Overview

Any Personally Identifiable Information (PII) that a business stores digitally needs to be properly protected, and the user whose personal data is in question must have absolute control over it. From contact information to financial information and payment details, data usage is protected by law in most parts of the world, especially in the UK (GDPR), California (CCPA), and Switzerland. This is to prevent that data from being misused by third parties for fraud, such as identity theft and phishing scams. 


Data such as IP address, name, state, email, and credit/debit card details contain sensitive information. Protecting all this and other PII, in accordance with the Data Protection Act(s), requires businesses to adhere to specific principles. We at VIDIZMO understand the importance and necessity of data protection laws and are always working to stay compliant by upgrading data protection policies as per the need, which helps make compliance easier for our customers' content management portal(s). 


Note: You can read more about the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) by clicking on the links.


Concept 

VIDIZMO takes people's privacy and their data protection very seriously. Therefore, we are committed to complying with data protection laws and regulations. VIDIZMO understands you need to have a video content management platform that is both compliant with all necessary applicable data protection laws.  


Data Subject's Rights Protection 

The term Data Subject refers to an individual whose personal data is collected, held, or processed by an organization. Personal data is any data that can be used to identify an individual, such as name, home address, or credit card information. 


Data protection rights bodies such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) give individual rights relating to their personal data. Organizations must inform individuals how they can exercise these rights and meet requests promptly.  


The most essential legislations required for any organization to be compliant with Data Processing Acts are discussed below, and the most important part is that VIDIZMO offers all these functionalities and rights to their customers: 




Right of Data Portability 

Data portability is one of the fundamental data subject rights in the General Data Protection Regulation. This right allows users to download or copy personal data easily from one IT environment to another safely and securely without affecting its usability.  


Knowing the importance of this right, VIDIZMO gives the option of downloading all personal data, including:

  • Username (First Name and Last Name )
  • Email Address
  • Profile Picture
  • City
  • State
  • Country
  • Default Language
  • Assigned Role
  • System Generated Logs
  • Phone Number
  • Tracking Information
  • User Comments
  • Annotations in Videos and Images
  • Audit Logs

All this information can be extracted, on a single click, in a machine-readable format, i.e. CSV, from their profile section.


Note: Viewer+ users can exercise the right of Data Portability.


Right of Data Rectification/Correction 

The goal of Data Protection Bodies, like GDPR, is to ensure that personal data collected and processed by any organization is accurate. Therefore, it is the right of the data subject to correct inaccurate personal data as well as the ability to supplement incomplete personal data. 


VIDIZMO empowers its customers with the functionality of data correction so your portal users can exercise GDPR's Right of Data Rectification/Correction. Your portal user having a Viewer+ role can swiftly update their personal information from their user profile section. VIDIZMO also allows users to enter the optional personal information later if they have skipped it while registering to the portal.


Right to be Forgotten/Erasure

GDPR introduces this right; as per this regulation, any individual has the right to have their stored personal data erased from any IT software system. A possible reason for exercising this right is that the personal data is no longer necessary for the purpose which you originally collected or processed for. 


VIDIZMO offers this functionality to you so your portal users can delete all their stored personal data (described in the Right of Data Portability section) from the system using the Data Deletion button in the user profile section.


Right to be informed

The core responsibility of GDPR is to give individuals control over the use of their data; one of these rights is the right to be informed. Any organization collecting and processing data must inform its users of the type of data being collected and processed. This information must be provided in concise, clean, and plain language. 


VIDIZMO gives you the functionality of the Consent Form and Data Policy Design Form, which are used for maintaining cookies and privacy policies, respectively. In the following two sections, you will read more about how you can inform your users about your cookies and privacy policy.


Data Policy Design Form – Privacy Policy 

A Privacy Policy is a document telling your portal users what information you collect and what do you do with that information. You normally inform users about your Privacy Policy when they wish to Sign Up or Create an Account on your portal. Privacy Policy helps you create a transparent environment where your users are more confident about their shared information and its use.  


VIDIZMO enables you to design and update Privacy Policy for your portal, which is in control of Manager+ users. The best part of it is the version controlling meaning whenever you make changes in the Privacy Policy of your portal, you will be able to retake your portal users' consent by displaying them the Consent Form.


A web cookie or simply browser cookie is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. To inform user’s, about cookies being sent from their browser to your servers, a cookies policy is used, which is a declaration to your users of: 

  • What cookies are active on your website or portal?
  • What user data are you tracking?
  • For what purpose and where in the world is the data being shared, and with whom?

To help you meet such compliances requirements, VIDIZMO gives you the option of designing the Consent Form, which helps you get the user consent for processing their information whenever they visit your portal. 


VIDIZMO offers two types of Consent Forms:

  1. Slide-In Footer: This is useful if you want to display the consent form at the bottom of your portal page. This also allows the user to use the site without accepting the terms and conditions, but the consent form will remain open throughout the session. 
  2. Modal:  This is useful if you want to allow users to see your portal content and use the portal only if the user agrees to the terms and conditions. This will display the user consent agreement form in the center of the portal page. 


GDPR Activation/Deactivation 

VIDIZMO empowers customer organizations to switch on GDPR Compliance within their Account and sub-portals. Every user (anonymous or logged-in) will be required to agree to the system's Data Processing Agreement (DPA) as soon as they land on the web application. All you need to do is to check or uncheck the option available in the GDPR Compliance section of the portal settings. You only uncheck it If none of your customers/consumers reside in the European Union, California or any region where no such data regulations have been imposed yet. 



Contributions were made by Sidra Jabeen & Waqar Baig.

Read Next

How to Define a Privacy Policy