Privacy Policy

Effective May 2, 2024

STUDIO HALIA (“we,” “us,” “our”) works hard to build and maintain a relationship of trust with you. This Privacy Policy (the “Privacy Policy”) describes how we collect, use and disclose your Personal Information and how to exercise any rights you might have with respect to this information. It governs information we collect through our website(s) including www.studiohalia.com  and our applications (collectively, “Sites”) and information we collect from you or third parties through any other means to provide our products or services or perform our other business activities (collectively, “Services”).

Please read this Privacy Policy carefully before using our Sites and/or Services. If you do not agree with this Privacy Policy, you must refrain from using our Sites and/or Services. By Accessing or using our Sites and/or Services you agree to our use of your information consistent with this Privacy Policy.

Information We Collect

Personal Information

We may collect information that personally identifies, relates to, describes, or is capable of being associated with you (“Personal Information”), including:

• Personal identifiers and contact information such as name, username, password, unique ID, mailing address, email address, and phone number;

• Commercial information such as payment information (e.g., credit card, crypto), information about the products and services you inquired about or obtained from us and how you use and interact with such products and services, communications with us, and NFTs minted; and

• Internet & network information such as browsing/search history, IP address, data collected by cookies and similar technologies, gestures used, and device specifications such as device IDs, specifications, and operating system.

The types of Personal Information we collect about you may vary based on how you use our Sites and/or Services and your relationship with us.

Usage Data and Site Activity

We automatically collect information in connection with the actions you take on our Sites (“Usage Data”). For example, each time you use our Sites, we may automatically collect the type of web browser you use, the type of device you use, your device ID, your operating system and version, your IP address, your internet service provider, the pages you view, referring and exit pages, the date and time of your visit, and the number of clicks to, from, and within our Sites, and the duration of your visits to our Sites. If the data we automatically collect is capable of being associated with you, directly or indirectly, we treat it as Personal Information under the category Internet & network information. If this information is not capable of being individually associated with you, we treat it as anonymous Usage Data.

Communication Recordings

We may record calls and retain the content of written and electronic communications between you and us such as emails and support chats. By communicating with us, you consent to our recording and retention of communications.

Images Created Using our App

Images created using our mobile app are stored on the user’s device. We do not collect them via the app. They are not transferred to our servers or otherwise collected by us unless you choose to send the image to us (e.g., you email them to us) or you make the images publicly available (e.g., you include the image as part of a public social media post). 

TrueDepth API

Our apps make use of automatically collected information using the device camera and the TrueDepth API provided by Apple. The only use of this information is to track the user’s head and face so that the user can control the AR experience and the selfie filters by moving their device and their head. None of the information collected by the TrueDepth API ever leaves the user’s device nor is it persistently stored on the device.

Cryptocurrency Payments

We may permit payments in cryptocurrency via a third-party payment processor. In order to complete your payment in cryptocurrency, you may be required to create an account with or otherwise become a client of the third-party payment processor. You are not required to pay us in cryptocurrency and may always choose to make payments using traditional methods such as a credit card or debit card. 

How We Collect Information

Voluntary Disclosure

We may ask you to provide us with Personal Information when you communicate with us, including when you request information from us, make a purchase, and when you make a payment. You are not required to provide us your Personal Information; however, if you choose not to provide the requested information, you may not be able to use some or all of the features of our Sites or Services or we may not be able to fulfill your requested interaction.

Third-Party Data Sources

We may collect Personal Information from third-party data sources such as marketing agencies or partners, analytics firms, social media firms, and relevant blockchains.

Cookies 

Cookies and Automated Tools

We and third parties use cookies (a small text file placed on your computer to identify your computer and browser) and other automated tools such as pixels to track your interaction with our Sites and to improve the experience of our Sites and Services, such as saving your preferences from visit to visit to present you with a customized version of the Website. Many web browsers are initially set up to accept cookies. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, certain features of our Sites or Services may not work if you delete or disable cookies.

We use the following types of cookies and other automated tools:

• Strictly Necessary: These tools are essential to operate the Sites or Services and provide you with services you have requested including to identify and repair errors in the Sites or Services.

• Functional: These tools enable certain features or non-essential functionality on our Sites or Services. For example, we might use these tools to recognize you and remember your preferences or settings when you return to our Sites or Services.

• Advertising: These tools allow us and third parties to learn more about you, including your use of our Sites, Services, and other websites, and advertise products or services that might interest you including our products and services.

• Analytics: These tools help us and third parties understand how our Sites are working and who is visiting our Sites. 

User activity information may be associated with additional information about a user’s session and Personal Information, if provided by the user.

If you arrive at our Sites by “clicking through” from another website, then certain information about you that you provided to that other website, such as the terms you searched that led you to our Sites, may be transmitted to us and we may use it. You should review the Privacy Policy of any website from which you reached our Sites to determine what information the operator collects and how it uses such information. We may retain information about you provided to us by other websites and will use it in accordance with this Privacy Policy. Such information may be associated with other Usage Data or Personal Information.

Information from Advertisements

If you arrive at our Sites via an advertisement (e.g., banner ad), we may collect information regarding the advertisement with which you interacted and your interactions (e.g., item clicked, date and time).

Information from Social Media

If you engage with us via social media or visit our Sites through a link on social media, we may collect information regarding your interaction with us and the social media platform.

Google Analytics

One tool we use is Google Analytics. For more information about Google Analytics, including how it collects and processes Personal Information and Usage Data, please review Google’s Safeguarding Your Data disclosure.

Shopify

As a merchant, we utilize the services of Shopify to help facilitate and analyze our customer interactions and purchases. For more information about how Shopify collects and uses Personal Information from consumers as part of its services, including the use of cookies, please review Shopify’s Cookies Policy and Consumer Privacy Policy. If you engage with Shopify when it is acting as our Service Provider (defined below), your interaction is governed by this Privacy Policy. If you engage with Shopify at other times, your interaction is governed by Shopify’s policies and we are not responsible for such interactions.  

How We Use and Share Information

Generally

We may use Personal Information for business purposes, such as to:

• Fulfilling customer requests and support: to provide goods or services, mint NFTs, create and transfer data with crypto-wallets established with third parties such as Magic Labs, keep customers informed about the status of their services, respond to questions and address customers concerns, provide newsletters, announcements, white papers, and other information;

• Marketing and market research: to send communications and offers for our or third parties’ products and services, including offers based on consumers’ interests, personal and business characteristics and location, perform analytics for market and consumer research, trend analysis, financial analysis, and anonymization of personal information;

• Website use and analytics: to provide you with access to and use of our Sites and Services, analyze consumers’ use of our websites, including the use of third-party web analytics services, which may utilize automated technologies to collect data;

• Product research: to conduct research and analysis for maintaining, protecting, and developing services, increase and maintain the safety of our products and services, and prevent misuse;

• Business operations: to evaluate, develop, and improve business operations, products and services offered, perform business administration and other normal business activities;

• Security and safety: to prevent fraud, theft, or violations of our security or the security of third parties; and

• Compliance: to comply with applicable legal requirements, industry standards, contractual obligations, our policies, and take actions that we deem necessary to preserve and enforce our rights and the rights of others.

Service Providers

We may provide your Personal Information to other businesses (“Service Providers”) to provide services to us or on our behalf. Categories of service providers we use include:

• Fulfillment and account servicing vendors, which help us provide products, services, and information to you and service your account including minting NFTs;

• Payment processors, which help us to accept and process the payments for our products/services to you;

• Marketing and communications vendors, which help us market our products/services to you, show you advertisements, and conduct other outreach campaigns, including vendors providing email, telephone, and text message services;

• Research and development vendors, which help us develop and improve our products and services;

• Data and business analytics vendors, which help us collect, analyze, and improve the accuracy of our data (including Personal Information);

• IT and network administration vendors, which provide services such as data storage and management, website hosting, and data security;

• Professional service firms, which provide accounting, legal and other professional services; and

• General service providers, which help us with day-to-day business operations such as office support services, courier services, facilities management, and document destruction.

Each Service Provider is expected to use reasonable security measures appropriate to the nature of the information involved to protect your Personal Information from unauthorized access, use, or disclosure. 

California Shine the Light Disclosure – Your Privacy Rights

We do not sell Personal Information to third parties for their own direct marketing purposes.  

Public Nature of Blockchains

We may facilitate your ability to mint NFTs on the Polygon blockchain. Please be aware that we do not own or control the Polygon blockchain and that any information written on the Polygon blockchain may be publicly accessible.

Other Important Privacy Provisions

Security

We recognize the importance of safeguarding the confidentiality of Personal Information from loss, misuse, or alteration. Accordingly, we employ commercially reasonable administrative, technical, and physical safeguards to protect Personal Information from unauthorized access, disclosure, and use. Even with these safeguards, no data transmission over the Internet or other network can be guaranteed 100% secure. As a result, while we strive to protect information transmitted on or through our Sites or Services, you do so at your own risk.

Compliance with Laws and Law Enforcement

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose Personal Information and any other information about you to government or law enforcement officials or private parties if, in our discretion, we believe it is necessary or appropriate to respond to legal requests (including court orders, investigative demands and subpoenas), to protect the safety, property, or rights of ourselves, consumers, or any other third party, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with law.

Other Transfers

We may share Personal Information and Usage Data with businesses controlling, controlled by, or under common control with us. If we are merged, acquired or sold, or in the event of a transfer of some or all of our assets, we may disclose or transfer Personal Information and Usage Data in connection with such transaction.

International Transfers

Personal Information will be processed in the United States and/or Europe. Whenever we transfer Personal Information concerning a European resident out of the European Economic Area, Switzerland, or the United Kingdom (collectively, “EEA”), we ensure that we have your consent or adequate safeguards are in place as required by the GDPR or its Swiss or UK equivalent by either (i) transferring your Personal Information to countries or persons participating in approved-programs such as the EU-U.S. Data Privacy Framework that have been deemed to provide an adequate level of protection for Personal Information by the European Commission and/or UK government or (ii) using standard contractual clauses approved by the European Commission and/or UK government which give Personal Information a similar amount of protection as it has in Europe, including additional safeguards as needed. Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Information out of the EEA.

By providing Personal Information to us, you consent to the transfer to and processing of your Personal Information in the United States and Europe.

Links and Other Websites

Our Sites may contain links to third party websites. Please be aware that if you access these links, you will be leaving our Site. We encourage users to read the privacy policies of those sites, as we are not responsible for their content, links, or privacy procedures.

Data Retention  

We will only retain your Personal Information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your Personal Information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation or regulatory inquiry in respect to our relationship with you.

To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

 

Updates

We may update this Privacy Policy in the future and will post any updates on our Sites. Updates are effective immediately upon posting. If you use our Sites or Services after the update, you agree to the updated Privacy Policy.

Children’s Privacy

Our Sites and Services are not intended for children under the age of 18 and we do not knowingly collect Personal Information from children under the age of 18. If we become aware that we have inadvertently received Personal Information from a child under the age of 18, we will delete such information from our records.

California “Do Not Track” Disclosure

Do Not Track is a web browser privacy preference that causes the web browser to broadcast a signal to websites requesting that a user’s activity not be tracked. Currently, our Sites and Services currently do not respond to “do not track” signals.

Notice to European Residents

This section applies only to individuals located in the European Economic Area, Switzerland, or the United Kingdom.

Personal Information

Any reference to “Personal Information” in this Privacy Policy is equivalent to “Personal Information” governed by European data protection laws (collectively, “EU Laws”).

Controller

Studio Halia is the controller of Personal Information covered by this Privacy Policy for purposes of EU Laws. 

Lawful Basis for Processing

We use your Personal Information for business purposes as outlined below and only as permitted by law. Our processing of your Personal Information may require sharing it with third parties in order to accomplish the stated purpose.

 

“Legitimate Interest” means the interests of our business in conducting and managing our business to enable us to give you the best Sites and Services possible and protect our reasonable business concerns. We consider and balance any potential impact on you (positive and negative) and your rights under EU Laws before we process Personal Information for our Legitimate Interest. We do not process Personal Information for our Legitimate Interests if we determine that our interests are overridden by the impact on your rights (unless we have consent, or the processing is otherwise permitted by law). If you are located in Europe, please contact us if you would like more information about how we assess our Legitimate Interests.

If consent is our lawful basis for processing your Personal Information, we will obtain consent from you prior to processing your Personal Information for the purpose for which consent is required and you may revoke your consent at any time by contacting us using the contact information below.

Change of Purpose  

We may use your Personal Information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your Personal Information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Special Categories of Personal Information

We ask that you not provide us with any special categories of Personal Information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Sites, the Service, or otherwise. 

If you provide any special categories of Personal Information to us, you must consent to our processing and use of such special categories of Personal Information in accordance with this Privacy Policy. If you do not consent to our processing and use of special categories of Personal Information, you must not submit such special categories of Personal Information.

Data Subject Rights

You may have rights under EU Laws in relation to your Personal Information, including the right to:

• Request access to your Personal Information. This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it.

• Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

• Request deletion of your Personal Information. This enables you to ask us to delete or remove Personal Information when there is no legally valid reason for us to process it. You also have the right to ask us to delete or remove your Personal Information when you have successfully exercised your right to object to processing (see below), when we may have processed your information unlawfully, or when we are required to erase your Personal Information to comply with law. However, please note that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

• Object to processing of your Personal Information when we are relying on a Legitimate Interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it infringes your fundamental rights and freedoms. You also have the right to object when we are processing your Personal Information for marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which overrides your rights and freedoms.

• Request restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of your Personal Information in the following scenarios:

• If you want us to establish the data’s accuracy.

• When you believe our use of the data is unlawful, but you do not want us to erase it.

• When you need us to hold the data even if we no longer require it because you need it to establish, exercise, or defend legal claims.

• You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

• Request the transfer of your Personal Information to you or to a third party. We will provide your Personal Information in a structured, commonly used, machine-readable format. Please note that this right only applies to Personal Information that you provided to us.

• Withdraw consent at any time when we are relying on consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain sites or services to you. We will advise you if this is the case at the time you withdraw your consent.

Exercising Rights

If you wish to exercise any of the rights set out above, please contact us at help@studiohalia.com. 

Generally, you will not have to pay a fee to exercise any of the rights described herein. However, if your request is clearly unfounded, repetitive, or excessive, we may charge a reasonable fee or refuse to comply with your request. We will inform you of any fee, and require payment be received, prior to acting upon the request for which the fee is charged. We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made multiple requests. In this case, we will notify you and keep you updated. If we decline your request, we will tell you why, subject to legal restrictions.

Complaints or Concerns

You have the right to make a complaint at any time to the supervisory authority for data protection issues in the country in which you reside. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance at help@studiohalia.com.

Contact Us

If you have any questions about this Privacy Policy, please email us at help@studiohalia.com.