We were contacted by an exciting client – Extend Robotics.

Extend Robotics had developed a cutting-edge virtual reality (VR) application to control a robotic arm. The big idea is to enable anyone, anywhere, to interact with the physical environment via a virtual medium. 

Extend Robotics was in the process of reviewing its existing agreements: (1) a software licence for the VR application, (2) a supply of goods contract for robotic equipment, and (3) its UK GDPR required privacy notice. It wanted to introduce a different model under which users would access its VR application and interact with purchased equipment, without losing access to the anonymised customer data it needed to improve its products. 

Context and Challenge

There were a lot of moving parts in Extend Robotics’ request. One of the first things we realised is that Extend Robotics was selling to large businesses and organisations, but at the same time making both the VR application and the robotic equipment available to the public. As individuals could purchase it for their own private purposes, they had to be considered consumers. There are different legislative rules applying to consumers, so we knew that we would have to provide our advice with both hats on. 

Another aspect, raised by the client, was the need for the software licence to fit within the view of the relevant VR headset. If the licence was long, users could not read it very easily. So we needed to think of a solution that would protect the client on the one hand while making it easy to view and accept for the client’s customer on the other.  

Finally, from a privacy perspective, we also needed to consider the requirements of the third parties that would distribute the VR application in their online and in-application stores. They had slightly different expectations to what was required under the UK GDPR. We knew immediately that getting to grips with those non-legal requirements would be essential to producing documentation Extend Robotics could use quickly. 

Process and Insight

We knew this would be a matter in which spending a lot of time with the client at the outset would be valuable. Whilst we always speak to our clients before we start any work, we felt that we needed to be fully aware of (a) what the client wanted to achieve with its new model and (b) what was it already doing, from both a contract perspective and a data protection perspective, that was not being covered by its existing documentation.

On the contract side, we went through with Extend Robotics what it envisioned its ‘customer journey’ to be. Can individuals/business purchase online? Will they sign anything? How will customers pay – up front or via an invoice? How will customers interact with the app? How will their payments online sync up with the VR application? What support do you offer your customers? Do you do installations? 

From a UK GDPR perspective: what data does the purchase process gather? What data does the app gather? What, and this question was unique for us, data does the robotic equipment gather about its users? 

This was an expansive list, but talking all this through with the client enabled them (and us!) to think of matters not initially considered when we were first contacted. 


We were able to address these questions, and more, when we produced comprehensive equipment supply and software licencing contracts – accommodating both the business to business and consumer aspects (and in some cases drafting twice!). 

After our conversation with the client, we knew that theirs was a product that would be passed around and shown off to many individuals under one ‘licence’ (either purchased by an individual or a company). As such, an End User Licence Agreement (commonly known as a EULA) was absolutely necessary. The EULA we drafted had the benefit of being short enough to fit within the VR application’s sightline. It ensured that individual users were aware of the necessary terms of the contracts we had drafted and were bound by them. 

We comprehensively reviewed the terms and conditions of two major VR marketplaces to ensure that what the client intended to do, and what we informed data subjects of, was compliant with both these terms and conditions and the UK GDPR. There were no conflicts, but we had to take a different set of rules into account to ensure that the client could collect user data to enhance its product. 


We produced a suite of documentation that met the client’s needs quickly. It was able to shift over to its new business model and grow with confidence. Extend Robotics moves from strength to strength, and we wish them all the best!