Privacy Policy

Effective Date: May 24, 2026

In short: We collect anonymous devices identifiers such as your IP address and User Agent in order to prevent spam and abuse. We keep the logs for 7 days. It is technically impossible for us to associate this information with you. 

If you send us an email, we will store the contents of your communication to help you resolve your issues. 

In long: Looking Glass is an iOS application developed by Con Art ApS (“we,” “us,” or “our”). We respect your privacy and are committed to protecting it.

This Privacy Policy explains what data we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR) when you use the Looking Glass app.

1. What Data We Collect and Why

Looking Glass is designed to provide an Augmented Reality (AR) experience by overlaying video and image assets on top of scanned artwork. To make this work, the app communicates with our servers.

App Usage Data (Automatically Collected) When you use the app to scan an artwork, the app requests the necessary AR assets from our Content Delivery Network (CDN) hosted on Cloudflare. During this request, our Cloudflare Worker automatically logs:

  • Your IP Address

  • Your User Agent (information about your device and operating system)

Why we collect it: We use this information strictly for security purposes—specifically to detect and prevent spam, abuse, and Distributed Denial of Service (DDoS) attacks. This ensures the app remains functional and secure for all users.

Customer Support Correspondence If you choose to contact us via email for support or inquiries, we will collect your email address and any information you provide in your message. Why we collect it: To respond to your inquiry and provide customer support.

2. Legal Basis for Processing (GDPR)

Under the GDPR, we process your data under the following legal bases:

  • Legitimate Interests (Art. 6(1)(f)): Logging IP addresses and User Agents is strictly necessary for our legitimate interest in securing our infrastructure, preventing abuse, and delivering the requested AR assets to your device.

  • Consent / Performance of a Contract: If you email us for support, we process your correspondence to assist you with your request.

3. Data Retention

We practice data minimization and do not keep data longer than absolutely necessary.

  • Security Logs: The IP addresses and User Agent strings are retained solely for spam detection and abuse prevention. They are automatically deleted after 7 days.

  • Email Correspondence: If you contact us via email, we will retain the email thread for as long as necessary to resolve your issue.

4. Your Privacy Rights & Data Deletion

Under the GDPR, you have the right to access, correct, restrict, or delete your personal data. However, because of our strict data minimization practices, the following conditions apply:

App Usage Data (Article 11 Exemption) We do not collect names, account details, or any personally identifiable information within the app. Because we cannot correlate an IP address or User Agent to your specific real-world identity, we are exempt under Article 11 of the GDPR from acquiring additional information just to identify you.

  • What this means: If you ask us to delete or provide access to your app usage logs, we cannot fulfill the request because we have no technical way of knowing which logs belong to you.

Email Correspondence If you have emailed us and would like us to delete that correspondence, you maintain the right to do so.

  • How to delete emails: You must email us at [email protected] from the exact same email address you used initially, requesting deletion. Once verified, we will securely delete the correspondence except in cases where we are required to keep a record to be in compliance with relevant laws. 

5. Third-Party Services

We use Cloudflare to host our server worker, CDN, and video/image assets. Cloudflare acts as our data processor. When the app fetches assets, your IP address is temporarily processed by Cloudflare’s infrastructure to deliver the content securely and quickly. Cloudflare operates in compliance with GDPR. We refer to Cloudflare’s privacy policy for more information.

We use the Apple App Store to deliver the app to you. We refer to the App Store’s privacy policy for more information.

6. Children’s Privacy

The Looking Glass app is not directed at children, and we do not knowingly collect personal information from children under the age of 16. If you are a parent or guardian and believe your child has provided us with personal data (such as via an email inquiry), please contact us so we can delete it.

7. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Effective Date” at the top of this page and make the new policy available within the App Store and the app itself.

8. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Con Art ApS
Email: [email protected]
Website: conart.nu