Back to OpenhouseXR

Privacy Policy

Effective Date: May 16, 2026  ·  Last Updated: May 16, 2026

This Privacy Policy describes how OpenhouseXR ("OpenhouseXR", "we", "us", or "our") collects, uses, discloses, and safeguards Personal Information when you use our mobile applications, web applications, virtual-reality and extended-reality clients, and related services (collectively, the "Services"). Please read this Policy carefully. By accessing or using the Services, you acknowledge that you have read, understood, and agree to the practices described in this Policy.
Contents
  1. Scope and Applicability
  2. Data Controller
  3. Key Definitions
  4. Information We Collect
  5. Sources of Information
  6. Purposes and Legal Bases
  7. Disclosures to Third Parties
  8. International Data Transfers
  9. Data Retention
  10. Information Security
  11. Your Rights and Choices
  12. Account and Data Deletion
  13. Children's Privacy
  14. Tracking and Analytics
  15. Device Permissions
  16. Shared and Public Content
  17. Third-Party Services and Links
  18. California Residents (CCPA/CPRA)
  19. EEA and United Kingdom Residents (GDPR)
  20. Canadian Residents (PIPEDA)
  21. Changes to this Policy
  22. Contact Us

1. Scope and Applicability

This Policy applies to Personal Information processed by OpenhouseXR in connection with:

This Policy does not apply to information collected by third parties whose products, services, or websites are not controlled by us, even where such third parties are referenced or linked from within the Services. We encourage you to review the privacy policies of any third party before providing them with Personal Information.

2. Data Controller

The entity responsible for the processing of your Personal Information described in this Policy is OpenhouseXR. For the contact details of our privacy representative, please refer to Section 22 (Contact Us).

3. Key Definitions

4. Information We Collect

4.1 Information You Provide Directly

When you register for, configure, or use the Services, we may collect the following Personal Information that you provide directly:

4.2 User Content

The Services are designed to capture, store, and render spatial representations of physical environments. In connection with your use of the Services, we collect and process User Content that you elect to create or upload, which may include:

You retain ownership of your User Content. We process User Content solely for the purposes described in this Policy and in accordance with our Terms of Service.

4.3 Technical and Device Information

When you interact with the Services we may automatically collect limited technical information necessary for the operation, security, and integrity of the Services, including:

4.4 Information We Do Not Collect

We do not intentionally collect the following categories of information through the Services:

5. Sources of Information

We obtain Personal Information from the following sources only:

  1. Directly from you, when you register an account, configure the Services, capture or upload User Content, or contact us;
  2. Automatically, through your interaction with the Services as described in Section 4.3;
  3. From our Service Providers, where such providers facilitate authentication, storage, or processing on our behalf and in accordance with documented instructions.

6. Purposes of Processing and Legal Bases

We process Personal Information for the purposes set forth in the table below. Where the General Data Protection Regulation ("GDPR") or the United Kingdom General Data Protection Regulation ("UK GDPR") applies, the corresponding legal basis is identified.

PurposeLegal Basis (EEA/UK)
To create, authenticate, and maintain your account, and to deliver the core functionality of the Services.Performance of a contract with you (Art. 6(1)(b) GDPR).
To store, process, convert, and render User Content at your request, including format conversion between interchange formats.Performance of a contract (Art. 6(1)(b) GDPR).
To respond to your inquiries, requests, or support communications.Performance of a contract and our legitimate interests in providing customer support (Art. 6(1)(b) and (f) GDPR).
To maintain the security, integrity, availability, and proper operation of the Services, including detection and prevention of fraud, abuse, and unauthorized access.Our legitimate interests in operating a secure service (Art. 6(1)(f) GDPR) and compliance with legal obligations (Art. 6(1)(c) GDPR).
To enforce our Terms of Service, defend or establish legal claims, or comply with applicable law, regulation, legal process, or governmental request.Compliance with legal obligations (Art. 6(1)(c) GDPR) and our legitimate interests (Art. 6(1)(f) GDPR).
To improve the Services, including diagnostic review of error conditions and operational telemetry, in each case using the minimum information necessary.Our legitimate interests in improving and maintaining the Services (Art. 6(1)(f) GDPR).

We do not process Personal Information for the purposes of behavioural advertising, profiling that produces legal or similarly significant effects, or sale of Personal Information to third parties.

7. Disclosures to Third Parties

We disclose Personal Information only as described below. We do not sell Personal Information, and we do not share Personal Information for cross-context behavioural advertising.

7.1 Service Providers

We engage carefully selected Service Providers to perform functions on our behalf, including:

Service Providers are bound by written agreements that restrict their processing of Personal Information to the purposes for which we have engaged them and require the implementation of appropriate technical and organizational safeguards.

7.2 Legal and Safety Disclosures

We may disclose Personal Information where we have a good-faith belief that disclosure is necessary to: (a) comply with applicable law, regulation, legal process, or enforceable governmental request; (b) enforce our Terms of Service, including investigation of potential violations; (c) detect, prevent, or otherwise address fraud, security, or technical issues; or (d) protect the rights, property, or safety of OpenhouseXR, our users, or the public, as required or permitted by law.

7.3 Business Transactions

In the event that OpenhouseXR is involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, or sale of all or a portion of its assets, Personal Information may be transferred to the acquiring party or successor entity, subject to the commitments made in this Policy or as otherwise consented to by you.

7.4 With Your Direction or Consent

We may disclose Personal Information to additional third parties where you direct us to do so or otherwise consent to such disclosure.

8. International Data Transfers

OpenhouseXR is based in Canada. Personal Information that we collect may be processed in, transferred to, and stored in Canada and other jurisdictions where we, our Service Providers, or our affiliates maintain facilities. These jurisdictions may have data-protection laws that differ from those in your country of residence.

Where required by applicable law, we implement appropriate safeguards for international data transfers, which may include the European Commission's Standard Contractual Clauses, the United Kingdom International Data Transfer Agreement or Addendum, or transfers to jurisdictions that have been recognized as providing an adequate level of protection. You may request a copy of the safeguards applicable to a specific transfer by contacting us at the address in Section 22.

9. Data Retention

We retain Personal Information only for as long as is necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Specifically:

Where Personal Information is no longer required, we will securely delete or anonymize it.

10. Information Security

We implement and maintain reasonable and appropriate administrative, technical, and physical safeguards designed to protect Personal Information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Such safeguards include, without limitation:

No method of transmission over the internet or method of electronic storage is one hundred percent secure. While we strive to use commercially reasonable means to protect your Personal Information, we cannot guarantee its absolute security.

11. Your Rights and Choices

Subject to applicable law and to the limitations and exceptions set forth therein, you may have the following rights with respect to your Personal Information:

To exercise any of these rights, please contact us using the details in Section 22. We may require you to verify your identity before responding to a request. We will respond within the time period required by applicable law.

12. Account and Data Deletion

You may delete your account at any time. Account deletion is performed through the in-application account-management interface and results in the removal of your account record and associated User Content from our active production systems. Authentication credentials maintained by our identity provider are deactivated as part of the deletion process.

Following deletion, residual copies of Personal Information may persist in encrypted operational backups for a limited period before being overwritten in the ordinary course of system operation. We do not access such residual copies except as necessary for disaster recovery or legal compliance.

If you are unable to access the in-application deletion mechanism, you may submit a deletion request to us at the address in Section 22 and we will process the request without undue delay.

13. Children's Privacy

The Services are not directed to, and we do not knowingly collect Personal Information from, children under the age of thirteen (13) years (or such higher age threshold as may apply under the laws of your jurisdiction, including age sixteen (16) in certain European jurisdictions). If you believe that a child has provided Personal Information to us, please contact us at the address in Section 22 and we will take steps to delete such information.

14. Tracking, Analytics, and Cookies

We do not use third-party advertising networks, behavioural-analytics providers, cross-site tracking pixels, advertising identifiers, or session-replay tools in the Mobile App or XR Clients. We do not track you across other applications or websites for advertising purposes, and we do not respond to "Do Not Track" signals because we do not engage in tracking that would be modified by such signals.

The Website may use a limited number of strictly necessary cookies or equivalent technologies required for the operation of the site (for example, to remember your cookie-consent preferences where applicable). Where required by law, we will obtain your consent before placing any non-essential cookies.

The Mobile App and XR Clients do not use cookies. Authentication state is maintained through tokens stored in operating-system-level secure storage as described in Section 4.1.

15. Device Permissions

To enable certain features of the Services, we request access to specific device capabilities. You may grant or deny these permissions at the time of the request and may modify your choices at any time through your device's settings:

Denying any of the foregoing permissions will prevent the corresponding feature from functioning but will not affect other functionality of the Services.

16. Shared and Public Content

The Services may permit you to generate a shareable link to a specific scan or environment that allows third parties to view that content without authenticating to the Services. If you choose to share such a link, any person in possession of the link may access the associated User Content for the duration that the link remains active. You are solely responsible for the distribution of any shareable link that you generate, and we recommend that you share links only with intended recipients. You may revoke a shareable link at any time through the Services.

17. Third-Party Services and Links

The Services may contain links to, or interoperate with, third-party services, websites, content, or applications that are not owned or controlled by OpenhouseXR. We are not responsible for the privacy practices of such third parties. We encourage you to review the privacy policies of any third party with which you interact in connection with your use of the Services.

18. Additional Information for California Residents

This section applies to residents of the State of California and supplements the foregoing provisions in accordance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the "CCPA").

18.1 Categories of Personal Information Collected and Disclosed

In the twelve (12) months preceding the Effective Date of this Policy, we have collected the categories of Personal Information described in Section 4, which correspond to the following statutory categories under the CCPA: identifiers (including email address and account identifier); customer-records information (such as username); internet or other electronic-network-activity information (such as request logs); and visual information (such as User Content consisting of photographs or spatial scans). We have disclosed such categories of Personal Information to Service Providers as described in Section 7.1 for the business purposes set forth in Section 6.

18.2 No Sale or Sharing of Personal Information

We do not sell Personal Information, and we do not share Personal Information for cross-context behavioural advertising, as those terms are defined under the CCPA. We have not engaged in any such sale or sharing in the twelve (12) months preceding the Effective Date of this Policy.

18.3 Sensitive Personal Information

We do not use or disclose sensitive Personal Information (as defined under the CCPA) for purposes other than those permitted under the CCPA without notice.

18.4 California Privacy Rights

California residents have the right to: (i) know what Personal Information we have collected, used, disclosed, and sold (if any); (ii) request deletion of Personal Information; (iii) request correction of inaccurate Personal Information; (iv) opt out of any sale or sharing of Personal Information (which we do not engage in); and (v) be free from unlawful discrimination for exercising their CCPA rights. You may exercise these rights by contacting us at the address in Section 22.

18.5 Authorized Agents

You may designate an authorized agent to submit requests on your behalf. We may require the authorized agent to provide proof of your written authorization and may require you to verify your identity directly with us.

19. Additional Information for EEA and United Kingdom Residents

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the rights set forth in Section 11 in addition to any rights provided by applicable local law. The legal bases on which we rely for processing your Personal Information are set forth in Section 6. You have the right to lodge a complaint with the data-protection supervisory authority in the jurisdiction of your habitual residence, place of work, or place of the alleged infringement.

20. Additional Information for Canadian Residents

We comply with the Personal Information Protection and Electronic Documents Act ("PIPEDA") and applicable provincial privacy legislation, including, where applicable, Québec's Act respecting the protection of personal information in the private sector. You have the right to access and request correction of your Personal Information, to withdraw consent (subject to legal or contractual restrictions and reasonable notice), and to file a complaint with the Office of the Privacy Commissioner of Canada or the applicable provincial commissioner.

21. Changes to this Policy

We may update this Policy from time to time to reflect changes in our practices, the Services, or applicable law. When we make material changes, we will revise the "Last Updated" date at the top of this Policy and, where required by applicable law or where the changes materially affect your rights, we will provide you with additional notice (for example, by in-application notification or by email to the address associated with your account). Your continued use of the Services following the effective date of any updated Policy constitutes your acknowledgement of such updates.

22. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your Personal Information, please contact us at:

OpenhouseXR
Attention: Privacy
Email: support@solv-x.ca

We will endeavour to respond to all legitimate requests within the time periods required by applicable law.