Privacy Policy

Effective Date: February 2024

ByondVR Ltd. (“ByondXR”, “we,” “our,” or “us”) is committed to the utmost respect for and protection of user privacy and security. This Privacy Policy sets forth our comprehensive practices for the collection, use, and disclosure of personal information, ensuring adherence to the GDPR and CCPA frameworks and demonstrating our commitment to ethical data handling and user privacy.

We strongly urge you to read this policy and make sure you fully understand and agree with it, before you access or use any of our services. If you do not read, fully understand, and agree to this privacy policy, you must refrain from and/or discontinue any use of our website and avoid or discontinue all use of any of our services.

User Consent and Interaction with Services

ByondXR provides a service for creating and publishing immersive and interactive applications. This Privacy Policy (“Privacy Policy“) describes how we may collect and use information pertaining to each of our unregistered visitors, customers, and registered users (each, a “User” or “you”) in connection with their access to and use of ByondXR’s platform, services, website (including and any of their subdomains; collectively, the “Website”), and web applications (collectively, the “Services”), as well as information pertaining to our visitors and end users experiences.

Engagement with ByondXR’s services signifies informed consent to the collection, processing, and utilization of personal information as detailed in this policy, forming a binding legal agreement, and emphasizing informed engagement with our services.

When providing knowingly personal information, such as a CV or personal information for business connection opportunities and similar incentives, the provider automatically grants his consent for the usage of this information for the desired purpose only.

Information Collection and Purpose

We collect a variety of information to enhance service delivery, facilitate operations, and optimize the user experience while maintaining strict adherence to privacy and security standards.

Non-personal or identifiable Information

  • Definition: data collected automatically or provided by the user, including technical and aggregated usage information, which cannot lead to identification of the user itself.
  • Purpose: To improve service functionality, analyze user interactions, and ensure overall service quality.

Personal Information

  • Definition: data that uniquely identifies an individual, including but not limited to email, password, job history, etc.
  • For logged-in platform users, we keep managers, editors, users, and passwords.
  • Use of Information: for identification, service access, support, recruitment, business contract signing, and service improvement.
  • Security Measures: Robust encryption and data protection protocols ensure the security and confidentiality of data, such as encrypted passwords, etc.
  • Intercom tool is used by the Client Success Managers team to help and provide services.
  • The Intercom Privacy Policy can be foundhere.


In addition, with respect to users of our paid services (as defined in our Terms of Service), we may collect their company name and affiliation, physical address, e-mails, login credentials to our services, payment details, payment preferences, and transaction history (to the extent that any such information is personally identifiable to any particular person; otherwise, we will deem it as non-personal information).

When an enterprise customer uses ByondXR’s Single Sign-On (SSO) feature, it is solely for authentication. ByondXR retains only the necessary user token identifier for login purposes and does not store any other user data.

How do we collect the information?

  • We collect data when you use our services, through cookies and server-side event logging.
  • Our services use Google Analytics for data analytics. Non-personal information might be transmitted to and stored by such services on their servers. At no time, there’s no access to personal identification information (PII) data there.
  • Please visit the Google privacy policy page for more information on this topic:
  • Please note that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application.

Other means of collection:

  • By filling out forms on our website, – are contacting us or requesting a demo of some sort.
  • Some collection is done through third-party technologies and services, like Intercom and AWS.
  • We can get information you or others give us directly, like when you sign up or upload content.

Where do we store personal information?

Information regarding our users may be maintained, processed, and stored by ByondXR and our authorized affiliates and service providers (including our secured cloud storage providers, Amazon Web Services) in the United States of America. 

ByondXR is based in the United States, with offices in New-York City (NYC) and in Israel (Petach-Tikvah). Israel is considered by the European Commission to be offering an adequate level of protection for the personal information of EU Member State residents.

While the data protection laws in the above jurisdictions may be different than the laws of your residence or location, please know that Byond, its affiliates, and service providers that store or process your personal information on ByondXR’s behalf are each committed to keeping it protected and secured in accordance with this privacy policy and industry standards, regardless of any lesser legal requirements that may apply in their jurisdiction.

With whom do we share personal information?

  • Within Your Organization: User information may be shared within their affiliated organization, allowing certain account controls and visibility to other stakeholders/users.
  • Third Party Services: Partners such as cloud services, analytics, security services, and payment processors may access user information to support our services, under confidentiality agreements.
  • Legal and Safety Requirements: Information may be disclosed to comply with legal requests or protect rights and safety governmental requests etc.), without necessarily notifying the User.
  • Information may be shared within ByondXR’s affiliates or during business transitions like mergers or acquisitions, with prior notice if it affects user information significantly.

Compliance and Server-Side Analytics

Our adherence to privacy regulations is evident in our server-side analytics practices, which ensure the protection and ethical handling of personal data while maintaining user privacy.

Data Handling and Protection

  • Data Processing: We process personal and non-personal data responsibly, ensuring GDPR/CCPA compliance.
  • Data Security: Advanced security measures protect against unauthorized access and breaches, with ongoing enhancements to tackle new security challenges.

Server-Side Analytics

  • Data collection for server-side analytics: Comprehensive session data is collected, recording every user interaction for in-depth analysis.
  • Privacy and Consent: Data collection surpasses cookie consent acceptance, bolstering our analytics capabilities while upholding privacy and adhering to GDPR regulations – not being able to identify the end users.
  • Transparency of usage User Information: Clear and comprehensive communication about data practices ensures transparency in how user data is used.
  • Client Communication: Open communication channels with our clients ensure they are fully informed and comfortable with our data practices.

Data Protection and User Rights

Our commitment to data security and user rights is unwavering, with our practices strictly adhering to GDPR guidelines and other relevant data protection laws.

  • Ensuring Data Security: Robust security measures are employed to protect user data from unauthorized access or breaches, with continuous updates to address emerging threats.
  • Respecting User Rights: We acknowledge users’ rights to manage their personal data, offering clear mechanisms for data access, rectification, or deletion in line with user privacy preferences.
  • Compliance with Legal Standards: Our data handling practices strictly adhere to GDPR/CCPA guidelines and other pertinent data protection laws, reflecting our proactive approach to legal compliance.
  • Sensitive Data Management: We handle data from our services and conversion tracking with utmost care, ensuring explicit consent and clear data usage guidelines to maintain the integrity of our processes.

General privacy topics

Communication and Transparency: Transparent communication with our clients is crucial, ensuring they are well-informed about our data practices and any significant updates or changes.

Data Retention and Security: We retain personal information as necessary for service provision and legal compliance, employing robust security measures to protect user data.

Updates to Privacy Policy: We reserve the right to update this privacy policy, providing prior notice of significant changes. Users are encouraged to review the policy periodically for the latest information on our privacy practices.

Age limitation: Our Services are for users over the age of 18; minors must have guardian consent. We don’t knowingly collect data from users under 18 years and will delete such data if discovered.

Language: This Privacy Policy was written in English and may be translated into other languages for your convenience. If a translated (non-English) version of this Privacy Policy conflicts in any way with its English version, the provisions of the English version shall prevail.

Contact and Questions : For any inquiries or concerns about this Privacy Policy, our security measures, or our server-side analytics practices, feel free to contact us at We are dedicated to providing clarity and support regarding our privacy practices, ensuring your privacy and trust are paramount.