Other

Our use of data

The intended audience are companies deploying Bodyswaps that wish to ensure their users data is processed lawfully and securely.

Executive Summary
Bodyswaps is a 3D immersive training application that runs on PC and standalone VR headsets, mobile devices and as a Windows application.

The Bodyswaps client application works as a player and a single application can host multiple training content. Content is built from discrete learning templates designed and produced by Bodyswaps.

The application communicates with several cloud services in order to provide aspects of its functionality.
Bodyswaps is GDPR compliant and data is processed and stored within specific regions that are set on a per customer basis.
Terminology
0
Search
Term
Description
1
Customer
The organisation purchasing the licenses of Bodyswaps
2
Learner
The end-user who is benefiting from the training.
3
Client App
The application software that is installed on the device - e.g. headset or mobile phone
4
Content/Module
A training module that runs in the client app. An single app can host multiple modules.
5
Learner Data
Any data that is ascribed to the learner
6
Session
A single playthrough of a training module
7
Activation
The remote unlocking of the client app so that it can be used in accordance to the customer license agreement.
8
Cloud
A network of internet devices that provide a service.
9
Deployment
The process of distributing and installing the software onto devices and in the hands of learners.
10
Coach
An individual responsible for monitoring the use of the app by their learners. Typically an HR employee or education provider.
There are no rows in this table
What data and why?
This section details the type of data we collect and process and why.

Customer Records
We store information internally relating to our customers (the organisation), for the purposes of billing (invoicing), contractual, communication and for development purposes.
Search
Data
Notes
1
Account holder business name, email and key contact details.
Required for billing
2
Payment History
Required for billing
3
Number of installs, sessions used
Required for billing
4
Account holder business logo
[Optional] for customisation
5
Design related documents
Used for production of bespoke content (optional) - includes reference training material p
There are no rows in this table
Account & Licensing Data
‌Our app is protected via a licensing management system that ensures that our application is being used by our customers within the terms specified in our commercial agreements. The app sends an identifiable unique hardware identifier and model information to our license server for validation. We can also remotely personalise the app experience for each customer (for example changing logos, updating privacy settings). We track when content is launched inside the app for where billing is charged on a per session model.
With Bodyswaps V2 we allow administrators to take control of their own device fleet in order to manage configuration options and provision devices.
This is a mandatory requirement for Bodyswaps customers unless our application is hosted and managed by one of our approved integration partners. In which case they take responsibility for licensing and report back to us.

Search
Data
Optional
Notes
1
Device unique identifier
N
We store a unique hash of your device serial ID and network address. This uniquely identifies your device without requiring either data.
2
Configuration Data
N
Various settings that allow us to remotely configure the app on a per account basis
3
App Usage
N
Each time a module is run in the Bodyswaps app we update our records for billing purposes.
There are no rows in this table
Anonymous App Analytics
‌We track specific events in the app such as which modules have been launched, app launches, crashes and the results of in-app surveys etc.. This data is anonymous in that it is not tied to an individual learner but can be linked to our customers account.

This information is used to provide our clients with a useful dashboard where they can see aggregate end-user usage statistics of the platform and also to help us better improve the application in future and identify any technical issues.
This is optional and can be disabled on a per account basis.
Search
Data
Optional
Notes
1
Device model and OS
Y
Used for licensing & quality assurance purposes
2
Screen views
Y
Each screen view events so we can monitor progress through the app.
3
Learning Module Launches
Y
Which content has been launched
4
Avatar Selection
Y
Which avatars have been selected.
5
Aggregated score results
Y
Internal QA [anonymous]
6
Learner satisfaction survey
Y
Users are invited to rate the effectiveness of the app for internal QA [anonymous].
7
Transcripts
Y
Anonymised transcripts used quality control purposes
8
There are no rows in this table
Voice Data
‌The app uses speech recognition technology to allow learners to talk to avatars. The app detects the speed the user is talking at, how much they use filler words and performs keyword/semantic analysis to infer intent which is fed back to the learner in the form of personalised tips.

As part of this process the voice data from the microphone is anonymously encoded and sent to a third-party cloud service (IBM) for processing. The user is always informed when the microphone is recording. This data is anonymous and not stored by us beyond its use in the app. Additionally, this feature can be disabled at a client level - but will impact the effectiveness of the training.

Learner Data
With Bodyswaps V2, we allow organizations to register individual learners manually or in bulk via our web portal called Bodyswaps Go. This allows administrators to send learner invites via email and monitor which content has been accessed by the user and when it has been completed.

Learners can additionally save and resume their training sessions by signing in on the Bodyswaps device. For convenience on VR devices without hardware keyboards we use a proxy temporary access code generated from our portal by the learner.
Search
Data
Notes
1
Email address
For sending invites to the learner in order they can sign in to the system to access their account.
2
Activity events
Used for monitoring when a learner has started, passed a checkpoint, or completed a module. This is used to generate notifications for the administrator and also to allow the learner to resume sessions on different devices at different times
3
Name
Used to identify the user and greet them in app on the portal
4
Confidence survey answers
We ask the user questions about their confidence pre and post the training to understand how effective the training is. This is used for aggregate reporting for viewing only, but is stored per individual.
5
Satisfaction survey answers
We ask the learner to rate the app. This is used for aggregate reporting for viewing only, but is stored per individual.
There are no rows in this table
This data is maintained for the length of the contract with the customer or can be deleted on request on a per user basis.
This feature is optional so can be disabled on a per account basis.


Data privacy
We recognise the need for different customers to control and manage the privacy of their users. Therefore we provide a flexible per client configuration of data policies depending on each organisation's needs.
Privacy settings can be controlled at:
Customer account level - set for all learners
At a learner level - via an in app the settings menu.
Privacy options can be locked at an account level if preferred.
image.png
Note that disabling the use of data, also has impact on the functionality of the application, see below:
Search
Data Option
Description
Impact
1
App Analytics
Sending metrics relating to user progress, scores whilst using the app
Cannot provide analysis to clients about user engagement, track learner progress or use coach functionality.
2
Voice Analysis
Stop external processing of voice data.
Cannot use voice to control the app or speak to avatars. Users cannot get automated feedback relating to semantic/tone/speed of voice in the app.
3
Learner Data
Stop the collection of user emails in the app.
Users will not be able to receive follow up tips via email after the application.
4
Shared Device
Regards the caching of user state between training sessions on the device
If switched on the EULA will need to be agreed each session. No email or session data will be cached on the device
5
User Opt-out
Allow individual users to control their own data privacy
If on this means the user could opt out of being tracked, if off then assumption is the learner has already agreed to employee terms of use.
There are no rows in this table
When the device is first activated these preferences will be downloaded to the app. They can also be changed at any point.

T‌hese settings can be managed at an account or device level by the administrator.
In addition we support guest and anonymous usage of the app.
Data movement
Bodyswaps like most modern SaaS platforms uses third party providers to host our code and databases. This enables us to scale efficiently and offer best in class redundancy and security. The majority of technology stack is built on top of Google Services with additional services operated by IBM. We reserve the right to change our service providers.
List of data processors
0
Search
Processor
Details
1
IBM Watson
Speech to text processing for voice control and semantic analysis.
2
Google Cloud
Collection and processing of learner data.
There are no rows in this table
Geographic locations
We offer the ability to host our data servers in the following locations:
Region
Locations
1
United Kingdom
London
2
European Union
Belgium & Netherlands
3
United States
TBD
There are no rows in this table
‌This ensures that personal data is not held or processed by third parties in countries that do not have the same regulatory standards as the host country.


Data flow architecture
‌The following diagram shows how data is moved between our various micro-services.

image.png
Data security
We take the security of your data very seriously and are working towards achieving the highest standards. We are in the process of obtaining ISO 27001: 2013 certification which should be completed mid 2022.

In Transit‌
Transmission of data is always sent via a secure internet connection using HTTPS between client and servers.

At Rest
All data is stored encrypted on the disk using AES256

Access to data
Only the designated data controller has access to the databases.


GDPR compliance
We adhere to GDPR law and never share or sell any data with third parties. Data is processed lawfully, fairly and in a transparent manner in relation to individuals.

Bodyswaps informs the user on application first-time start-up that we collect data and how we will use it. They are offered an opportunity to opt-out in which case we no longer send data other than necessary for the licensing manager and speech-to-text functionality.

Bodyswaps data is used only for the purpose of improving our product. The data contains results, transcripts, device information and events at various trigger points in the app. This allows us to refine the application for balancing purposes, identify bugs and usability problems. Whilst data can currently be tracked back to a device/customer account we don’t store any personal user information.

All data is transmitted via HTTPS and stored in secured data repositories with Google services, which provides best-in-class security and redundancy.

Data Removal Requests
We generally only maintain data for as long as it is required. This is often for the length of the contract between Bodyswaps and the customer. Specific requests for data removal can be done by contacting your account manager.
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.