PortalVR, PortalVR Controller, and PortalVR Tracker – Privacy Policy
This policy explains how we collect, use, and protect information in our apps and on portalvr.io.
Effective date: April 19, 2026
Contact: Greg Fodor – Founder & Chief Privacy Officer – gfodor@portalvr.io
Mailing address: Portal VR, Inc., 333 W San Carlos St., Suite 600, San Jose, CA 95110, USA
At a Glance
- We process camera, motion sensors, Bluetooth, USB-connected tracking data, and (optionally) microphone data on-device to enable VR/AR features. We do not upload raw sensor streams.
- We collect minimal diagnostic telemetry (e.g., crash reports and basic event logs) to keep the Apps reliable. No targeted advertising and no sale of personal information.
- You control permissions at any time in Android or iOS settings. Revoking a permission disables only the related feature.
Scope
This policy covers the PortalVR OpenXR runtime/driver for Android, the PortalVR Controller app, the PortalVR Tracker iPhone app, and the PortalVR website at portalvr.io. It does not cover third‑party OpenXR client apps you run with PortalVR or external services you choose to connect to.
Information We Process
We designed the Apps so that sensitive sensor data is processed locally on your device. The categories below reflect the Android manifests and features our builds declare.
- Camera data: Used for environment understanding, tracking, and optional computer‑vision features (e.g., marker detection). In PortalVR Tracker on iPhone, front-camera frames are processed on-device to estimate hand/controller pose. Raw camera frames are not uploaded to our servers.
- Motion sensors: Accelerometer, gyroscope, and high‑sampling‑rate sensors for head/controller tracking and pose smoothing. Processed on‑device and not uploaded.
- USB-connected tracking data: When PortalVR Tracker is connected to your PC by USB, it sends pose, timing, and connection-state data to the PortalVR desktop runtime so tracking works in real time. This traffic is sent to your connected PC, not uploaded to PortalVR servers.
- Bluetooth data: Device discovery, advertising, connection, and GATT characteristics to link the PortalVR Controller and other accessories. We process device names, services, and characteristics as needed to connect. We do not upload Bluetooth MAC addresses or scan results.
- Microphone audio (optional): If enabled, used for voice chat, audio passthrough, or system audio capture features. Audio is processed locally for the feature in use. We do not upload raw audio or transmit it to our servers.
- Local media you select (optional): If you choose to import images, videos, or audio, we access only the selected items to provide the feature. We do not upload your media.
- Overlay and UI settings: Whether the Apps may display over other apps and related UI state. Necessary for the Portal OpenXR Runtime to be able to draw in‑game graphics.
- App inventory for compatibility: We may read the set of installed packages to discover OpenXR client apps and provide compatibility or update flows. This information stays on‑device; we do not upload a list of your installed apps.
- Network and technical data: IP address (in standard web logs), device model, OS/version, app version, and configuration flags needed for update checks and connectivity.
- Diagnostics and telemetry: Crash reports, error logs, and basic event telemetry (e.g., startup/shutdown, connection success/failure, permission grant/deny). We keep this minimal and do not collect content from sensor streams.
- Website browsing data (portalvr.io): Standard server logs (IP address, user agent, referrer, pages visited, timestamp) and first‑party analytics events. We do not run ads or track you across other websites.
How We Use Information
- Provide and improve XR functionality (tracking, rendering, controller connectivity, and USB-based tracker streaming).
- Maintain reliable Bluetooth connections and foreground services when required by Android.
- Perform update checks and optional in‑app install flows.
- Diagnose crashes and fix bugs.
- Protect the Apps, users, and our services from abuse and misuse.
We do not use your information for targeted ads and do not sell personal information.
Permissions We Request and Why
Below are the principal permissions/features declared by the Apps and their purposes.
- Camera: Required by ARCore and by PortalVR Tracker on iPhone for hand/controller tracking and optional marker/vision features. Used only to enable XR functionality; no upload of raw frames.
- High‑sampling‑rate sensors; accelerometer; gyroscope; headtracking features: Used for 3‑DOF/6‑DOF tracking and pose smoothing; processed on‑device.
- Microphone (RECORD_AUDIO); Foreground service type: microphone/mediaProjection: Optional features like voice chat, audio passthrough, or system audio capture. Raw audio is not uploaded or transmitted to our servers.
- Bluetooth (SCAN/CONNECT/ADVERTISE): Discover, connect to, and communicate with PortalVR Controller and accessories; maintain connections via a foreground service when required.
- Read media (READ_MEDIA_IMAGES/VIDEO/AUDIO): Access only video files you capture in‑app; no bulk media scanning or uploads.
- System alert window (display over other apps): Render necessary overlays for game graphics and UI. We set secure flags to prevent third‑party screen recording of sensitive overlays.
- Notifications (POST_NOTIFICATIONS): Inform you when background XR/Bluetooth services are active or need attention.
- Internet: Update checks, recommended app metadata, and standard connectivity; no ad tracking.
- Foreground service types (connectedDevice, dataSync, microphone/mediaProjection): Required by Android to maintain Bluetooth connectivity and perform update flows while active in the background. These do not expand what we collect; they describe how Android treats long‑running tasks.
- Query all packages; request install packages; update‑ownership/privileged update flags: Power the compatibility and update flows for OpenXR client apps and the runtime itself. On standard devices, privileged update permissions are inert.
- OpenXR permissions (org.khronos.openxr.*): Required to function as an OpenXR runtime on Android.
Data Sharing
- Service providers: We use reputable processors under contracts that limit use to providing services to us. We do not allow them to use your data for advertising. Today, these include:
- Sentry (error and crash monitoring)
- Mixpanel (event analytics for app and website)
- Legal and safety: We may disclose information to comply with law, enforce our terms, or protect users and our rights.
- Aggregated/anonymous information: We may publish or share non‑identifying metrics (e.g., device compatibility statistics).
Data Storage and Retention
- Sensor streams (camera, motion, microphone) are processed on‑device and not uploaded by default.
- Diagnostic telemetry is retained only as long as necessary to troubleshoot and improve reliability. Unless required otherwise, we aim to keep crash and event logs for no longer than 90 days.
Your Choices and Controls
- Permissions: Grant or revoke any permission in Android or iOS settings at any time. Features tied to a permission will be disabled when revoked.
- Opt‑in features: Audio capture and similar features are optional and user‑controlled.
- Delete local data: Clear app data via Android settings to remove locally stored configuration and caches.
- Access, correction, and deletion requests: Contact us at gfodor@portalvr.io to request a copy of telemetry associated with your device, or to ask us to delete it (subject to applicable law and our need to maintain the service and security). Requests are handled by email.
- Website analytics and cookies: We use first‑party analytics on portalvr.io (Mixpanel) that may rely on cookies or similar technologies. You can use browser settings to block or delete cookies; the site may still function with reduced analytics.
Children’s Privacy
The Apps are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided information, please contact us and we will delete it.
International Transfers
We are based in the United States. We configure our services so that information we process (including telemetry handled by Sentry and Mixpanel) is processed and stored in the United States.
California and Other Regional Rights
If you are a California resident or are in a jurisdiction with similar rights, you may have the right to request access to, deletion of, and information about our use and disclosure of your personal information. We do not sell personal information and do not share personal information for cross‑context behavioral advertising. To exercise rights, contact gfodor@portalvr.io.
Security
We use reasonable technical and organizational measures to protect information, including transport encryption for any telemetry we transmit. No method of transmission or storage is 100% secure.
Changes to This Policy
We may update this policy from time to time. We will post the updated policy and update the effective date above.
For technical or purchase support, visit the Support page to choose email, Discord, or the Polar portal.
← Back to home