Privacy Policy
Last Updated: March 10, 2024
Phia provides a website located at phia.app (the "Site") and corresponding browser extension (the "App extension") which allows users to upload and share images and other content. To make this Privacy Notice easier to read, the Site, our services and App are collectively called the "Services." This Privacy Notice is designed to help you understand how we collect, use, and share your personal information and to help you understand and exercise your privacy rights.
This Privacy Policy describes how Phia collects, uses, and shares your personal information, as well as your choices and rights with respect to your personal information.
1. Scope of this Privacy Policy.
This Privacy Policy applies to information that relates to you as an identifiable individual (often referred to as "personal information" or "personal data") that Phia receives or collects when you interact with us or our services, website, and software (the "Services").
This Privacy Policy does not apply to any third-party services, websites, or software, such as third-party applications that may be integrated into our Services via API. Those services, websites, and software are subject to their own terms and privacy policies, and you should read those carefully.
2. Information We Collect.
We collect and receive the following types of information:
Information You Provide to Us:
(A): Account Information: To create an account for the Services or to enable certain features, we require that you provide us with information for your account such as name, email, password, and authentication credentials. If you sign up for a paid subscription, we (or our payment processors) may need your billing details such as credit card information, banking information, and billing address.
(B): Video and Other Customer Data: In using our Services, our customers submit or upload video recordings, seek user support, or provide other Customer Data (defined in our Terms of Service) to us. Our use of and processing of Customer Data is governed by our Terms of Service.
(C): Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is stored by Stripe and Lemon Squeezy. You may find their privacy notice link(s) here: https://stripe.com/privacy and https://www.lemonsqueezy.com/privacy.
Information We Collect Automatically:
(A): Usage Data: We automatically collect usage data about how you interact with our Services when you use them. For example, this could be actions you take on our platform, such as number of videos you've recorded or viewed, your sharing activity, or what third-party integrations you enabled.
(B): Log Data: Our servers automatically log certain types of data when you visit or use our Services, for example, when you navigate through our website. This data is stored in our log files and includes, Internet Protocol (IP) address, type of device, operating system or browser, unique device identifiers, browser settings, date and time you visited or used our Services, the referring website, URL parameters, and error and crash reporting data.
(C): Information from Cookies and Similar Technologies: A cookie is a small piece of information that is downloaded to your device by your browser when you visit a website. We use cookies or similar technologies (including third-party cookies) to remember your preferences, understand how you interact with our Services or emails that we send you, maintain the security of our Services, and administer, improve and promote our Services. You can configure your browser to prevent cookies, but please note that disabling cookies may make some features or functionality unavailable to you.
3. How We Use Your Information.
We use your information in the following ways:
(A): To provide and maintain our Services.
(B): To analyze and improve our Services.
(C): To keep our Services secure and protect against fraud, abuse, and intrusion.
(D): To provide user support, information, and services requested by you.
(E): To send important account or security notifications.
(F): To promote our Services in accordance with applicable laws and regulations. If you'd like to unsubscribe from our marketing emails, click the "unsubscribe" link at the bottom of the email. You can also update your notification preferences in your account settings.
Please keep in mind that customers control their accounts and associated Customer Data. We use Customer Data according to our customers' instructions and our Terms of Service. Customers are able to: (1) restrict, remove, disclose, and access content and information associated with the accounts in their Workspaces; (2) grant, deny, or limit access to those accounts and Workspaces; and (3) configure the privacy settings for those accounts and Workspaces. If you create a Loom account with your work email and you aren't already part of your company's Workspace, your company may have the ability to add your account (including the content in it) to its Workspace. We'll give you notice before that happens.
4. How We Protect Your Information.
We are committed to protecting your information from unauthorized access, use, disclosure, and loss. We use industry-standard security practices to keep your information secure, such as encryption, access controls, physical security measures, and internal reviews of data collection, use, and storage. We've also obtained various compliance certifications and undergo ongoing audits to ensure continued security and compliance best practices.
However, data transmissions over the internet cannot be guaranteed to be 100% secure or safe from intrusion by others. Be sure to use secure internet connections, protect your login credentials, and create strong passwords for your account.
5. Data Retention.
We'll retain information you store on our Services for as long as your account exists or as long as we need it to provide you Services. If you delete your account or your content from Loom, we'll permanently delete your account or content within 30 days, unless we need to retain any information to comply with our legal obligations, resolve disputes, or enforce our agreements. For any other information we may receive or collect from you, we'll retain that information for only as long as is necessary for the purposes described in this Privacy Policy.
6. What are your Privacy rights.
Individuals in the European Economic Area, the United Kingdom, and across the globe have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to your personal information, as well as to seek to update, delete, or correct this information. You can exercise most of these rights through your Loom account. For example, if you wish to delete your personal information from Loom, you may permanently delete your account. You can also access and update your account information via your account settings page. If you are unable to exercise your rights through your Phia account, please contact the administrator of your Workspace, or otherwise you can send us your request.
7. Age Requirement.
If you are under 13 years old (or the age of digital consent in your country), you may not sign up for Loom, and please do not send any personal information about yourself to Loom. If you believe that someone under 13 or the applicable age of digital consent has provided us with personal information in violation of this Privacy Policy, please contact us, and we will take steps to delete the information.
8. For EEA, Switzerland, and UK Data Subjects.
In general, Loom is a processor of Customer Data. This means that we process Customer Data only according to our customers' instructions in accordance with our Terms of Service. Phia acts as a controller for other types of personal data where Phia determines the purposes and means of processing of that data, such as personal data used for marketing or research purposes.
Where Phia acts as a controller of personal data, our lawful bases for processing include:
(A): Our legitimate interests (for example, to send you information about new features or upcoming product launches). You have the right to object to our use of your personal data for direct marketing at any time.
(B): As needed to comply with our contractual obligations (for example, if you sign up for a contest or promotion, we'll process your personal data as needed for us to perform our obligations under the contest or promotion terms).
(C): To comply with legal obligations (for example, to respond to a law enforcement request or enforce or defend our legal rights).
(D): With your consent (for example, if you opt into receiving email marketing from us). You have the right to withdraw your consent at any time.
9. California Residents.
California Civil Code Section 1798.83, also known as the "Shine The Light" law permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have a registered account with the Services, you have the right to request removal of unwanted data that you publicly post on the Services. To request removal of such data, please contact us using the contact information provided below and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Services, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g., backups, etc.).
Your California Privacy Rights:
(A): Right to Access. You have the right to request, up to two times each year, access to categories and specific pieces of personal information about you that we collect, use, disclose, sell, and share, such information to be provided to you in a readily useable format.
(B): Right to Delete. You have the right to request that we delete personal information that we collect from you, subject to applicable legal exceptions.
(C): Right to Correct. You have the right to request that we correct inaccurate personal information that we maintain about you, subject to applicable legal exceptions.
(D): Right to Opt-Out of Sale or Sharing of Personal Information. You have the right to opt-out of the "sale" or "sharing" of your personal information as such terms are defined under California law.
(E): Right to Non-Discrimination. You have the right not to be treated in a discriminatory manner for exercising your privacy rights. We do not use the fact that you have exercised or requested to exercise any rights for any purpose other than facilitating a response to your request.
10. Virginia Residents.
This section provides supplemental information to residents of the State of Virginia, whose personal data we process in connection with the Services.
For information on the categories of personal data we process, please see "Information We Collect" above. The purposes for which we process personal data are described in "How We Use Your Information." For information on how we share the categories of personal data we collect, please see "How We Share Your Information."
Your Virginia Privacy Rights:
(A): Right to Access. You have the right to confirm whether we are processing your personal data and to access such personal data.
(B): Right to Delete. You have the right to delete personal data provided by or obtained by you.
(C): Right to Opt-Out. You have the right to opt-out of "targeted advertising" as defined under Virginia law. We do not sell personal data as "sale" is defined under Virginia law.
(D): Right to Correct. You have the right to correct inaccuracies in the personal data, taking into account the nature of the personal data and the purposes of the processing.
(E): Right to Portability. You have the right to obtain a portable copy of the personal data that you provided to us.
11. Updates to this Privacy Policy.
We may update this Privacy Policy by posting the updates to our website. If an update materially impacts your rights or how we use your personal information, we will notify you either by email or other direct communication before the updates take effect. Any other revisions will become effective on the date the updates are posted by Phia.
12. Contact Us.
If you have any questions about our privacy practices or this Privacy Notice, or to exercise your rights as detailed in this Privacy Notice, please contact us at: hey@phia.app.