Thinglink Privacy Policy

Last Updated May 25, 2018

Privacy Policy

Welcome to! Our mission is to create a more enlightened way of creating immersive content by providing an intuitive, unified platform to collaborate with others and unleash your creative energy. Here we describe how we collect, use, and handle your personal information when you use our Service.

All capitalized terms that are not defined herein have the meanings given them in the Thinglink Terms of Use Agreement. If your access to the Service is granted subject to a Master Services Agreement or other agreement entered into by you and Thinglink (in either case, an “Alternative Agreement”), that Alternative Agreement may have modified the Privacy Policy below. Please contact for details.



We collect and use the following information to provide, improve, and protect our Services:

Information You Provide:

  • Account Information. You can browse our site without providing personal information, but you must register in order to access most of the features of Service. Depending on how you interact with the Service, we may ask for certain information such as your legal name, email address, a description of your purpose when using the Service (business or education), your industry if your using the Service for business purposes, your role (teacher or student) and your school name and school district, if you’re suing the Service for educational purposes, and password when you create a Thinglink account. Depending on your Settings, some of this personal information may be displayed on your public profile and viewable to others on the Service.
  • Optional Profile Information. After you setup your account, Thinglink members may also choose to provide additional information which may be shared with others on the Service or through your public profile, such as your name, email address, nickname or online alias, other Thinglink accounts you choose to follow, Immersive Images (as defined in the Content Information section below), websites, and other information relating to your User Content or your use of the Service. In connection with your use of the Service, we may also collect information created or provided by you, or that we otherwise receive, in connection therewith. For example, if you send or enable your users to send SMS messages through the Service, we will collect and maintain the call data (e.g., receipts, phone numbers, size, time of transmission, confirmations, etc.) and other message transmission and conversion data, which may include personal information.
  • Payment and Billing Information. We also collect credit card or payment information for paid subscriptions. This information will be securely stored with a third party specialized in the handling of such information, such as a credit card payment gateway or other payment vendors.
  • Content Information. Our Service is designed to make it simple for you to store your User Content, collaborate with others, and work across multiple devices to create unique, engaging visuals (“Immersive Images”). To make that possible, we store, process, and transmit your User Content as well as information related to it. This related information includes your profile information, which makes it easier to collaborate and share your User Content with others, as well as things like the size of the file, the time it was uploaded, collaborators, and usage activity. Our Service provides you with different options for sharing your User Content. You may provide us with information about you in draft and published User Content (such as for your Immersive Images). For example, if you create an Immersive Image that includes biographic information about you or someone else, we will have that information, and so will anyone with access to that Immersive Image if you choose to publish the Immersive Image publicly.
  • Messages. If you correspond with us, you may also provide us information when you respond to surveys, communicate with our engineering or support teams about a question regarding the Service, or post a question about your User Content in our public forums.
  • Telephone Information. If we telephone you, or you telephone us, to discuss our Service, we may collect personal information from you, including your name, company name, business address, phone number, job title, email address, whether you use the Service, information about your business needs, the number of users of our Service you require, and, if you telephoned us, how you heard about us, and any other information you choose to share with us by telephone.

Information We Collect Automatically:

  • Device Information. Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. Your devices (depending on their settings) may also transmit location information to the Services. We collect log information when you use our Service–for example, when you create or make changes to your Immersive Images.
  • Usage Information. We collect information related to how you use the Service, including actions you take in your account (like sharing, editing, viewing, and moving files or folders). We use this information to improve our Service, develop new services and features, and protect Thinglink users.
  • Location Information. We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Service from certain geographic regions. We may also collect information about your precise location via our mobile apps (when, for example, you post a photograph with location information) if you allow us to do so through your mobile device operating system’s permissions.
  • Cookies and Similar Technologies. We use technologies like cookies and pixel tags to provide, improve, protect, and promote our Service. A cookie is a small text file containing a string of alphanumeric characters that may uniquely identify your browser that lets us help you log in faster and enhance your navigation through the Service. A cookie may also convey information to us about how you use the Service (e.g., the pages you view, the links you click, how frequently you access the Service, and other actions you take on the Service), and allow us to track your usage of the Service over time. You can set your browser to not accept cookies, but this may limit your ability to use the Service. Similarly, we may employ clear gifs (also known as web beacons) which are used to anonymously track your usage patterns on the Service, or place clear gifs in HTML-based emails we send you to track which emails are opened and which links you click. This information allows for more accurate reporting and improvement of the Service. For a detailed listing of what cookies we use and how we use them, please read our Cookie Policy.
  • Stored Information: We may access information stored on your mobile device via our mobile app. We access this stored information through your device operating system’s permissions. For example, if you give us permission to access the photographs on your mobile device’s camera roll, our Service may access the photos stored on your device when you upload a photo to the Service to create an Immersive Image.

Information We Collect from Other Sources:

  • Information We Receive from Social Networking Sites. We allow Users with certain third-party accounts (currently Users who have Google, Microsoft, Twitter, or Facebook accounts) to authenticate on the Service using those third-party accounts. We also allow Users to share their immersive Images on third party services, such as social networking services provided by others, for example, Facebook. If you create or log into your account on the Service through another third-party service or if you connect your Immersive Image on a social media service (like Twitter), we will receive information from that service (such as your username and other basic profile information) via the authorization procedures used by that service. The information we receive depends on which services you authorize and any options that are available. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our website or Service.
  • Third Party Analytics Services. We may also receive information from third party services to help us better understand you and how you use our Service.

Information Collected by Third Parties

  • Third Party Analytics Services. As noted above, sometimes we receive information about you from third party analytics services. In order to gain useful insights, these analytics providers may set tracking technologies (like cookies) to collect information about your use of our Services and across other websites and online services. These technologies allow these third parties to recognize your device to compile information about you or others who use your device. This information allows us and other companies to, among other things, analyze and track usage, determine the popularity of certain content, and deliver content or  that may be more targeted to your interests. Please note this Privacy Policy only covers the collection of information by Thinglink and does not cover the collection of information by any third party advertisers or analytics providers.
  • Third Party Embeds. Some of the content that you see displayed on the Service is not hosted by Thinglink. These “embeds” are hosted by a third-party and embedded in the Service. For example: YouTube or Vimeo videos, Imgur or Giphy gifs, SoundCloud audio files, Twitter tweets, GitHub code, or Scribd documents that appear on our website, or within an Immersive Image hosted on the Service. These files send data to the hosted site just as if you were visiting that site directly (for example, when you load a Thinglink webpage with a YouTube video embedded in it, YouTube receives data about your activity). Thinglink does not control what data third parties collect in cases like this, or what they will do with it. So, third-party embeds on the Service are not covered by this privacy policy. They are covered by the privacy policy of the third-party service.

Purposes for Collecting this Information:

We use information about you as mentioned above and for the purposes listed below:

  • To provide you the Service, including for example, hosting your Immersive Images and billing you for the Service;
  • To maintain, monitor, and improve the Service by adding new features, sharing new use cases, or making the Service easier to use;
  • To monitor and analyze trends and better understand how you interact with our Service;
  • For our own internal benchmarking, for example, to measure, and gauge the effectiveness of the Service, our advertising of the Service, and to better understand user retention and attrition–for example, we may analyze how many individuals purchased a plan after receiving a marketing message or the features used by those who continue to use our Service after a certain length of time;
  • To prevent problems with our Service, protect the security of our Service, detect fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Thinglink and others, which may result in us declining a transaction or the use of our Service;
  • To personalize your experience using our Service, remember your preferences on the Service so that you will not have to re-enter it during your visit or the next time you use the Service, target our marketing messages to groups of our Users (for example, those who have a particular plan with us or have been our user for a certain length of time), to serve relevant advertisements; and
  • To communicate with you, for example through an email, about offers and promotions offered by Thinglink and others we think will be of interest to you, solicit your feedback, or keep you up to date on what we’re up to and our products. We give users the option to use some of our Services free of charge. These free Services are made possible by the fact that some users upgrade to one of our paid Services. If you register for our free Services, we will, from time to time, send you information about upgrades when permissible. For further information on your choices regarding your choices with regard to the use of your information for marketing purposes, see "Your Choices Regarding Your Information" below.


We collect and use the personal data described above based on the following grounds:

  • The use is necessary in order to fulfill our commitments to you under our Terms of Use or other agreements with you or is necessary to administer your account–for example, in order to enable access to our Service on your device or charge you for a paid  subscription; or 
  • Compliance with a legal obligation necessitates the use; or
  • The protection of your vital interests or those of another person require the use; or
  • We have a legitimate interest in using your information–for example, to provide and update our Service, to improve our Service so that we can offer you an even better user experience, to safeguard our Service, to communicate with you, to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition, to monitor and prevent any problems with our Service, and to personalize your experience; or
  • You have given us your consent–for example before we place certain cookies on your device and access and analyze them later on, as described in our  Cookie Policy.


We won’t transfer information about you to third parties for the purpose of providing or facilitating third-party advertising to you. We won’t sell information about you either.  We may share your personal information in the limited instances described below. For further information on your choices regarding your information, see "Your Choices Regarding Your Information." 

  • Others Working For or With Thinglink. We may share information about you with third party vendors who need to know information about you in order to provide their services to us, or to provide their services to you. This group includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information, fraud prevention services that allow us to analyze fraudulent payment transactions, postal and email delivery services that help us stay in touch with you, customer chat and email support services that help us communicate with you, those that assist us with our marketing efforts (e.g. by providing tools for identifying a specific marketing target group or improving our marketing campaigns), those that help us understand and enhance our Services (like analytics providers), and those that help us deliver our Service (like hosting and content delivery providers). We require vendors to agree to privacy commitments in order to share information with them. Other vendors are listed in our more specific policies (e.g. our Cookie Policy).
  • Other Users. Our Services display information like your name, profile picture, and email address to other users in places like your user profile and sharing notifications. You can also share Your Immersive Images with other users if you choose. When you register your Thinglink account with an email address on a domain owned by your employer, educational institution, or organization, we may help collaborators and administrators find you and your team by making some of your basic information—like your name, team name, profile picture, and email address—visible to other users on the same domain. This helps you sync up with teams you can join and helps other users share files and folders with you.
  • Account Administrators.  If your use of the Service is pursuant to an Agreement entered into by your employer, education institution, or other organization to which you belong, (e.g., Thinglink Business plans or Thinglink Education), your administrator may have the ability to access and control your Thinklink team account. Please refer to your organization’s internal policies if you have questions about this. If you are not a Thinglink group user but interact with a Thinglink group user (by, for example,  accessing content shared by that user), members of that organization may be able to view the name, email address, profile picture, and IP address that was associated with your account at the time of that interaction.
  • Third Parties at Your Request. Certain features let you make additional information available to the public. You may have the option to share your Thinglink activities with your friends, or through email, SMS text, or various social media sites or on your blog or website. Public information may also be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what you would like to share.
  • Other Applications. You can also give third-party providers access to your information and account—for example, via Thinglink APIs. Just remember that their use of your information will be governed by their privacy policies and terms.
  • Company Transactions.  Other parties in connection with any company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party or in the event of bankruptcy or related or similar proceedings. Your information, including user names and email addresses, User Content, and other user information may be among the items sold or otherwise transferred in these types of transactions; and
  • Law & Order and the Public Interest. Third parties as required to (a) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (b) enforce our Terms of Use Agreement, including the investigation of potential violations thereof, (c) investigate and defend ourselves against any third party claims or allegations, (d) protect against harm to the rights, property or safety of Thinglink, its users or the public as required or permitted by law and (e) detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.
  • Aggregated and De-Identified Information. We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Service.


  • Account Data. Thinglink does not verify the accuracy of the personal data you provide. All Thinglink profiles are typically made available to the public, however you may elect to make your content private. If you make all of the content on your profile private, then a your profile will not appear in a directory search of the Service, but a user may still be able to access your profile if they know the uniform resource locator (URL) address for your profile. You can edit and change your profile and account data through the Settings of your account. You have the right to inspect the personal data we have stored about you in the Thinglink User Register either via the Service (if we, in our sole discretion, offer such functionality) or by requesting it in writing from Thinglink. You can also choose not to provide the optional account information, profile information, and transaction and billing information. Please keep in mind that if you do not provide this information, certain features of our Services–for example, paid, premium Services–may not be accessible.
  • Limit Access to Information On Your Mobile Device. Your mobile device operating system should provide you with the ability to discontinue our ability to collect stored information or location information via our mobile apps. If you do so, you may not be able to use certain features (like adding a location to a photograph, for example).
  • Access to Data Controlled by Our Users. Thinglink has no direct relationship with the end users (usually students or employees) of our Users, whose personal information is contained within the personal data processed by our Services. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our Users should direct their request to the specific User. You may also contact us at if you have additional questions or concerns.
  • Marketing Communications. If you do not wish to receive promotional emails, you can click the "unsubscribe" button on promotional email communications. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices. We sometimes contact people who do not have a Thinglink account. For recipients in the EU, we or a third party will obtain consent before contacting you. If you receive an email and no longer wish to be contacted by Thinglink, you can unsubscribe and remove yourself from our contact list via the message itself
  • Analytics Services. As noted above, analytics providers may set tracking technologies (like cookies) to collect information about your use of the Service, and potentially your use of other websites and online services. For more information about how to manage and delete cookies, visit For further information on what information is collected by analytics service providers and why, see "What We Collect and Why."
  • Set Your Browser to Reject Cookies. At this time, Thinglink does not respond to “do not track” signals across all of our Services. However, you can usually choose to set your browser to remove or reject browser cookies before using the Service, with the drawback that certain features of the Service may not function properly without the aid of cookies.
  • Close Your Account. Of course, while it’s hard to say goodbye, we understand that sometimes you just need to move on. You can delete your information from within your account or close your account. To close your account, please contact us, and keep in mind that we may continue to retain your information after closing your account, as described in How Store Your Information below–for example, when that information is reasonably needed to comply with (or demonstrate our compliance with) legal obligations such as law enforcement requests, or reasonably needed for our legitimate business interests. We’ll use all commercially reasonable efforts to delete or anonymize your User Content upon request, but please be aware that due to the social nature of our Service, it may not be possible to completely remove all of your personally identifiable User Content if, for example, that content has been stored, republished, or reposted by another user or a third party.
  • Take Your Data. You can download a copy of your content in a machine readable format as through the settings feature of your account.  You can also ask us for a copy of personal data you provided to us.


  • Security. Thinglink cares about the security of your information and uses commercially reasonable physical, administrative, and technological safeguards to preserve the integrity and security of all information we collect and that we share with our service providers. Personal data and backups are stored in protected databases located behind a firewall and with both physical and software-based access controls. However, no security system is impenetrable and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
  • Location of Storage. To provide you with the Services, we may store, process, and transmit information in the United States and locations around the world—including those outside your country. Information may also be stored locally on the devices you use to access the Services.
  • Retention. When you sign up for an account with us, we’ll retain information you store on our Services for as long as your account is in existence or as long as we need it to provide you the Services. If you delete your account, we will initiate deletion of this information within 30 days of your request. But please note: (1) there might be some latency in deleting this information from our servers and backup storage; and (2) we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.


This Privacy Policy does not govern the collection, use, or disclosure of personal information through the Service by the educational institution or organization which has given you (or your child) access to the Service. Please contact this organization to better understand its privacy practices.  


Some users of the Service may include young children. We take many special precautions to protect the privacy of children under 13. The Children’s Online Privacy Protection Act (COPPA) protects children under the age of 16.  Children may only access the Services at the direction of their teacher or school district by using an invitation code provided to them by their teacher or educational institution. School officials and teachers are authorized under COPPA to provide consent on behalf of parents; therefore, Thinglink does not obtain parental consent directly from parents of children who are using the Service. A teacher or school district official provides consent for a child under the age of 13 to use the Service when they create an account on the Service for that child. Please see our Kid's Privacy Policy to learn more about how we protect the privacy of our users who are under 13 years of age.


The Family Educational Rights and Privacy Act (FERPA) provides parameters for what is permissible when sharing student information. ThingLInk is authorized by schools and districts under the FERPA “school official” exception to receive and use educational data to provide educational services. This data has significant educational value; apart from enabling the creation of accounts with which students access the Service, the data allows teachers to track student activity and assess student performance. This information is used only for academic purposes. We do not collect data for collection’s sake, and access is limited and appropriate. For specific information regarding our data handling practices with regard to student data, please refer to our Education Institution Terms and Conditions.


Thinglink’s Services are worldwide. Different Thinglink companies are the controller (or co-controller) of personal information, which means that they are the company responsible for processing that information, based on the particular service and the location of the individual using our Services.

Depending on the Services you use, more than one company may be the controller of your personal data. Generally, the “controller” is the Thinglink company that entered into the contract with you under the Terms of Service for the the product or service you use. In addition, Thinglink Inc., our US-based company, is the controller for some of the processing activities across all of our Services worldwide.

The chart below explains the controllers for processing your personal information. We use the term “Designated Countries” to refer to Australia, Canada, Japan, Mexico, New Zealand, and all countries located in the European continent.

If you reside outside of the Designated Countries:

Thinglink, Inc. a Delaware corporation, 470 Ramona Street, Palo Alto, CA 94301

If you reside in the Designated Countries:

Thinglink Oy, a corporation formed in Finland, Business ID 2329185-9

VAT ID FI23291859

Lapinlahdenkatu 16, 00180 Helsinki, Finland

Thinglink, Inc. is also the controller for some of the processing activities related to Services provided by Thinglink Oy.


Have questions or concerns about Thinglink, our Services, and privacy? Contact us at If they can’t answer your question, you have the right to contact your local data protection supervisory authority.


Because the Services are offered worldwide, the information about you that we process when you use the Services in the EU may be used, stored, and/or accessed by individuals operating outside the European Economic Area (EEA) who work for us, other members of our group of companies, or third party data processors. This is required for the purposes listed in the What We Collect and Why section above. When providing information about you to entities outside the EEA, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this Privacy Policy as required by applicable law. These measures include, in the case of entities based in other countries outside the EEA, entering into European Commission approved standard contractual arrangements with them, unless Thinglink has adopted an alternative method other than the Standard Contract Clauses, that ensures an adequate level of protection of personal data in a third country within the meaning of Article 25 of the Directive.

You can ask us for more information about the steps we take to protect your personal information when transferring it from the EU.


We reserve the right to modify this Policy from time to time. If we make any changes to this Privacy Policy, we will change the "Last Updated" date at the top of this page and will post the updated Privacy Policy on this page.

Thinglink’s Kid’s Privacy Policy

We recognize that from time to time we may have children under 13 use the site under the supervision of a parent or an educational institution acting as an agent of their parent. When that happens, we take additional precautions to protect the privacy of children under 13. The Children's Online Privacy Protection Act ("COPPA") requires that we inform parents and legal guardians about how we collect, use, and disclose personal information from children under 13 and that we obtain the consent of parents and guardians in order for children under 13 to use certain features of our Site. This Kid's Privacy Policy is designed to give parents information in addition to that provided in our general Privacy Policy.

Personal Information we collect from kids under 13.

When a user creates a Thinglink account, we may ask for legal name, email address, a description of your role when using the Service (student, retailer, freelancer, etc.), and password and a birth date. If we determine the child is under 13 (a "kid"), we will ask for a parent's name and email address so that we can notify the parent that the kid has created an account at Thinglink and seek the parent's consent to allow the kid's participation. If the parent provides consent, we may collect additional information from the kid, including a profile avatar, which could include a photograph, or other content uploaded by the kid to the Service. The information we collect from kids may be directly linked to their actions on the Service.

Information collected through cookies and other technology.

We automatically collect certain types of usage information when a kid uses our Service. For example, we may collect an IP address, browser type, information about the kid's mobile device, and other information. This data is collected using technologies such as cookies, web beacons and other unique identifiers. This information may be collected by Thinglink or by third parties. To learn more about this type of data, see "Use of cookies and other technology to collect information" in our general Privacy Policy. We use this information to remember information so that the kid will not have to re-enter it during a later visit; provide custom, personalized content, monitor site analytics, and improve our service. We do not permit third party behavioral advertising on our site.

How we use and share information collected from kids.

We use this information to operate, maintain and provide the functionality of the Service and to communicate with the kid and the parent about activities on the Service. We may also send Service-related emails (e.g., account verification, changes or updates to features of the Service, technical and security notices). Registered users cannot opt-out of Service related emails. When a kid under 13 creates a Thinglink account, we use the parent's email address to notify the parent of the kid's registration (see "How we notify parents of the data collection" below).

Our Service generally permits users to connect with others on the Service and to share information with others. Members under 13 have restricted sharing capabilities, though a kid under 13 may be permitted to share information in the following manner:

  • Kids will share information automatically with a parent and the kid’s teacher(s) if the kid’s account is associated with a teacher or educational institution on the Service.

  • Kids under 13 may share information about their use of the Service with third party social networks.

  • Kids under 13 are not permitted to share their information publicly on the Service.

In addition, we may share a kid's personal information with:

  • Other companies owned by or under common ownership as Thinglink, which includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns. These companies will use the personal information in the same way as we can under this Policy;

  • Third party vendors, consultants, contractors and other service providers that perform services on our behalf, in order to carry out their work for us, which may include content or service fulfillment, accounting, or providing analytics services;

  • Third parties as reasonably necessary to (i) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (ii) enforce our Terms of Use Agreement, including the investigation of potential violations thereof, and/or (iii) investigate and defend ourselves against any third party claims or allegations, (iv) to exercise or protect the rights, property, or personal safety of Thinglink, our Users or others.

We may also share information with others in an aggregated and anonymous form that does not reasonably identify any user, including our kid users, directly as an individual.

How we notify parents of the data collection.

We send parents an email when their kid creates an account at Thinglink and ask the parent to register with the Service and provide consent for the kid to use the Service. If the parent refuses to allow the kid's registration, we delete the kid's information from our databases. The kid will not be permitted to engage in the core functionality of the Service unless and until we receive verifiable parental consent to engage in such activity. Where the Service is used by a child for educational purposes, the educational institution may act as an agent of the parent for purposes of providing verifiable consent. At that time, the kid will be able to participate in the Service as permitted by the parent or educational institution acting on behalf of the parent.

How parents can access, change or delete information collected from their kids.

A registered user can modify personal data or delete a Thinglink account at any time by visiting the "Settings" page. may view, modify, and consent to the collection and use of the kid's personal information. A parent or child may contact us at any time by emailing us or by contacting us at the address below to review, change, and/or delete any information we have collected from a kid under 13 as well as to disallow any further collection or use of the child's information. We will take steps to verify the identity of anyone requesting personally identifiable information about a child and to ensure that the person is in fact the child's parent or legal guardian.

If you have any questions concerning this Kid's Privacy Policy, or if you feel that we have inadvertently collected information from a child without notifying a parent or obtaining consent, you can contact us at: Email:

Sign up

By signing up you agree to the Terms of Service.

This site uses cookies to deliver our services. By using our site, you acknowledge that you have read and understand our Terms of Service and Cookie Policy. Your use of ThingLink's Products and Services, is subject to these policies and terms.