Last updated: Nov 03, 2023
Didimo respects your privacy and is committed to protecting your personal data.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We ask that you read this privacy policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and the supervisory authorities in the event you have a complaint.
We are a technology company called Didimo, which, through our services, allows you to create a lifelike digital version of yourself to use as an interface with technologies of all sorts. Using our services means that you can experience a new level of ownership and responsibility of your online identity. For more information about our services, please visit: https://didimo.co/.
The Didimo Group is made up of different legal entities, which are as follows:
This privacy policy is issued on behalf of the Didimo Group so when we mention “Didimo”, “we”, “us” or “our” in this privacy policy, we are referring to the relevant company in the Didimo Group responsible for processing your data.
Because we collect, use and are responsible for certain personal information about you, we are regulated under the General Data Protection Regulation (often called the GDPR) which applies across the European Union (and the United Kingdom). We are responsible as a data controller of that personal information for the purposes of those laws when we are processing personal information about European data subjects (individuals) or when are offering our services to European data subjects. We will let you know which Didimo entity will be the controller of your personal information when you enter into an agreement with us to use our services.
When we are processing personal data on behalf of our corporate customers, we are acting as a data processor. If you are using our services via one of our customers or via a third party, then please check the privacy policy of that third party.
As some of the entities in the Didimo Group are based outside of the European Economic Area (EEA), Didimo has appointed Didimo SA, in Portugal, to be its representative in the EEA. We have also appointed a Data Protection Officer, Anna Fraser-Harris, who is responsible for overseeing questions in relation to this privacy policy. Anna can be contacted by email at: [email protected].
Whilst the GDPR does not apply to non-European individuals, we are committed to privacy rights and have extended our data protection practices across our entire business.
If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using the details set out below.
This privacy policy relates to your use of our website, www.didimo.co and our services.
Throughout our website we may link to other websites, APIs and mobile apps (“third-party platforms”) which are owned and operated by third parties. This may be to refer you to products and services offered by these third-party companies, or to refer you to our customers who have used our services. These other third-party platforms may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third-party websites, please consult their privacy policies as appropriate. We are not responsible for the content on such third-party platforms nor for their handling of your personal data.
We collect personal information about you when you access our website, register with us, contact us, send us feedback, use our services or purchase or subscribe to services via our website and complete customer surveys.
We collect this personal information from you either directly, such as when you register with us, contact us use our services or purchase or subscribe to services via our website or indirectly, such as when you are an authorised user of one of our customers or from your browsing activity while you are on our website and customer portal, or when you use our app, Didimo Showcase (see ‘Cookies’ below).
The information we collect about you depends on the particular activities carried out through our website and whether you use our services. This information includes:
We use this personal information to:
Our website and services are not intended for use by children under the age of 16, and we do not knowingly collect or use personal information relating to children.
Information we do not collect
We do not collect or store payment information, including credit/debit card details or billing information. However, we facilitate the transfer of your payment information to third-party payment processor gateway using our service provider, Stripe. All payments are handled by Stripe, as our third-party secure payment provider. For details about how Stripe processes your information, please visit their privacy policy. For more information generally about our use of third-party providers, please see the section below: ‘Who we share your personal information with’.
Sensitive data
We do not actively collect any sensitive data about you (also known as special categories of personal data), such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership or information about your health or genetic data, nor do we collect any information about criminal convictions and offences, however such matters may become apparent to us when you voluntarily share your Likeness Data with us or when you have shared this with a third party company using our services.
Indeed, we process your biometric data (which is limited to photograph and video footage of your face and likeness) and which will also include digital depth perception markers based on the facial photograph and video footage you supply to us, to allow us to create your likeness in a 3D digital and non-photographic format (which we call “Depth Markers”) which ultimately form the basis of your Didimo creation when the Didimo lifelike facial graphic is added to it) for two reasons.
Firstly, for the provision of our Didimo services when you have expressly and explicitly consentedto share this this information with us (or you have expressly consented that a third party provides that information to us) – for example when you sign up to, and/or use our services directly or via a third party (one of our customers). You can withdraw consent which you give for use of the Didimo services at any time.
Secondly, we also collect and process your biometric data (which is still limited to photograph and video footage of your face and likeness, the Depth Markers and the ultimate Didimo creation based on your Likeness Data) when you supply it to us (or when it is supplied to us from one of our customers, being a third party company using our services) for the purpose of scientific research. Scientific research means the technological development and demonstration, (including algorithm and AI development and machine learning) that we undertake to research improvements for, and to develop our technology. In this second case, we are able to process your personal data - strictly for this purpose - without your consent and for as long as we need to do so, in order to carry out development of our technology. In respect of the Depth Markers, these markers are essentially millions of small dots that are applied to the facial image or video footage that you supply to us, which when taken together, allow us to build a digital framework of your likeness which is then processed via our technology to create your virtual self. The data we use is very similar to the data that you might supply for FaceID when using your iPhone or other Apple device. For more information about the data collected via Depth Markers and how it works, please feel free to visit Apple Inc.’s website which sets out their TrueDepth technology. We do use Apple Inc.’s TrueDepth integration, so this is only an example since we also use other equivalents depending on the relevant operating systems and devices that you use.
Aggregated data
We also collect, use and share aggregated data such as user, statistical or demographic data for any purpose. Aggregated data could be derived from your personal information but is not considered as personal information for the purposes of the law, as this data will not directly or indirectly reveal your identity. For example, we may aggregate your user data to calculate the percentage of users accessing a specific feature of our services or to enable us to improve our technology. However, if we combine or connect aggregated data with your personal information so that you can be directly or indirectly identified, we treat the combined data as personal information which will only be processed in accordance with this privacy policy. For more information, please see the section below entitled ‘Data retention’.
When we use your personal information, we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include:
For further details on when we collect personal information, what we collect as well as how we use it, please read the following table:
For further details on when and how we use personal information for marketing purposes, please see the section ‘Marketing’ below.
So that we are able to provide you with our services and access to this website, we routinely share your personal data with the following third parties:
For example, all of the companies in the Didimo Group and who are based in Portugal, the USA and Canada and who provide IT and system administration services, development of our technology services and website and who also carry out administration and management of our business.
For example:
Service providers acting as processors based inside and outside of the EEA who provide IT and system administration services, cloud hosting and storage services, HR services, product development, financial services, payment providers, operations and software development. In respect of the Depth Markers, we also use providers which supply us with the technology to enable us to create the 3D digital outline which serves as the basis for your Didimo creation, based on your Likeness. An example of such service providers is Apple Inc., with their TrueDepth camera system (more information is available here https://support.apple.com/en-us/HT208108 ), but please note that we also use similar depth services offered by other technology providers (such as the Android or Huawei equivalents).
Customers in the event that you benefit from our services via a third-party business (which may be based inside or outside of the EEA), who is acting as one of our customers. In this case, your personal data would be collected and processed and shared with us in accordance with that third party’s privacy policy. However, to the extent that we process your personal data, this is processed in accordance with this privacy policy. As part of the services the third party provides you, we will share the completed digital self with them, which contains your Likeness Data.
Professional advisers including lawyers, bankers, auditors and insurers based inside and outside of the EEA who provide consultancy, banking, legal, insurance and accounting and tax services.
Regulators and other authorities based inside and outside of the EEA who require reporting of processing activities in certain circumstances – for example, in relation to tax returns and tax declarations.
A list of these third parties is available on request.
We may also share personal information with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. For example, in respect of the Depth Markers, any data gleaned from this is only used to calculate your 3D image as part of your Didimo creation based on your Likeness Data. All this data is captured in your camera and then it is sent and stored on our secure server – it is never transferred outside of the Didimo server.
We will share personal information with law enforcement or other authorities if required by applicable law.
As you can see, some of the third-party recipients of your personal information are based outside the EEA. For further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.
We require you to provide certain information about you – for example, your likeness or proof of your identity, to enable us to safeguard your rights and provide our services and create your digital self. We will inform you at the point of collecting information from you whether you are required to provide the information to us.
We may transfer your personal information to the following which are located outside the EEA to allow us to run our business and to provide our services and this website to you, or indeed when you are based outside of the EEA. We also share your personal data within the Didimo Group which involves transferring your data from the EEA to the USA and Canada.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our website or services. We use cookies and other similar technologies such as web beacons, action tags, single-pixel gifs on our website and within our services. These help us to recognise you and your device and store some information about your preferences or past actions, which in turn helps us to improve our website and services.
For further information on cookies and other similar technologies, our use of them, when we will request your consent before placing them and how to disable them, please see our Cookie Policy at the following link https://privacy.didimo.co/cookie-policy/.
We would like to send you information about our services, our business, competitions and special offers and our details about new features and our website, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.
We would also like to share your information with selected third parties from time to time so that they may send you information about their products or services, depending on what you agree with us.
We will only ask whether you would like us to send you marketing messages when you tick the relevant boxes when you sign up to our services, sign up to our newsletter or make contact with us via our website for the first time.
If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:
It may take up to 30 days for this to take place.
For more information on your rights in relation to marketing, see ‘Your rights’ below.
Under the GDPR, European individuals have a number of important rights. In summary, these rights include the right to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please email or write to us using the details below.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Timeframe for responding to you
We aim to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances you can ask us to delete your information: see ‘Your rights’ above for further information.
In some circumstances we will anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes or in an aggregated format for machine learning, product improvement and development of our technology, in which case we may use this information indefinitely without further notice to you.
Furthermore, as set out in the section ‘Further information: The personal information we collect, when and how we use it’, we collect your Likeness Data for the purposes of carrying out scientific research into our product and services, for machine learning, product improvement and development of our technology, in which case we may use this information for as long as is necessary to allow us to carry out that scientific research, without further notice to you. Where possible, we will ensure that such data is anonymised. Where this is not possible, we will implement pseudonymisation (such as allocating code names or numerical identifiers), and we will only process the minimum amount of data that we need to achieve our scientific research purposes. In doing so, we will safeguard the data with technical and organisational measures (ensuring security and confidentiality of the data), including by ensuring that all data processed for this purpose is stored in a separate database, accessible on a need-to-know basis.
Please rest assured that when keeping your personal data for scientific research purposes, we will never process it to support measures or decisions relating to particular individuals and we always ensure the data is not processed in such a way that substantial damage or substantial distress is likely to be caused to any individual.
We hope that we can resolve any query or concern you raise about our use of your information.
The GDPR also gives EEA and UK users the right to lodge a complaint with a supervisory authority, in particular in the European Union (or EEA) state where they work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in Portugal (where our European representative is based) is the CNPD – Comissão Nacional de Protecção de Dados (the Portuguese Data Protection Authority). They can be contacted by:
Telephone: (+ 351) 21 392 84 00;
Fax: (+ 351) 21 397 68 32; or
E-mail: [email protected].
You can also visit their website.
Please contact us if you have any questions about this privacy policy or the information we hold about you. If you wish to contact us please send an email to [email protected].
This privacy policy was published on 1st April 2020 at https://privacy.didimo.co/privacy-policy/, and last updated on 15th December 2020.
We may change this privacy policy from time to time, when we do, we will inform you via this web page. Please check back regularly to ensure you are always aware of the latest version in force.
This cookie policy relates to your use of our website, www.didimo.co, our Customer Portal, https://app.didimo.co, and our mobile application (“Didimo Showcase”).
Throughout our website, Customer Portal and Didimo Showcase we may link to other websites owned and operated by certain third parties. These other third-party websites may also use cookies or similar technologies in accordance with their own separate policies. For example, users may log into Didimo using their Facebook and Google Accounts, which may have their own privacy and cookies policies. For privacy information relating to these other third-party websites, please consult their policies as appropriate.
A cookie is a small text file which is placed onto your device (such as your computer, smartphone or other electronic device) when you use our website or Didimo Showcase.
Local storage is an industry standard technology that allows a web application or website to store information locally on your device.
We use cookies on our website and within Didimo Showcase. We also use local storage on our Customer Portal. This helps us to recognise you and your device and allows us to store some information about your preferences or past actions, to identify you as a user, to ensure that our services are able to function properly and also to allow us to gain insights into how our services are used so that we are able to improve them.
For example, we may monitor how often you use Didimo Showcase and Customer Portal or visit the website, which pages and functions you visit, traffic data, location data and the originating domain name of your internet service provider. This information helps us to build a profile of our users and improve our website, Customer Portal, Didimo Showcase and our services generally. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
For further information on our use of cookies and local storage, including a detailed list of your information which we and others may collect through cookies, please see below.
For further information on cookies generally, including how to control and manage them, visit www.aboutcookies.org or www.allaboutcookies.org.
We will ask for your permission (Consent) to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested (for example, when the cookies are required for session control, such as to enable you to subscribe and sign up to our services online, use your user account and/or purchase services from us via the website, the Customer Portal or Didimo Showcase).
You can withdraw any consent to the use of cookies or manage any other cookie preferences by clicking the relevant option via the banner when you first visit our website, Customer Portal or Didimo Showcase, or when you click on the icon at the bottom of any page of our website or the Customer Portal (or visit the preferences settings within Didimo Showcase). You can then adjust the sliders to set your preferences. It may be necessary to refresh the page or Didimo Showcase for the updated settings to take effect.
The table below provides more information about the cookies we use and why:
The cookies we use (and owner of those cookies)NamePurposeWhether cookie is essential for us to provide you with a service that you have requested and whether we will seek your consent before we place the cookieUniversal Analytics (Google)ga, _gali, _gat, _gidThis is a web analytics service provided by Google Inc which we use on our website. This is a service which uses cookies to show us how visitors found and explored our website, and how we can enhance their experience. It provides us with information about the behaviour of our visitors (such as how long they stayed on our website, the average number of pages viewed) and also tells us how many visitors we have had.
This cookie collects information in an anonymous form and does not collect any personal information about you.
Please read Google’s privacy policy which sets out their guidance on how they use the cookies, how long they remain active once you have given consent, and the data generated by them.
No, this cookie is not essential and is purely for analytics purposes, so we will therefore request your consent before placing this cookie.Didimo Showcase (Didimo Inc)DDUIThis is a session cookie that we place within Didimo Showcase and website, which ensures that you are recognised when you move from page to page within our website and around Didimo Showcase and allows us to ensure user authentication. This means that this cookie ensures that any information you have entered is remembered. This avoids you being treated like a new visitor each time you visit our website or navigate between the different pages or open Didimo Showcase. This cookie also allows you to log into your online account via our website or Didimo Showcase and to make purchases.
These cookies are only used during a particular browser session and expire each time you close your browser or Didimo Showcase and do not remain on your device afterwards.
Yes, this cookie is essential (we will therefore not request your consent before placing this cookie).Didimo website (Wordpress)DDMUI,
Any cookie generated by “Universal Analytics (Google)”
These cookies collect information about how visitors use our website, such as which pages you visit most often, and if you get error messages from any pages on our website. These cookies do not collect any information which allows you to be identified personally. The information collected through these cookies is aggregated and therefore anonymous and we only use them to improve the functionality of our website.
Please read Wordpress’ cookies policy which sets out their guidance on how their cookies function as well as the specific data they collect.
Please read Google’s privacy policy which sets out their guidance on how they use the cookies, how long they remain active once you have given consent, and the data generated by them.
No, this cookie is not essential and is purely for performance analytics purposes, so we will therefore request your consent before placing this cookie.Customer PortalDDCookieConsentSig,
DDCookieConsent
These cookies collect information about the cookie policy acknowledgement by our visitors. Yes, this cookie is essential (we will therefore not request your consent before placing this cookie) because it is a technical tool which we use to monitor your consent to cookies.
The cookies we use will only be accessed by us and those third parties named in the table above for the purposes referred to in this cookie policy. Those cookies will not be accessed by any other third party.
Social media sites: our website, Customer Portal and Didimo Showcase use trackers in order to allow you to share content on social media networks/platforms and also allows you to use your social media log-ins with Google and Facebook to log in to Didimo’s services.
If you do not want to accept any cookies, you may be able to change your browser or device settings so that cookies (including those which are essential to the services requested) are not accepted.
If you do this, please be aware that you may lose some of the functionality of our website or Didimo Showcase.
For further information about cookies and how to disable them please go to the guidance on cookies published by the UK Information Commissioner’s Office (ICO), www.aboutcookies.org or www.allaboutcookies.org.