: Zendesk, Intercom, or similar ticketing systems
Analytics Providers: Google Analytics, Mixpanel, or similar analytics platforms

These service providers are contractually obligated to protect your data and use it only for specified purposes.

7.2. Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the successor entity. We will provide notice before your information becomes subject to a different privacy policy.

7.3. Legal Requirements and Protection

We may disclose personal information when required by law or when we believe disclosure is necessary to:

Comply with legal obligations, court orders, subpoenas, or government requests
Enforce our terms of service, license agreements, or other policies
Investigate potential violations of our terms or illegal activities
Protect the rights, property, or safety of REAL3D, users, or the public
Prevent fraud, security threats, or technical issues

7.4. Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other business purposes. This data is not considered personal information under applicable privacy laws.

8. International Data Transfers

REAL3D operates globally, and your personal information may be transferred to and processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your home country.

For transfers from the European Economic Area (EEA) to countries without adequacy decisions, we implement appropriate safeguards:

Standard Contractual Clauses (SCCs): EU-approved data transfer agreements with third-party processors
Adequacy Decisions: Transfers to countries recognized by the EU Commission as providing adequate protection
Binding Corporate Rules: Internal data transfer frameworks ensuring consistent protection standards
Your Explicit Consent: Where necessary, we obtain your consent for specific transfers

By using our services, you acknowledge and consent to the transfer of your information as described in this section.

9. Cloud Storage Integration and Third-Party Services

9.1. What Data is Collected

When you connect a cloud storage provider to our software applications, the following information is collected and stored locally on your device:

OAuth2 Access Tokens: Temporary tokens granting access to your cloud storage account
OAuth2 Refresh Tokens: Long-lived tokens used to obtain new access tokens when they expire
Account Email Address: The email associated with your cloud storage account
Provider Type: The cloud service you selected (e.g., Dropbox, OneDrive, Google Drive, Box)
Last Accessed Path: The most recent folder location you browsed in the cloud storage

9.2. How Cloud Data is Used

Cloud storage credentials are used solely for:

Authenticating your identity with the cloud storage provider
Browsing and navigating folders in your cloud storage
Uploading project files from our software to your cloud storage
Downloading project files from your cloud storage to our software
Creating folders and organizing files within your cloud storage
Maintaining session continuity by automatically refreshing expired access tokens

Credentials are NOT used for analytics, marketing, user profiling, or any other purposes.

9.3. Third-Party Data Sharing

When using cloud storage integration:

Credentials are shared ONLY with the specific cloud storage provider you selected
All file uploads and downloads communicate directly between our software and the cloud provider's API servers
Your project files are NOT transmitted through or stored on REAL3D servers during cloud operations
The cloud provider's privacy policy and terms govern how they handle your data
REAL3D is NOT responsible for the cloud provider's data handling practices, security breaches, or service availability

Review the privacy policies of cloud storage providers:

Dropbox: https://www.dropbox.com/privacy
Microsoft OneDrive: https://privacy.microsoft.com/privacystatement
Google Drive: https://policies.google.com/privacy
Box: https://www.box.com/legal/privacypolicy

9.4. Your Rights and Control Over Cloud Storage

You maintain complete control over cloud storage integration:

Optional Use: Cloud storage features are entirely optional; you can use our software without connecting any cloud providers
Revocation: Disconnect any cloud provider at any time through software settings, which immediately deletes all locally stored credentials
Provider Revocation: Revoke software access through the cloud provider's account management interface, invalidating all existing tokens
No Persistent Access: If you disconnect a provider, our software cannot access your cloud storage until you authenticate again
Deletion Rights: Request confirmation that all cloud credentials have been removed from your device (contact: support@real3dtech.com)

9.5. Cloud Credential Security

Cloud storage credentials are protected with:

Local Encryption: All OAuth tokens are encrypted using AES-256 encryption before storage
Hardware-Specific Keys: Encryption keys are derived from device-specific hardware identifiers
Secure Storage: Credentials stored in operating system secure storage (Windows Credential Manager, macOS Keychain, Linux Secret Service)
No Remote Storage: REAL3D does not store, transmit, or back up your cloud credentials on remote servers
Automatic Expiration: Access tokens automatically expire according to provider policies (typically 1-4 hours)

9.6. Cloud Data Retention

Active Storage: Credentials remain stored locally while the provider connection is active
Immediate Deletion: Credentials are immediately deleted when you remove the cloud provider connection
Uninstallation: All cloud credentials are deleted when software is uninstalled
No Remote Backups: We do NOT maintain backups or copies of your cloud credentials on any servers

10. Your Privacy Rights

10.1. Rights Under GDPR (European Users)

If you are located in the European Economic Area (EEA), UK, or Switzerland, you have the following rights:

Right of Access (Article 15): Request a copy of personal data we hold about you
Right to Rectification (Article 16): Correct inaccurate or incomplete personal information
Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten")
Right to Restriction (Article 18): Limit how we use your personal information
Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent: Withdraw consent for processing at any time
Right to Lodge a Complaint: File a complaint with your local data protection authority

10.2. Rights Under CCPA (California Residents)

California residents have the following rights under the California Consumer Privacy Act:

Right to Know: Request disclosure of personal information collected, used, and shared
Right to Delete: Request deletion of personal information we have collected
Right to Opt-Out: Opt-out of the sale of personal information (note: REAL3D does not sell personal information)
Right to Non-Discrimination: Exercise privacy rights without receiving discriminatory treatment

10.3. Rights Under Other Privacy Laws

Depending on your location, you may have additional rights under laws such as:

Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
Brazil's Lei Geral de Proteção de Dados (LGPD)
Australia's Privacy Act 1988
Other applicable regional or national privacy regulations

10.4. How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: privacy@real3dtech.com
Contact Form: Online Request Form
Subject Line: "Privacy Rights Request"

Include in your request:

Full name and email address associated with your account
Specific right you wish to exercise
Detailed description of your request
Proof of identity (government-issued ID or other verification)

We will respond to verified requests within 30 days (or as required by applicable law). We may require additional information to verify your identity before processing requests.

11. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

11.1. Retention Periods

Account Information: Retained while your account is active and for 3 years after account closure (for legal and accounting purposes)
Transaction Records: Retained for 7 years to comply with tax and financial reporting obligations
Support Tickets: Retained for 5 years for customer service quality and dispute resolution
Marketing Data: Retained until you unsubscribe, plus 2 years for compliance records
Analytics Data: Aggregated data retained indefinitely; individual identifiers removed after 26 months
Security Logs: Retained for 12 months for security monitoring and incident investigation
Backup Data: Personal data in backups automatically deleted after 90 days

11.2. Deletion and Anonymization

After retention periods expire, we will:

Securely delete personal information from active databases
Anonymize data so it can no longer identify you
Remove personal identifiers from archived records
Instruct third-party processors to delete corresponding data

12. Data Security

We implement technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction.

12.1. Technical Security Measures

Encryption: TLS 1.3 for data in transit; AES-256 encryption for sensitive data at rest
Access Controls: Role-based access control (RBAC) limiting employee access to personal data
Authentication: Multi-factor authentication (MFA) for administrative access
Firewalls and Intrusion Detection: Network security controls and real-time threat monitoring
Secure Development: Security code reviews, vulnerability scanning, and penetration testing
Logging and Monitoring: Audit trails for data access and modification events

12.2. Organizational Security Measures

Regular security training for employees handling personal data
Confidentiality agreements with employees and contractors
Data protection impact assessments (DPIAs) for high-risk processing
Incident response plan for data breaches
Regular security audits and compliance reviews

12.3. Your Security Responsibilities

You are responsible for:

Maintaining the confidentiality of your account password and credentials
Notifying us immediately if you suspect unauthorized account access
Using strong, unique passwords for your REAL3D account
Keeping your software updated with the latest security patches
Securing devices where our software is installed

If you suspect your password has been compromised, contact us via this form immediately.

12.4. Limitations of Security

While we use commercially reasonable security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. You transmit information to us at your own risk.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected users within 72 hours of discovering the breach (as required by GDPR and other regulations)
Inform relevant data protection authorities as required by law
Provide details about the nature of the breach, data affected, and potential consequences
Describe measures taken to address the breach and prevent future incidents
Offer guidance on steps you can take to protect yourself

To report security vulnerabilities or potential breaches: security@real3dtech.com

14. Children's Privacy

Our services are not directed to individuals under the age of 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided personal information to us, contact us at privacy@real3dtech.com. If we discover we have collected personal information from a child without parental consent, we will delete that information promptly.

15. Marketing Communications and Opt-Out

15.1. Types of Communications

We may send you:

Transactional Emails: Order confirmations, license keys, password resets, account notifications (cannot opt-out as these are essential)
Service Announcements: Security alerts, maintenance schedules, policy updates (cannot opt-out for critical notices)
Marketing Emails: Product announcements, newsletters, promotional offers, event invitations (can opt-out)

15.2. How to Opt-Out

You can unsubscribe from marketing communications by:

Clicking the "unsubscribe" link in any marketing email
Adjusting email preferences in your account settings
Contacting us at privacy@real3dtech.com with "Unsubscribe" in the subject line

We will process opt-out requests within 10 business days. You may still receive transactional and service-related communications.

16. Third-Party Links and Services

Our Site and software may contain links to third-party websites, services, or integrations not operated by REAL3D. We are not responsible for the privacy practices of these third parties.

When you access third-party links:

You leave our Site and this Privacy Policy no longer applies
Third-party sites have their own privacy policies and terms
We do not control or endorse third-party privacy practices
You should review the privacy policy of each site you visit

Examples of third-party services integrated with our products:

Cloud storage providers (Dropbox, OneDrive, Google Drive, Box)
Payment processors (Stripe, PayPal)
Analytics services (Google Analytics)
Support ticketing systems

17. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you, except:

Fraud Detection: Automated systems flag potentially fraudulent transactions for manual review
License Validation: Automated verification of license keys and activation limits
Usage Analytics: Automated analysis of feature usage to improve product design (no individual decisions made)

You have the right to request human review of automated decisions that significantly affect you.

18. California "Do Not Track" Disclosure

Our Site does not currently respond to "Do Not Track" (DNT) signals from browsers. We may track your browsing activity across our Site to improve user experience and analyze site performance. Third-party services like Google Analytics may also track your activity across sites.

19. Compliance and Certifications

REAL3D's data processing practices comply with:

GDPR: General Data Protection Regulation (EU Regulation 2016/679)
CCPA: California Consumer Privacy Act
PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
ISO/IEC 27001: Information security management standards
SOC 2 Type II: Security, availability, and confidentiality controls

Security measures align with:

GDPR Article 32: Technical and organizational security measures
NIST Cybersecurity Framework
OWASP Security Guidelines

20. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. When we make changes:

The "Last Updated" date at the bottom of this page will be revised
Material changes will be communicated via email to registered users
A prominent notice will be displayed on our Site for 30 days
Continued use of our services after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically. You can view previous versions by contacting privacy@real3dtech.com.

21. Contact Information and Complaints

For questions, concerns, or complaints regarding this Privacy Policy or our data practices:

REAL3D Privacy Team
Email: privacy@real3dtech.com
Data Protection Officer: dpo@real3dtech.com
Security Issues: security@real3dtech.com
Contact Form: Online Contact Form

Supervisory Authority (EU/EEA Users)
If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority:

EU Data Protection Authorities: https://edpb.europa.eu/about-edpb/board/members_en
UK Information Commissioner's Office: https://ico.org.uk/

22. Additional Jurisdiction-Specific Provisions

22.1. Nevada Residents

Nevada residents may opt-out of the sale of personal information. REAL3D does not sell personal information as defined under Nevada law. For questions: privacy@real3dtech.com

22.2. Brazilian Users (LGPD)

Under Brazil's Lei Geral de Proteção de Dados, you have rights to access, correct, delete, and port your personal data. Contact our Data Protection Officer at dpo@real3dtech.com.

22.3. Australian Users

Under the Privacy Act 1988, you may access and correct your personal information. Complaints can be directed to the Office of the Australian Information Commissioner: https://www.oaic.gov.au/

Last Updated: November 5, 2025
Effective Date: November 5, 2025
Previous Version: August 21, 2020