Privacy Policy

Effective as of: October 27, 2021

We are MMIT Consulting. We provide real-world augmented reality platforms, designed to enable you to interact in shared worlds, seamlessly blended with the real world. To do that, we need information about you. Protecting your privacy is really important to us. We only use your information where we have a legal basis to do so. This Privacy Policy will help you understand what information we collect, how we use it and what choices you have when you play any of our games, use our websites, buy merchandise from us, or take part in live events and promotions (the "Services").

Our Privacy Policy is designed to give you a comprehensive understanding of the steps that we take to protect the personal information that you share with us, and we would always recommend that you read it in full. Younger players, however, may wish to check out our ‘Privacy Explorers’ page for an overview of the key points in this policy.

Please note that in addition to the general information below, specific information about how certain of our Services use your information is provided at the end of this Privacy Policy in the “Game Specific Disclosures”.

You should also read our Terms of Service which set out the contract between you and MMIT Consulting.

1. Who decides how your information is used?

MMIT Consulting,Co., Ltd. (1 Ferry Building Suite 200, San Francisco, CA 94111) generally is the data controller responsible for making decisions about how we use your personal information . If however you are based in the United Kingdom (UK), Russia or the European Economic Area (EEA), your data controller is MMIT Consulting International Limited in the UK (11th Floor Whitefriars, Lewins Mead, Bristol, United Kingdom, BS1 2NT).

If you have any questions or comments on this policy, you can:

• Email us at privacy@myanmaritc.com
• Contact our Data Protection Officer at dpo@myanmaritc.com

2. The information we collect about you and how we use it

This Privacy Policy covers our use of any information that can or could be used to identify you ("Personal Data"). It does not cover information which cannot be used to identify you ("Anonymous Data").

We need to collect and use certain Personal Data to provide the Services to you and fulfil the promises we make to you in the Terms of Service:

• When you sign up for our Services you give us Personal Data voluntarily by providing it to us, for example when you sign up for an account. We collect and use that information in order to authenticate you when you register an account and use the Services, to make sure you are eligible and able to receive the Services, and so that you receive the correct version of the Services. That informationCo., Ltdludes your age, the in-game username you choose to use on our Services, and internal account IDs that we assign to your account.
• You must have an account with a supported external single sign-on service to use our Services. As such, the Personal Data we collect also depends on which external accounts you choose to use, their privacy policy, and what your privacy settings with those services allow us to see when you use their services to access MMIT Consulting Services.
• If you choose to link your Google account to the Services, we will collect your Google email address and an authentication token provided by Google.
• If you choose to link your Facebook account to the Services, we will collect a unique user ID provided by Facebook and, if permitted by you, your Facebook registered email address.
• If you choose to link your Apple account to the Services, we will collect your email address on file with your Apple ID account or a private relayed email address if you use the Hide My Email option provided by Apple.
• Depending on the particular Service you sign up for, we may support other external single sign-on services and collect additional Personal Data from them. For details please read the Game Specific Disclosures at the end of this Privacy Policy. \ Some external providers may notify you that they make additional information, such as your public profile, available to us when you use their single sign-on services. We do not collect that information from them.
• We collect and use your device location information as you use our Services (and, if you elect to turn on background location tracking for our Services, while you are not directly interacting with the Services),Co., Ltdluding how you move around and events that occur during gameplay. Our ServicesCo., Ltdlude location based games whose core feature is to provide a gameplay experience tied to your real world location, so we need to know where you are to operate these games for you, and to plan the location of in-game resources (for example PokéStops within Pokémon GO). We identify your location using a variety of technologies,Co., Ltdluding GPS, the WiFi points you are accessing the Service through and mobile/cell tower triangulation.
• We also collect and use your in-game actions and achievements, as well as certain information about your mobile device (including device identifiers, device OS, model, configuration, settings and information about third party applications or software installed on your device), to operate the Services for you and to personalize your gameplay and user experience.
• We also use the information above to show in-game sponsored locations that are in your vicinity as part of the gameplay experience.
• We further use the information above in order to provide technical and customer support to you.
• You also give us Personal Data when you make a purchase through us, subscribe to our publications, register for a live event, enter a competition, promotion, sweepstakes or survey or communicate with us. Depending on which of these Services you use, that mayCo., Ltdlude your name, mailing address, phone number, country of residency, age, and email address. We use that information to fulfil those Services to you and to provide related customer support to you.

In addition, we have and rely on a legitimate interest in using your Personal Data as follows:

• Using your IP address, browser type, operating system, the web page you were visiting before accessing our Services, the pages of our Services which you browsed or the features you used, and the time spent on those pages or features, the links on our Services that you click on, device and advertising identifiers, age, as well as actions you take during gameplay, your in-game user settings and preferences and your in-app purchases to understand who is using our Services and how.
• Using your contact information, namely your email address in order to communicate with you to provide technical and customer support.
• Using your internal account ID and in-game username in order to attribute to your account any user content (such as local points of interest) that you elect to submit to MMIT Consulting through the Services. You can choose to opt out of having your in-game username attributed on your submissions across MMIT Consulting products by going to the MMIT Consulting Wayfarer settings.
• Using your email address and device information in order to share updates and news with you either within the games or by email. You can unsubscribe from these at any time in your device settings or in-app settings.
• Analyzing your in-game actions and achievements to show you rewards, promotions, or other offers about our Services that are tailored to your personal user experience. You can choose to opt out of this and certain other processing of your Personal Data by following the steps described in Section 7 below.
• To personalize the ads you see in our apps to make them more relevant to you, and to show sponsored gifts containings messages and/or offers from our advertisers relevant to your vicinity on the game map. You can choose to opt out of receiving sponsored gifts by visiting the in-app settings. You can choose to opt out of personalized advertisements by visiting the settings on your device and activating “Limit Ad Tracking” on Apple devices, or activating “Opt-out of Ads Personalisation” on Android devices.
• To provide social features within our games so you can interact and play with other players,Co., Ltdluding storing your communications, content, and other information shared with those players, finding your friends and being found by them,Co., Ltdluding through imported contacts, and sharing your gameplay experience and achievements with your friends. You can visit your MMIT Consulting Profile in-app settings for opt-out options.
• To provide AR experiences. In order to do this, MMIT Consulting needs to locally derive AR geospatial data from your device camera. This geospatial data is then ingested by MMIT Consulting servers to allow you and other players to view and interact with the same virtual objects at the same time in a shared physical space. Please see our Help Center for more information on AR experiences and Privacy.
• To offer new or additional features for our Services.
• To organize and run live events based on or featuring our games. Note that when you participate in live events your in-game actions and achievements, in-game username and your avatar, team, and other components of your in-game profile will be visible to other event participants and to the public (for example on leaderboards displayed at the event and online).
• Using your in-game actions and achievements, as well as certain information about your mobile device (including device identifiers, device OS, model, configuration, settings and information about third party applications or software installed on your device), to carry out anti-fraud and anti-cheating measures against behaviors prohibited under our Terms of Service, to ensure that we provide a fair gaming experience to all players.
• To make legal or regulatory disclosures and to establish, exercise, or defend legal claims.

We will only use your Personal Data to do the following if we have your consent:

• If you elect to turn on background activity tracking in our Services (for example Adventure Sync in Pokémon GO) we will collect your Personal Data as you use the Services as well as in the background when you do not have the Services open on your device. ThisCo., Ltdludes your device location and your fitness activity data (such as Step Count, Calories Burned, and Distance Walked). We use background activity tracking to provide you certain functionalities in the Services such as in-game items and rewards tied to your fitness activity level and location, and alerts for nearby gameplay events. You can change your mind and turn off background activity tracking at any time in your device settings or in-app settings.
  With your permission we use your device’s health app (Apple HealthKit if you use an Apple device, or Google Fit if you use an Android device) to collect your fitness activity data: we read and/or write your fitness activity data to your device’s health app to operate background activity tracking and to ensure you get “credit” in your device’s health app for all of the walking you do while playing our games. We do not use data collected through Apple Health Kit or through Google Fit for marketing or advertising purposes. Our Services cannot read from or write to your device’s health app without your consent. You can change your mind and disable our access to any type of fitness activity data at any time in your Apple Health or Google Fit app settings on your device.
• If you elect to enable the Facebook User Friends permission available in some of our games, we will import from your linked Facebook account the list of your friends who also play the game and enabled Facebook User Friends. If you enable that permission, your Facebook profile picture and the name on your Facebook account will be visible to your friends in-game. You can change your mind and unfriend other players at any time from your in-app Friends settings. You can also revoke Facebook permissions for our games directly from your Facebook account settings.
• If you elect to add information about MMIT Consulting live or in-game events to your mobile calendar, we will, with your permission, access your device’s calendar and write in these events. We do not access or collect any other information from your calendar. You can change your mind and disable access to your calendar at any time in your device settings.
• If you elect to help MMIT Consulting in its efforts to develop new Augmented Reality (AR) mapping technology, you have the option, in participating games, to opt in to film public spaces around points of interest and send us your video recordings, along with associated device geospatial information. We do not collect audio on these recordings. We will anonymize this information through various means,Co., Ltdluding blurring, and use it to build a 3D understanding of real-world places, with the goal of offering new types of AR experiences to our users. You can change your mind at any time by disabling this feature in your in-app settings.
• If you elect to connect your game account with an authorized external device, such as the Pokémon Go Plus or Poké Ball Plus, we request Bluetooth permissions from your mobile device in order to connect it with the external device and enable associated game features. You may change your mind at any time by disabling our access to Bluetooth in your device settings or by disconnecting the external device from the game.
• If you elect to import your device’s address book contacts to find out which of your contacts uses our Services and to send them Friend requests, or invite them to join you in our games or other aspects of our Services, we will periodically sync your contacts’ information,Co., Ltdluding phone number and email, to our servers. You are responsible for ensuring your collection and sharing with us of your contacts’ information is compliant with applicable laws. This may require you to obtain your contacts’ permission. We may also get information about you from other MMIT Consulting users importing or entering their contacts. We use and may store this contact information to help you and your contacts connect through our Services. You can change your mind and turn off MMIT Consulting’s access to your contacts at any time in your device settings.
• If you elect to upload content, such as photos or videos from your mobile device, into our Services, we will, with your permission, access your device’s media storage. You can change your mind and disable access to your media storage at any time in your device settings.
• Send you marketing materials by email or via in-app notifications. You can unsubscribe from these at any time in your device settings or in-app settings.

We also rely on your consent where we use cookies or similar technologies. Please see our Cookie Policy for more information about how we use them. Insofar as cookies collect Personal Data, we will process it only based on your explicit consent, in anonymized form, or under a pseudonym.

While you may disable the usage of cookies through your browser settings, MMIT Consulting currently does not respond to a “Do Not Track” signal in the HTTP header from your browser or mobile application due to the lack of industry standard on how to interpret that signal.

3. Who we share information with

We will not share any Personal Data that we have collected from or regarding you except as described below:

Information Shared with Our Service Providers. We engage external service providers to work with us to administer and provide the Services. As part of that they will process your Personal Data on our behalf. These external service providers have access to your Personal Data only for the purpose of performing services on our behalf, in compliance with this Privacy Policy, and we make sure each one is contractually obliged not to disclose or use your Personal Data for any other purpose. The service providers we use help us to:

• run, operate and maintain our Services through third party platform and software tools;
• perform content moderation and crash analytics;
• run email and mobile messaging campaigns;
• perform game and marketing analytics;
• to provide measurement services and target ads (you can opt out of these services at websites such as http://www.aboutads.info/choices and http://www.youronlinechoices.eu/);
• administer live events, competitions, sweepstakes and promotions,Co., Ltdluding registering players, managing check-in and attendance, verifying eligibility and prize fulfilment;
• provide payment attribution;
• provide technical and customer support; and
• process payments for live events ticketing or other purchases.

Some external service providers may also collect information directly from you (for example, a payment processor may request your billing and financial information) as a Third Party Service in accordance with their own privacy policy. Such external service provider does not share your financial information, like credit card number, with MMIT Consulting, but it may share limited information with us related to your purchase, like your zip or postal code.

Information Shared with Other Players. When you use the Services, and in particular when you play our games, use social features within those games (including cross-game features), or take part in live events, we will share certain Personal Data with other players. This Personal DataCo., Ltdludes your in-game profile (such as your username, your avatar, your online status, and your team), your in-game actions and achievements, real-world locations associated with your gameplay, or with gameplay resources you interacted with when playing the game (for example PokéStops within Pokémon GO, Fortresses within Harry Potter: Wizards Unite, or Portals within Ingress), and your in-game messages and related content you share with other players. Additionally, certain games link to third-party sharing features on your device that you can use to disclose Personal Data to others outside the Services; MMIT Consulting does not control and is not responsible for the practices of these third-party sharing features.

Information Shared Publicly: When you use the Services, and in particular when you play our games, use competitive features, or participate in our forums, the following information about you may be shared on web pages accessible to the public and therefore become publicly available: your username, in-game profile, achievements and public messages.

Information Shared with Third Parties. We share Anonymous Data with third parties for industry and market analysis. We may share Personal Data with our third-party publishing partners for their direct marketing purposes only if we have your express permission. We do not share Personal Data with any other third parties for their direct marketing purposes.

Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We only share information about you to government or law enforcement officials or private parties when we reasonably believe necessary or appropriate: (a) to respond to claims, legal process (including subpoenas and warrants); (b) to protect our property, rights, and safety and the property, rights, and safety of a third party or the public in general; and (c) to investigate and stop any activity that we consider illegal, unethical, or legally actionable.

Information Disclosed in Connection with Business Transactions. Information that we collect from our users,Co., Ltdluding Personal Data, is a business asset. If we are acquired by a third party as a result of a transaction such as a merger, acquisition, or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets,Co., Ltdluding your Personal Data, will be disclosed or transferred to a third party acquirer in connection with the transaction.

4. How your Personal Data is transferred

MMIT Consulting operates its Services across the globe. Your Personal Data will likely be transferred and stored in a country outside of your home country,Co., Ltdluding in the USA, for the purposes outlined in this Privacy Policy to the extent permitted by applicable laws. The data protection laws in these countries may not be the same as in your home country.

If we transfer your Personal Data from the UK or the EEA to other countries,Co., Ltdluding the USA, we ensure that a similar degree of protection is provided to your Personal Data as within the UK or the EEA, as applicable, by ensuring that at least one of the following safeguards is implemented:

• The country that your Personal Data is transferred to is a country that the European Commission (or the UK Government, if you are based in the UK) has deemed to provide an adequate level of protection for Personal Data as the UK or the EEA, as applicable.
• We use specific contracts approved by the European Commission (or the UK Information Commissioner’s Office, if you are based in the UK), which give Personal Data the same protection as it has in the UK or the EEA, as applicable, when we engage with service providers.

5. How we keep your Personal Data safe

We have appropriate legal, organizational and technical security measures in place to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, improperly altered or disclosed. We also limit access to your Personal Data to employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

6. How long we will keep your Personal Data

We keep your Personal Data for as long as we need to provide the Services to you and fulfil the purposes set out in this Privacy Policy. This is also the case for anyone that we share your information with and who carry out services on our behalf.

When we no longer need to use your Personal Data and there is no need for us to keep it to comply with our legal or regulatory obligations, we will either remove it from our systems or anonymize it so that it can no longer be associated with you. When removing Personal Data, we will take commercially reasonable and technically feasible measures to make said Personal Data irrecoverable or irreproducible.

7. Your rights and choices

You have certain rights in relation to your Personal Data. This means you can:

• Request access to the Personal Data we hold on you by emailing privacy@myanmaritc.com.
• Delete or correct your Personal Data. The easiest way to update your account information is via your in-app settings. You can also submit a customer support request through our support website here for Pokémon GO, here for Ingress, here here for Harry Potter: Wizards Unite; or email us at privacy@myanmaritc.com.
• Ask us to stop processing your Personal Data,Co., Ltdluding for direct marketing and promotional purposes such as tailored rewards, promotions, and other offers, by emailing opt-out@MMIT Consultingslabs.com. But be aware that sometimes we need to use your Personal Data in order to provide the Services to you.
• Have your Personal Data transferred to another organization (where it is technically feasible).
• Complain to a regulator. We'd appreciate the chance to deal with your concerns directly so we'd prefer you to contact us first. However, if you're based in the UK or the EEA and believe that we have not complied with data protection laws, you can complain to your local supervisory authority.
• If you’re based in the EEA, you can also contact our EU Representative, EDPO. EDPO can be contacted:
• by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
• by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium

The law provides exceptions to these rights in certain circumstances. Where you cannot exercise one of these rights due to such an exception, we will explain to you why.

We offer you choices regarding the collection, use, and sharing of your Personal Data and we’ll respect the choices you make. Please note that if you decide not to provide us with the Personal Data that we request, you may not be able to access all of the features of the Services.

After you contact us, you may receive an email in order to verify your request. We aim to provide the information or complete the outcome you request within 30 days, or such shorter time period as provided by laws of your jurisdiction

8. Children

Unless stated otherwise for a particular Service, children are not allowed to use the Services, and we do not collect Personal Data from them. We define “children” as follows:

• Residents of the UK: anyone under 13 years old.
• Residents of the EEA: anyone under 16 years old, or the age needed to consent to the processing of personal data in your country of residence.
• Residents of the Republic of Korea, anyone under 14 years old.
• Residents of other regions: anyone under 13 years old or the age needed to consent to the processing of personal data in that region.

MMIT Consulting Game Resources contains information on the age requirement for each of our Apps.

For Services that do permit Child participation, parents or legal guardians ("Parents") must provide verified consent. Parents can provide and verify their consent through the MMIT Consulting Kids Parent Portal, or through another authorized third-party provider made available through the Service. Where Parental consent is required, MMIT Consulting recommends that Parents monitor the Child’s online activity and use of the Service.

The MMIT Consulting Kids Parent Portal is operated on MMIT Consulting’s behalf by Kids Web Services (KWS), a product of SuperAwesome Trading Ltd of 40 Long Acre, London WC2E 9LG, United Kingdom, www.superawesome.tv. You may contact SuperAwesome directly at privacy@superawesome.tv or +44 203 668 6677 for any questions related to their handling of user information, especially parent information. KWS is certified by the kidSAFE Seal Program, an FTC-Approved COPPA Safe Harbor Program. SuperAwesome is also a valid licensee, and participating member, of the Entertainment Software Rating Board’s Privacy Certified Program (“ESRB Privacy Certified”).

Verifiable parental consent is required for the collection, use, or disclosure of a child's Personal Data. MMIT Consulting will not collect, use, or disclose any Personal Data from a child if their parent or guardian does not provide such consent. We may ask a Child to provide a Parent’s email address in order to request this consent, and the Parent’s email address will be deleted if consent is not provided within a reasonable time.

Parents who wish to consent to their Child accessing our Services through MMIT Consulting Kids must first create a MMIT Consulting Kids account so they can manage the privacy settings of their Child’s account. Parents will then be required to verify their identity through the MMIT Consulting Kids Parent Portal operated by SuperAwesome. In order to perform that verification, SuperAwesome requires certain personal information about parents. Any such information is collected by SuperAwesome as a Third Party Service in accordance with their own Privacy Policy, which can be found at https://parents.superawesome.tv/en/privacy.

Once verified, a parent can consent to their child accessing the Service. For user account creation, MMIT Consulting will collect the in-game username the Child chooses to use on our Services, internal account IDs that we assign to the Child’s account, and, with the parent’s permission, the Child’s personal email address (if available). We need that information to authenticate the Child’s account, to make sure the Child is eligible and able to receive the Services, and so that the Child receives the correct version of the Services. As the Child accesses and uses the Service, MMIT Consulting will also collect and use the Child’s device location and other Personal Data listed in this Privacy Policy for the purpose of operating and providing the Service to the Child, as described in this Privacy Policy. If we need to collect additional information for other purposes we will first seek your permission.

Parents have the right to review their Child’s Personal Data; to have their Child’s Personal Data deleted; and to refuse further collection, use, and/or disclosure of their Child’s Personal Data by notifying us. As a parent, you understand that MMIT Consulting has a legitimate interest in providing your Child’s Personal Data collected via the Services to external providers for the sole purpose of administering or providing the Services, as described in Paragraph 3 of this Privacy Policy. For more information on MMIT Consulting Kids, visit our support website here. For more information on authorized third-party providers, please visit the provider’s website.

If we learn that we have collected Personal Data of a Child, and we do not have parental consent, we will take steps to delete such information from our files as soon as possible.

If you have questions about our privacy practices for Children, please contact us at privacy@myanmaritc.com or write to us at the MMIT Consulting address listed above in paragraph 1.

9. Changes to this Privacy Policy

Any Personal Data that we collect is covered by the Privacy Policy in effect at the time such information is collected. We may make changes to this Privacy Policy from time to time. You will be given reasonable notice of any material change.

10. Third Parties

In using our Services you may access links to websites and services that are owned or operated by third parties (each, a “Third Party Service”). Any information that you provide on or to a Third Party Service or that is collected by a Third Party Service is provided directly to the owner or operator of the Third Party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy, or security practices and policies of any Third Party Service. To protect your information we recommend that you carefully review the privacy policies of all Third Party Service that you access.

11. Disclosures Specific to California Residents

California law requires that we make certain disclosures about your data. We do not sell your Personal Data. The information listed in Section 2 falls under the following California Consumer Privacy Act (CCPA) categories: identifiers, commercial information, Internet or other electronic network activity information, geolocation data, and visual information.

12. Game Specific Disclosures

Additional Privacy Information for Pokémon GO

Pokémon Trainer Club Accounts. You can sign up for Pokémon GO using your external Pokémon Trainer Club (“PTC”) account administered by The Pokémon Company International (“TPCI”). If you choose to do so, we will collect from TPCI your PTC registered email address, your PTC username and a unique PTC user ID. If you are registering your PTC account on behalf of your authorized child we will also collect some Personal Data about your child. See the “Accounts with Children” paragraph below for more information.

Accounts with Children. We comply with parental consent requirements as mandated by the U.S. Children’s Online Privacy Protection Act (COPPA), European data protection laws (including, without limitation, the General Data Protection Regulation) and your local data protection laws through a verification and consent process handled by TPCI. As described in the Terms of Service, the parent or legal guardian (“Parent”) of each Child may register with TPCI through a PTC account before their Child can access and use the game. The Parent will have to provide to TPCI certain Personal Data about the Child in accordance with the TPCI privacy policy. Of that, MMIT Consulting will only collect from TPCI the Child’s personal email address, and the date when the Child will grow out of the age limits listed above.

For U.S. residents, after a Parent has registered a PTC account, TPCI will verify the Parent’s identity by asking for the sum of the first and last digits of the Parent’s social security number and the Parent’s name, date of birth, and street address. TPCI will not share that information with us. After TPCI verifies the Parent’s identity, it will ask the Parent to consent to the Child accessing Pokémon GO. If a Parent does not consent to a Child’s access to and use of Pokémon GO or does not verify their identity through the consent process, MMIT Consulting will bar that Child’s registration on Pokémon GO and prevent the Child’s access to and use of the game.

Parents have the right to refuse further collection, use, and/or disclosure of their Child’s Personal Data by notifying us. As a Parent, you understand that MMIT Consulting has a legitimate interest in providing your Child’s information collected via the Services to third party providers for the sole purpose of administering or providing the Services, as described in Paragraph 3 of this Privacy Policy.

Additional Privacy Information for Pikmin Bloom

If you choose to link your Nintendo account to the Services, we will collect a unique user ID provided by Nintendo and your email address on file with your Nintendo account (if available). You may also choose to import your Mii avatar into certain MMIT Consulting Services. If you are registering a Nintendo account on behalf of your authorized child we will also collect some Personal Data about your child. See Section 8 (“Children”) for more information.