Wistia, Inc. (“Wistia,” “we,” “us,” “our”) knows that our users (“you,” “your”) create marketing software, video series, and other educational and creative content. Our products permit our customers (“Customers”) to create and distribute videos, audio recordings, and other media (collectively, the “Media”) while also measuring viewer and user engagement with that Media. We care about how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn more about our Privacy Policy. By visiting or using the various websites owned and operated by Wistia under the wistia.com domain, including, without limitation, the https://wistia.com/ website (each, a “Website, and collectively, the “Websites”), accessing, listening to, or viewing Media hosted by Wistia and/or accessing or using any other functionalities, features, content, applications or services offered from time to time by Wistia in connection with the Websites or Media (collectively, the “Services”) in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent to our collection, use, and sharing of your information in the following ways.
I. What Does This Privacy Policy Cover?
This Privacy Policy covers our treatment of (1) personally identifiable information, as defined by numerous statutes in the United States (such statutes, the “PII Laws”), (2) information protected by the California Consumer Privacy Act (the “CCPA”) and the California Online Privacy Protection Act (“CalOPPA”), (3) personal information and private information, as defined by the New York Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act”); (4) personal data, as defined by the European Union General Data Protection Regulation (the “GDPR”), and (5) personal information, as defined by Canada’s Personal Information Protection and Electronics Documents Act (“PIPEDA,” and collectively with the PII Laws, CCPA, CalOPPA, the SHIELD Act, and GDPR, the “Privacy Laws”) (collectively, “Personal Information”), which we gather when you are accessing, viewing or using any of our Websites, Media and/or Services. This policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage. For our treatment of the Personal Information of students under the age of 16 (each such student, a “Student,” and collectively, “Students”) collected while providing the Services to public schools, charter schools, private schools, and other entities providing educational or tutoring services (collectively, “Schools” and each individually, “School”) providing such services to Students, please see Section X below and our School & Students Privacy Policy Addendum.
II. What Information Does Wistia Collect?
Wistia does not collect Personal Information indiscriminately. We limit the type of Personal Information and the amount of Personal Information to what is necessary to fulfill the purposes identified in this Privacy Policy. With that in mind, we collect the following types of information:
A. Information You Provide to Us:
We may collect Personal Information from you when you visit any of our Websites, register for or subscribe to any Media or Services, contact us with questions or concerns, and/or otherwise interact with the Websites, Media, or Services. For example, when you register for our Services, we may collect your name, phone number, user name or e-mail address in combination with a password or security question to access the Services, and payment card information. Similarly, you may provide information to your user profile or upload video, audio recordings, images, or other content to a Website. You can choose not to provide us with certain information, although that may affect the functionality of the Services.
B. Information Collected Automatically:
Whenever you interact with any of our Websites or Media, we automatically receive and record information on our server logs from your browser including data related to Media viewing, listening to, or accessing (including when you stop and start Media, how many and which Media of a particular Customer you watched, and how many times you watched, listened to, or accessed particular Media), data related to use of Services, IP address, “cookie” information, and the page you requested. “Cookies” are identifiers we transfer to your computer or mobile device that allow us to recognize your browser or mobile device and tell us how and when pages in our Website are visited and used and by how many people. You may be able to change the preferences on your browser or mobile device to send “do not track” signals or to prevent or limit your computer or device’s acceptance of cookies, but this may prevent you from taking advantage of some of our Website’s features. If you click on a link to a third party website, such third party may also transmit cookies to you. This Privacy Policy does not cover the use of cookies by any third parties.
C. E-mail and Other Communications:
We may contact you, by email or other means; for example, we may send you promotional offers on behalf of other businesses, or communicate with you about your use of any of the Websites. When we do this, we may receive a confirmation when you open an email from us. This confirmation helps us make emails more interesting and improve our service. If you do not want to receive email or other mail from us, please indicate your preference by visiting our email preference page. Please note that if you do not want to receive legal notices from us, those legal notices will still govern your use of the Websites, and you are responsible for reviewing such legal notices for changes.
D. Information Purchased from Third Parties:
Wistia may purchase from third parties, like Clearbit, Personal Information about users who provide their email address or register for the Services, using the Personal Information those users provide as the basis to obtain further Personal Information. This information may include names, titles, companies, and firmographic information. Wistia may retain YouTube API Services to provide aggregate, statistical information about the access to, views of, and use of Media that Customers post to YouTube; Personal Information generated automatically by your access to, views of, and use of Media may be aggregated and included in that statistical information.
E. Special Categories of Personal Information:
Except as otherwise stated in this Privacy Policy, we do not knowingly collect special categories of Personal Information, including (1) Personal Information revealing racial or ethnic origin, political opinion, religious or philosophical beliefs, or trade union membership, and (2) genetic data, biometric data, data concerning health, and data concerning a natural person’s sex life or sexual orientation. Where we collect and use such information as a controller (as defined in the GDPR), we will provide you with a form explaining the collection of such Personal Information and requesting your informed consent. Where we collect and use such information as a processor (as defined in the GDPR), we rely on the controller to obtain your informed consent.
F. Personal Information Wistia Has Collected in the Last 12 Months:
Wistia has collected the following categories of Personal Information in the 12 months immediately preceding the Effective Date of this Privacy Policy, listed at the bottom of this document: names; contact information; payment card information; IP addresses; geographic location (inferred from IP addresses, as descried in Section III below); browser information; device information; information related to the use of the Websites, Media, and Services; email confirmations; user name or e-mail address in combination with a password that would permit access to the Services; the content of communications; user profile information and submissions; job titles; employers; and firmographic information. Please see the other portions of Section II above for an explanation of the categories of sources from which we collect the information described in the previous sentence. The business purposes of this information are described in Section III below. The categories of third parties we share this information with are described in Section IV.
III. What Does Wistia Do With Personal Information?
We may use Personal Information (including: names; contact information; IP addresses; geographic location; browser information; device information; information related to the use of the Websites, Media, and Services; email confirmations; the content of communications; user profile information and submissions; job titles; employers; and firmographic information) to personalize and improve our Services, to administer and improve our Media and Websites, to allow our users to set up a user account and profile, to contact users, to fulfill your requests for certain products and services, to analyze how users utilize the Websites, and as otherwise set forth in this Privacy Policy. We use user name or e-mail address in combination with a password to protect user accounts. We may use payment card information to process payments to Wistia. We may use IP addresses to infer your geographic location. We may use Personal Information (including: names; contact information; payment card information; IP addresses; geographic location; browser information; device information; information related to the use of the Websites, Media, and Services; email confirmations; user name or e-mail address in combination with a password that would permit access to the Services; the content of communications; user profile information and submissions; job titles; employers; and firmographic information) to operate, maintain, develop, and grow Wistia. We may share certain types of Personal Information with Customers and other third parties (as described in this Section and in Section IV below), including: names; contact information; payment card information (in order to process payments to Wistia); IP addresses; geographic location; browser information; device information; information related to the use of the Websites, Media, and Services; email confirmations; user name or e-mail address in combination with a password that would permit access to the Services; the content of communications; user profile information and submissions; job titles; employers; and firmographic information. At times, we may anonymize your Personal Information so that you cannot be individually identified, and provide that information to our partners. When we collect IP addresses, geographic location, browser information, device information, information related to the use of the Websites, Media, and Services, we may also use such information in two ways. First, we may use such information in aggregate form, and not in a manner that would identify you personally. For example, this aggregate information tells us how often users use parts of a Website, so that we can make such Website appealing to as many users as possible. We may also provide this aggregate information (including the aggregate statistical information obtained fromYouTube API Services) to our partners; our partners may use such information to understand how often and in what ways people use our Websites, so that they, too, can provide you with an optimal experience. In addition, we may also provide Customers with the information listed above so that they may (i) assess, improve, and develop the Media that they make available through the Websites and Services, and (ii) use their Media to maintain and grow their organizations. Such information may include how many and which Media of a particular Customer was watched by a particular user, from where particular Media was watched, listened to, or accessed by a particular user and how many times particular Media was watched, listened to, or accessed by a particular user.
V. What Is Wistia’s Legal Basis for Collecting and Using Your Personal Information?
As relevant, Wistia collects and uses your Personal Information (1) pursuant to your informed consent, which you have granted by confirming the prompts produced by the Websites and by continuing to use the Websites, Media, and Services, consistent with the Privacy Policy and Wistia’s terms of use, (2) in order to pursue Wistia’s legitimate business interests in hosting the Media, providing the Services, and maintaining the Websites, and/or (3) in order to perform a contract to which you are a party. Any one or more of the bases in the previous sentence are the legal basis for Wistia’s collection and use of your Personal Information, depending on how your use of the Websites, Media, and Services, and your relationship with Wistia.
Where individuals appear in Media, Wistia relies on the Media creators to obtain the necessary legal basis for the collection and use of those individuals’ Personal Information.
For further information about the specific legal basis or bases permitting Wistia to collect and use your Personal Information, please contact Wistia at [email protected] or
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
VI. How Long Does Wistia Retain Your Personal Information?
Except upon the request of an individual, as explained in Section VII below, and except as the law permits and requires, Wistia maintains Personal Information as follows: a. Logs of unknown users of the Websites are retained for 30 days before deletion. b. Logs of known users of the Websites are retained while Wistia has reason to believe that particular user may return to use the Websites. c. Emails submitted and used for marketing are retained while Wistia pursues relevant marketing efforts. d. Media is hosted and stored for the life of the relevant Customer account, plus up to three years. Other than as listed above, we will determine the retention period for Personal Information based on the following criteria:
- The nature of our relationship with the relevant Customer;
- The existence of other ongoing or expected projects with the relevant Customer;
- The nature of the Personal Information in question; and
- Our business needs.
VII. What Are Users’ Rights to Control Their Personal Information?
Except where permitted or required by law (including, but not limited to, compliance with a legal obligation, to further a public interest, and establishing and/or exercising a legal claim or defense), you have the following rights regarding Wistia’s collection and use of your Personal Information.
A. Requests to Wistia:
You may request (1) the correction, updating, deletion, or restriction of collection and use of your Personal Information, (2) the categories of Personal Information Wistia has collected, (3) the categories of sources from which Wistia has collected your Personal Information, (4) the business purpose(s) for collecting and disclosing your Personal Information, (5) an account of how Wistia has used or is using your Personal Information, (6) a copy of your Personal Information retained by Wistia, to be delivered in a structured, commonly used and machine readable format to review or to transfer or transmit to another entity without hindrance, to the extent that that is technically feasible, (7) the categories of third parties with whom Wistia shares your Personal Information, (8) the categories of Personal Information which we share with third parties, and the contact information for such affiliates and/or third parties, (9) a list of all third parties that have received your Personal Information from Wistia, and (10) the specific pieces of Personal Information Wistia has collected about you.
We will respond to all such requests within 30 days, subject to lawful extension of that period, and there may be a delay in processing a request while we verify that the request is valid and originates from you as opposed to an unauthorized third party. Our verification process varies based on the source and nature of the request, but may include: comparing data in the request against Personal Information we retain; contacting you using other contact information; and requesting further information, although we will avoid doing so to the extent possible. To the extent permitted by the Privacy Laws, Wistia retains the right to deny any request if we cannot verify that it originated from you.
If you request that your Personal Information be deleted or that we restrict our disclosure of your Personal Information such that we cannot provide that information to third parties we rely on to provide Websites, Media, and Services, we reserve the right to terminate and/or limit your access to the Websites, Media, and Services. If we do not have your Personal Information, have not collected your Personal Information, or have not disclosed or transferred your Personal Information to another party, we will inform you in response to a request regarding your Personal Information.
In order to make any of the requests above, please follow the following directions:
- Requests for (a) the categories of Personal Information Wistia has collected, (b) the categories of sources from which Wistia has collected your Personal Information, (c) the business purpose(s) for collecting and disclosing your Personal Information, (d) the categories of third parties with whom Wistia shares your Personal Information, (e) the categories of Personal Information which we share with third parties, and the contact information for such affiliates and/or third parties, (f) the specific pieces of Personal Information Wistia has collected about you, and (g) a copy of your Personal Information retained by Wistia, to be delivered in a structured, commonly used and machine readable format to review or to transfer or transmit to another entity without hindrance, to the extent that that is technically feasible, may be sent to us at the following link:
https://wistia.com/data-request
or by contacting us at:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
(888) 494–7842
[email protected]
- All other of the above requests may be made by contacting us at the following link:
https://wistia.com/data-request
Or by sending requests to:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
[email protected]
When you update information, we may maintain a copy of the unrevised information in our records. Please note that some information may remain in our private records after your deletion of such information from your account. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally.
B. YouTube API Services:
If you create and log into a Wistia account using a username or email and password combination, you can revoke Wistia’s access to the information Wistia obtains from YouTube API Service that is derived from your use of the Services and access to Media. You may exercise this right at the Google security settings page, https://security.google.com/settings/security/permissions
C. Authorized Agent:
You may authorize an agent to request information about your Personal Information, to request that Wistia delete your Personal Information, and to opt out of the sale of your Personal Information. In order to do so, you must provide written permission to the authorized agent and written notice to Wistia that Wistia may act on requests for information, deletion, and opting out of sales submitted to Wistia by the agent on your behalf.
D. Withdrawal of Consent:
You may withdraw your consent at any time by contacting us at:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
[email protected]
Or you may contact us by completing the form at the following link: https://wistia.com/data-request
Please be aware that such withdrawal does not affect the lawfulness of Wistia’s use of your Personal Information before such withdrawal. We reserve the right to terminate and/or limit your access to the Websites, Media, and Services in the event that you withdraw your consent.
E. “Do Not Sell My Personal Information”:
Other than providing Personal Information to Customers as described in Section IV.A above, Wistia does not sell Personal Information as the CCPA defines “sell.” You may opt out of Wistia’s disclosure of your Personal Information to Customers by completing the form at the following link: https://wistia.com/data-request
You may also opt out of the disclosure of your Personal Information to Customers by contacting us via any of the following contact information:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
[email protected]
Your authorized agent may opt out of the disclosure of your Personal Information to Customers pursuant to the terms of Section VII.B above.
We will act upon any request to opt out of all sales of your Personal Information within 15 days of receiving your request. We will notify all Customers to whom we have disclosed your Personal Information of your request within 90 days of receiving your request and will inform you when we have done so. If you exercise your right to opt out of the disclosure of your Personal Information to Customers, Wistia will cease disclosing your Personal Information to Customers as of the date Wistia receives the form at the link above.
Wistia will not contact you about opting in to disclosing your Personal Information for at least 12 months following receipt of the form.
Please see Section VIII for an explanation how opting out of the disclosure of your Personal Information to Customers may affect service differences offered by Wistia.
F. Object or Challenge:
You may object, on grounds relating to your particular situation, at any time to the collection and use of your Personal Information based on Wistia’s legitimate interests or based on public interests, or otherwise challenge our compliance with the Privacy Laws, by contacting us at:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
[email protected]
Or by completing the form available at the following link:
https://wistia.com/data-request
Wistia shall respond within at least 30 days, subject to lawful extension of that period. Where such objection is received from an individual whose Personal Information Wistia collects and uses as the processor for a controller (as those terms are defined in the GDPR), Wistia shall inform the controller of the objection within at least 30 days, subject to lawful extension of that period.
G. Lodge a Complaint:
Regulatory authorities that oversee the Privacy Laws advise individuals to file an objection or challenge with the relevant company before lodging a formal complaint with a regulatory authority. If you are dissatisfied with Wistia’s response to an objection or challenge filed under Section VII.E above, or you if wish to file a complaint with a regulatory authority first, you may do so as follows:
Under PIPEDA:
You may file a complaint with the Office of the Privacy Commissioner of Canada.
Under GDPR:
You may file a complaint with a supervisory authority in the relevant European Union member state.
Under PII Laws:
You may file a complaint with the relevant state’s Attorney General’s office.
Under the CCPA:
You may file a complaint with the California Attorney General’s Office, although please note that the rules governing the CCPA and the formal complaint mechanism have yet to be established.
Please note that the links above are subject to change by the relevant regulatory authorities and that you may need to go to another site or contact the relevant authority in another way in order to properly file a complaint.
H. Prohibit Automated Processing:
At your request, Wistia will terminate any automated decision making that is the sole source of decisions that produce a legal effect concerning you or similarly significantly affect you. Please note that consistent with Section XIII, Wistia does not employ any such decision making at this time.
I. Accessibility for Users with Disabilities:
If you are unable to review this Privacy Policy or any portion of this Policy, please use the following information to contact us and request an alternative format:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
[email protected]
J. Non-Discrimination:
Wistia will not discriminate against you because you have exercised any of the rights above or any other rights you retain pursuant to Privacy Laws, including, but not limited to by:
- Denying goods or services to you;
- Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
- Providing a different level or quality of goods or services to you; and__
- Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Consistent with Privacy Laws, Wistia: (i) retains the right to charge you a different price or rate, or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to Wistia by your Personal Information; (ii) may offer financial incentives, including payments to you as compensation, for the collection, disclosure, or deletion of your Personal Information; (iii) may enter you into a financial incentive program only if Wistia clearly describes the material terms of the financial incentive program, so long as you give Wistia prior opt-in consent, which you may revoke at any time; and (iv) shall not use financial incentive practices that are unjust, unreasonable, coercive, or usurious in nature. Please see Section VIII for an explanation of Wistia’s service differences.
VIII. What Are Wistia’s Service Differences?
Wistia does not offer any financial incentives for providing your Personal Information. However, there are some service differences when users create an account and provide the necessary Personal Information to do so. Although much Media and parts of the Services may be used and accessed without providing your Personal Information, other Media, portions of Media, and parts of the Services require users to create and log in to a Wistia account. In doing so, you will provide us with a user name or e-mail address and a password. In return we will permit access to Media and Services that are not viewable or accessible to anonymous users. By creating and logging into an account, you will provide your name and contact information, in addition to your username or email and password combination. Per the terms of this Privacy Policy, you will also permit Wistia to automatically collect, use, and share IP addresses, browser information, device information, and information related to the use of the Websites, Media, and Services. Wistia will also collect, use, and share any information you voluntarily provide in your communications to us, your user profile, and other user-generated submissions and content, consistent with the terms of this Privacy Policy. Consistent with the CCPA, this service difference represents Wistia’s good-faith calculation of how one individual’s Personal Information increases the value of the data we provide to Customers, on average. We calculate this value in conjunction with Customers by comparing the utility of the data collected anonymously against the utility of the Personal Information collected from identified users.
Once you have opted in to this incentive program by creating an account, you may opt-out of this incentive program at any time by deleting your account and/or contacting us at:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
[email protected]
Or by completing the form at the following link:
https://wistia.com/data-requestIn light of the value Wistia derives from your Personal Information, if, after creating a Wistia account, you exercise your right to request that Wistia delete your Personal Information or to opt out of the sale of your Personal Information, you will not be able to access some Media and parts of the Services, as described above, because we will not be able to provide that Personal Information to our Customers. However, other requests to exercise your data privacy rights that do not affect Wistia’s ability to provide data to our Customers will not affect such access.
IX. Is Personal Information About Me Secure?
We employ appropriate administrative, organizational, technical, and physical measures to protect your Personal Information, which we regularly review and update as necessary. Further information follows. Your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password and/or other sign-on mechanism appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account. We endeavor to protect the privacy of your account and other Personal Information we hold in our records, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. The Websites may contain links to other sites. We are not responsible for the privacy policies and/or practices on other sites. When following a link to another site you should read that site’s privacy policy.
X. Children’s Privacy
Except when providing the Services to Schools that provide educational and tutoring services to Students, we do not knowingly collect or solicit personal information from anyone under the age of 16 or knowingly allow such persons to register for the Services. For further information regarding our treatment of Personal Information of Students collected while providing the Services to Schools, please see our School & Students Privacy Policy Addendum. Otherwise, if you are under 16, please do not attempt to register for the Services or send any information about yourself to us, including your name, telephone number, or email address. No one under age 16 may provide any Personal Information to us or through the Services except when doing so as part of receiving educational or tutoring services from a School. In the event that we learn that we have collected Personal Information from a child under age 16 without the involvement of a School or without verification of parental consent, we will delete that information as quickly as possible, except as provided below. If you believe that we might have any information from or about a child under age 16 who did not provide such information through a School’s use of the Services, please contact us at:
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA
(888) 494–7842
[email protected]
Except for Students’ Personal Information obtained while providing the Services to a School, upon request, we will provide a parent or guardian who has provided proper identification with the following: (1) a description of the specific types of Personal Information collected from the child, (2) the opportunity to refuse or permit Wistia’s further collection and use of Personal Information from the child, and (3) a reasonable means for the parent or guardian to obtain any Personal Information collected from the child. If a parent or guardian does not permit Wistia’s continued collection and use of a child’s Personal Information, Wistia will delete the child’s Personal Information and terminate the account of the child, as applicable.
XI. Contractual or Statutory Requirement
Except as noted in this Privacy Policy or in contractual documents, Wistia’s collection and use of Personal Information is not a contractual or statutory requirement or a requirement necessary to enter into a contract.
XII. Failure to Provide Personal Information
You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our special features.
XIII. Automated Decision Making
Wistia does not rely on automated decision making, including profiling, and will not subject you to decisions based solely on automated processing which will produce legal effects concerning you or similarly significantly affecting you.
XIV. EU-US and Swiss-US Privacy Shield
We comply with the EU-US and Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries and Switzerland. We have certified that we adhere to the Privacy Shield principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability. If there is any conflict between this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
In addition to self-assessment, as a participant in the EU-US and Swiss-US Privacy Shield program, we are subject to the investigatory and enforcement powers and authority of the U.S. Federal Trade Commission with respect to maintenance of, and adherence to, this Privacy Policy.
In compliance with the EU-US and Swiss-US Privacy Shield Principles, we commit to resolve complaints about your privacy and our collection or use of your Personal Information. European Union and Swiss individuals with inquiries or complaints regarding this Privacy Policy should first contact us as directed in the Contact Information clause of this Privacy Policy.
We have further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
As a last resort and under certain limited and prescribed circumstances and conditions, you have the right to invoke a “last resort” binding arbitration process between you and us to resolve a dispute related to our collection, use or disclosure of your Personal Information.
In particular, we will maintain compliance with the Privacy Shield principles by adhering to the following practices:
Notice
When we collect your Personal Information, we’ll give you timely and appropriate notice describing what Personal Information we’re collecting, how we’ll use it, and the types of third parties with whom we may share it. This Privacy Policy serves as such notice, and any changes to our collection, use or disclosure of your Personal Information will be reflected in revisions to the Privacy Policy posted on our Websites.
Choice
As established and described in this Privacy Policy, we’ll give you choices about the ways we use and share your Personal Information, and we’ll respect the choices you make.
Accountability for Onward Transfer
If we transfer your Personal Information to another country, we may remain liable and will take appropriate measures to protect your privacy and the Personal Information we transfer.
Security
We’ll take appropriate physical, technical, and organizational measures to protect your Personal Information from loss, misuse, unauthorized access or disclosure, alteration, and destruction, as further-specified in the Is Personal Information About Me Secure? clause of this Privacy Policy.
In certain situations, Wistia may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Data Integrity and Purpose Limitation
We’ll collect only as much Personal Information as we need for specific and identified purposes, and we won’t use it for other purposes without obtaining your consent. We’ll take appropriate steps to make sure the Personal Information in our records is accurate.
Access
If you wish to confirm the accuracy of your Personal Information or have it removed from our systems and records, you may contact us at the email address, telephone number or postal address provided in the Contact Information clause of this Privacy Policy.
Recourse, Enforcement, and Liability
We’ll regularly review our continued adherence to our privacy obligations, and we’ll provide and maintain the independent mechanism specified in this Privacy Policy as a way of resolving complaints or concerns about our privacy practices. Further, we acknowledge our potential liability for misuse of your Personal Information by us or our third-party service providers and agents, as further set forth in this Privacy Policy.
XV. Changes to this Privacy Policy
We may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make changes in the way we use Personal Information, we will notify you by posting an announcement on our Website or sending you an email. You are bound by any changes to the Privacy Policy when you use the Website after such changes have been first posted.
XVI. Questions or Concerns; Contact Information
If you have any questions or concerns regarding our privacy policies, please contact our data protection officer by sending detailed message to [email protected]. Alternatively, you may contact us by postal service as follows. We will make every effort to resolve your concerns.
Attention: Data Protection Office
Wistia, Inc.
120 Brookline Street
Cambridge, Massachusetts, 02139 USA