Privacy policy.

About us

Hello! Welcome to the Weyo Privacy Policy.

Thank you for using WEYO™ apps for kids. ‘Weyo’, ‘Sesame Street Yourself’, ‘Oddbods Oddlife’ and ‘The Wiggles - Fun Time with Faces’ are owned and operated by WEYO PTY LTD (ABN 17 601 065 196)(referred to in this policy as WEYO, we, us or our). This privacy policy applies to your use of ‘Weyo’, ‘Sesame Street Yourself’, ‘Oddbods Oddlife’ and ‘‘The Wiggles - Fun Time with Faces’ (Apps) and website located at www.weyo.app (Website) (which we will refer to collectively as the Services) and any other information you may provide us in association with your use of the Services.

We are committed to protecting the privacy of all our users. The Privacy Act (1988) (Cth) (Privacy Act) and the Australian Privacy Principles (Privacy Principles) set out in Schedule 1 of the Privacy Act, govern the collection, storage, use, and disclosure of information by which individuals may be identified. Further, we comply with EU General Data Protection Regulation 2016/679 (GDPR), and the US Children’s Online Privacy Protection Act 1998 (COPPA).

coppa-certification

This privacy policy details how we comply with the above laws regarding the collection, use, storage, sharing and protection of your information and data. We may update this privacy policy from time to time at our sole discretion. Any variations become effective on posting the updated privacy policy and we shall have no obligation to provide you with individual notice of such changes. Your continued use of the Services following the publication of any amended privacy policy shall signify your acceptance of that amended privacy policy, except where we are otherwise required by law to seek your direct consent.

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING ANY PART OR WHOLE OF THE SERVICES.

IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY, PLEASE DO NOT INSTALL, ACCESS OR USE THE SERVICES.

Children’s privacy

Our Services are designed for the whole family, including young children with parent supervision. As such, the protection of children’s privacy is of the upmost importance at WEYO.

Our Services do not collect or store personal information about children under the age of 13. The App does allow your children to create images and videos of themselves (Children’s Content). Children’s Content is only ever saved locally on your device and is only accessible within the App’s viewing page. For the avoidance of doubt, no Children’s Content is ever saved or copied onto WEYO’s or any third party’s servers.

Children’s Content created in the App can only be saved locally to a device after a ‘parent gate’ is completed. A Parent Gate is a question or task that prompts children under the age of 13 to have a parent or guardian help them advance to the next page. Successful completion of a Parent Gate leads to a ‘Just for Grown Ups’ page where you can choose subscribe to our premium service, allowing you to save any of the videos the child has created to the device’s camera roll.

In order to create the videos, the Parent Gate has a prompt for the App to access your camera, microphone or camera roll. Note that refusing access to camera or microphone could affect our ability to provide the App in a functional form.

Our Services automatically collect anonymous usage data for the purpose of providing and improving the Services for our users. If there was any instance where such automatically collected information could cumulatively be used to personally identify a child, we would then ask for a parent or guardian’s email address in order to obtain parental consent to collect and use such information in line with COPPA requirements. Email addresses collected for this purpose would only be used to seek consent, and are not stored or used for any other reason without your permission.

If you have any questions or concerns about your child’s privacy through the use of our Services, we encourage you to contact our privacy officer at [email protected] for more information about our privacy policies and practices.

General privacy

What Information Do We Collect

‘Personal Information’ means information that can be used to personally identify you such as your name, email address, or payment details. To be clear, in line with our Children’s Privacy Policy above, WEYO does not collect or process Personal Information of any person under the age of 13.

‘Usage Information’ means anonymous aggregate data that is automatically collected through your use of the Services. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Services. This information is used to aid us in resolving any technical issues that may arise, or for statistical analysis to help us to improve the Services to the benefit of all users.

The GDPR recognises that Usage Information, whilst for the most part anonymous, can be cumulatively used to directly or indirectly identify you. Usage Information that can be used to identify you in any way, together with your Personal Information, shall collectively be referred to in this privacy policy as ‘Personal Data’.

How Do We Collect Your Information

Personal Information is collected directly from you when you:

  • subscribe to our premium service or make an in-app purchase (IAP)
    At any time, you can choose to subscribe to our premium service (or make an IAP) which provides you access to extended and exclusive features and content within the App, including the ability to store multiple videos for playback inside the App. You can purchase a subscription (or IAP) at any time through the App Store or other application platforms authorised by us from time to time (Software Stores). If you choose to subscribe or make an IAP, you will be prompted to go through a Parent Gate which, once successfully completed, will take you to the relevant Software Store to complete your purchase. Your Software Store account (SS Account), will be charged for the subscription in accordance with the terms disclosed to you at the time of purchase as well as the general terms for subscription services or IAP’s that apply to your SS Account. For the avoidance of doubt, your payment details are never stored or held by WEYO and the collection and processing of your Personal Information for purchases is governed by the applicable privacy policy for the Software Store which your purchase is made through;

  • provide your email to sign up to ‘Weyo’ or to opt in to our mailing list; or

  • contact us via email or otherwise to raise a question or concern about the Services.

It is your choice to provide Personal Information to us. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with us. Please be aware that it may be necessary for us to collect your Personal Information to enable us to provide the Services to you. As such, if you do not wish to provide your Personal Information, we may not be able to provide the Services to you in a fully operational form.

TRUEDEPTH API

Our App utilises TrueDepth API to map the faces of users to create the effect of wearing masks within the App. Note that face-maps or any other data utilised by TrueDepth API is not collected, processed or stored by WEYO at any time.

COOKIES

We collect anonymous Usage Data on our Website through Google Analytics and Facebook Ad Analytics, which utilises cookies, pixel tags and other tracking technologies (collectively Cookies). Cookies are small packets of data that are downloaded onto your device when you access a website. Cookies hold specific information that helps a website ‘remember’ your actions and preferences over time. These are the types of Cookies that we may use to operate our Services:

Strictly Necessary Cookies – these Cookies are essential to making sure the Services work correctly, and record information that allows you to move around the Services and navigate their features.

Performance Cookies – these Cookies collect information about how you use the Services, such as how often you access the Services and if you encounter any errors.

Functionality Cookies – these Cookies allow our Services to remember the choices you make to provide a more personalised experience.

Cookies can stay on your device temporarily (Session Cookies) or until you manually delete them (Persistent Cookies).

If you have any questions about how we collect usage data, please email your enquiry to us at [email protected].

How Do We Use Your Personal Data

Legimate purposes that you agree WEYO may use your Personal Data for include but are not limited to the following:

  • to respond to requests submitted by you;

  • to ensure technical functioning of the Services;

  • to prevent, detect and investigate potential illegal activities, security breaches and fraud and to enforce the Terms of Use; and

  • to contact you via email to provide you with information about the Services, only where you have opted in to receiving such communication and until you withdraw such consents by altering your account settings or by emailing WEYO at [email protected].

For the avoidance of doubt, we will only use your Personal Data for purposes that you would reasonably expect WEYO to use your Personal Data for in connection with operating and providing the Services to you, or where we are required by law to collect your Personal Data. We will not sell, rent, or licence your email address or any of your Personal Data unless we have otherwise obtained your express consent to do so.

We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing, and as such these consents can be modified at any time by emailing us at [email protected], or by clicking ‘unsubscribe’ on any direct marketing communications.

Who Do We Disclose Your Personal Data To

You agree and consent to WEYO disclosing your Personal Data to:

  • other entites in WEYO’s corporate group structure;

  • the Australian Broadcasting Corporation, Sesame Workshop, One Animation, Mattel and other service providers with whom WEYO has entered into an agreement with to help WEYO provide the Services, including marketing agencies, financial service providers and technical support;

  • certain third parties (IP rights holders, authorities, police, regulators) if WEYO is required to do so by law.

For the avoidance of doubt, this privacy policy applies to all employees, consultants, contractors and agents of ours and covers all information collected via your use of the Services, as well as information supplied to us in person, by phone, by writing (including email) or in any other way.

You can withdraw your consent for us to share your Personal Data with third parties at any time by emailing us at [email protected], but please note that withdrawal of such consents may affect your ability to access and use the Services.

What are your rights to your Personal Data

In accordance with the GDPR, we acknowledge the right of EU citizens to:

  • have their data erased that is no longer being used for a legitimate purpose;

  • request a copy of all Personal Data held about you by WEYO in a readable format; and

  • request restricted processing of your Personal Data whilst any complaints or concerns are being resolved.

To erase, request or restrict processing of your Personal Data, please email us at [email protected].

Accessing, Reviewing and Changing your Personal Information

WEYO cannot modify your Personal Information. You can modify your own information by emailing us at [email protected]. You acknowledge that it is your responsibility to maintain the truth, accuracy, and completeness of your information and your failure to do so may inhibit our ability to provide the Services.

You acknowledge and agree that you remain solely responsible for maintaining the truth, accuracy, and completeness of your information at all times, and we shall have no liability to you or any third party arising from your failure to do the same.

Security

WEYO protects your Personal Data through technical security measures i.e. firewalls, encryption that limit the risk of loss, disclosure, unauthorised access and modification. No security measures are, however, 100% secure so we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss or misuse of any information or data or for the actions of any third parties that may obtain any information or data.

Notwithstanding the above, we acknowledge our obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where our data breach involves the information of EU citizens, report to the European Data Protection Supervisor. We will also inform you, where possible, if your data has been breached in the circumstance where it poses a risk of serious harm or your rights and freedoms.

WEYO also warrant that our personnel who may have access to your Personal Data are trained and educated about this privacy policy and our obligations under the Privacy Act, Privacy Principles, GDPR and COPPA. For more information on our internal policies, email us at [email protected].

Overseas Disclosure

We may, in the course of providing the Services to you, disclose Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where we transfer data to a third party in a country where no adequacy decision has been made, we warrant that such third parties in those countries are bound under contract to meet the requirements of the Privacy Act, Privacy Principles and GDPR.

Contact

Thank you for taking the time to read our privacy policy. If you have any questions regarding our privacy policy, you can reach our privacy officer at [email protected].

If you are not satisfied with our handling of your Personal Data, or have any other concern over our privacy policy, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au) or with the European Data Protection Supervisor (for more information, please see https://edps.europa.eu).

11. Your Data Protection Rights under the California Privacy Protection Act (CalOPPA)

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivable the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/

According to CalOPPA we agree to the following:

(a) users can visit our site anonymously;

(b) our Privacy Policy link includes the word “Privacy”, and can easily be found on the page specified above on the home page of our website;

(c) users will be notified of any privacy policy changes on our Privacy Policy Page;

(d) users are able to change their personal information by emailing us at [email protected].

Our Policy on “Do Not Track” Signals:

We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

12. Your Data Protection Rights under the California Consumer Privacy Act (CCPA) If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data and not to sell (share) it. To exercise your data protection rights, you can make certain requests and ask us:

(a) What personal information we have about you. If you make this request, we will return to you:

(i) The categories of personal information we have collected about you.

(ii) The categories of sources from which we collect your personal information.

(iii) The business or commercial purpose for collecting or selling your personal information.

(iv) The categories of third parties with whom we share personal information.

(v) The specific pieces of personal information we have collected about you.

(vi) A list of categories of personal information that we have sold, along with the category of any other company we sold it to. If we have not sold your personal information, we will inform you of that fact.

(vii) A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with. Please note, you are entitled to ask us to provide you with this information up to two times in a rolling twelve-month period. When you make this request, the information provided may be limited to the personal information we collected about you in the previous 12 months.

(b) To delete your personal information. If you make this request, we will delete the personal information we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information. If you choose to delete your personal information, you may not be able to use certain functions that require your personal information to operate.

(c) To stop selling your personal information. We don’t sell or rent your personal information to any third parties for any purpose. You are the only owner of your Personal Data and can request disclosure or deletion at any time.

7

Please note, if you ask us to delete or stop selling your data, it may impact your experience with us, and you may not be able to participate in certain programs or membership services which require the usage of your personal information to function.

But in no circumstances, we will discriminate against you for exercising your rights. To exercise your California data protection rights described above, please send your request(s) by one of the following means:

By email: [email protected]

Your data protection rights, described above, are covered by the CCPA, short for the California Consumer Privacy Act. To find out more, visit the official California Legislative Information website. The CCPA took effect on 01/01/2020.

10. Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. – See more at https://eur-lex.europa.eu/eli/reg/2016/679/oj

We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

5

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at [email protected].

In certain circumstances, you have the following data protection rights:

(a) the right to access, update or to delete the information we have on you;

(b) the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;

(c) the right to object. You have the right to object to our processing of your Personal Data;

(d) the right of restriction. You have the right to request that we restrict the processing of your personal information;

(e) the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format;

(f) the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information;

Please note that we may ask you to verify your identity before responding to such requests.

Please note, we may not able to provide Service without some necessary data.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).