Privacy Policy

NIMAR VR WORLD - PRIVACY POLICY

Effective date: AUG. 25th , 2025

Location: Houston, Texas, USA

Summary of your rights (Texas): You can request access, correction, deletion, and portability, and you can opt out of targeted advertising, sale of personal data, and certain profiling. We respond within 45 days (extendable once).

---

1) Scope & Who We Are

This Privacy Policy explains how Nimar VR World (“Nimar,” “we,” “us”) collects, uses, shares, and protects personal information when you visit our venue, use our website/apps, book tickets, participate in gameplay, tournaments, events, or interact with us by email/SMS/social media.

Not legal advice: The citations show the laws we’re aligning to; your specific rights come from those laws, not this summary.

---

2) What We Collect

A. Identifiers & contact – name, email, phone, postal address; account/booking details; age range.

B. Transaction data – purchases, payment method token (card data handled by our processors; see §10).

C. VR activity & telemetry (venue systems) – session time, controller movements, play stats/leaderboards, headset/device identifiers, general location (venue).

D. Online usage – IP address, device/browser data, pages viewed, cookies/SDKs, analytics.

E. Images/recordings – CCTV video in public areas for safety and operations; no audio recording and no recording in restrooms/changing areas. Texas law prohibits “invasive visual recording” in private areas.

F. Sensitive data (only with consent) – biometric identifiers (e.g., face/hand geometry, iris/eye-tracking) if a specific experience or device captures them; precise geolocation only if you enable it in an app. Texas requires notice and consent before capturing biometric identifiers and special handling of “sensitive data.”

G. Minors – We do not knowingly collect personal information from children under 13 online without verifiable parental consent.

---

3) Why We Use Data (Purposes)

Book, verify, and provide VR sessions, events, tournaments, and customer support.

Safety, anti-fraud, and operational integrity (including CCTV in public areas).

Personalize experiences and recommendations; run leaderboards and achievements.

Marketing communications with your consent/choices (email/SMS; see §9).

Compliance with law, tax, and security obligations.

Perform analytics to improve systems and the venue (limit to what’s “adequate, relevant, and reasonably necessary”).

---

4) Texas Consumer Privacy Rights (TDPSA)

If you’re a Texas resident, you may:

Know/Access whether we process your personal data and obtain a portable copy.

Correct inaccuracies (considering the nature/purpose of processing).

Delete personal data provided by or obtained about you.

Opt out of: (i) targeted advertising, (ii) sale of personal data, (iii) certain profiling producing significant effects.

No discrimination for exercising rights.

How to exercise: Email privacy@nimarvr.com or use [link to web form]. We will respond within 45 days (one 45-day extension possible with notice). If we deny a request, you can appeal, and if denied again, you can complain to the Texas Attorney General.

Small-business note: If Nimar qualifies as an SBA “small business,” TDPSA has limited carve-outs, but consent is still required to sell sensitive data and to process a known child’s data.

---

5) Sensitive & Biometric Data (Texas Requirements)

We obtain clear notice and consent before capturing biometric identifiers (e.g., face/hand geometry, retina/iris) for commercial purposes (certain VR features). We do not sell biometric identifiers and restrict disclosures as permitted by law; we use reasonable care and destroy biometric data within a reasonable time after the purpose is fulfilled (not more than a year is a common benchmark).

We obtain consent before processing sensitive data (biometrics, precise geolocation, child data).

---

6) Children’s Privacy

Our services are for participants 13+ unless a parent/guardian gives verifiable consent for online collection; in-venue participation by minors requires a parent/guardian waiver where applicable. We follow COPPA for online collection and limit data to what is necessary.

---

7) Cookies, SDKs & Targeted Advertising

We use cookies/SDKs for core functionality, analytics, and (if you allow) targeted ads. You can manage preferences via our Cookie Settings link and browser/app settings. TDPSA requires clear disclosure and an opt-out of targeted ads or sale of personal data; we honor opt-out signals through available mechanisms.

---

8) Disclosures/Sharing

We do not sell your personal data in the colloquial sense; if we ever “sell” personal data under the TDPSA definition, we will disclose and provide opt-out. We share with:

Service providers/processors (hosting, booking, payment, analytics, communications) under contracts limiting use to our instructions.

Safety and legal (e.g., law enforcement if required).

Business transfers (merger, acquisition).

Disclosures for targeted ads (if any) will be clearly identified with opt-out.