Prism Labs, Inc. (“Prism”) offers a technology that allows customers to get body insights about their users by collecting and processing different modalities of images and videos of the users. Below we have anticipated some of the questions customers may have about the security of data submitted to Prism and addressed questions about how privacy is maintained. These statements are for guidance only.  The specific obligations and agreements between a customer and Prism can only be reflected in a signed agreement between the parties.

What personal information may be collected from users through the Prism technology?

The type of personal information collected will depend on the specific implementation of the Prism technology by the customer and within the customer’s product, along with the elections made by the customer and/or the user. That information may be transmitted back to Prism through the use by a customer of the Prism API. Prism never directly interacts with or collects information from the user.

The types of personal information that Prism collects may include the following types of information:

  1. Gender
  2. Birth year (solely to confirm that the subject is not a minor)
  3. Weight
  4. Geographic region
  5. Visual body information that originates from the customer's product

Prism does not collect any other information other than what is specified in its technical documentation and the API is not capable of transmitting user facial features or identifying specific body features such as scars or tattoos or any other particular unique characteristic of a person.

How does Prism use users’ information?

  1. The Prism technology performs a digital 3D body reconstruction of each user and can deliver body insights, such as body composition or body circumferences, for delivery to the customer via the API.
  2. Prism will also use personal information to monitor, improve, and develop the Prism products and services.
  3. Certain anonymous, aggregated, and/or de-identified data may be shared with third parties for analysis and business development purposes.

How does Prism protect information and other confidential data?

Prism uses a variety of current technologies and processes and maintains physical, technical, and administrative safeguards for the protection of customer data and user information.

Prism maintains a database on its own servers for the storage of all information collected through the API. It is our practice to use encryption whenever we receive or transmit sensitive data.  We use industry-standard encryption technology to ensure the secure transmission of any sensitive information you provide while using our API. All transactions completed through the API are conducted using 2048-bit Secure Sockets Layer (SSL) encryption.  We will take reasonable measures which we believe are appropriate to protect your information from loss, misuse, alteration and, will ask that any third parties to whom we may transfer your information take comparable steps to protect that security.

Please be aware that security risk is inherent in all internet and information technologies, and we cannot guarantee 100% efficacy in the security practices.  In the unlikely event of a security breach, Prism will promptly notify all affected parties in accordance with our internal policies and applicable law.