Privacy Policy

Update date: February 26, 2026

Data controller

Skymerse Inc., 2261 Market Street STE 86173, San Francisco, CA 94114, United States ("Skymerse," "we," "us," or "our") is the data controller responsible for the personal data collected through this website.

For any privacy-related inquiries, you can reach us at [email protected].

EU/EEA representative (GDPR Article 27)

Skymerse Inc. is established in the United States and does not currently maintain an establishment in the EU/EEA. As our processing of EU/EEA personal data is limited to occasional, small-scale collection of contact details and pseudonymous analytics, we have determined that the appointment of an EU representative under Article 27 GDPR is not required at this time. We will reassess this position as our operations evolve. In the meantime, you may direct any GDPR-related inquiries to [email protected].

What data we collect

We collect the following personal data through this website:

  • Waitlist sign-up: your email address.
  • Contact form: your name, email address, and any information you include in your message.

If you consent to analytics cookies, we also use Google Analytics 4 to collect pseudonymous usage data when you visit this website. This data includes online identifiers (such as cookie IDs and device characteristics) that do not directly identify you but are not fully anonymous. See "Cookies and tracking" below for details.

Why we collect it

  • To confirm your waitlist sign-up and send launch and product updates.
  • To respond to inquiries submitted through the contact form.
  • To comply with legal obligations.

Legal basis for processing (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal data on the following legal bases:

  • Consent (Article 6(1)(a) GDPR) - when you voluntarily submit your email to join the waitlist, send us a message through the contact form, or accept analytics cookies. You may withdraw your consent at any time by emailing us, using the unsubscribe mechanism in our emails, or changing your cookie preferences.
  • Legal obligation (Article 6(1)(c) GDPR) - where we are required to retain data by applicable law.

Your rights under the GDPR

If the GDPR applies to you, you have the following rights regarding your personal data:

  • Access - request a copy of the personal data we hold about you.
  • Rectification - request correction of inaccurate or incomplete data.
  • Erasure - request deletion of your personal data ("right to be forgotten").
  • Restriction - request that we limit how we process your data.
  • Portability - receive your data in a structured, machine-readable format.
  • Objection - object to processing based on legitimate interest.
  • Withdraw consent - at any time, without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

US privacy rights (CCPA/CPRA and state laws)

If you are a resident of California or another US state with applicable privacy legislation (such as Virginia, Colorado, Connecticut, or Utah), you may have the right to:

  • Know what personal information we collect and how it is used.
  • Request access to or deletion of your personal information.
  • Opt out of the sale or sharing of your personal information.
  • Not be discriminated against for exercising your privacy rights.

Categories of personal information collected (CCPA)

Under the California Consumer Privacy Act, the categories of personal information we collect are:

  • Identifiers - name and email address (via waitlist sign-up and contact form).
  • Internet or other electronic network activity information - pages visited, device type, browser, referral source, and interaction data (via Google Analytics 4, only with your consent).
  • Geolocation data - approximate location at the country/city level (derived from IP address by Google Analytics, only with your consent).

We do not sell, share, or use personal information for targeted advertising or cross-context behavioral advertising. To submit a privacy request, email [email protected].

Do Not Track and Global Privacy Control

Some browsers and extensions send "Do Not Track" (DNT) or Global Privacy Control (GPC) signals. We honor GPC signals as a valid opt-out request where required by applicable law (including under the CCPA/CPRA and the Colorado Privacy Act). When we detect a GPC signal, analytics cookies will not be loaded for that session. We currently do not respond differently to the older DNT header, as there is no industry-standard interpretation for it.

Data retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Waitlist emails are kept until you unsubscribe, request deletion, or for up to 24 months after our product launches - whichever comes first.
  • Contact form data is kept for up to 12 months after your inquiry is resolved, unless a longer retention period is required by law.

After the applicable retention period, your data is permanently deleted.

Third-party service providers

We share personal data only with service providers who process data on our behalf under appropriate data protection agreements:

  • Transactional email service (Postmark by ActiveCampaign) - to deliver waitlist confirmations and contact form notifications.
  • Hosting provider (Vercel Inc.) - to serve this website and process incoming requests.
  • Analytics provider (Google LLC - Google Analytics 4) - to collect pseudonymous website usage statistics, only when you have given cookie consent.

We do not sell, rent, or otherwise disclose your personal data to third parties for their own marketing purposes.

International data transfers

Skymerse is based in the United States. If you are located outside the US (including in the EEA, UK, or Switzerland), your personal data will be transferred to and processed in the United States. We ensure appropriate safeguards are in place for these transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission where required, and we rely on our service providers' compliance frameworks (such as their Data Processing Agreements) to protect your data.

Data security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted data transmission (TLS/SSL), access controls, and secure hosting infrastructure. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Cookies and tracking

When you first visit this website, you are presented with a cookie consent banner. Analytics cookies are only loaded if you click "Accept." If you reject cookies, or dismiss the banner, no analytics cookies are set and Google Analytics is not loaded.

If you consent, this website uses Google Analytics 4 (provided by Google LLC) to help us understand how visitors use the site. Google Analytics sets cookies on your device and collects pseudonymous data such as:

  • Pages visited, time spent on pages, and navigation paths.
  • Approximate geographic location (country/city level, derived from IP address).
  • Device type, browser, operating system, and screen resolution.
  • Referral source (how you arrived at the site).

Google Analytics 4 uses first-party cookies (such as _ga and _ga_*) to distinguish unique visitors and sessions. These cookies are stored on your device for up to 2 years. IP addresses are processed by Google and truncated within the EU/EEA before being forwarded to US servers, in line with Google's data processing practices. This data is pseudonymous - it does not directly identify you, but it is not fully anonymous as it includes persistent identifiers and device characteristics.

Google processes this data on our behalf under its Privacy Policy. You can change your cookie preference at any time using the "Manage Cookies" link in the website footer, by installing the Google Analytics Opt-out Browser Add-on, or by adjusting your browser's cookie settings.

We do not use any other tracking pixels, advertising cookies, or third-party analytics tools beyond Google Analytics.

Automated decision-making

We do not use your personal data for automated decision-making or profiling as defined under GDPR Article 22.

Children's privacy

Our website and services are not directed at children. We do not knowingly collect personal data from anyone under the age of 16 (or under 13 where COPPA applies in the United States). If we become aware that we have inadvertently collected data from a child under these age thresholds, we will promptly delete it. If you believe a child has provided us with personal data, please contact us at [email protected].

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Update date" at the top of this page and, where practicable, notify affected users directly (for example, by emailing waitlist subscribers). We encourage you to review this page periodically.

Contact

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

  • Skymerse Inc., 2261 Market Street STE 86173, San Francisco, CA 94114, US
  • Email: [email protected]

Contact form →