Vevomo Framework Privacy Statement

Vevomo, and its subsidiaries, affiliates and parent companies (“Vevomo”, “we”, “us” or “our”) is committed to protecting your privacy and ensuring you have a positive experience when you use our video conferencing and communication services (the “Services”), visit our webpages, interact with us on social media, or attend a Vevomo event offline or online.

This Statement explains Vevomo’s practices when we process your “personal data,” which is information that relates to an identified or identifiable individual. To “process” or “processing” means any use of personal data including, transferring, collecting, recording, storing, using, analyzing, combining, disclosing or deleting it.

This Statement may be updated periodically. If we plan to make any material changes to the way we handle personal data as described here, we will notify you by posting an updated version of this Statement on our website. Changes to this Statement are summarized in our Change Log. We may supplement this Statement with “just-in-time” notices, or other disclosures contained within or in connection with the provision of the Services, which may describe in more detail our data collection, use and sharing practices. Unless we say otherwise, such supplemental privacy statements will govern how we may process the information in the context of the specific product or service.

What this Statement Covers

This Statement applies to the personal data we process as a data controller, that is, as the party that determines what data to collect and why. You provide some of this data directly, and we get some of it by collecting data about your interactions, use, and experiences with the Services. The data we collect depends on the context of your interactions with Vevomo and the choices you make, including the products and features you use. We also obtain data about you from third parties.

When you use Vevomo’s Services through a Vevomo account holder, the processing of your personal data is determined and administered by that account holder under its privacy policies. If you have questions about how and why your personal data is collected, the legal basis for processing, or requests regarding your personal data, please refer to the account holder’s privacy statement and direct your inquiries to the account holder or its administrator.

Supplementary Information

Your California Privacy Rights

If you are a resident of the State of California, this Privacy Statement is supplemented by our California Privacy Rights Statement that explains your California privacy rights and how you can exercise these rights.

Vevomo and Children

Vevomo does not knowingly allow children under the age of 16 to sign up for their own accounts.

Who This Policy Applies To

This privacy policy applies to www.vevomo.com, owned and operated by Vevomo, a California corporation, and any Vevomo Website or Vevomo-Powered Websites through which Vevomo provides services to its Customers and the Customers’ Users (the “Vevomo Services”). A “Vevomo-Powered Website” shall mean a domain not owned by Vevomo but which has a license from Vevomo to utilize specific Vevomo technologies. Vevomo is committed to respecting your online privacy and recognizes your need for appropriate protection and management of any Personal Data you share with us. For purposes of this privacy policy, “personal data” means any information that can be used to individually identify a person, and may include, but is not limited to, name, email address, postal or other physical address, IP address, credit or debit card number, and title. Vevomo has established this privacy policy so that you can understand how we use and protect your Personal Data.

This privacy policy applies to these kinds of parties that interact with Vevomo:

Customers: Our Customers are typically corporations and organizations that contract with Vevomo to provide one or more Vevomo Services for managing their virtual conferences and other events. The Customer’s employees, independent contractors, and other associates interact with the Vevomo Services on behalf of the Customer.

Users: These are individuals and businesses who interact with our Customers through one or more Vevomo Services in connection with our Customer’s event. They include attendees who register for the event using Vevomo Services; suppliers of services to our Customer for the event; and buyers of services on behalf of our Customer to manage the event.

Visitors: These are individuals who interact with www.vevomo.com in order to learn more about Vevomo and our services, to request a demo, to download information, or similar purposes. Our Vevomo Services allow our Customers to collect a variety of Personal Data from and about their Users such as name, organization, title, mailing address, e-mail address, telephone number, social media account ID, credit or debit card number, and content that the User chooses to upload.

Personal Data We Process & How We Use It

The table below describes Vevomo’s processing of personal data as a data controller. The table does not cover Customer content or User content, including any personal data about you and Users that may be contained in Customer content—such as event recordings or transcripts—because the Customer (the Vevomo account holder), or User, rather than Vevomo, controls how Customer and User content is processed. Any questions about the processing of Customer and User content should be addressed to the Customer directly.

Personal Data Processing

VEVOMO uses the following Sub-Processors. VEVOMO shall include privacy provisions which are the same or reasonably equivalent to those in this Statement in its agreements with its Sub-Processors. VEVOMO shall ensure that all Sub-Processors comply with VEVOMO’s obligations hereunder and shall be liable for any act or omission by its Sub-Processors. “Sub-Processor” means any third party that VEVOMO uses to process Personal Data, and any downstream third party that processes Personal Data on behalf of such subcontractor.

• Amazon Web Services
• Keen.io

Customer Content

Customer content is the “in-session” information you or Users give us directly through your use of the Services, such as event recordings, files, chat logs, making and responding to comments, reacting to comments, watching videos or presentations, downloads, and transcripts, and any other information uploaded while using the Services. Vevomo uses Customer and User content only in connection with providing the Services – we do not monitor, sell or use Customer or User content for any other purposes.

Our Customers use personal data in planning and managing their events and related activities. For example, if a User chooses to use the Services to conduct business with our Customer (such as registering for an event, or providing input related to the event), any personal data or other information provided by the User will be transferred to, and under the control of, our Customer.

Our Customers will also have access to information (including personal data) related to how the User interacts with the Services they choose to use.

In collecting and using personal data, our Customers act as data controllers with regard to the User, under the European Union General Data Protection Regulation (“GDPR”). Vevomo cannot, and does not, take responsibility for the privacy practices of our Customers or their event planners, event organizers, or other suppliers. Vevomo encourages Users to review the particular Customer’s privacy policies to understand its privacy practices and procedures.

We do not control the actions of anyone with whom you, your Users, or any other Service user may choose to share information. Therefore, we cannot and do not guarantee that any Customer content you or any User provides to the Services will not be viewed by unauthorized persons. Nor can Vevomo control the information a User may choose to share during an event. Although Vevomo account holders can set privacy options that limit access to certain areas of the Services, please be aware that no security measures are perfect or impenetrable and that we are not responsible for circumvention of any security measures contained on the Services. You should be cautious about the access you provide to others when using the Services, and the information you choose to share when using the Services.

How does Vevomo handle Personal Data of Visitors?

A visitor who is examining www.vevomo.com for informational purposes will have Personal Data, such as the visitor’s IP address, cookies, and similar technologies.

If a visitor requests a demonstration of the Services or decides to download a buyer’s guide, with the visitor’s permission we will collect and/or process Personal Data such as the visitor’s name, email address and phone number. We will use this information to fulfill the visitor’s order, send the visitor the requested product or service information, or respond to Customer service requests.

The personal data of visitors has substantially the same rights as personal data of Users.

How We Share Personal Data

We only share personal data with companies, organizations or individuals outside of Vevomo when one of the following circumstances applies:

With Consent

We may share personal data with companies, organizations, individuals outside of Vevomo and others when we have consent from an individual (as applicable).

For Corporate Transactions

We may share personal data with actual or prospective acquirers, their representatives and other relevant participants in, or during negotiations of, any sale, merger, acquisition, restructuring, or change in control involving all or a portion of Vevomo’s business or assets, including in connection with bankruptcy or similar proceedings.

For Business Purposes

We provide personal data to vendors and services providers to help us provide the Services and for Vevomo’s business purposes. Examples include public cloud storage vendors, carriers, payment processor, and service provider for managing Customer or User support tickets. Vevomo contractually prohibits such vendors from using the personal data for any reason other than to provide the contracted-for services and Vevomo contractually requires its vendors to comply with all appropriate privacy and security requirements.

For Legal Reasons

We share personal data with companies, organizations or individuals outside of Vevomo if we believe that access, use, preservation or disclosure of the information is reasonably necessary to:

1. Meet any applicable law or respond to valid legal process, including from law enforcement or other government agencies.
2. Enforce applicable Terms of Service, including investigation of potential violations.
3. Detect, prevent, or otherwise address fraud, security or technical issues.
4. Protect against harm to the rights, property or safety of Vevomo, our users or the public as required or permitted by law, including to help prevent the loss of life or serious injury of anyone.

Data Subject Privacy Rights and Choices

Right to Correct or Update Your Information

If you would like to correct or update information that you have provided to us, please logon to www.vevomo.com and update your profile.

Marketing Communications

You may receive marketing email communications from us where permissible. If you would like to stop receiving these communications, you can update your preferences by using the “Unsubscribe” link found in those emails.

European Privacy Rights

If you reside in the European Economic Area, you may have the right to exercise certain privacy rights available to you under applicable laws. We will process your request in accordance with applicable data protection laws. We may need to retain certain information for record-keeping purposes or to complete transactions that you began prior to requesting any deletion.

1. Right not to provide consent or to withdraw consent. We may seek to rely on your consent in order to process certain personal data. Where we do so, you have the right not to provide your consent or to withdraw your consent at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.
2. Right of access and/or portability. You may have the right to access the personal data that we hold about you and, in some limited circumstances, have that data provided to you so that you can provide or “port” that data to another provider.
3. Right of erasure. In certain circumstances, you may have the right to the erasure of personal data that we hold about you (for example if it is no longer necessary for the purposes for which it was originally collected).
4. Right to object to processing. You may have the right to request that Vevomo stop processing your personal data and/or to stop sending you marketing communications.
5. Right to rectification. You may have the right to require us to correct any inaccurate or incomplete personal information.
6. Right to restrict processing. You may have the right to request that we restrict processing of your personal data in certain circumstances (for example, where you believe that the personal data we hold about you is not accurate or lawfully held).
7. Right to lodge a complaint to your local Data Protection Authority. If you are an EEA resident, you have the right to complain to a data protection authority about our collection and use of your personal data.

How to Exercise Your Rights

To exercise any of the rights above, email us at dataprivacy@vevomo.com. You and Users may also submit a request to the following address:

Vevomo
Attention: Data Privacy Officer
17 Edgewood Way
San Rafael, California 94901

Please identify yourself and specify your request. If you have a password protected Vevomo account, we will use your account information to verify your identity. If not, we will ask you to provide additional verification information. What we request will depend on the nature of your request, how sensitive the information is, and how harmful unauthorized disclosure or deletion would be.

We use commercially reasonable efforts to delete your personal data as required but retain records necessary to comply with a governmental authority or applicable federal, state, or local law. Where legally permitted, we may decline to process requests, including requests that are unreasonably repetitive or systematic, require disproportionate technical effort, or jeopardize the privacy of others.

International Transfers

Vevomo operates globally, which means personal data may be stored and processed (for example stored in a data center) in any country where we or our service providers have facilities or hold events. By using Vevomo or providing personal data for any of the purposes stated above, you acknowledge that your personal data may be transferred to or stored in the United States or in other countries around the world. Such countries may have data protection rules that are different and less protective than those of your country.

If you are a resident of the European Economic Area (EEA), and your personal data is transferred outside of the EEA, we will:

1. Process it in a territory which the European Commission has determined provides an adequate level of protection for personal information; or
2. Implement appropriate safeguards to protect your personal information, including transferring it in accordance with applicable transfer mechanism, including the European Commission's standard contractual clauses.

Retention

We will retain personal data for as long as required to do what we say we will in this Statement, unless a longer retention period is required by applicable law. The criteria used to determine our retention periods include:

1. The length of time we have an ongoing relationship with you and provide our services to you (for example, for as long as you have an account with us or keep using our services);
2. Whether we have a legal obligation to keep the data (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
3. Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

Customers can delete their own accounts.

Security

Vevomo is committed to protecting your personal data. We use reasonable and appropriate technical and organizational measures to protect personal data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data. If you have any questions about the security of your data, please contact our security team at dataprivacy@vevomo.com

How to Contact Us

If you have any privacy-related questions or comments related to this Statement, please send an email to dataprivacy@vevomo.com. You can also contact us by writing to this address:

Vevomo
Attention: Data Privacy Officer
17 Edgewood Way
San Rafael, California 94901

Data Protection Officer

Bruce Wheaton is our Data Protection Officer for the EEA and he can also be contacted at dataprivacy@vevomo.com

California Privacy Rights Statement

This California Privacy Rights Statement (this “Statement”) explains how Vevomo, a California corporation, and our subsidiaries, affiliates and parent companies ("Vevomo," "we," "us," or "our") collect, use, and share Personal Information of California residents in our capacity as a “business” under the California Consumer Privacy Act of 2018 (CCPA).  This Statement also explains California residents’ rights under the CCPA and California Civil Code section 1798.83 (the "Shine the Light law”).

Scope

For purposes of this Statement, unless a different definition is noted, "Personal Information" has the definition given in the CCPA.  However, this Statement does not apply to:

1. Information exempted from the scope of the CCPA;
2. Personal Information we collect from individuals acting in their capacities as representatives of organizations solely in the context of conducting due diligence regarding, or providing or receiving a product or service to or from, such organizations; or
3. Personal Information we collect, use, and share on behalf of our Customers as a "service provider" under the CCPA for purposes of providing our services to them.

Your California Privacy Rights under the CCPA

You can request the following information about how we have collected and used your Personal Information during the past 12 months:

1. The categories of Personal Information we have collected.
2. The categories of sources from which we collected the Personal Information.
3. The business or commercial purpose for collecting and/or selling Personal Information.
4. The categories of third parties with whom we share the Personal Information.
5. The categories of Personal Information that we sold or disclosed for a business purpose.
6. The categories of third parties to whom the Personal Information was sold or disclosed for a business purpose.
7. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
8. You can ask us to delete the Personal Information that we have collected from you.
9. You are entitled to exercise the rights described above free from discrimination as prohibited by the CCPA.

How to Exercise Your Rights

You may submit requests to exercise your California privacy rights described above as follows:

        Right to information, access, and deletion. If you are a California resident, you may submit a request to exercise your information, access, and deletion rights by emailing dataprivacy@vevomo.

        Right to opt-out of the “sale” of your Personal Information. We do not sell your personal information in the conventional sense.

We will need to verify your identity to process your information, access, and deletion requests and reserve the right to confirm your California residency.  To verify your identity, we may require you to log into your Vevomo account (if applicable), provide government identification, give a declaration as to your identity under penalty of perjury, and/or provide additional information.

Your authorized agent may make a request on your behalf upon our verification of the agent's identity and our receipt of a copy of the valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000-4465.  If you have not provided your agent with such a power of attorney, you must provide your agent with written and signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity and provide us with written confirmation that you have given the authorized agent permission to submit the request.

Our Personal Information Collection and Use Practices

The categories of Personal Information we collect are described below by reference to the statutory categories of Personal Information specified in the CCPA (California Civil Code section 1798.140):

1. Identifiers, such as name, email address, postal address, username, password, IP address, and other online identifiers.
2. Sensory information, such as call and video recordings and profile photos.
3. California customer records (as defined in California Civil Code § 1798.80), such as contact details and communications we collect through our support channels, marketing webpages, social media, at our events, and connected with our other marketing activities.
4. Commercial information, such as billing and transaction information and purchase history.
5. Internet or network activity information, such as information generated from interactions with our online services, such as data collected through server logs and cookies and similar technologies.
6. Geolocation, such as your city or other general location.
7. Professional or employment-related information, such as current or prior organizational affiliation, job title, information about your role, and work-related contact details.
8. Inferences that we derive from the preceding or other information we collect.

Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described above.

Sources.  Internet/network activity information, geolocation, IP address, and other online identifiers are collected automatically through your use of our online services. We may collect some professional information, and California customer records information from our affiliates, third party data providers, or publicly available sources.  Otherwise, we collect the information above from you.

Disclosures to third parties for business purposes.  We describe the categories of third parties to whom we disclose Personal Information described above for business purposes in the section of our Privacy Statement entitled How We Share Personal Data.

Business/commercial purposes for use.  We describe the business and commercial purposes for which we use the Personal Information described above in the section of our Privacy Statement entitled Data We Process & How We Use It.

This section describes our practices currently and during the 12 months preceding the ‘Last Updated’ date of this Statement.

California Shine the Light Law

Under California’s Shine the Light law, you may also ask companies with whom you have formed a business relationship primarily for personal, family or household purposes to provide the names of third parties to which they have disclosed certain personal information (as defined under the Shine the Light law) during the preceding calendar year for their own direct marketing purposes and the categories of personal information disclosed.  You may send us requests for this information to dataprivacy@vevomo.com.  In your request, you must include the statement “Shine the Light Request," and provide your first and last name and mailing address and certify that you are a California resident. We reserve the right to require additional information to confirm your identity and California residency.  Please note that we will not accept requests via telephone, mail, or facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.