Virtual Creative Studios. and our subsidiaries (collectively, “Virtual Creative Studios,””VCS”, “Vizzi”, “our,” “us” or “we”) recognize the importance of privacy. VCS is committed to protecting the personal information of our clients and prospective clients, as well as other users of our websites and services.
Categories of Personal Information Collected. Generally, we collect the following types of personal information:
Use of Personal Information. In general, we may use and disclose the personal information we collect for the following business and commercial purposes:
If you are a California resident, please be sure to review the section “Additional Information for Individuals in Certain Jurisdictions” below for important information about our privacy practices and your rights under California privacy laws, including your right to submit a “Do not sell my information” request which can be submitted at [email protected]
Introduction and Scope:
In this Policy, our use of the term “personal information” includes other similar terms under applicable privacy laws—such as “personal data” and “personally identifiable information.” In general, personal information includes any information that identifies, relates to, describes, or is reasonably capable of being associated, or reasonably linked or linkable with a particular individual.
Not Covered by Policy.
Controller and Responsible Party
For the purposes of the EU General Data Protection Regulation (the “GDPR”) and other relevant applicable laws (such as the UK Data Protection Act 2018 (“UK DPA”) and the Brazilian General Data Protection Law (the “LGPD”)), VCS is the controller of your personal information collected pursuant to this Policy. With respect to any Platform Data, our clients are the data controllers or businesses for their respective Platform Data, and we are a data processor or service provide, as defined under applicable privacy laws.
Information We Collect.
The personal information that we collect and process will vary depending upon the circumstances. You do not have to provide us with your personal information to access much of the Site. If you choose not to disclose certain information, you can still visit our Site, but you will not be able to create an account with us, you may be unable to access certain options and services, and we may be unable to fully respond to your inquiries.Information Collected Directly. We may collect personal information about you directly from you or from your company. For example, when you fill out a ‘Contact Us’ form, signup for our mailing lists, register for events we host or sponsor, or otherwise provide us information through the Site, we may collect personal information such as:
Purposes and Legal Bases of Use
Certain laws, including the GDPR, require that we inform you of the legal bases for our processing of your personal information. Pursuant to the GDPR (and other similar laws), we process personal information for the following legal bases:
- Performance of contract: as necessary to enter into or carry out the performance of our contract with you.
- Compliance with laws: for compliance with legal obligations and/or defense against legal claims, including those in the area of labor and employment law, social security, and data protection, tax, and corporate compliance laws.
- Our legitimate interests: in furtherance of our legitimate business interests, which are not overridden by your interests and fundamental rights, including:● Performance of contracts with clients and other parties
- With your consent: where we have your consent the GDPR (where it applies) and other applicable laws give you the right to withdraw your consent, which you can do this at any time by contacting us using the details at the end of this privacy notice. In some jurisdictions, your use of the services may be taken as implied consent to the collection and processing of personal information as outlined in this privacy notice.
In addition, we may process your personal information where necessary to protect the vital interests of any individual.
Purposes for Using Personal Information. The purposes for which we may process personal information will vary depending upon the circumstances. In general, we use personal information for the business and commercial purposes set forth below, and where the GDPR or other relevant laws apply, we have set forth the legal bases for such processing in parenthesis (see above for further explanation of our legal bases):
Aggregate, De-identified or Anonymous Data. We also create and use aggregate, anonymous and de-identified data to assess, improve and develop our business, products and services, and for similar research and analytics purposes. This information is not generally subject to the restrictions in this Policy, provided it does not identify and could not be used to identify a particular individual.
Disclosures of Personal Information
In general, we disclose the personal information we collect for the business and commercial purposes explained below:
Aggregate, De-identified or Anonymous data. We may share aggregate, anonymous or de-identified data with third parties for research, marketing, analytics and other purposes, provided such information does not identify a particular individual.
Cookies and Similar Devices
We and our third party service providers use “cookies,” pixels, java script, log files, and other mechanisms on the Site.
Cookies. A “cookie” is a small text file that may be used, for example, to collect information about website activity. Some cookies allow us to make it easier for you to navigate the Site, while others are used to enable a faster log-in process or to allow us to track your activities while using the Site. Most browsers allow you to control cookies, including whether or not to accept them, and how to remove them.
Clear GIFs, Pixel Tags and Other Technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags), in connection with our services to, among other things, track the activities users of our services, help us manage content, and compile statistics about usage of our services. We and our third party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Log Files. Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version, and internet browser type and version. This information is gathered automatically and stored in log files.
You many also use a preference manager to opt-out of third party advertising cookies or manage your cookie preferences on our Site. Please note, that your preferences are applied on a browser and device basis. So, you will need to set your cookie preferences for each browser and device you use to access our Site. Further, if you subsequently delete cookies, your preferences may be lost and need to be reset.
VCS is headquartered in the United States and has operations and service providers in the United States and throughout the world. As such, we and our service providers may transfer your personal information to, or access it in, jurisdictions (including the United States, the United Kingdom (“UK”) and the European Union (“EU”), Australia and Singapore) that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate written data processing terms and/or data transfer agreements.
If you are in the European Economic Area (“EEA”), and we process your personal information in a jurisdiction that the European Commission has deemed to not provide an adequate level of data protection (a “third country”), we will implement measures to adequately protect your personal information, such as putting in place standard contractual clauses approved by the European Commission or another measure that has been approved by the EU Commission as adducing adequate safeguards for the protection of personal information when transferred to a third country. You have a right to obtain details of the mechanism under which your personal information is transferred outside of the EEA; you may request such details by contacting us as set forth in the Contact Us section below.
Protection of Children’s Personal Information
VCS does not publish content that is targeted at children. The Site is not intended for minors under the age 16. We do not knowingly or specifically collect information about minors under the age of 16. If you believe we have unintentionally collected such information, please notify us as set out in the Contact Us section below.
Wherever your personal information may be held within VCS or on its behalf, we take reasonable steps to protect the personal information that you share with us from unauthorized access or disclosure, including, without limitation, restricting access to certain portions of our website through access controls, and using firewalls. Regardless of the precautions taken by us, VCS cannot ensure or warrant the security of any information you transmit to us, and you transmit such information at your own risk. You are responsible for all actions taken with your User ID and password, if any. Therefore, we recommend that you do not disclose your password to anyone. If you lose control of your password, you may lose substantial control over your personally identifiable information and may be subject to legally binding actions taken on your behalf.
Your Choices and RightsAccess, Amend and Correct. If you wish to access personal information that you have submitted to us, to request the correction of any inaccurate information you have submitted to us, or to request deletion of your information, please send your request to [email protected]. We will review your request and make reasonable efforts to respond to it as soon as practicable. We may ask you for additional information so that we can confirm your identity.
Direct Marketing. You may always opt-out of direct marketing emails. If you would like to unsubscribe from VCS email subscriptions or otherwise change your email preferences with VCS. We may continue to send you transactional or service-related communications, such as service announcements and administrative messages.
Complaints. We will take steps to try to resolve any complaint you raise regarding our treatment of your personal information. You also have the right to raise a complaint with the privacy regulator in your jurisdiction.
Additional Information for Certain Jurisdictions. In the section “Additional Information for Individuals in Certain Jurisdictions” below, we provide additional information as required under California privacy laws, as well as the GDPR, UK DPA and the LGPD. Users in California, the EEA, the UK, and Brazil should review this section for more information regarding their rights under these respective laws.
As a general rule, we retain your personal information for as long as necessary to fulfill the purposes for which it was collected or as necessary to comply with our legal obligations, resolve disputes, maintain appropriate business records, and enforce our agreements. In general, for example, we will retain relevant contact information of clients, prospective clients and Site visitors for three years from the date of our last interaction with you and in compliance with our obligations under applicable laws. Our clients instruct us on how long to retain Client Data, which we handle as a data processor. We may retain personal information for longer where required by our regulatory obligations, professional indemnity obligations, or where we believe necessary to establish, defend, or protect our legal rights and interests or those of others.
Changes to the Policy:
VCS may update this Policy to reflect new or different privacy practices or to reflect changes in industry standards or legal requirements. Revisions will be posted on our website. This statement of privacy is for the information of our users and does not constitute a contract or modification of any contract. When changes are made to this Policy, VCS will post a new version of this Policy here. If the changes will materially affect the way we use or disclose your personal information, we will endeavor to notify you in advance of the change, such as by sending a notice to the primary email address associated with your account or by posting a notice on the Site. We encourage you to periodically review this Policy for the latest information on our privacy practices.
ON24 welcomes your comments regarding this Policy. Please feel free to email us at [email protected] or via mail at Virtual Creative Studios, Attn: Privacy, 7110 Ambassador Road Windsor Mill MD 21244.
Additional Information for Individuals in Certain Jurisdictions
In this section, we provide additional information for California residents about how we handle their personal information, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”). This section does not address or apply to our handling of publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the CCPA.
1. Categories of Personal Information Under the CCPAWhile our collection, use and disclosure of personal information varies based upon our relationship and interactions with you, in this section we describe, generally, how we have collected and disclosed personal information about consumers in the prior 12 months.
2. Categories of Personal Information Collected and Disclosed. The table below identifies the categories of personal information (as defined by the CCPA) we have
collected about consumers, as well as how we have disclosed such information for a business purpose. For more information about the business and commercial purposes for which we collect, use and disclose personal information, please see the Purposes and Legal Bases and the Disclosures of Personal Information sections above.
Under the CCPA, a “sale” includes disclosing or making available personal information to a third-party in exchange for monetary compensation or other benefits or value. While we do not disclose personal information to third parties in exchange for monetary compensation, we may disclose or make available certain categories of personal information to third parties in order to receive certain benefits or services, such as when we make browsing information available to third party ad companies (through third party tags on our Sites) in order to improve and measure our ad campaigns and reach users with more relevant ads and content. As defined by the CCPA, we may “sell” Usage Data and Identifiers to third party advertising networks, social networks and data analytics providers.
Sources of Personal Information. As further described in the “Information We Collect” section above, we may collect personal information from the following sources:
1. California Residents’ Rights
CCPA Rights. In general, California residents have the following rights with respect to their personal information:
Submitting Verifiable Requests. Requests to Know and Requests to Delete may be submitted:
When you submit a request to know or a request to delete, we will take steps to verify your request by matching the information provided by you with the information we have in our records. You must complete all required fields on our webform (or otherwise provide us with this information via the above toll-free number) and verify your email address. In some cases, we may request additional information in order to verify your request or where necessary to process your request. If we are unable to adequately verify a request, we will notify the requestor. Authorized agents may initiate a request on behalf of another individual by contacting us as set forth in the Contact Us section above; authorized agents will be required to provide proof of their authorization and we may also require that the relevant consumer directly verify their identity and the authority of the authorized agent.
For more information about our privacy practices, you may contact us as set forth in the Contact Us section above.
Individuals in the European Union / European Economic Area / Brazil
Below, we inform about other rights, including the GDPR, the LGPD and similar applicable laws, that may apply to you. Subject to the conditions set out in the applicable law, individuals in in the EU/EEA, UK, and Brazil have the following rights regards our processing of their personal information:●
Submitting a GDPR or LGPD Request. Please contact us as set out in the Contact Us section above to exercise one of these rights. If we receive any requests from individuals related to the Platform Data, we will forward the request to the relevant clients.