Privacy Policy
This Privacy Policy explains how Videohati (“we”, “us”, or “our”) collects, uses, shares, and protects personal data when you use our video infrastructure platform, dashboard, APIs, and websites (together, the “Service”). It applies to account holders and their end users whose data is processed through the Service.
1. Our role: controller and processor
For data about your own account (your name, email, billing details, and dashboard activity), Videohati acts as a data controller. For video files and viewer data that you send through the Service on behalf of your end users, Videohati acts as a data processor, processing that data on your instructions to provide the Service.
2. Data we collect
Account data
- Name, email address, and organization details you provide at sign-up.
- Authentication data, including hashed passwords and session identifiers.
- Billing and plan information needed to operate paid accounts.
Usage and technical data
- API request metadata, including timestamps, endpoints, and API key identifiers.
- Dashboard activity logs used for security and troubleshooting.
- IP address, browser type, and device information from web requests.
Video and viewer data
- Video files, captions, thumbnails, and metadata you upload (Customer Content).
- Playback analytics such as plays, watch time, and drop-off, derived from viewer beacons that you enable for your videos.
- Tokens and identifiers used to authorize playback and to trace sessions for watermarking.
3. How we use data
- To provide, operate, and maintain the Service, including encoding and delivery.
- To authenticate users, secure accounts, and detect abuse or fraud.
- To meter usage, calculate fees, and manage billing.
- To produce analytics and reports for the account that owns the content.
- To communicate with you about service updates, security notices, and support.
- To comply with legal obligations and enforce our agreements.
4. Legal bases for processing
Where applicable data-protection law requires a legal basis, we rely on: performance of our contract with you; our legitimate interests in operating and securing the Service; your consent for optional cookies and marketing; and compliance with legal obligations.
5. Cookies and similar technologies
Our websites and dashboard use cookies and similar technologies for authentication, preferences, support chat, and analytics. For details about the specific cookies we set and how to control them, see our Cookie Policy.
6. How we share data
We share personal data only as described here:
- Sub-processors and infrastructure providers that host, deliver, encode, or secure the Service on our behalf, under contractual confidentiality and data-protection obligations.
- Payment and billing providers that process fees for paid plans.
- Support and communication tools, including our live-chat provider, used to respond to your requests.
- Legal and safety recipients where disclosure is required by law or needed to protect rights, property, or safety.
We do not sell personal data.
7. International data transfers
We operate infrastructure across multiple regions and use a global delivery network. Where we transfer personal data across borders, we apply appropriate safeguards consistent with applicable data-protection law.
8. Data retention
- We retain account data for as long as your account is active and for a limited period afterward to meet legal, accounting, and security needs.
- Customer Content is retained while your account stores it. After account closure, we delete or anonymize Customer Content following a wind-down window, except where retention is legally required.
- Operational logs are retained for a limited window for security and troubleshooting.
9. Your rights
Subject to applicable law, you may have the right to access, correct, delete, or export your personal data, to object to or restrict certain processing, and to withdraw consent. To exercise these rights for account data, contact us using the details below. For data we process on behalf of an account (such as viewer analytics), please direct your request to the account that controls that data.
10. Security
We apply technical and organizational measures to protect personal data, including encryption in transit, access controls, secret management, and audit logging. No method of transmission or storage is completely immune from risk, but we work to reduce that risk and to respond to incidents.
11. Children
The Service is intended for use by education platforms and their staff, not for direct use by children. We do not knowingly collect personal data directly from children. Where your platform serves minors, you are responsible for obtaining any required consents.
12. Changes to this Policy
We may update this Privacy Policy from time to time. We will update the “last updated” date below and, for material changes, notify you through the dashboard or by email.
13. Contact
For privacy questions or to exercise your rights, contact us at [email protected].