Version: 1.5 - June 2023

Introduction

The European Union General Data Protection Regulation (GDPR) is a regulation that aims at unifying EU member state data privacy regulations into a single regulation, enforced on the EU single market. This article describes the GDPR compliance status of Warp VR.

If your company needs to ensure it is GDPR compliant, it also needs to ensure its providers (ie. Warp VR) are also GDPR compliant. Warp VR is GDPR compliant, and strictly enforces the regulation as to protect the user data we store. The list of our providers (ie. sub-processors) can be found in this document.

The GDPR regulation can be reduced to 13 important topics. For each point, we explain how Warp VR handles its compliance. If we did not answer your questions in this document, please contact us via [email protected]. Also, please note that all Warp VR’s sub-processor providers have been checked to be all GDPR compliant. See our Privacy policy for a list of all sub-processors.

Awareness

All employees responsible for software development & infrastructure maintenance of Warp VR are fully aware of the GDPR requirements.

Also, code reviews are performed by the Data Protection Officer (listed in this document), before any code deployment to the platform. This ensures security breaches and bad practices are not implemented by e.g. a third party temporary contractor or a Warp VR employee, even if aware of GDPR requirements (this plays as a double human safety check).

You can check more about how we manage Warp VR security internally on our Data security page.

Information we hold

Warp VR stores the following data on users using Warp Studio or one of the mobile Warp VR apps. Users in Warp Studio are called ‘members’, and users in the mobile apps are called ‘trainees’.

Warp Studio

Members who can create, manage and analyse scenarios and trainees: