Data Privacy & GDPR

Conviva’s business is to empower our customers to understand, improve, and act on the performance of their over-the-top video services. In providing our services, we collect and process a variety of data which may include personally identifiable information or personal data.  We are committed to keeping all data secure and to comply with all laws that apply to our business, including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR). We provide a secure, privacy-compliant SaaS offering that is vital to our success and the success of our customers.

As part of our commitment to be transparent about our privacy practices and comply with applicable laws, we have posted our Privacy Policy, found here: https://legal.conviva.ai/privacy-policy/.

In addition:

• We commit to follow appropriate security practices, standards, processes and precautions in accordance with GDPR. Conviva is also ISO/IEC 27001:2022 certified. Further details regarding Conviva’s security practices can be viewed here.
• We put in place an appropriate data transfer mechanism as required by GDPR when the transfer of personal data outside of the European Economic Area (“EEA”) and/or the United Kingdom (“UK”) is necessary. This includes entering into the appropriate standard contractual clauses.
• We retain personal data only for as long as necessary to provide the services our customers request, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our policies.
• We assist with notifying regulators of breaches and promptly communicates any breaches to impacted customers.
• We ensure that employees and contractors authorized to process personal data have agreed to keep personal data confidential.
• We hold any sub-processors that handle personal data, including our data center partners and other vendors, to the same data management, security, and privacy practices and standards to which we hold ourselves.
• Where appropriate, we offer contractual language documenting our commitments to our customers to support their GDPR and CCPA obligations.
• We assist our customers so they can respond to data subject requests, such as for access to and/or deletion of personal data, in accordance with applicable laws.

We respect our customers’ rights to request access to, and control and deletion of, personal data as required by applicable law. Customers may request access to, or that we delete and stop collecting, personal data by submitting a Support Form found in the help drop-down menu of our Insights web portal. The deletion, and/or cessation of the collection, of personal data may impact the capabilities of certain of our services.  Any questions or requests for assistance with the above should be directed to our customer support team at  [email protected].

If you have a question and/or request related to personal data that is collected on our www.conviva.ai webpage, you can submit a form here.  If you have questions or requests related to your rights under the CCPA, please visit here.

Conviva retains personal data, such as account login information, collected from our customers in connection with their use of our services and disables customer accounts within one month after account closure unless earlier closed due to our need to comply with our legal obligations, resolve disputes, or enforce our agreements. Personal data (such as IP addresses) is collected from our customers’ end users and generally retained for up to thirteen months after collection, unless otherwise directed by our customers. More information about our Data Access and Retention Policy can be found in the help drop-down menu of our Insights web portal.

Data privacy and security are top priorities for Conviva, and we continue to invest in these essential elements of our business for the protection of our company and our customers.