Idometrics Logo
Join UsApp Store

Privacy Policy

Version: 1.1 | Effective Date: 02 Sep, 2025

Introduction

Welcome to Idometrics. This Privacy Policy applies to Idometrics (the "Platform"), which includes Idometrics apps, website, and related services accessed via any device that links to this Privacy Policy. The Platform is provided and controlled by Idometrics Ltd., with its registered address at 77 Diana Avenue, Bradford, Ontario, N3T 0R6, Canada.

Idometrics Ltd. is the data controller responsible for the personal data collected through our Platform. This Privacy Policy outlines how we collect, use, share, and protect your personal data in accordance with the applicable laws of the region or country.

We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice or our practices regarding your personal information, please contact our Privacy Officer at support@idometrics.com.

1. Information We Collect

We collect personal information that you voluntarily provide when registering, using our services, uploading videos, and interacting with the platform.

A. Personal Information Provided by You, including:

  • Account Details: Name, email, username, password, profile image, phone number, date of birth, country, city, state, and communication preferences.
  • User-Generated Content (UGC): Uploaded videos, captions, hashtags, metadata (including timestamps and locations), impact scores, and user profile elements.
  • Messaging Content: Messages and related metadata, such as participant IDs and timestamps, when using our messaging features.
  • Payment Information: Transaction history and billing information submitted during purchases, processed securely by Stripe.
  • Identity Verification: Information submitted to confirm user identity or age, particularly for verified accounts or restricted content.
  • Support and Feedback: Information you submit when contacting support, participating in surveys, or entering competitions.

B. Automatically Collected Information

  • Usage Data: Engagement metrics such as video views, likes, skips, watch time, and interactions with recommendations.
  • Device and Technical Information: We automatically collect certain technical data when you use the platform, including your IP address, device model, browser type, app version, operating system, and time zone. This data helps us maintain platform functionality, improve performance, and detect unauthorized activity.
  • Behavioral Insights: Inferred data such as age range, interests, and gender, used to improve personalization and content recommendations.
  • Moderation Data: When you flag content or block another user, we collect the report metadata (reporting user ID, reported user ID, timestamp, category, optional comments) and any actions taken by our moderators.

C. Sensitive Data

  • Location Data: Collected only with your explicit consent.
  • AI Processing Data: Actions such as skips, likes, and view duration are used for recommendation logic. Personally identifiable data is excluded from AI training.

2. User-Generated Content

By uploading content, you grant Idometrics a non-exclusive, royalty-free, perpetual, transferable, sub-licensable license to use, display, and distribute it on the platform.

  • You retain ownership of your content.
  • You may request the removal of off-chain content (e.g., videos, captions) at any time.

3. How We Use Your Information

As explained below, we use your information to improve, support, and administer the Platform, to allow you to use its functionalities, and to fulfill and enforce our Terms of Service. We process your data for the following purposes:

We use your data to:

  • Create, manage, and maintain user accounts
  • Provide personalized recommendations using AI based on engagement data
  • Enable social features such as following, messaging, and content sharing
  • Improve the platform by analyzing usage trends and preferences
  • Request testimonials and publish them only with user consent
  • Respond to user support requests and feedback
  • Prevent fraud, abuse, or unauthorized access
  • Enforce our Terms of Service and legal obligations
  • Process and respond to content reports and user‑blocking requests
  • Fulfill purchases and provide related services
  • Ensure platform security and monitor system performance
  • Train AI systems (without using personally identifiable data).
  • Comply with applicable legal obligations.

4. Use of AI in Our Services

We utilize AI for:

  • Video similarity scoring
  • Personalized video recommendations. The feature is currently under development, and you will be notified before it becomes active.
  • Content moderation flagging (reviewed by human moderators)

Key Safeguards:

  • AI systems do not train on identifiable personal data.
  • Final decisions affecting account status are made by humans.
  • You may opt out of AI-driven recommendations.
  • We do not use automated decision-making that produces legal or similarly significant effects without human review.

5. Children's Privacy

  • Users under 13 are not permitted to create an account.
  • Users under 18 require verifiable parental/guardian consent before registering.
  • If personal data from a child under 13 is discovered, it will be deleted immediately.
  • If you are a parent/guardian and believe your child has provided data without consent, contact us and we will delete it.

6. Data Sharing

We share personal data only when necessary, and only in the following cases:

  • Cloud & Infrastructure Providers: Services such as Cloudinary and DigitalOcean (media hosting) and AWS (cloud processing)
  • Payment Processing: Shared with Stripe for secure transactions
  • Music Licensing: Aggregated playback data is shared with Universal Production Music to meet licensing obligations
  • AI & Analytics Providers: Services like TensorFlow for pose analysis and behavior-based personalization
  • Legal Compliance: Shared in response to valid legal, regulatory, or court requests
  • Optional Integrations: Only if you explicitly authorize them

We do not sell or share your personal information. If this changes in the future, we will update this Privacy Policy and provide notice.

7. Cookies and Tracking

We use cookies for:

  • Secure login and session management
  • Performance monitoring and usage analytics
  • Personalized content recommendations. This feature is currently under development, and you will be notified before it becomes active.

You can manage cookie preferences in your browser settings. We do not use cookies for targeted advertising at this time.

8. Blockchain and Data Storage

  • On-Chain Data: Records such as dance ownership or time-stamped submissions are stored immutably on the Polygon blockchain via Infura. These records cannot be modified or deleted.
  • Off-Chain Data: Videos, interactions, and profile information are stored in systems like MongoDB and may be updated or deleted by the user.

9. Licensed Audio Library

Our licensed music catalog includes songs from Universal Production Music as well as original songs uploaded by users who hold the necessary rights. We collect and process the following data related to music usage on the platform:

A. Licensed Music (Third-Party Licensor)

  • Playback and Sync Data: Songs used, frequency, and duration
  • User Preferences: Tracks synced to user content
  • Engagement Trends: Aggregated for internal improvements and licensing reports

No personally identifiable data is shared with music licensors. Videos using licensed music cannot be monetized outside of Idometrics.

B. User-Uploaded Music

  • Music Metadata: Title, artist name, genre, upload timestamp, and any tags provided by the user.
  • Licensing Confirmation: Information confirming that the user holds rights to upload and share the song
  • Usage Data: Number of times the uploaded song is synced with content or played by the community

By uploading music, users grant Idometrics a non-exclusive, royalty-free license to distribute the song within the platform's Audio Library for in-app use only. This content will not be shared externally or monetized outside the platform.

10. Data Retention

  • Account Data: Retained until the user deletes the account
  • User Content: Retained indefinitely unless deleted by the user
  • Moderation Logs: We retain reports, flag metadata, and block‑list data for up to 2 years to support appeals, audits, and legal compliance.
  • AI Usage Data: Behavioral interaction data (e.g., watch history, skips, likes) may be retained for up to 5 years. This data is associated with user IDs solely to enable personalized recommendations within the platform.
  • Legal Retention: Some records may be retained as required by law (e.g., tax/accounting).

We do not use this data for profiling beyond platform functionality, and it is not used to train AI models in a way that could expose or re-identify individuals.

You may request data deletion by emailing support@idometrics.com

11. Data Security

We implement industry-standard security practices, including:

  • Encryption: AES-256 for storage; SSL/TLS for data in transit
  • Access Controls: Restricted employee access to sensitive data
  • Regular Security Audits: To detect and remediate vulnerabilities

While we use best practices, no system can guarantee absolute security.

12. Data Breach Protocol

If a data breach occurs:

  • Users will be notified within 72 hours.
  • Canadian authorities will be informed as required.
  • EU/UK regulators will also be notified where applicable.
  • Containment and mitigation measures will begin immediately.

13. Your Privacy Rights by Country/Region

Idometrics Ltd. operates globally. Your privacy rights may differ depending on where you live. We are committed to protecting your personal data under all applicable laws. This section summarizes your rights by jurisdiction. You may exercise these rights by contacting us at support@idometrics.com.

Important: For launch, we apply a global standard requiring verifiable parental/guardian consent for users under 18. This approach is stricter than some regional requirements (such as the United States or the EU) and therefore safe globally. We may later adjust age thresholds region by region to align more closely with local laws as the platform evolves.

Region / Law - Core Rights

  • EU / EEA / UK / Switzerland (GDPR & UK GDPR): Access, rectification, erasure, restriction, portability, objection, withdraw consent, complaint to regulator.
  • Brazil (LGPD): Confirmation, access, correction, anonymization/blocking, portability, deletion, info on sharing, withdraw consent, review of automated decisions.
  • United States (CCPA/CPRA + State Laws): Know, access, delete, correct, opt-out of sale/sharing, limit sensitive data use, non-discrimination.
  • Canada (PIPEDA + Quebec Law 25): Access, correction, deletion, withdraw consent, opt-out of AI-driven personalization when available.
  • Asia-Pacific (APPI, PIPA, PDPA, DPDP): Access, correction, deletion/suspension, withdraw consent, grievance redressal, portability (some), parental consent under 14–18 depending on country.
  • South Africa (POPIA): Access, correction/deletion, object to direct marketing or automated decisions, complaint to regulator.
  • Middle East (UAE PDPL, KSA PDPL, Qatar, Bahrain): Access, rectification, erasure, restriction, portability, objection, withdraw consent, complaint to authority.

Full Jurisdiction Details

A. European Union, European Economic Area, Switzerland, and the United Kingdom

General Data Protection Regulation (GDPR) and UK General Data Protection Regulation (UK GDPR)

If you are located in the EU, EEA, Switzerland, or the UK, you have the following rights:

  • You have the right to access your personal data.
  • You have the right to correct inaccurate or incomplete data.
  • You have the right to request the erasure of your data ("right to be forgotten").
  • You have the right to restrict processing in certain circumstances.
  • You have the right to data portability (to obtain your data in a structured, machine-readable format).
  • You have the right to object to processing, including profiling and direct marketing.
  • You have the right to withdraw consent where processing is based on consent.
  • You have the right to lodge a complaint with your national Data Protection Authority.

B. Brazil

Lei Geral de Proteção de Dados (LGPD)

If you are located in Brazil, you have the following rights:

  • You have the right to confirmation of whether we process your data.
  • You have the right to access your personal data.
  • You have the right to correct inaccurate, incomplete, or outdated data.
  • You have the right to anonymization, blocking, or deletion of unnecessary or excessive data.
  • You have the right to data portability to another service provider.
  • You have the right to request deletion of data processed with your consent.
  • You have the right to receive information about public and private entities with whom we share your data.
  • You have the right to withdraw consent at any time.
  • You have the right to review decisions made solely on automated processing, including profiling.

C. United States

California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) and other state laws, including the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA), Oregon Consumer Privacy Act (OCPA), Texas Data Privacy and Security Act (TDPSA), and others effective 2024–2025.

Depending on your state, you may have the following rights:

  • You have the right to know what personal data we collect, use, disclose, or share.
  • You have the right to access and request a copy of your data.
  • You have the right to request deletion of your personal data.
  • You have the right to request correction of inaccurate data.
  • You have the right to opt out of the sale or sharing of your personal data.
  • You have the right to limit the use of sensitive personal data.
  • You have the right not to face discrimination for exercising your rights.

We do not sell or share your personal information.

D. Canada

Personal Information Protection and Electronic Documents Act (PIPEDA) and provincial laws, including Quebec Law 25.

If you are located in Canada, you have the following rights:

  • You have the right to access your personal information.
  • You have the right to correct inaccurate or incomplete information.
  • You have the right to delete your account and associated data.
  • You have the right to withdraw consent for processing.
  • You have the right to opt out of AI-driven personalized recommendations when they become available.

E. Asia-Pacific

If you are located in the Asia-Pacific region, your rights vary by country:

  • Japan – Act on the Protection of Personal Information (APPI): You have rights to access, correct, suspend, or delete your data. We will notify you in advance of overseas transfers as required by law, and we remain accountable for protecting your data even when processed outside Japan.
  • South Korea – Personal Information Protection Act (PIPA): If you are under 14, parental/guardian consent is required. You have rights to access, correct, suspend processing, and delete your data. When your data is transferred overseas, organizations must ensure that it receives an equivalent level of protection under PIPA.
  • Singapore – Personal Data Protection Act (PDPA): You have rights to access and correct your data and to withdraw consent at any time. We are required to ensure that any overseas transfer continues to provide a comparable standard of protection.
  • India – Digital Personal Data Protection Act 2023 (DPDP Act): Effective 2025. You have rights to access, correct, and delete your data, and to file grievances for redressal. Children under 18 require parental/guardian consent. Transfers of your data outside India must comply with government-prescribed safeguards to ensure continued protection.
  • Australia – Privacy Act 1988 (as amended): You have rights to access and correct your personal data. As your data is transferred and stored in the United States, we remain accountable under Australian law. We take reasonable steps to ensure it is protected, including relying on Amazon Web Services (AWS) data centers that are independently certified to internationally recognized security standards such as ISO 27001 and SOC 2, and on contractual safeguards (Data Processing Addendums and Standard Contractual Clauses) to provide equivalent protection to the Australian Privacy Principles (APPs).
  • New Zealand – Privacy Act 2020: You have rights to access and correct your data, and to file complaints with the Office of the Privacy Commissioner. When data is sent overseas, we must ensure it is subject to comparable privacy protections.

F. South Africa

Protection of Personal Information Act (POPIA)

If you are located in South Africa, you have the following rights:

  • You have the right to access your personal data.
  • You have the right to request correction or deletion of inaccurate, irrelevant, or excessive data.
  • You have the right to object to processing for direct marketing or automated decision-making.
  • You have the right to lodge a complaint with the Information Regulator.

G. Middle East

United Arab Emirates – Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL), Kingdom of Saudi Arabia – Personal Data Protection Law (KSA PDPL), Qatar – Law No. 13 of 2016 on Personal Data Privacy Protection, Bahrain – Law No. 30 of 2018 Personal Data Protection Law

If you are located in these jurisdictions, you have the following rights:

  • You have the right to access your personal data.
  • You have the right to correct inaccurate or incomplete data.
  • You have the right to request the erasure of personal data where legally permitted.
  • You have the right to restrict processing in certain circumstances.
  • You have the right to data portability (where applicable).
  • You have the right to object to processing, including direct marketing.
  • You have the right to withdraw consent where processing is based on consent.
  • You have the right to lodge a complaint with your national Data Protection Authority or competent regulator.

International Data Transfers

Your personal data is transferred and stored in the United States (AWS us-east-1). We apply safeguards including:

  • Contractual protections: Standard Contractual Clauses (SCCs), Data Processing Addendums (DPAs), and equivalent agreements.
  • Technical protections: We rely on Amazon Web Services (AWS) data centers, which are independently certified to internationally recognized security standards such as ISO 27001 and SOC 2.
  • Accountability: We remain responsible for your data under applicable laws such as the General Data Protection Regulation (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA), and the Australian Privacy Principles (APPs).
  • Consistency: These safeguards ensure your personal data receives a level of protection consistent with your local law.

These safeguards are designed to ensure your personal data receives a level of protection that is consistent with the requirements of your local data protection laws. We do not sell or share your personal information. If this changes in the future, we will update this Privacy Policy and provide appropriate notice.

Children's Privacy

Because our platform is a user-generated content (UGC) app, we take children's privacy seriously:

  • Minimum Age: Users under 13 are not permitted to create an account.
  • Global Parental Consent (Launch Policy): Users under 18 require verifiable parental/guardian consent to register and use the service.
  • Verification Process: We use industry-standard methods (such as email verification, one-time passcodes, or guardian authorization) to confirm parental consent before enabling full access.
  • Parental Rights: Parents/guardians may review their child's data, request deletion, and revoke consent at any time by contacting us.

Failure to provide valid parental consent will result in account suspension or deletion. We may later adjust age thresholds by region to align more closely with local legal requirements.

15. Exercising Your Rights

To exercise any of these rights, or if you have questions about how we handle your data, please contact us at support@idometrics.com. We will verify your identity (or parental authority, if applicable) and respond in accordance with applicable law.

16. Policy Updates

We may update this Privacy Policy periodically. Any material changes will be:

  • Announced via email (if applicable)
  • Displayed in an in-app notice
  • Reflected in the "Revised" date at the top of this document

The latest version will always be available in-app or on our website.

17. Governing Law

This Privacy Policy is governed by the laws of Canada, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.

18. Contact Us

If you have questions or comments about this notice, you may email us at support@idometrics.com or send by post to:

Idometrics

77 Diana Avenue,

Bradford, Ontario,

N3T 0R6, Canada

Idometrics

Stay connected with us! Explore our app on all your devices for seamless access and efficiency.

Our Company
About UsContact UsPartner With Us
Help
Terms of ServicePrivacy PolicyCommunity GuidelinesIntellectual Property Policy

©️ Copyright 2025. IDO. All Right Reserved.