Virtual Reality and Privacy: Everything you need to know about data collection and storage

Virtual Reality (VR) is a relatively new technology that has the potential to significantly change the way we communicate and experience. While VR technology gives us new ways to entertain, learn and interact, it also raises questions about privacy and user data collection. In this blog we discuss how VR data is collected, stored and used, and what this means for user privacy.

When you use a VR system, different types of data may be collected from you. This may include:

• Information about the VR equipment you use, such as the type and configuration of the Headset, the Controllers and other accessories.
• Information about how you use the VR system, such as the apps you use, the games you play, and the interactions you have with with other users.
• Data about your physical location and movements, which are captured by sensors on the VR equipment.
• Personal information such as your name, email address, and other identifiable Information.

This data can be collected to improve and customize the VR experience for the user, but also used for other purposes such as marketing and advertising customization. In some cases, this data may also be sold to third parties.

It's important to note that many VR companies have their own privacy policies that describe how they collect and use users' data. This policy must usually be accepted before a user can access the VR application or service. It is recommended that you read these policies before agreeing to with the terms to fully understand what data is being collected and what it will be used for. The storage of this data can differ per VR company. Some companies store the data on their own servers, while others store this data on third-party servers. In some cases, data may also be stored on servers outside the European Union, which may lead to various privacy and security issues.

To protect users' privacy, VR companies must adhere to the European Union's General Data Protection Regulation (GDPR). This means that companies need the user's consent before collecting personal data and they must inform the user about how this data is used and stored. Companies must also implement adequate security measures to protect users' data from unauthorized access and theft.

The Privacy Policy of Meta, Pico and HTC VIVE

Meta, Pico and HTC VIVE are all manufacturers of VR hardware and software and each have their own privacy policies. These are currently the most popular brands when it comes to Virtual Reality use at colleges, universities and government agencies.

Meta privacy policy

Meta collects data from Oculus account users, including name, e-mail address, physical address, payment details, IP address and device information, to provide and improve the Oculus Services, provide customer service and comply with legal obligations. Meta may share this data with with third parties and use it for marketing purposes. Meta takes steps to protect the data and Oculus account users have certain rights with in relation to their data. If Meta is sold or with merges with another company, Oculus account user data may be transferred. The Privacy Statement for Oculus Account Users is governed by the laws of the State of California and is subject to arbitration. (Source: Meta)

Pico privacy policy

Pico collects personal Information from users, like name, e-mail address, address and payment details, and Information about using the Pico Services to provide, manage and improve the Services and for marketing purposes. Pico shares personal Information of users with third parties and may share data to comply with legal obligations or prevent fraud. Pico takes measures to protect users' personal Information and users have certain rights with regarding their personal Information. Pico may transfer users' personal Information to other countries where Pico operates. Pico uses cookies and similar technologies to improve the user experience. The Pico Privacy Statement is governed by the laws of the State of California and is subject to arbitration. (Source: Pico)

HTC VIVE privacy policy

HTC collects personal Information, such as name, address, email address, phone number, location data, device data and usage data, when you use or contact with the Products or Services. They use this Information to deliver products and Services, personalize your experience, notify you of updates and offers, and comply with legal obligations. HTC may share the Information with third parties, keep it for as long as necessary and protect it from unauthorized access, modification, disclosure or destruction. HTC uses cookies and similar technologies to collect Information about the use of their website and Services. (Source: HTC)

Conclusion: Which brand best handles with the user data?

All three privacy policies of Meta, Pico and HTC VIVE contain similar points, such as collecting personal data, the use of data for marketing purposes, data protection, rights of users and the use of cookies.

However, there are some differences. For example, Meta operates worldwide and can transfer personal Information to countries outside the European Union, while Pico and HTC VIVE are limited to the countries in which they operate. Also, Meta's privacy policy is governed by California law, while HTC VIVE focuses on Washington law.

In terms of with privacy, Meta and Pico appear to be similar, with both companies sharing personal Information third parties and being able to transfer the data to other countries. However, HTC VIVE seems to put more emphasis on protecting personal Information and limits data sharing with third parties.

Frequently Asked Questions about Virtual Reality and Privacy