LEGAL

INFORMATION PRACTICES - BY CATEGORY

Our collection, use and sharing practices for our business purposes are the same for all Prospective Customers, regardless of their residency. By category, that breaks down to:

• Identifiers;
• Contact information;
• Commercial information;
• Internet activity from our Websites;
• Professional information; and
• Approximate location.

YOUR RIGHTS TO YOUR PERSONAL INFORMATION

For those individuals that would like more information on the specific information collected about them, you have the ability to request:

• That we provide details about the categories of personal information we collect about you, including how we collect and share it;
• The correction or deletion of personal information we collected from you;
• That we provide you access to the personal information we collected from you; and
• To contact us if there are any questions, comments or requests in connection with our Privacy Policies.

California residents also have the right to opt out of “sales” or “sharing” of their personal information. We do not “sell” personal information as most people would typically understand that term. However, we do allow certain unaffiliated partners and service providers to collect information about users directly through our Website for purposes of analyzing and optimizing our Website and ads, providing content more relevant to you, measuring statistics and the success of ad campaigns, and detecting and reporting fraud. You can opt out of any potential sharing or sales at the link below:

where you can exercise your rights to opt-out of cookies, analytics and personalized advertising. You can also opt out of non-essential cookies through the cookie consent portal that pops up when you reach our Websites. To learn more about cookies, please visit our Privacy Controls section.

SUBMITTING A REQUEST

To exercise a data right, please complete the "Privacy Request" webform. You will, at a minimum, need to provide the following: your name, business or other email address, company name and country, and if applicable, state of residence, as well as your request type and your relationship to Brightcove. We will use your email and mobile phone number to verify your identity. We will not use your mobile number other than to assist in processing the request or in any other way you’ve previously permitted us to use it. We will process any requests within a reasonable period of time, and in any case in accordance with applicable law.

Where Brightcove receives a request from a Customer’s Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

You can designate an authorized agent to make a data-rights request on your behalf. Authorized agents can submit requests on behalf of another individual by completing the "Privacy Request" form.

For the previous calendar year, Brightcove has received:

• 0 Requests to Know or Access;
• 0 Requests to Delete;
• 0 Requests to Correct; and
• 557 Requests to Opt-Out for all users in the United States (we do not segregate by State).
• The mean number of days it took Brightcove to respond to 0 requests was 0. For opt out requests, the mean was 1 day.

The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the sharing of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share personal information with third parties for their own direct marketing purposes.

The personal information we collect from Nevada consumers and how it is processed is the same as that collected for all Prospective Customers generally. Please review those sections in this Privacy Policy. We also require any service providers we use to process any personal information we share in connection with Brightcove Services and operations to restrict their use of the information to providing the Brightcove Services and acting on our behalf. Otherwise, we will only provide information to third parties if you direct us to or as required by law. We do not “sell” personal information as defined under Nevada privacy laws.

COLLECTION AND USE NOTICE

Our collection, use and sharing practices for our business purposes are the same for all Prospective Customers, regardless of their residency. By category, that breaks down to:

• Identifiers;
• Contact information;
• Commercial information;
• Internet activity from our Websites;
• Professional information; and
• Approximate location.

The categories of third parties with whom the above information is shared includes:

• Cloud service providers;
• Content syndicators;
• Marketing automation platforms;
• Analytics providers;
• Consent management platforms;
• Security & monitoring tools;
• Email and mail delivery services;
• Computing services;
• Consulting firms; and
• Chatbots.

YOUR RIGHTS TO YOUR PERSONAL DATA

For those individuals that would like more information on the specific information collected about them, you have the ability to request:

• Confirmation that we're processing your personal data, and to access it;
• That we delete the personal data you've provided to us;
• A copy of the personal data you've provided in a portable format, if that is technically feasible; and
• To opt out of the sale and processing of your personal data for targeted advertising. Brightcove does not process sensitive data as defined under the law, and therefore does not offer an opt out from such processing.

SUBMITTING A REQUEST

To exercise your data rights to access, deletion or portability, please complete the webform located here. You will, at a minimum, need to provide the following: your name, business or other email address, company name and country, and if applicable, state of residence, as well as your request type and your relationship to Brightcove. We will use your email and mobile phone number to verify your identity. We will not use your mobile number other than to assist in processing the request or in any other way you've previously permitted us to use it. We will process any requests within a reasonable period of time, and in any case in accordance with applicable law.

Where Brightcove receives a request from a Customer's Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

To exercise your right to opt out of the sale and use of your personal data for targeted advertising, please use this link:

You can also opt out of non-essential cookies through the cookie consent portal that pops up when you reach our Websites. To learn more about cookies, please visit our Privacy Controls section.

INTERNATIONAL TRANSFERS

When you use our Website or voluntarily submit requests for information or otherwise engage with us online, that personal information may be transferred to the United States, where our primary processing facilities are located. There is no adequacy decision yet for the United States. However, we have conducted an evaluation of transfers to the United States, and believe that the risk to your privacy in this context is low or nonexistent. As such, we rely on the consent you give when you directly submit your information to us, and otherwise rely on the legitimate interest derogation available under the GDPR for interactions that are not continuous and are necessary to provide the requested information and services on our Websites. We do not transfer sensitive personal information.

If you object to this transfer, please do not use our Website and do not submit your personal information to us. If you would like to withdraw your consent for further processing of information already provided to us, you can do so by following the instructions in the Data Rights Requests section.

COOKIES AND OTHER TECHNOLOGIES

This Website sets cookies and other similar technologies. Users coming in from an IP address associated with the EEA/UK region will receive a consent based pop-up that will enable users to accept, reject or manage their cookies preferences. You can learn more about our cookie policy and positions, as well as opt out of targeted advertising within the Cookie Choices and Advertising Policy section.

Brightcove has developed a comprehensive compliance program for its EEA, Swiss and UK Customers and their Viewers. In addition to the disclosures in these Privacy Policies, we have provided links to key documentation that outlines our processing activities, data transfer practices and Brightcove’s stance on government requests, to make it easy for our Customers to comply with their own obligations as Controllers when using Brightcove Services in those regions.

COLLECTION BASIS

We collect and process personal data where it is necessary to satisfy a contract with our Customers or Service Providers, to comply with our legal obligations, for our legitimate business purposes or with your consent. Where the term “personal information" is used in these Privacy Policies it covers the same type of information as “personal data,” as that term is defined in the General Data Protection Regulation (“GDPR”).

DATA PROCESSING AGREEMENTS

We only process Customer and Viewer personal data in accordance with the terms of a data protection agreement, entered into in each instance by Brightcove and the Customer, that limits the processing in accordance with your instructions and as necessary to provide the services, for our legitimate business interests and in the other ways permitted by law. You can review our standard data processing addendum. To learn more about how we treat and transfer personal data we receive from Customers.

We are also transparent about our use of subprocessors, which are also contractually obligated to protect your personal data under these standards. Those subprocessors are listed on the Services Subprocessors page, where you can also sign up to receive alerts whenever we add any additional service providers to the list.

INTERNATIONAL TRANSFERS

Brightcove is certified under the EU-U.S. Data Privacy Framework and the UK Extension to the Data Privacy Framework and processes personal data in line with our obligations and Data Privacy Framework principles, including purpose limitations, data minimization and providing a direct means of dispute resolution. For further information, please see our Data Privacy Framework Notice below. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

For those transfers of personal data that are not covered by the Data Privacy Framework, Brightcove relies on the most recent versions of the European Commission Standard Contractual Clauses as a transfer compliance mechanism to transfer personal information collected in the EEA, Switzerland and UK.

We have also conducted a transfer impact assessment (“TIA”) for transfers to the United States, where our primary processing takes place for transfers out of the EEA/UK/Swiss region. This TIA takes into account the personal information involved and the laws of the importing country around government access to that information. We will continue to compile TIAs for any countries which do not have adequacy or qualified state status. We monitor any changes in the law that may impact this assessment and will update the TIAs accordingly. Our TIAs are available for Customers or Prospective Customers upon request.

GOVERNMENT REQUESTS

Brightcove may be required to disclose personal data in response to lawful requests by public authorities, including disclosures necessary to meet national security or law enforcement requirements, or pursuant to judicial orders.

FISA Warrant Statement

Only “electronic communication service providers,” within the meaning of 50 U.S.C § 1881(b)(4) are subject to an order for “Upstream” surveillance under Section 702 of the U.S. Foreign Intelligence Surveillance Act (“FISA”) – the type of order that was of principal concern to the Court of Justice of the European Union in the Schrems II decision. In practice, the U.S. government uses “Upstream” orders only to target traffic flowing through internet backbone providers that carry traffic for third parties (i.e., telecommunications carriers). For more information see Privacy and Civil Liberties Oversight Board, Report on the Surveillance Program Operated Pursuant to Section 702 of the Foreign Intelligence Surveillance Act (July 2, 2014) pp. 35-40, available at https://fas.org/irp/offdocs/pclob-702.pdf. Brightcove does not provide such backbone services, as we only handle traffic involving our own Customers, so “Upstream” orders are inapplicable to Brightcove.

Brightcove also does not process personal data that is within scope of a FISA 702 order. The Department of Commerce was clear that companies that transfer personal data involving commercial information like employee, customer or sales records, could have no basis to believe intelligence agencies interpret the law to ever seek to collect that data. For more information see Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II(Sept. 2020) pp.2-3, 6, available at https://www.commerce.gov/sites/default/files/2020-09/SCCsWhitePaperFORMATTEDFINAL508COMPLIANT.PDF

DATA RIGHTS REQUESTS

Customers may have certain rights to their personal data, namely:

• Access;
• Correction;
• Erasure/deletion;
• To object to processing for direct marketing purposes;
• To withdraw consent for data collected based on your consent and not for any other lawful basis;
• To restrict processing; and
• To portability in a commonly used and machine-readable form.

Where Brightcove receives a request from a Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

Certain Brightcove Services offer Customers self-service options in the Administrator (or similar) mode of their accounts at no additional cost, including the ability to access, download and export your Viewer data, delete Viewer data and restrict the use of that data. Before you exercise your options, please be aware that deletion of Viewer data is irreversible. If you need further instructions on how to access and use those features, or if you use other Brightcove products and services that may not include these self-service options, please reach out to your customer success representative with your request.

Please keep in mind that when you ask us for your personal data or ask us to delete it, we may need to retain or withhold some of the information for security or legal reasons. For instance, we need Customer and Customer Usage data to maintain your account and requested services. That means if you ask us to delete that information, we may not be able to continue providing those services or products.

To exercise a data right, on your own behalf (as a Customer) or on behalf of a Viewer, please contact Support or privacy@brightcove.com with the Subject Line: GDPR Data Rights Request. Within the request, please provide the following: your name, corporate email, company name and country and, if applicable, state of residence. We will process any requests within a reasonable period of time, and in any case in accordance with applicable law.

There is also the right to lodge a complaint with your local supervisory data protection authority (“DPA”) if you believe our processing is inconsistent with the applicable data protection laws. You need to lodge any such complaint directly with the relevant DPA.

If you utilize a Payment Service for payments related to Brightcove Services, please contact us at privacy@brightcove.com, and note in your email that you would like Brightcove to facilitate the correction or deletion of your personal data with the Payment Service.

Accuracy of data is very important to us. Customers should ensure that any information provided to us is up-to-date and Customers may correct information by either logging into their Customer account or by contacting Brightcove’s customer support team. In certain situations, Customers may need assistance from customer support in making a change. We will respond to requests to make changes to Customer records as soon as reasonably practicable. We may require Customer representatives to verify their identity before granting access to, or agreeing to update, correct or delete personal data belonging to Customers.

EU-U.S. DATA PRIVACY FRAMEWORK NOTICE

We have certified our compliance with the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and the UK Extension to the Data Privacy Framework (collectively, the “Data Privacy Framework”) with respect to the Personal Data of users of the Website who are residents of the European Union (“EU”), European Economic Area (“EEA”), the United Kingdom and Switzerland that we receive and process through the Website. We certify that we adhere to the Data Privacy Framework principles of notice, choice, onward transfer, security, data integrity, access and enforcement (the “Data Privacy Framework Principles”) for Personal Data of users of the Website in the countries participating in the Data Privacy Framework. We are responsible for the processing of personal data we receive under the Data Privacy Framework and subsequently transfer to a third party agent, and may be liable for onward transfers in violation of the Data Privacy Framework Principles. Our certification is available here. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. Brightcove’s commitments under the Data Privacy Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

If you are a resident of a country participating in the Data Privacy Framework, you may direct any questions or complaints concerning our Data Privacy Framework compliance to our Data Privacy Framework and Data Protection Contact listed below. We will work with you to resolve your issue.

Your Data Privacy Framework and Data Protection Contact for the personal data that we process in connection with the Website is:

Brightcove Inc.
Attn: Chief Privacy Officer
281 Summer Street
Boston, MA 02210
Phone: +1 617 500 4947
privacy@brightcove.com

If you have not received a timely or satisfactory response to your concern relating to data processed under the Data Privacy Framework, you may contact our U.S.-based dispute resolution provider, at no cost to you, at https://feedback-form.truste.com/watchdog/request. If neither Brightcove nor our independent dispute resolution provider resolves your complaint, you may have the right to invoke binding arbitration through the Data Privacy Frameworkield panel. However, prior to initiating such arbitration, a resident of a country participating in the Data Privacy Framework must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from our designated independent dispute resolution provider; and (3) contact the U.S. Department of Commerce (either directly or through a European DPA) and afford the Department of Commerce time to attempt to resolve the issue. If a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Pursuant to the Data Privacy Framework, the arbitrator(s) may impose only individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Data Privacy Framework Principles with respect to the resident.

DIGITAL SERVICES ACT DISCLOSURES

Your use of Brightcove Services to disseminate content and videos is subject to the General Terms and Conditions found here (the “Terms”). The Terms outline restrictions on use, what content is prohibited and how you can report illegal content.

We will review each properly submitted report in a timely manner, and typically within 24-48 hours. Brightcove will review your report for procedural propriety, such as DMCA notice requirements (as outlined in the Terms), and if those legal requirements are met, the video will be deactivated and the title deleted, with a copy created until review is complete. Brightcove will then provide the report to the offender with instructions on applying for restored access. The reporter will also be notified that the video is being reviewed. Any appeals of the decision are referred to the Brightcove legal team.

If, after following the proper reporting procedures, you have not received a timely or satisfactory response to your concern relating to content removal or suspension or termination of your account due to your violation of the Terms, you may (but do not have to) contact our U.S.-based dispute resolution provider, as provided in the EU-US Data Privacy Framework Notice above, at no cost to you, at https://feedback-form.truste.com/watchdog/request. If neither Brightcove nor our independent dispute resolution provider resolves your complaint, you may have the right to file in a court of competent jurisdiction. Any disputes relating to this section shall be referred to and conducted in accordance with the procedures provided in the EU-U.S. Data Privacy Framework Notice Section.

In the past calendar year, for all regions, not just the EEA, of the eleven (11) reports Brightcove received alleging illegal content, Brightcove:

• Denied 9 reports;
• Removed 2 reported videos;
• Responded to properly submitted reports within 24 hours;
• Reported video content fell into two categories: copyright infringement claims and alleged terrorist materials;
• Received zero (0) appeals of any content removal decisions.

We only remove content when we have actual knowledge of a violation of our Terms.

Single Point of Contact:
Brightcove Inc.
Attn: Chief Privacy Officer
281 Summer Street
Boston, MA 02210
Phone: +1 617 500 4947
general_counsel@brightcove.com

If you would prefer, you can contact the below EEA-based representative for DSA-specific inquiries and disputes, with the Subject Line: DSA Inquiry, and it will be routed to the appropriate department.

Anna Gene
Phone: +44 207 148 6450
agene@brightcove.com

INFORMATION PRACTICES

The personal information we collect from California consumers is the same for all Customers and their Viewers, irrespective of residency. We do not use sensitive personal information beyond providing the Brightcove Services in a secure manner. If this ever changes, we will notify you.

We also require any service providers we use to process any personal information we share in connection with Brightcove Services and operations to restrict their use of the information to providing those contracted-for services and complying with the law, and allowing us to audit and ensure their compliance with our agreements with them.

YOUR RIGHTS TO YOUR PERSONAL INFORMATION

For those individuals that would like more information on the specific information collected about them, you have the ability to request:

• That we provide details about the categories of personal information we collect about you, including how we collect and share it;
• The correction or deletion of personal information we collected from you;
• That we provide you access to the personal information we collected from you;
• To contact us if there are any questions, comments or requests in connection with our Privacy Policy; and
• The right to opt out of sale and sharing for targeted advertising of their personal information. You can opt out of sale and sharing on the "Our Consents and Preferences Center" page or via the cookie consent pop up. Please review our Cookies Policy & Advertising Choices section for more information including how to exercise your rights to opt-out of cookies, analytics and personalized advertising.

The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the sharing of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.

SUBMITTING A REQUEST

To exercise a data right on your own behalf (as a Customer), please complete the "Privacy Request webform". You will, at a minimum, need to provide us with the following: your name, business or other email address, company name and country, and if applicable, state of residence, as well as your request type and your relationship to Brightcove. We will use your email and mobile phone number to verify your identity. We will not use your mobile number other than to assist in processing the request or in any other way you’ve previously permitted us to use it. We will process any requests within a reasonable period of time, and in any case in accordance with applicable law.

Certain Brightcove Services offer Customers self-service options in the Administrator mode of their accounts at no additional cost, including the ability to access, download and export your Viewer data, delete Viewer data and restrict the use of that data. Before you exercise your options, please be aware that deletion of Viewer data is irreversible. If you need further instructions on how to access and use those features, or if you use other Brightcove products and services that may not include these self-service options, please reach out to your customer success representative with your request.

Please keep in mind that when you ask us for your personal information or ask us to delete it, we may need to retain or withhold some of the information for security or legal reasons. Also, we need Customer and Customer Usage data to maintain your account and requested services. That means if you ask us to delete that information, we may not be able to continue providing those services or products.

You can designate an authorized agent to make a data-rights request on your behalf. Authorized agents can submit requests on behalf of another individual by completing the "Privacy Request" form. If you are making a request through an agent, they will need to submit proof of their authority to act on your behalf.

Where Brightcove receives a request from a Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

INFORMATION PRACTICES

Our collection, use and sharing practices are the same for all Customers & their Viewers, regardless of their residency, and are dependent on the Brightcove Services purchased. Please refer to those sections above for more details.

We only process Customer and Viewer personal data in accordance with the terms of a data protection agreement, entered into in each instance by Brightcove and the Customer, that limits the processing in accordance with your instructions, securely, and as necessary to provide the services, for our legitimate business interests and in the other ways permitted by law. It also provides for assistance with compliance with your obligations - as controllers - under the law - like assisting with data subject rights requests you receive and data protection assessments. You can review our standard data processing addendum here to learn more about how we treat and transfer personal data we receive from Customers.

We are also transparent about our use of subprocessors, which are also contractually obligated to protect your personal data under no less restrictive standards than those implemented by Brightcove. Those subprocessors are listed here, where you can also sign up to receive alerts whenever we add any additional service providers to the list. Customers will be provided with advance notice and an opportunity to object to the use of the subprocessor as dictated in our agreements.

YOUR RIGHTS TO YOUR PERSONAL INFORMATION

Certain non-corporate Virginia residents have the following rights:

• To know what personal data is being processed;
• To ask to access, copy, correct and to delete it; and
• To opt out of profiling that results in legal impacts, targeted ads, and “sales” of their personal data.

We do not “sell” personal data of our Customers’ Viewers under Virginia privacy laws and do not engage in “profiling” that has legal or similar significant effects. If you are on our websites, you can opt out of any non-essential cookies here or via our cookie consent pop up. Please review our Cookies Policy & Advertising Choices for more information.

SUBMITTING A REQUEST

Where Brightcove receives a request from a Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

Certain Brightcove Services offer Customers self-service options in the Administrator (or similar) mode of their accounts at no additional cost, including the ability to access, download and export your Viewer data, delete Viewer data and restrict the use of that data. Before you exercise your options, please be aware that deletion of Viewer data is irreversible. If you need further instructions on how to access and use those features, or if you use other Brightcove products and services that may not include these self-service options, please reach out to your customer success representative with your request. You may also send the request to privacy@brightcove.com.

INFORMATION PRACTICES

Our collection, use and sharing practices are the same for all Customers & their Viewers, regardless of their residency, and are dependent on the Brightcove Services purchased. Please refer to those sections above for more details.

We only process Customer and Viewer personal data in accordance with the terms of a data protection agreement, entered into in each instance by Brightcove and the Customer, that limits the processing in accordance with your instructions, securely, and as necessary to provide the services, for our legitimate business interests and in the other ways permitted by law. It also provides for assistance with data subject rights requests you receive and data protection assessments. You can review our standard data processing addendum here to learn more about how we treat and transfer personal data we receive from Customers.

We are also transparent about our use of subprocessors, which are also contractually obligated to protect your personal data under no less restrictive standards than those implemented by Brightcove. Those subprocessors are listed here, where you can also sign up to receive alerts whenever we add any additional service providers to the list. Customers will be provided with advance notice and an opportunity to object to the use of the subprocessor as dictated in our agreements.

YOUR RIGHTS TO YOUR PERSONAL INFORMATION

Certain non-corporate Connecticut residents have the following rights:

• To know what personal data is being processed;
• To ask to access, copy, correct and to delete it; and
• To opt out of targeted ads, profiling solely by automated means and “sales” of their personal data.

We do not “sell” personal data of our Customers’ Viewers or engage in “profiling.” If you are on our websites, you can opt out of any non-essential cookies here or via our cookie consent pop up. Please review our Cookies Policy & Advertising Choices for more information.

SUBMITTING A REQUEST

Where Brightcove receives a request from a Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

Certain Brightcove Services offer Customers self-service options in the Administrator (or similar) mode of their accounts at no additional cost, including the ability to access, download and export your Viewer data, delete Viewer data and restrict the use of that data. Before you exercise your options, please be aware that deletion of Viewer data is irreversible. If you need further instructions on how to access and use those features, or if you use other Brightcove products and services that may not include these self-service options, please reach out to your customer success representative with your request. You may also send the request to privacy@brightcove.com.

INFORMATION PRACTICES

Our collection, use and sharing practices are the same for all Customers & their Viewers, regardless of their residency, and are dependent on the Brightcove Services purchased. Please refer to those sections above for more details.

We only process Customer and Viewer personal data in accordance with the terms of a data protection agreement, entered into in each instance by Brightcove and the Customer, that limits the processing in accordance with your instructions, securely, and as necessary to provide the services, for our legitimate business interests and in the other ways permitted by law. It also provides for assistance with data subject rights requests Customers receive and data protection assessments. You can review our standard data processing addendum here to learn more about how we treat and transfer personal data we receive from Customers.

We are also transparent about our use of subprocessors, which are also contractually obligated to protect your personal data under no less restrictive standards than those imposed contractually on Brightcove. Those subprocessors are listed here, where you can also sign up to receive alerts whenever we add any additional service providers to the list. Customers will be provided with advance notice and an opportunity to object to the use of the subprocessor as dictated in our agreements.

YOUR RIGHTS TO YOUR PERSONAL INFORMATION

Additionally, certain non-corporate Colorado residents have the following rights:

• To know what personal data is being processed;
• To ask to access, correct and to delete it; and
• To opt out of targeted ads, profiling that impacts your legal rights or access to basic necessities, and “sales” of their personal data.

We do not “sell” the personal data of Customers’ Viewers, nor do we engage in “profiling.” If you are on our websites, you can opt out of any non-essential cookies here or via our cookie consent pop up. Our websites also recognize global opt out signals. Please review our Cookies Policy & Advertising Choices for more information.

SUBMITTING A REQUEST

Where Brightcove receives a request from a Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

Certain Brightcove Services offer Customers self-service options in the Administrator (or similar) mode of their accounts at no additional cost, including the ability to access, download and export your Viewer data, delete Viewer data and restrict the use of that data. Before you exercise your options, please be aware that deletion of Viewer data is irreversible. If you need further instructions on how to access and use those features, or if you use other Brightcove products and services that may not include these self-service options, please reach out to your customer success representative with your request. You may also send the request to privacy@brightcove.com.

The personal information we collect from Nevada consumers and how it is processed is the same as that collected for Customers generally. Please review those sections in this Privacy Policy. We also require any service providers we use to process any personal information we share in connection with Brightcove Services and operations to restrict their use of the information to providing the Brightcove Services and acting on our behalf. Otherwise, we will only provide information to third parties if you direct us to or as required by law. We do not “sell” personal information as defined under Nevada privacy laws.

COLLECTION AND USE NOTICE

Your respective data processing agreement with Brightcove outlines the categories of personal data collected, processed and for what purpose and under what conditions and instructions, including our obligations to you with respect to securing that information and engaging subprocessors. Other than any third parties that you direct us to disclose personal data to as part of Brightcove Services, the categories of third parties we share Customer, non-Viewer personal information with, as disclosed above in How We Share Information, applies to all Customers. Customer Viewer personal information is shared with the subprocessors listed here, by name and category, that Brightcove uses to provide Brightcove Services.

We only process Customer and Viewer personal data in accordance with the terms of a data processing agreement outlining our respective obligations, entered into in each instance by Brightcove and the Customer, that limits the processing in accordance with your instructions, and provides for assistance with compliance with your obligations - as controllers - under the law - like assisting with data subject rights requests you receive. That data processing agreement also outlines the administrative, technical, and physical security practices appropriate to the volume and nature of the personal data we process. You can review our standard data processing agreement here to learn more about how we treat and transfer personal data we receive from Customers.

We are also transparent about our use of subprocessors, which are also contractually obligated to protect your personal data under no less restrictive standards than those implemented by Brightcove. Those subprocessors are listed here. You can sign up to receive alerts whenever we add any additional service providers to the list. Customers will be provided with advance notice and an opportunity to object to the use of the subprocessor as dictated in our agreements.

YOUR RIGHTS TO YOUR PERSONAL DATA

Utah law does not give residents data subject rights when operating in their business or employment capacity. Where we obtain covered personal data from a Customer's Viewers, we process that information solely as provided for in our data processing agreement.

We do not "sell" personal data of our Customers' Viewers under Utah privacy laws and do not use personal data received from Customers for targeted advertising. If you are on our websites, you can opt out of any non-essential cookies here or via our cookie consent pop up. Please review our Cookies Policy & Advertising Choices for more information.

SUBMITTING A REQUEST

Where Brightcove receives a request from a Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

Certain Brightcove Services offer Customers self-service options in the Administrator (or similar) mode of their accounts at no additional cost, including the ability to access, download and export your Viewer data, delete Viewer data and restrict the use of that data. Before you exercise your options, please be aware that deletion of Viewer data is irreversible. If you need further instructions on how to access and use those features, or if you use other Brightcove products and services that may not include these self-service options, please reach out to your customer success representative with your request. You may also send the request to privacy@brightcove.com.

Canadian residents may have additional rights under Canadian law. Please see the information provided by the Office of the Privacy Commissioner of Canada for additional details.

You, and we, confirm that it is our wish that these Privacy Policies and all other related policies be drawn up in English. Vous reconnaissent avoir exigé la rédaction en anglais du présent document ainsi que tous les documents qui s'y rattachent.

INFORMATION PRACTICES

The personal information we collect from individuals in APAC countries is the same for all Customers and their Viewers. Please refer to those sections above for more details. Customers can use our Privacy Policies, including our Cookie Policy, to assist them with their notice obligations if they are subject to data privacy laws that require notice and consent for personal data collection and use, including but not limited to Japan’s Telecommunications Business Act, as amended, and the Digital Personal Data Protection Act.

When you enter into a contractual agreement with us for Brightcove Services, including the Data Processing Agreement, which incorporates this Privacy Policy, you provide us your consent for the data collection for the stated use purpose as provided in those agreements and policies. Customers are responsible for collecting consent from their Viewers to provide their personal data to Brightcove or for processing through Brightcove Services.

Where required by regional law, you have the right to request access to personally identifying information Brightcove has in its possession about you, and to correct information you believe is incorrect. Where Brightcove receives a request from a Viewer, we will refer the request to the Customer and support the Customer in responding to the request.

To the extent voluntarily provided, we may collect certain information concerning our Customers and Prospective Customers (such as name, business email, voice ID, details contact and business details,of our communications with participating such customers and prospects (correspondences, call and video recordings, and transcriptions and analyses thereof), as well as any needs, preferences, attributes and insights relevant to our potential engagement) that you provide during call and video recordings. You will be provided with notice about the use and deletion of the recording and the option to refuse the recording prior to the call and when accepting the invite to a call that may be recorded.

DATA SUBJECT RIGHTS

Certain Brightcove Services offer Customers self-service options in the Administrator (or similar) mode of their accounts at no additional cost, including the ability to access, download and export your Viewer data, delete Viewer data and restrict the use of that data. Before you exercise your options, please be aware that deletion of Viewer data is irreversible. If you need further instructions on how to access and use those features, or if you use other Brightcove products and services that may not include these self-service options, please reach out to your customer success representative with your request.

Please keep in mind that when you ask us for your personal information or ask us to delete it, we may need to retain or withhold some of the information for security, legal or anti-fraud reasons. Also, we need Corporate Customer and Customer Usage data to maintain your account and requested services. That means if you ask us to delete that information, we may not be able to continue providing those services or products.

To exercise a data right, on your own behalf (as a Customer) or on behalf of a Viewer, please contact Support or email privacy@brightcove.com, with the Subject Line: Data Rights Request - COUNTRY NAME. Within the request, please provide the following: your name, corporate email, company name and country of residence. We will process any requests in accordance with applicable law and within a reasonable period of time.

You may also have opt out rights and the right to withdraw your consent. Our Cookie Policy will provide instructions on how to withdraw consent from further personal data collection by cookies and other web beacons when you are on our Website. Given the nature of the Brightcove Services, you can only withdraw your consent for further processing when you stop using those Brightcove Services and terminate your agreements with us, in accordance with the terms of those agreements.

INTERNATIONAL TRANSFERS

We operate globally and may transfer your personal information to our locations in other countries for the purposes described in these Privacy Policies. We will protect the privacy and security of personal information we collect in accordance with our policies, regardless of where it is processed or stored.

In some of the countries to which we transfer personal data, like the United States, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those of your country. The United States data protection framework is comprised of state laws and sector-specific regulations based on entity type - like banks or credit bureaus - or the information type - like financial information or electronic medical records. As such, not all information at the state level is treated similarly.

No matter where your personal information is transferred, stored or processed by us, we will take reasonable steps to safeguard the privacy of your personal information. These steps may include implementing encryption when the information is outside of our networks and during transfer, standard contractual clauses where recognized by law, obtaining your consent for that purpose or relying on other lawful means of transferring personal information and restricting or limiting access to that information. By using the Website and the Brightcove Services, you consent to this transfer.

CONTACT US

If you have any questions regarding these Privacy Policies, please contact us by email at privacy@brightcove.com, call us +1 617 500 4947, or write to us at:

Brightcove Inc.
Attn: Privacy Team
281 Summer Street
Boston, MA 02210

Please be sure to include sufficient information so we can understand and respond to your specific question or request.

Additionally, EEA/UK residents will also receive a notice relating to personal information we receive from non-affiliated parties - like job boards and networking sites - as part of their application. As a resident in the EEA/UK region, you have certain rights to access, correction, erasure, to restrict processing, to transfer that personal data to another party, and where applicable, to withdraw consent you previously provided in connection with your application. To exercise those rights, please complete the “Privacy Request” webform.

If you indicate you want to continue to be considered for other roles or receive updates from Brightcove, your personal data shall be retained for 18 months from an unsuccessful candidacy. Otherwise, the job portal will automatically purge your application a year after its submission.

Job applicants, your application is covered by our hiring vendor’s privacy policy. Please review their practices prior to submitting your personal information.

As a California resident, current and former employees have certain rights to access, correct and delete personal information you provide to us in connection with their employment. Job applicants have those same rights to that information related to their application. We do not sell your personal information. To exercise those rights, please complete the “Privacy Request” webform. You can also contact us at +1 617 500 4947, and we will assist you in submitting a request through the webform. We will use the information submitted to verify your identity and to evaluate and process your request.

We retain the personal information of applicants as long as it is necessary to evaluate their candidacy for employment, and to comply with the law. We retain personal information of former employees for a legally mandated period post-termination, and then as otherwise legally permitted.

Brightcove Inc., and its affiliates (“Brightcove” or “we”), and certain service providers and partners operating on our behalf may set cookies and other similar technologies to identify your device as you navigate our publicly-accessible Website, certain Brightcove Services, support pages, and documentation. A cookie is a piece of data contained in a very small text file stored in your browser or elsewhere on your hard drive. By themselves, cookies do not identify you specifically; they recognize the browser or device (whether you are using it or someone else). Unless you log into your Brightcove account, we do not know who you are just because you visited our Websites. Definitions for some of the technologies listed, as well as information about your choices with respect to them, are available below.

HOW WE USE COOKIES

The Website uses both session cookies and persistent cookies. We use session cookies to make it easier for you to navigate the Website. A session cookie disappears when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. We use persistent cookies to help remember user preferences and improve the user experience. Data collected by these technologies may be used for several purpose, including, for example, to:

• Provide useful features to simplify your experience when you return to our Websites and applications (for example remembering where you left off on a video, or your conversation with the Brightcove chatbot);
• Provide you with relevant content based on your activity on our Websites, your industry, and approximate geographic location;
• Evaluate and optimize the use and operation of our Websites and various Brightcove Services; and
• Analyze traffic on our Websites and where that activity is generated from.

More specifically, the below cookies are found on the Websites.

COOKIEBOT CHART

OTHER TECHNOLOGIES

Web Beacons. We use web beacons along with cookies to gather data about use of the Website and interactions with our Players and emails. They recognize certain types of data on your device, like when it viewed a particular article and a description of the Website tied to the beacon. For example, we may put beacons in our marketing emails that notify us when you click on a link in the email that links to our Websites or materials, and then use that information to operate, improve and measure the performance of the Website and our marketing communications and strategies.

Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on the Website (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. For example, your IP address is identified and logged automatically in our server log files whenever you use the Website, along with the time(s) of your visit(s) and the page(s) you visited. We may combine this automatically-collected log information with other information we collect from you. We do this to improve and enable the functionality of the Website and the Brightcove Services.

IP Addresses. An IP address is a number that is automatically assigned to the device you are using by your ISP and, in many cases, IP addresses are shared by multiple people or computers and may be dynamically generated (meaning they change over time). Brightcove uses hashed IP addresses to provide our contracted-for services, namely aggregate analytics, viewership statistics and for billing purposes. We use IP addresses in raw logs stored in internal-access only systems for technical support, debugging and billing inquiries. We also use IP addresses to serve up customized cookie consent options in certain regions, and as part of fraud prevention.

BROWSER OPT OUT OPTIONS

Our Website is set up to recognize browser do not track signals. If you are not in a region where cookie consent pop ups are deployed, you can still adjust your web browser preferences to alert you when a cookie is set on your computer, to block cookies altogether or to activate or later deactivate cookies once set to your computer.

To learn more about how to control cookie settings through your browser:

Learn more about “Private Browsing” and managing cookie settings in Firefox;
Learn more about “Incognito” and managing cookie settings in Chrome;
Learn more about “InPrivate” and managing cookie settings in Internet Explorer; or
Learn more about “Private Browsing” and managing cookie settings in Safari.

You may remove persistent cookies by following directions provided by your Internet browser at the links above. While we do not require you to use cookies, certain parts of the Website may not function properly if you set your browser to refuse cookies.

EEA/UK RESIDENTS

OPT OUT RIGHTS

If you are located in the European Union, visit the "Your Online Choices" page for ways to opt out of receiving targeted advertising from participating third party advertisers, or visit the "Our Consents and Preferences Center" page.

Please note that when you opt out of receiving interest-based advertisements, this does not mean you will no longer see advertisements from or through us. We are not responsible for the effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs. In addition, third parties may still use cookies to collect information about your use of our Website, including for analytics and fraud prevention. Please visit the COMMUNICATION CHOICES tab to see your options relating to Brightcove email marketing.

You can also opt out of any non-essential cookies via the consent management pop up that comes up when your browser opens our Websites.

TELECOMMUNICATIONS AND TELEMEDIA DATA PROTECTION ACT STATEMENT

The Brightcove Player does not set any cookies on a Viewer’s device or browser, nor does it store information locally on the Viewer's device. Our traditional analytics use IP addresses and are based on stop, play and pause time and to enable playing of the requested video across devices, which would all fall under the strictly necessary categories. You, as a Customer, may be subject to local laws, such as the ePrivacy Directive or the Telecommunications Telemedia Data Protection Act, depending on the types of plugins you utilize within the Brightcove Player (if any) and/or on your website where the Player is located, particularly those technologies used for marketing or analytics.

ADVERTISING

We partner with service providers to manage our advertising on the Website and third party websites, which may include serving or tracking advertisements on or relating to the Website. Our service providers may use technologies such as cookies to gather information about your activities on the Website and third party sites in order to provide you advertising based upon your browsing activities and interests. The privacy policies of those third parties will govern your interactions with such third party websites or ad networks.

We support the self-regulatory principles for online behavioral advertising (Principles) published by the Digital Advertising Alliance (DAA). This means that we allow you to exercise choice regarding the collection of information about your online activities over time and across third party websites for online interest-based advertising purposes. More information about these Principles can be found at http://www.aboutads.info. If you want to opt out of receiving online interest-based advertisements on your internet browser from advertisers and third parties that participate in the DAA program and perform advertising-related services for us and our partners, please follow the instructions at http://www.aboutads.info/choices, or http://www.networkadvertising.org/choices/ to place an opt-out cookie on your device indicating that you do not want to receive interest-based advertisements. Opt-out cookies only work on the internet browser and device they are downloaded onto. If you want to opt out of interest-based advertisements across all your browsers and devices, you will need to opt out on each browser on each device you actively use. If you delete cookies on your device generally, you will need to opt out again.

Please note, while there is no generally accepted method to do so, our Website does recognize a “do not track” setting (or similar mechanism) from your browser to indicate that you do not wish to be tracked or to receive interest-based ads. We also interpret the Global Privacy Control (GPC) signal to opt out of non-essential cookies.

CHANGES TO THIS POLICY

We may update this Cookies Policy to reflect changes to our information and cookies practices by posting an updated version of this Cookies Policy on this page, or with any notice to you if required by applicable law. Your continued use of the Website after any such update constitutes acceptance of any such modified Cookies Policy. We encourage you to review this page periodically for the latest information on our cookies practices. The date of last revision is shown at the top of the Brightcove Privacy Policies page.

CONTACT US

If you have any questions about this Cookies Policy, or our privacy practices generally, please contact us at privacy@brightcove.com. If you have any questions regarding this Privacy Policy, please contact us by email at privacy@brightcove.com, call +1 617 500 4947, or write to:

Brightcove Inc.
Attn: Privacy Team
281 Summer Street
Boston, MA 02210

Please be sure to include sufficient information so we can understand and respond to your specific question or request.

You can make various choices about what communications you receive from Brightcove, our service providers or our partners. You can unsubscribe from marketing emails anytime by following the “unsubscribe” instructions in the latest such message you have received. If you’d like to limit our sharing for marketing purposes or remove your emails from our marketing databases, please email privacy@brightcove.com, with your name, email address and your request for removal.

We no longer use personal information for marketing purposes when you request to be removed from our marketing database, or we’re informed that it is outdated or inaccurate. If you would like to remove your personal information from the databases of third parties with whom your personal information has already been shared, please contact them directly.

Please see our Cookie Policy and Advertising Choices sections to opt out of any targeted advertising from ad partners and marketing, certain analytics and digital advertising.