Last modified: 1st February 2018
Blippar is the world's first visual discovery browser, using augmented reality, artificial intelligence and computer vision technology to transform how you connect with the world.
The Blippar application for mobile devices (“Blippar App” or the “App”) uses the camera on your smartphone, whilst the App is enabled, to recognise images through the camera and show on-screen dynamic content on top of what you see in the real world – what’s known as 'augmented reality'.
We use artificial intelligence, computer vision technology and other functionality – including, where you choose to enable it, facial recognition technology – to make this happen. Scanning an item or a person with your mobile device is something we call 'blipping', which launches an augmented reality experience we call a 'blipp'.
You can find out more about our App and how it works at https://blippar.com/en/resources/faq/.
As part of our offering to other businesses, we enable them to offer you blipps and augmented reality content via the Blippar App, their own devices and/or web platforms as part of their advertising and marketing campaigns.
At Blippar we are working to build a service which is useful and fun for our users and in doing that we are absolutely committed to your privacy. The Blippar App, Services, websites and related APIs and tools covered by this policy are constantly evolving as we add new features to improve your experience, but our users' privacy remains at the heart of what we do. As the Blippar App changes, so might the information we use and how we use it. We encourage users to consult this policy whilst using Blippar and we will notify you of any material changes to it through the Blippar App.
The technology behind Blippar is complex, and you can do different things using the Blippar App, Services, websites and related APIs and tools, so we have tried to explain the ways we collect and use your data in a straightforward way so you know what is going on. We may provide sets of FAQs on how Blippar works and for specific products and features to help you understand them better. We welcome any feedback or questions you may have on privacy matters and how we use your data – please contact us at email@example.com.
Who we are
Blippar is a technology business headquartered in London, UK, with local subsidiary companies in various countries around the world, including the United States. For the purposes of European data protection law, Blippar.com Ltd (registered in England and Wales, number 07446749) is the ultimate data controller for personal data collected, processed and used through the App.
What this document tells you
When you use the Blippar App, websites, APIs, tools and any other services we may make available, you will share some information with us. When we talk about the Blippar "App" or "Service", we mean all the websites, APIs, tools and other products, services and features offered by Blippar.
This policy is designed to explain to you what information about you Blippar collects in providing the Blippar App and Services, how that information is used and shared and how you can control what happens with that information.
What information we collect
When you use the Blippar App or use our Services we receive certain information about you, including:
We also receive additional personal information about you which you choose to give us. For example, if you want access to our facial recognition features from the Blippar App or a third party app, you may be asked to register some basic information with us so we can provide our Services to you, including your email address, nick name, profile image and confirmation that you are at least 16 years old.
You don’t have to create an augmented reality face profile in order to use the Blippar App and Services but, if you do, we will collect a series of images of your face which we will store against the digital face signature we create as part of the registration process. This includes any unsuccessful images, which we will use for troubleshooting purposes. If you choose to make your profile visible to others then, when someone blipps your face or an image of it, it will search against our database of facial signatures and will also store these scanned images that have been taken of you (see section on facial recognition here for more detail).
We will also collect certain content that you have chosen to associate with your Halo that is specific to you. This may include information from third party sources, such as other social media sites.
When you use our Blippbuilder tool and/or our APIs, content generated or procured by you might be transferred to the Blippar platform (“User Generated Content”).
How we use your information
We use your personal information to provide, monitor and improve the Blippar App, website, services and the technology which supports them and to provide you with a great, personalised experience. We will occasionally use your information to contact you, for instance if you send us requests or ask us questions about Blippar or if there are technical or operational issues or updates which we think our users need to know about.
We provide augmented reality services to brands so that their marketing materials are blippable, providing users with augmented reality content when they blipp materials such as magazine adverts or product packaging. Where we do this, we also report to our clients on an aggregated basis (so that no individuals are identified), the location of users blipping their content, how long they spent interacting with the client's blippable content or our app generally and how they use our app.
We also disclose information in the aggregate to third parties for marketing and strategic development purposes.
We understand that engaging with facial recognition technology may be a new experience for you. At Blippar, we have worked hard to ensure that facial recognition is simple, fun and safe and that it puts the user in control.
Use of our facial recognition features is intended for users who are at least 16 years old. If you are aged under 16, please get your parent/guardian's permission before you provide any personal information to Blippar. Users under 16 without this consent are not allowed to provide us with personal information, including any images of your face. By registering your facial signature, you are representing to us that you are aged 16 or over or have the specific consent of your parent or guardian to use Blippar, including in respect of facial recognition.
Creating facial signatures
You can register your face for recognition through the Blippar App or a third party app by pointing the phone camera at your face; you then have to follow the prompts, guiding your nose to follow the dot around the screen so the camera sees your face from different angles. That process is called the ‘Blippar cross’. This is important as it helps to creates your unique face signature – a biometric print which is essentially a set of measurements of your face features, which the Blippar app can then use to recognise you – kind of like your fingerprint. The number of angles captured during this process also makes it difficult to create a fake profile using someone else’s face, however, you can report any suspicious profiles by emailing us at firstname.lastname@example.org. Once the registration process is complete, you should be recognizable when someone blipps you and you can connect them to your augmented reality profile or other content.
Who can see my profile?
Creating a facial signature does not mean that people can automatically see your profile. Blippar users can see your augmented reality face profile only if they blipp you in person, or an image of you, and you have consented to your profile being visible. Users cannot blipp images stored on the same phone they blipp with.
By default, your profile will be invisible when you first create your profile and any time you choose to make it invisible after that. An invisible profile can only be seen by you. If you make your pfoile invisible after another Blippar user has blipped it, they will be alerted to this if they try to bring up your profile again from their recent blipping history.
We do not allow users to search the database of facial signatures and images to find someone specific and we do not, apart from in very limited circumstances, share facial signatures and profile information with any third party – for more details on such circumstances, see Will Blippar share my facial data?
What happens if I haven’t registered my face for recognition?
If a person being blipped is not a Blippar user, is a Blippar user but does not have a facial signature, or has made their public invisible, the App will not display their augmented reality profile. In this case, a celebrity lookalike may be shown instead based on the public figure our platform thinks they most closely resemble. If another user scans your face while using the Blippar App, and you do not already have a face signature, this will not automatically create one for you.
If you blipp a public figure in real life or an image of them from print or digital media, you will see online content which relates to them and which has been discovered in Blipparsphere. To do this, we have created simple facial signatures for public figures from photographs which are generally available online.
How are facial signatures stored?
To make our facial recognition Services work, we retain the facial images you take of your face when creating your facial signature, and of public figures from online sources, and the facial signatures we create from them all on secure Amazon Web Services (“AWS”) data centres, stored separately from your account data for additional security. We need to do this in order for the App to recognise a face as belonging to a user with a facial signature and for the Service to work.
For how long does Blippar keep information relating to facial recognition?
Blippar will store your facial images, facial signature and content you have added to your profile for as long as your profile exists. This length of time might be determined at the time of registration (eg. for an event), otherwise, we may keep your facial signature and profile active until you request deletion. Details of how to request deletion of your profile and associated data are in the section below.
What control do I have over my facial signature and profile?
A facial signature of a user is only created if the user wants to create one. We do create simple facial signatures from publicly available online images of public figures, and use them to present information relating to them that is available online.
You can typically delete your facial signature and your associated augmented reality profile, or make it invisible to other users, via the options on the Blippar App. If you can’t see that option, just email us at email@example.com and we can do it for you.
Public figures can request to switch off the facial recognition feature by emailing us at firstname.lastname@example.org and we will remove the facial recognition piece so their Blipparsphere profile does not come up when they are blipped. The information associated with them will stay in the knowledge graph.
If you have any questions or concerns about facial recognitions or data that we hold about you then please contact us at email@example.com.
Will Blippar share my facial data?
We will not share your facial signatures or profile information with our clients or third parties, other than when making your profile visible to other users if it is set to visible or where we are required to share such information with service providers who perform services on our behalf. The only exception to this is where there are legal reasons for us to disclose, such as in response to a search warrant or court order. We take keeping this biometric data secure extremely seriously and use AWS, one of the most secure data centres in the world. See sections entitled with third parties and with third parties for legal reasons for further detail.
We will collect aggregated statistics (which are not unique to you and cannot identify you) about how our users or categories of users are interacting with your augmented reality face profile and other services we offer using facial recognition.
This Section Has General Information About Your Personal Information
Where we store your information
The information we collect in relation to you is stored on data centres operated by our third party providers. Our AWS data centres are currently based in Europe and the United States. By using Blippar service, you consent to the hosting of your personal information on these servers, which may involve the transfer of your personal data outside of the country it was collected. It is important to note that countries have different regulations in relation to personal information, including in relation to rights of access by law enforcement authorities.
Can I find out what personal information Blippar holds about me?
You have the right to request details of the personal information Blippar holds about you and to have any inaccuracies corrected. In most cases, we will also be able to provide you with a copy of the personal information we hold. We need to establish your identity as we do not want to release information to the wrong person, so we may ask for documents that prove your identity. Please address requests and questions about this to firstname.lastname@example.org
How we share your information
We may share information about you in the following ways:
How old do I have to be to use Blippar?
Blippar’s services are intended for users who are at least 13 years old (other than our facial recognition features, which are for people age 16 years old and above). Blippar does not knowingly collect personal information from children under 13.
How long will Blippar keep my personal information?
We will hold your personal information on our systems for as long as is necessary to provide access to our app and websites and will not hold onto it once we have processed a request by you to delete your account.
By emailing email@example.com, you can have all account data deleted – if you do this a red flag goes on the database and, while Blippar cannot use the personal information, it stays on the system for a period for administration purposes before being deleted automatically. If you only want to delete facial signature and/or your associated augmented reality, we can delete this information whilst keeping your Blippar account intact.
If we are subject to a legally binding requirement to retain user information for a specific period, this may (subject to the law in question) override your ability to require deletion.
Please remember that other Blippar users may have content and information you have made available through Blippar, for instance through screen shots or other image capture and we do not control how they use or how long they keep that content.
Web browser cookies
A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer, tablet or mobile phone web browser from a website’s computer (i.e., a Web server) and is stored on your computer, table or mobile phone web browser.
Information supplied by cookies can help us to analyse the profile of visitors to our app and website and users of our other services and help us to provide you with a better user experience.
Third party cookies
Third Party Cookies in embedded content on Blippar pages
Blippar cookies and how to reject cookies
If you wish to control what cookies are set on your device through our app, websites or other services then you can by changing the settings on your personal computer or mobile device web browser. It is important to note that if you change your settings and block certain cookies, this means that certain personalised features and other functionality cannot then be provided to you and accordingly you may not be able to take full advantage of all of the app, websites or our other services features.
Other information collected from web browsers
Your web browser may also provide Blippar with information about your device, such as an IP address and details about the browser that you are using. It may also provide Blippar with access to details of your personal computer or mobile device’s location.
Responding to “Do Not Track” signals
Our websites and App do not have the capability to respond to “Do Not Track” signals received from various web browsers.
The security of your information
In addition, we take reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you (including your personal information) from unauthorised access, use or disclosure. We use encryption methods when storing and transmitting. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.
When you download or use the app on your mobile device, information may be accessed from or stored to your mobile device. This is used in a similar way to a web browser cookie, such as by enabling the apps to ‘remember’ you or provide you with the content you have requested.
Your web browser on your device or your mobile device’s operating system may also provide Blippar with information about your mobile device, such as a device identifier or IP address. Device identifiers may be collected automatically, such as the device ID, IP address and apps ID (a unique identifier relating to the particular copy of the Apps you are running). In the future we may use mobile device identifiers for advertising use which perform a similar role to cookies, like the IDFA used by Apple devices and the Advertising ID used by Android devices.
The Data Protection Officer
5th Floor West,
1 London Bridge