As part of the Spidersona application (the "Spidersona App" or "App"), Sony Pictures Entertainment, Inc. (“SPE” or “we”) may collect and process certain scans of facial geometry in connection with the Spidersona App (“Biometric Data”). This Policy establishes the procedures for the collection, use, safeguarding, storage, retention, and destruction of Biometric Data in the United States. SPE and its vendors adhere to this Policy to help address the collection and processing of Biometric Data in accordance with all applicable laws, including the Illinois Biometric Information Privacy Act ("BIPA").

 

Purpose of Collection for Biometric Data

We collect and process Biometric Data in order to create a customized avatar in the Spidersona App, where users may choose to upload a photograph or take a “selfie.” Any Biometric Data uploaded into the Spidersona App will be used solely for the creation of the avatar and for legal compliance.

 

Collection and Disclosure of Biometric Data

Users must provide express written (opt-in) consent to SPE's collection of the photograph and any related Biometric Data prior to any upload of a photograph or selfie into the App. SPE and/or its vendors will not disclose or disseminate Biometric Data to any third party (excluding SPE vendors) unless:

  1. SPE has obtained the user’s written consent to such disclosure or dissemination;
  2. SPE is required to disclose the data complete a financial transaction requested or authorized by the user; or
  3. Disclosure is required by law or pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.

 

SPE and/or its vendors will not sell, lease, trade, or otherwise profit from Biometric Data collected through this App.

 

Retention Schedule

SPE and its vendors will generally retain Biometric Data for only as long as necessary to satisfy the identified purpose of collection and processing. Except where otherwise required by law, Biometric Data be retained for no longer than seventy-two (72) hours of uploading the photo.

 

Data Storage

SPE and its vendors maintains reasonable measures to protect the security of Biometric Data, including such measures to:

  1. Store, transmit, and protect from disclosure Biometric Data using the reasonable standard of care within the private entity's industry; and
  2. Store, transmit, and protect from disclosure Biometric Data in a manner as it protects other confidential and sensitive information.

 

Issued: May 1, 2023