Privacy Policy
LAST UPDATED: February 4, 2024
Touchstorm and VideoAmigo is owned by Diginary Holdings, with offices at 101 North Pinetta Drive, #35980, Richmond, VA 23235 (“Diginary Holdings”). Diginary Holdings is committed to protecting your privacy. This Privacy Policy describes the information that we collect from you through the www.touchstorm.com or www.videoamigo.com website (the “Site”), the purposes for which we use such information, with whom we may share such information, your choices regarding our use and sharing of such information, and the steps we take to protect your personal information. By accessing the Site, you are consenting to the information collection and use practices described in this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use the Site. Except as provided in the “Your California Privacy Rights” section below, this Privacy Policy only applies to information collected on the Site and does not apply to information which we may collect on other websites owned or operated by Diginary Holdings or by means other than on the Site. This privacy policy covers both HR Data and Non-HR Data.
Topics:
1. Your California Privacy Rights
2. Information We Collect About You
2.1 Information Collected Directly From You
2.2 Information Collected Automatically
2.3 Our Use of Cookies; Third Party Cookies; Web Beacons
2.4 Aggregate Information
3. How We Use The Information About You
3.1 Disclosure of Your Personal Information
3.2 Disclosure Regarding Service Providers
3.3 Disclosures In Connection With Acquisitions Or Divestitures
3.4 Disclosure For Other Reasons
4. Marketing
5. Security
5.1 Information Storage and Security
5.2 How Long We Keep Information
5.2.1 Marketing Information
6. Access To Your Information And Correction
6.1 Updating Your Information
6.2 Your Rights – European Economic Area (EEA), United Kingdom (UK) and Swiss Residents
6.3 EU Data Subjects and Extra-territorial
6.4 Data Privacy Framework Notice
7. Other Websites
8. Additional Information
8.1 Note to International Users
8.2 Children’s Online Privacy Protection Act
8.3 Enforcement Of This Privacy Statement
8.4 Changes To This Privacy Statement
9. How To Contact Us
10. Exercise of Right
Your California Privacy RightsThe following only applies to California residents who have an established business relationship with Diginary Holdings. If we collect your name or other personal information from you (whether online or offline), and you have given us permission to share your personal information by clicking on the appropriate box or button on the Site or by any other means we may provide, we may occasionally make that personal information available to our parent or other affiliated companies, or to other third parties (including, but not limited to, our clients) who have products or services that we believe will be of interest to you, for their direct marketing purposes. If you later decide that you do not want us to share your personal information with these companies for their direct marketing purposes, please contact us at privacypolicy@touchstorm.com. Your opt out request will be processed within ten (10) business days of the date on which we receive it. For more information on how your personal information is collected, used and shared, please read the remainder of this Privacy Policy.
Information We Collect About YouWe collect information about you in the following ways:
2.1 Information Collected Directly From YouYou can visit the Site and access the information available on the Site without entering any personal information. However, when you sign up for an account in order to access certain information, services, or features that may be contained on the Site, we may require you to provide personal information such as your name, email address, phone number, occupation, company information, video titles, YouTube links, keywords, categories, and other data. For example, we will collect certain personal information if you choose to register on the Site, join our email list, subscribe to our newsletter or blog, participate in special offers, sweepstakes, contests or other promotions, sign up for our chat rooms, message boards or other public venues or send questions or comments to us via email.
2.2 Information Collected AutomaticallyWe may collect information about your visit to the Site, including what pages you view, the number of bytes transferred, the links you click, the materials you access, and other actions taken within the Site. We may also collect certain standard information that your browser sends to every website you visit, such as your Internet Protocol address, your browser type and capabilities and language, your operating system, the date and time you access the Site, and the website from which you linked to our Site. We do not link this information to your personal information.
2.3 Our Use of Cookies; Third Party Cookies; Web BeaconsCookies are small files that websites save to your hard disk or to your browser’s memory. We may use them to track the number of times you have visited the Site, to track the number of visitors to the Site, to determine and analyze visitors use of the Site (including the effectiveness of online advertising), to store information that you provide such as your preferences, and to store technical information useful for your interactions with the Site. We may use session cookies (cookies that are deleted when your browser session ends) to facilitate your movement around the Site (particularly in connection with information searches) and to store other information useful in administering the session. You have the ability to accept or decline cookies. Most Internet browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies or to notify you when a cookie is being placed on your computer. If you choose to decline cookies, you may not be able to fully experience the features of the Site. Refer to your specific browser’s Help menu for details. You may occasionally get cookies from our advertisers or other third parties with links on the Site. We do not control these cookies. The use of advertising cookies sent by third-party servers is standard in the Internet industry. We do not link the information we store in cookies to any personal information you submit while on the Site. Our Site may also contain electronic images known as web beacons sometimes called single-pixel gifs that allow us to count the number of users who have beacons in promotional email messages or newsletters in order to determine whether messages have been opened and acted upon.
2.4 Aggregate InformationFrom time to time, we may collect general, non-personal, statistical information about the use of the Site, such as how many visitors visit a specific page on the Site, how long they stay on that page, and which hyperlinks, if any, they “click” on. For details about how we collect this information, see “Information Collected Automatically” section above. We collect this information in order to determine which areas of the Site are most popular and to enhance the Site for visitors. We may also group this information into aggregate visitor data in order to describe the use of the Site to our existing or potential business partners, clients or other third parties, or in response to a government request. However, please be assured that this aggregate data will in no way personally identify you or any other visitors to the Site.
- How We Use The Information About You
3.1 Disclosure of Your Personal Information
Except as described in this document, personal information you provide to Diginary Holdings through the Site will not be shared outside of Diginary Holdings and its service providers without your permission.
If you provide us with personal information, we may retain and use that information for several purposes. For example, we may use your personal information in order to provide information and services that you request such as responding to questions and sending emails to our email list subscribers. In addition, we may use your personal information to ensure compliance with Diginary Holdings’ policies and applicable law. In order to offer you a more consistent experience in your interactions with the Site, information collected via the Site may be combined with information we collect by other means. We may also use your personal information to improve the Site, or to make the Site easier to use by eliminating the need for you to repeatedly enter the same information or by customizing the Site to your particular preference or interests. If you have chosen to receive communications by email from us but later wish to opt out of receiving such communications from us at any time, simply follow the instructions for doing so included in the emails. We reserve the right to send you certain communications relating to the Site, such as service announcements or similar administrative or transactional messages, without offering you the opportunity to opt-out of receiving them.
3.2 Disclosure Regarding Service Providers
Diginary Holdings contracts with other companies to provide services on our behalf, such as hosting websites, sending out information, and analyzing the Site. We provide these companies with only those elements of your personal information they need to deliver those services. These companies and their employees are prohibited from using that personal information for any other purpose.
3.3 Disclosures In Connection With Acquisitions Or Divestitures
Circumstances may arise where for strategic or other business reasons Diginary Holdings decides to sell, buy, merge or otherwise reorganize its own or other businesses. Such a transaction may involve the disclosure of personal and other information to prospective or actual purchasers, or receiving it from sellers. It is Diginary Holdings’ practice to seek appropriate protection for information in these types of transactions. In the event that Diginary Holdings or all of its assets are acquired in such a transaction, customer information would be one of the transferred assets.
3.4 Disclosure For Other Reasons
We may disclose personal information if required to do so by law or in the good-faith belief that such action is necessary to comply with legal requirements or with legal process served on us, to protect and defend our rights or property, or in urgent circumstances to protect the personal safety of any individual.
Our organization processes personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. The processing activities encompass various types of personal data, including but not limited to customer/client data, visitor data, and HR data.
Purposes of Processing:
Customer/Client Data:
- Purpose: The purpose of gathering this data is needed in providing services, fulfilling contractual obligations, and managing customer relationships.
- Types of Personal Data Processed: Contact information, Transaction history, Client Goals, KPIs.
Visitor Data:
- Purpose: We collect Personal Data from you when you submit web forms or interact with our websites, for example by subscribing to our blog, signing up for a webinar, subscribing to one of our services or requesting customer support. We may ask for your email address, first and last name, job title, and other similar business information. You are free to explore some of our websites without providing any Personal Data about yourself.
- Types of Personal Data Processed: email address, first and last name, job title
HR Data:
- Purpose: We collect employee data such as employee management, payroll, and compliance with employment laws.
- Types of Personal Data Processed: employee contact details, performance evaluations, payroll information.
Third-Party Disclosures:
Our organization may disclose personal data to third parties as necessary for the fulfillment of the aforementioned purposes. Only HR data is shared with:
- Paycom.com, Slack, Google Workspace
We will never sell your Personal Data to any third party.
How we use Personal Data
- To Communicate with You About the Product and Services
- To Provide the Subscription Service
- To Improve and Develop Our Product and Services
- To Secure and Protect our Product and VideoAmigo Users
- To Market and Promote the Subscription Service
- Marketing
We would like to send you information about products and services of ours and other companies in our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other companies within Diginary Holdings. We will not share your information for marketing purposes with companies outside of Diginary Holdings.
If you no longer wish to be contacted for marketing purposes, contact us at privacypolicy@touchstorm.com. Your opt out request(s) will be processed within ten (10) business days of the date on which we receive it.
- Security
5.1 Information Storage and SecurityDiginary Holdings is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. For example, use data hosting service providers in the United States to host the information we collect, and we use technical measures to secure your data. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.
5.2 How Long We Keep InformationHow long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
5.2.1 Marketing Information
If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you specifically ask us to delete such information. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
- Access To Your Information And CorrectionYou have the right to request a copy of the information that we hold about you. We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. If you would like a copy of some or all of your personal information, please contact us at privacypolicy@touchstorm.com. Your information and/or correction request(s) will be processed within ten (10) business days of the date on which we receive it and will be provided in a common machine-readable format, for example as a .csv file.
6.1 Updating Your InformationIf you have registered for an account on the Site, you may view and update your account information or cancel your membership at any time by logging in to your account to update your Account’s Profile settings. If you are unable to access your Account Profile for any reason, please contact us at privacypolicy@touchstorm.com. Your information update request(s) or cancellation request will be processed within ten (10) business days of the date on which we receive it.
6.2 Your Rights – European Economic Area (EEA), United Kingdom (UK) Residents and individuals covered under the Swiss-U.S Data Privacy Framework
Please note: To protect your privacy, we may ask for additional information to verify your identity in order for us to respond to your request
Users in the EEA, UK and individuals covered under the Swiss-U.S Data Privacy Framework:
Under EU Regulation 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, including the United Kingdom’s substantially similar law as it takes effect in the United Kingdom by virtue of the Data Protection Act 2018 (collectively the “GDPR”), you have a number of rights when it comes to your personal information. Further information and advice about your rights can be obtained from the data protection regulator in your country of residence. You can exercise any of these rights by contacting us through our email, phone or mailing address in the “Contact Us” section below.
- The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Information and your rights. This is why we’re providing you with the information in this Policy.
- The right of access. You have the right to obtain access to your Personal Information, so you’re aware and can check that we’re using your information in accordance with data protection law.
- The right to rectification. You are entitled to have your Personal Information corrected or amended if it is no longer inaccurate or incomplete or, as the case may be, collected in violation of the EU-US Data Processing Framework.
- The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your Personal Information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
- The right to restrict processing. You have rights to ‘block’ or suppress further use of your Personal Information. When processing is restricted, we can still store your Personal Information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in the future.
- The right to data portability. You have rights to obtain and reuse your Personal Information for your own purposes across different services. This is not a general right and there are exceptions.
- The right to object to processing. You have the right to object to certain types of processing, and may change your preferences as described above.
- The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator:
- UK Information Commissioner’s Office (ICO) at www.ico.org.uk
- EU authorities at http://ec.europa.eu/justice/article-29/structure/data-protectionauthorities/index_en.htm
- Swiss FDPIC at https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html
- The right to withdraw consent. As noted above, if you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your Personal Information with your consent up to that point is unlawful). You can withdraw your consent to the processing of your personal information at any time.
Former, current, or prospective corporate customer contacts have the right to exercise choice (opt-out) from our use of their GDPR Personal Data for direct marketing purposes. To exercise this right, please follow the instructions in any direct marketing message you may have received (e.g., click the provided opt-out link in the email message or send us an email or postal mail request to opt-out in accordance the instructions provided in the direct marketing message).
Please contact us as specified below if you have any questions. In certain situations, we may be required to disclose GDPR Personal Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
Please contact us at privacypolicy@touchstorm.com if you have any questions, wish to exercise your rights of access, or seek other assistance as described above.
6.3 EU Data Subjects and Extra-territorial
Diginary Holdings safeguards personal data received in the United States from the United Kingdom(”UK”), European Union, or European Economic Area (“EU”) about former, current, or prospective corporate customer contacts and which is regulated by the (UK) GDPR. We are committed to protecting such GDPR Personal Data in accordance with our obligations under applicable law, such as GDPR Articles 45 to 50, and the Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.
Diginary Holdings complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Diginary Holdings has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Diginary Holdings has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the SwissU.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/
In all cases where Diginary Holdings transfers personal information to a third party acting as a controller, Diginary Holdings will comply with the Notice and Choice Principles. Diginary Holdings will enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by you and that the recipient will provide the same level of protection as the Principles and will notify Diginary Holdings if it makes a determination that it can no longer meet this obligation. The contract also provides that when such a determination is made the third party controller will cease processing or takes other reasonable and appropriate steps to remediate.
In all cases where Diginary Holdings transfers personal data to a third party acting as an agent (processor for GDPR purposes), Diginary Holdings will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles; (iii) take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles; (iv) require the agent to notify Diginary Holdings if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of Diginary Holdings’s contract with that agent to the U.S. Department of Commerce upon request.
When we transfer your information to third parties we comply with the requirements of the legal protections that cover your information. For example, when we perform an onward transfer of your information protected under the GDPR, we remain responsible for the processing of your personal information. For information subject to an onward transfer by us under the Data Privacy Framework, we will remain liable under the Data Privacy Framework Principles if a recipient of your protected personal information processes such personal information in a manner inconsistent with the Principles, unless we are able to prove that we are not responsible for the event giving rise to the damage.
6.4 Diginary Holdings complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Diginary Holdings has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Diginary Holdings has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Other WebsitesOur website contains links to other websites. This Privacy Policy only applies to this website so when you link to other websites you should read their own Privacy Policies.
Additional Information
8.1 A Note To International UsersThe Site is hosted in the United States. If you are accessing the Site from outside the United States, by providing your information to the Site, you are consenting to the transfer of your information to the United States for processing and maintenance in accordance with this Privacy Policy. You are also consenting to the application of United States law in all matters concerning the Site. Diginary Holdings makes it a practice to be aware of and comply, to the best of our ability, with International privacy best practices and laws, however, Diginary Holdings makes no representation that this Privacy Policy and such practices comply with the laws of every other country.If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the jurisdictions listed above and to Processing of your data globally. By providing your Personal Information, you consent to any transfer and Processing in accordance with this Policy.
8.2 Children’s Online Privacy Protection Act ComplianceOur website, products, and services are all directed to people who are at least 13 years old or older. In compliance with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not knowingly collect any information from anyone under 13 years of age.
8.3 Enforcement Of This Privacy PolicyIf you have questions regarding this Privacy Policy or our handling of your personal information, please contact us at privacypolicy@touchstorm.com. Your email will receive a response within ten (10) business days of the date on which we receive it.
8.4 Changes To This Privacy PolicyWe may occasionally update this Privacy Policy. When we do, we will post a notice on the homepage of the Site for a reasonable period of time after such changes are made that this Privacy Policy has been updated, and we will revise the “Last Updated” date at the top of this Privacy Policy. We encourage you to check this page periodically for any updates. Your continued use of the Site following the posting of updates to this Privacy Policy will mean you accept those updates.
- How To Contact Us Individuals and the data protection supervisory authorities in the EU/EEA may also contact our data protection representative according to Article 27 EU GDPR. Please contact us if you have any questions about our Privacy Policy or information we hold about you:
- By email to Diana Papaleo, Diginary Holdings’ Data Protection Officer, directly at DPO@diginaryholdings.com. Your email will receive a response within ten (10) business days of the date on which we receive it.
- Or write to us at: Diginary Holdings, ATTN: Diana Papaleo / DPO, 101 North Pinetta Drive, #35980, Richmond, VA 23235, United States of America. A response to your mailed communication will be sent within ten (10) business days of the date on which we receive it.
10. Exercise of Right
Complaints If you would like to exercise your rights under this Policy or the GDPR, or would like to lodge a complaints with respect to the implementation of this Policy and our processing of your Personal Data, please contact:
Diginary Holdings,
Diana Papaleo / DPO, 101 North Pinetta Drive, #35980, Richmond, VA 23235 United States of America
Diana Papaleo Data protection Officer DPO@diginaryholdings.com
Please note that we may request official identification information, such as a copy of your ID card, drivers’ license, etc. from you when you submit a complaint.
This provides that you may invoke binding arbitration by delivering notice to Diginary Holdings. and following the procedures and subject to conditions set forth in Annex I of the Principles.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Diginary Holdings commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
Please note that we are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).