Worlds Enterprises, Inc. Privacy Policy
Effective Date: November 25, 2025
1. Introduction Worlds Enterprises, Inc. ("Worlds," "we," "us," or "our") is committed to protecting your privacy. This Website Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our public website, http://worlds.io (the "Website").
2. Scope of This Policy This policy applies solely to information collected through our Website. It does not apply to:
Our AI Platform and Services: Data that you or your organization provide in connection with AI software products and services (the "Worlds App" or "Platform") is governed by our separate Platform Privacy Policy and the terms of our Master Services Agreement (MSA).
Information Collected Offline: Any information collected through means other than the Website.
Third-Party Websites: Information collected by third parties, even if accessed via links from our Website.
Please read this Privacy Policy carefully. By using this Website, you agree to the terms outlined herein.
3. Information We Collect We collect information that you voluntarily provide to us and information that is automatically collected when you use our Website.
A. Information You Provide to Us
| Data Category | Examples | Purpose of Collection |
|---|---|---|
| Contact Information | First and last name, email address, phone number, company name, job title. | To respond to your inquiries, schedule demos, provide requested information, and for marketing communications. |
| Communication Data | Information you provide in contact forms, emails, or chat support on our Website. | To provide customer support, respond to sales and business inquiries, and improve our services. |
B. Information We Collect Automatically
| Data Category | Examples | Purpose of Collection |
|---|---|---|
| Usage Data | IP address, browser type, operating system, pages viewed, referring URLs, time spent on pages. | To analyze website performance, improve user experience, and for security monitoring. |
| Cookie & Tracking Data | Session cookies, persistent cookies, web beacons. | To personalize your experience, remember your preferences, and for marketing analytics. See our Cookie Policy for details. |
4. How and Why We Use Your Information (Legal Basis) We use the information we collect for various business purposes, relying on the following legal bases for processing:
To Fulfill a Contract or Take Steps Linked to a Contract: This is relevant when you request a demo or services from us.
Where You Give Us Consent: For example, when you consent to receive marketing emails or accept non-essential cookies.
For Purposes Which Are in Our Legitimate Interests: We use data to operate our Website, secure our systems, and provide you with information about our services.
Personalization and Sales Outreach: When you interact with our Website, for example by using our chat service, we may use the information you provide (such as your name, email, or company) to enhance our understanding of your business needs. This may include using third-party services to gather additional publicly available information from sources such as professional networking sites (e.g., LinkedIn) to create a profile. This helps us personalize our communications and ensure our sales and marketing outreach is relevant to your role and company.
Specific uses include:
Providing and Managing Services: To respond to your requests and manage your relationship with us.
Communication: To send administrative information, marketing communications (where consent is obtained), and product updates.
Website Improvement & Security: To analyze trends, prevent fraud, and ensure the security and operational integrity of our Website, which is critical for our SOC 2 and CMMC commitments.
Legal Compliance: To comply with legal obligations, court orders, or governmental requests.
5. Data Sharing and Disclosure Worlds does not sell your personal information. We may share your information with the following categories of third parties:
Service Providers: We engage vendors who perform services on our behalf, such as cloud hosting, CRM platforms, and marketing automation tools. These providers are contractually obligated via Data Processing Agreements (DPAs) to protect your data and may only use it to perform services for us.
Legal and Governmental Authorities: As required by law, such as in response to a subpoena, court order, or a request from a government agency as part of our compliance with regulations like CMMC.
Corporate Transactions: In connection with a merger, sale of company assets, or acquisition of all or a portion of our business by another company.
6. Our Commitment to Security We have implemented and maintain a comprehensive information security program with administrative, physical, and technical safeguards designed to protect your information from unauthorized access, use, disclosure, and destruction. Our security controls are aligned with leading industry frameworks such as SOC 2 (Trust Services Criteria for Security, Availability, and Confidentiality) and the NIST SP 800-171 standard required for CMMC Level 2.
Key security measures include:
Encryption of data in transit (TLS 1.2+) and at rest (AES-256).
Strict access control and least-privilege principles.
Regular security assessments and vulnerability management.
An established incident response plan.
While we take extensive measures to protect your data, no security system is impenetrable. In the event of a data breach, we will follow our incident response plan and notify you in accordance with applicable legal requirements.
7. Data Retention We will only retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
8. Your Data Protection Rights Depending on your location, you may have rights regarding your personal information, including the right to access, rectify, or erase your data. To exercise any of these rights, please contact us at privacy@worlds.io. We will respond to your request in accordance with applicable data protection laws. We encourage you to consult counsel if you have questions regarding your specific rights.
9. Commitment to Protecting Controlled Unclassified Information (CUI) Worlds is committed to meeting the cybersecurity requirements of the U.S. Department of Defense. Our information systems and security practices are designed to be compliant with CMMC Level 2 standards to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). Any CUI processed by our Platform is governed by our MSA and Platform Privacy Policy.
10. International Transfers Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. Where required by law, we ensure such transfers are protected by appropriate safeguards, such as by implementing Standard Contractual Clauses (SCCs) for transfers of data.
11. Children’s Privacy Our Website is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
12. Changes to this Privacy Policy We may update this Privacy Policy from time to time. The updated version will be indicated by a revised "Effective Date." We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.
13. Contact Us If you have questions or comments about this Privacy Policy, please contact us at: privacy@worlds.io.