Privacy Policy

Last updated: September 23, 2025

Giraffe360 (“Giraffe360“, “we“, “our“, or “us“) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.giraffe360.com or any of its subdomains (the “Website“), use our services, or interact with us in any way.

We offer a service that allows our clients, primarily real estate companies (the “Client“), to create photos, virtual tours, floor plans, and other high-quality visual content (collectively, the “Content“) using Giraffe360 equipment and software tools (the “Service“). The Content is produced by automatically sending the data captured by the Giraffe360 camera to our cloud-based production service. The Content is then made available to Clients through the Giraffe360 content management platform (the “Dashboard“) and via email.

This Privacy Policy does not apply to information that cannot be identified (directly or indirectly) to any individual, household, or their devices, such as de-identified or anonymized information.

Who is responsible for your personal data?
1. The controller of your personal data depends on the entity with which you have concluded an agreement. If you are based in the United Kingdom or the European Union, the controller is Giraffe360 Limited, a company registered in England and Wales (company number: 11274984) with its registered office at 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN. If you are based in the United States, the controller is Giraffe360 Inc., a Delaware Corporation, with a registered address at 1209 Orange Street, Wilmington, DE 19801.
2. Our Service is delivered through our group structure. While your contractual counterparty is either Giraffe360 Limited or Giraffe360 Inc., certain processing activities are carried out by our affiliate, Giraffe360 SIA, a company registered in the Republic of Latvia (company number: 40203020393) with its registered office at Zala iela 1, Riga, LV-1010. Giraffe360 SIA hosts our backend operations, including R&D (such as machine learning and AI model training), and supports the provision of our services.
3. Giraffe360 SIA processes personal data on behalf of the controller as part of the Giraffe360 group. Your personal data may also be shared within our group companies for purposes such as customer support, marketing, finance, and IT administration, always under appropriate safeguards.
4. Giraffe360, only acts as a personal data controller, in determining and being responsible for processing data that identifies or is associated with you (“personal data“) in the following instances:
  1. When you access and use our website located at giraffe360.com, including any subdomains of our website (the “Website“) or the Dashboard;
  2. When you act on behalf of a Client as a user of our Service;
  3. When you make an online purchase on our Website;
  4. When we process Content for machine learning and analytics;
  5. When you enter a Giraffe360 Virtual Tour located at https://tour.giraffe360.com/ or https://premium.giraffe360.com/, or other Giraffe360 subdomains (the “Virtual Tour“) as a guest as well as when you leave your contact information via the contact form available on Giraffe360 Virtual Tours.
5. When we provide the Service to our Clients, the Client is a data controller. If you are a property owner, realtor, or other individual and have questions about how our Clients collect and process your personal information, please contact them directly and/or see their privacy notice(s).
What types of data do we process, for what purposes, and on what legal basis?
1. Booking a demo: We process the personal data you submit directly to us, including the information you provide when filling out an inquiry form to book a demo on our Website. This personal data includes your name, surname, contact information such as your phone number and email address, the name of the company you represent, industry, country, and any other information you choose to share with us. We process this data to respond to your inquiry and to provide you with more information about the Giraffe360 Service. The lawful basis for processing this data is our legitimate interest, namely, communicating with prospective clients about the Giraffe360 Service prior to entering into an agreement.
2. Concluding and managing an agreement: We process the personal data a Client submits directly to us before signing the agreement or when placing an order on our Website. The personal data we process to conclude an agreement with a Client includes your name, surname, contact details, Client’s name, delivery address, payment details and information about the Client’s subscription. We process this data to conclude and execute an agreement with the Client. The lawful basis for processing this data is contractual necessity. We may also process this data to conduct background checks and sanction screenings to comply with our Know Your Client policy. The lawful basis for this processing is our legal obligation under international sanction regulations, as well as our legitimate interest in preventing fraud and payment defaults.
3. Providing the Service: When a Client captures data to create Content, we process the data associated with that Content. This data may include photos, real estate floor layout data, the time and date of the scan, videos made between the scans, GPS data, and other information made available to us via Giraffe360 equipment. Generally, we process this information as a personal data processor based on the Client’s instructions, meaning they are the controllers of your personal information.
4. Service improvement: We may process data points in 3D space (so-called point cloud data), image and sensor data as well as other data extracted from the Giraffe360 camera to improve Giraffe360 Service, including our artificial intelligence and machine learning algorithms. This processing may occur both during the term of an active agreement and after its termination. The lawful basis for this processing is our legitimate interest in improving the Giraffe360 Service.
5. Marketing: We may use Content, as well as Client feedback and testimonials, for our marketing purposes if the Client has given its consent. The lawful basis for processing this data is the Client’s consent.
6. Newsletters: We may send you newsletters and updates about the Service if you have subscribed to our newsletters on our Website. The lawful basis for this processing is your consent.
7. Updates to Clients: From time to time, we will send service emails to our Clients about new product features, changes in the availability of our Service, or updates to our policies. In doing so, we may process your email address and other data. The lawful basis for this processing is our legitimate interest in informing the Client about changes to our Service and enhancing the Client’s experience with the Service, or contractual necessity.
8. Communication: When you contact us directly, we may record your comments and opinions. We may use this information to address your queries and to improve our service. The lawful basis for processing this data is our legitimate interest in responding to and addressing Client queries, and in enhancing Giraffe360 Service. In some jurisdictions, we may record our inbound and outbound phone calls, as well as scheduled video calls. Prior to the call, we will notify you of the recording when sending you an invitation for a scheduled call or at the beginning of a phone call. The lawful basis for processing this data is our legitimate interest in ensuring high-quality service and to address any potential concerns related to contract terms. Notwithstanding the above, if you reside in Germany, we will record calls only if you have given informed consent before the start of the recording by an active affirmative act.
9. Referral Program: Our Referral Program enables our Clients to refer potential clients to us. When participating in this program, the referring Client is responsible for ensuring that they have the legal basis to provide us with the referred client’s data. We will process the referred client’s information based on our legitimate interest in acquiring new clients.
10. Legal purposes: After termination of the Client agreement, we may store data related to the agreement or provided Service, insofar as necessary to safeguard our legitimate interests, such as establishing, exercising or defending legal claims, ensuring compliance with applicable legal obligations, and maintaining business records.
11. Virtual Tour: When you enter our Virtual Tour as a guest, we collect data through the necessary cookies or cookies you’ve accepted. For more information, please refer to our Cookie Notice.

Failure to provide information when requested

If you fail to provide certain information when requested, we may not be able to perform the agreement we have entered with you.

Third parties

Our Website and/or Dashboard may, from time to time, contain links to third-party websites. Please note that these websites have their own privacy policies, and we do not accept any responsibility or liability for their processing practices. Please check the individual policies before submitting any information to those websites.

How long we keep your personal data for

We store personal data that we collect as personal data controllers for as long as necessary to fulfil the purposes mentioned above. Retention periods are defined based on legal requirements and our legitimate business interests. Data related to our clients is retained for the duration of the contractual relationship and for up to 10 years after contract termination to comply with legal, financial, and tax obligations. Data for marketing purposes is stored as long as we have a valid consent from you or other legal basis. Cookies are stored for the period specified in our Cookie Notice.

Recipients
1. As required in accordance with how we use your personal data, we may share your personal data with the following:
  1. Giraffe360 Group companies. We share Client personal data with Giraffe360 group companies:
  2. Service providers and advisors. We may share personal data with third party vendors and other service providers that perform services for us or on our behalf as a personal data processors, which may include providing data hosting, mailing, email or chat services, payment service providers, content editing, fraud prevention, web hosting, customer relationship management, legal, analytic or other services.
  3. Purchasers and third parties in connection with a business transaction. Your personal data may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.
  4. Law enforcement, regulators and other parties for legal reasons. We may share your personal data with third parties as required by law or if we reasonably believe that such action is necessary to (i) comply with the law and the reasonable requests of law enforcement; (ii) detect and investigate illegal activities and breaches of agreements; and/or (iii) exercise or protect the rights, property, or personal safety of Giraffe360, its users or others.
Storing and transferring your personal data
1. We have implemented appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, or damage.
2. We operate globally and may transfer your personal data to entities and servers located outside of your country of residence, including countries that may have different data protection standards than those in your jurisdiction. When transferring personal data internationally, we take necessary measures to ensure it is treated securely and in accordance with this Privacy Policy and applicable data protection laws. If you are located in the European Economic Area (“EEA“), Switzerland or the United Kingdom, your personal data may be processed outside of the EEA, Switzerland or the UK; these international transfers of your personal data will be made pursuant to appropriate safeguards, including:
  1. ensuring that recipients or the country in which they are located are deemed by the relevant regulatory and legislative bodies to provide adequate protection for personal data; or
  2. ensuring that transfers are subject to standard contractual clauses approved by the relevant regulatory and legislative bodies for the transfer of personal data.
3. We will take appropriate steps to ensure that your personal data is treated securely and in accordance with applicable law and this Privacy Policy regardless of where it is processed.
Your rights in respect of your personal data
1. In accordance with applicable privacy law you have the following rights in respect of your personal data that we hold as a data controller:
  1. Right of access. You have the right to obtain:
    1. confirmation of whether we are processing your personal data;
    2. information about the categories of personal data we are processing, the purposes for which we process your personal data and information as to how we determine applicable retention periods;
    3. information about the categories of recipients with whom we may share your personal data; and
    4. a copy of the personal data we hold about you.
  2. Right of portability. You have the right, in certain circumstances, to receive a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
  3. Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal data we hold about you without undue delay.
  4. Right to erasure. You have the right, in some circumstances, to require us to erase your personal data without undue delay if the continued processing of that personal data is not justified.
  5. Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal data if the continued processing of the personal data in this way is not justified, such as where the accuracy of the personal data is contested by you.
  6. Right to withdraw consent. If you have provided consent for the processing of your personal data, you have the right to withdraw your consent. If you withdraw your consent, this will not affect the lawfulness of our use of your personal data before your withdrawal.
2. You have a right to object to any processing based on our legitimate interests. There may, depending on the particular circumstances, be compelling reasons for continuing to process your personal data despite your objection, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.
3. If you wish to exercise one of these rights, please contact us using the contact details at the end of this Privacy Policy. Please note that these rights are not absolute and may not apply in all circumstances.
4. You also have the right to lodge a complaint to your national data protection authority.
  1. If you are in the EU, further information about how to contact your local data protection authority is available here.
  2. If you are in the UK, the relevant data protection authority is the UK Information Commissioner’s Office (“ICO“). See: https://ico.org.uk/concerns/
  3. If you are in Switzerland, the relevant data protection authority is the Federal Data Protection and Information Commissioner (FDPIC / EDOEB). See: www.edoeb.admin.ch.
Our policy towards children

The Website is not directed at persons under 18 and we do not knowingly collect personal data from children under 18. If you become aware that your child has provided us with personal data, then please contact us using the details below so that we can take steps to remove such information as quickly as possible.

Changes to this policy

We may update this Privacy Policy from time to time, so please review this page periodically. When we make material changes, we will update the date at the top. Changes to the Privacy Policy are effective as soon as they are posted here.

Notice to you

If we need to provide you with information about something, whether for legal, marketing or other business-related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email. The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this Privacy Policy.

Contact Information

If you have any questions or concerns about this Privacy Policy or the privacy practices at Giraffe360, please contact our Data Protection Officer at privacy@giraffe360.com.

Create

Product