Privacy Policy

Last updated: 28th July 2025

Effective Date: 28th July 2025

This Privacy Policy explains how Imersifi ("we", "us", or "our") collects, uses, discloses, stores, and protects personal data in the course of operating the Imersifi Platform and delivering its services to Organisations and Users. By accessing or using the Platform, you acknowledge that you have read and understood this Policy and agree to the practices described herein.

1. Introduction

Imersifi is a virtual reality SaaS platform that enables Organisations to manage users and create immersive experiences. We are committed to protecting your privacy and complying with applicable data protection regulations. This Privacy Policy applies to all data collected through the Imersifi Platform, our related services, and any associated websites or interfaces.

2. Information We Collect

We collect various types of information in order to provide and improve the Imersifi Platform. This includes data voluntarily submitted by Organisations and Users, as well as information collected automatically during the course of usage. Information provided during registration includes Organisation name, support email, country, sector, and any uploaded branding elements such as logos or colours. User accounts require names, email addresses, and organisation-assigned roles. Each User may configure a personalised VR profile, including avatar characteristics and skin tone approximations based on the Fitzpatrick scale. Profile images and similar data, if uploaded, are stored securely but are not moderated by Imersifi. The Organisation is responsible for the appropriateness and legality of such images. In the context of VR sessions, Imersifi may collect telemetry data, module-specific interaction records, and, for certain modules, video or audio recordings. Where mixed reality capture is active, these videos may contain a User’s physical surroundings. It is the responsibility of the Organisation to ensure Users are informed of the scope of this recording. Additionally, we collect data related to user interactions with the Platform, including logins, session times, feature usage, and content engagement. This data supports platform analytics and is used to deliver performance feedback.

3. How We Collect Data

Personal data is collected directly when Organisations and Users register for accounts or submit information via the Platform. Data is also collected automatically via server logs, telemetry systems, and real-time analytics tools. Furthermore, certain content and summaries are generated using artificial intelligence services, including Google Gemini, based on session data.

4. Use of Data

We use collected data to deliver the core functionality of the Imersifi Platform. This includes account creation, user management, experience delivery, analytics generation, technical support, and service improvement. Data may also be used to personalise user experiences, generate usage summaries, and ensure secure access to content and modules. In the case of AI-generated summaries of session data, the output is intended as supplemental insight only. Imersifi makes no representation as to the accuracy or interpretation of such AI outputs and disclaims any liability for decisions made based on them. We may use contact information to communicate service updates, respond to support queries, or send important legal notices. These communications are considered part of the service and cannot be opted out of unless the account is terminated.

5. Legal Basis for Processing (Where Applicable)

For data subjects within the European Economic Area or similar jurisdictions, we process personal data under one or more of the following legal grounds: the necessity of processing for the performance of a contract; compliance with a legal obligation; legitimate interests in maintaining and improving the Platform; and, where required, your explicit consent.

6. Third-Party Services

The Imersifi Platform integrates several third-party services that support delivery, performance, and analytics. These include DigitalOcean for cloud infrastructure; AWS and Amazon S3 for storage; Ably for real-time messaging and broadcasting; Laravel Forge for orchestration; Google Gemini for AI summarisation; and internal APIs developed by Imersifi. These providers may process limited personal or statistical data as required to provide their respective services. Each third-party service is contractually bound to maintain appropriate data protection and confidentiality measures.

7. Data Sharing and Disclosure

We do not sell personal data to any third party. Data may be disclosed only to service providers operating on our behalf, to authorised internal staff, or where legally required by a court, regulator, or competent authority. If you are part of an Organisation account, certain data may be visible to designated Organisation Administrators or Owners, including your session data and activity history. In the event of a corporate transaction such as a merger or acquisition, personal data may be transferred as part of that process, subject to safeguards and notice as required by applicable law.

8. International Data Transfers

Imersifi operates globally. Data may be transferred to and stored on servers outside your home jurisdiction, including in countries that may not have equivalent data protection laws. By using the Platform, you consent to such international data transfers, provided that Imersifi ensures appropriate safeguards are in place to protect your information.

9. Data Retention

We retain data only for as long as necessary to fulfil the purposes described in this Policy or as required by law. Upon termination of an Organisation account, user and Organisation data will be retained for a limited period (typically 30 to 90 days) before being securely deleted or anonymised, unless otherwise agreed or required by applicable regulation.

10. Security

Imersifi employs appropriate technical and organisational security measures to protect your data. These include encrypted storage using AWS and Amazon S3, protected infrastructure via DigitalOcean, and rigorous access controls. While we strive to secure your data, no system can be guaranteed to be fully secure. We therefore disclaim liability for any unauthorised access or use of data beyond our reasonable control.

11. Your Rights

Depending on your jurisdiction, you may have rights regarding your personal data. These may include the right to access, rectify, delete, restrict, or object to processing of your data. You may also have the right to lodge a complaint with a data protection authority. To make any such request, or to inquire about your data, you may contact us at the address provided at the end of this Policy. We will respond in accordance with applicable law.

12. Use of Artificial Intelligence

Imersifi uses generative AI technologies, such as Google Gemini, to summarise training data and user sessions. These summaries are designed to support performance analysis but may include interpretations that are not always accurate. By using the Platform, you acknowledge and agree that such AI-generated content is offered as a supplementary tool only. Imersifi disclaims all liability arising from the use, misinterpretation, or consequences of relying on AI-generated summaries or reports.

13. Updates to This Policy

We may amend this Privacy Policy from time to time. Substantive changes will be communicated to Organisation Owners via email or system notices. Continued use of the Platform following such notification will constitute acceptance of the updated Policy.
For support or questions about these Terms, please contact:

Imersifi Limited
Email: legal@imersifi.com
Address: Institute of Life Science 2, Swansea University, Swansea, SA2 8PP, United Kingdom