Privacy for Humans

Howdy there! 🤠

At Loom, our users’ privacy is at the core of our decision making. We provide a service that changes the way we work and allows us to be more expressive and informative in our daily work communication. Sensitive information is passed through our systems, and we don’t take that lightly.

We have created this page to show you how our systems use your information. If you wish to view the legalese version of our privacy policy, click here.

Where does my data go within Loom?

Text-based Data

Your text-based data is comprised of your name, notifications, password, linked accounts like Google and Slack, video names and descriptions, and so on.The majority of this data is stored on an encrypted database at both rest and in-transit within AWS. This server is behind a VPC that only privileged servers have access to (such as our backend application servers). Some of this data is encrypted and sent to our caching layer where it is also encrypted at-rest. This caching layer is also behind a VPC and is additionally not accessible between data centers within AWS.

Image and Video Data

This is your avatars, videos and thumbnails. These files are stored on our encrypted S3 buckets, which can only be accessed by certain robots and engineers within our organization who have special access.

In order to speed up delivery of your videos to your computer, we utilize our CDN. Our CDN makes use of signed URLs. The CDN URL is not your video page URL. Your video page URL stays the same no matter what, but your CDN URL is the URL that actually delivers the video content.

When we sign these CDN URLs, we have complete control over deciding to not issue a URL to someone who requests it. Basically, even if you understand where a video is located on our CDN, you will not be able to access that URL unless you have the URL signed by us. This is how our password-protected videos work. In this case, we only give you a valid signed URL to view/download if you’ve provided the proper password. An additional benefit to signed URLs is that they expire, so old links will not be usable after some amount of time and you will then need to be issued a new one to access the same content.

Where does my data go outside of Loom?

Let’s get one thing straight. Your video data never leaves Loom’s systems to a third-party system. It always stays in our encrypted S3 buckets and CDN.

On the other hand, your textual data (name, email, Loom userId, persona, and so on) does leave to our trusted third-party systems. We think it’s important you understand not only what these systems are but also why we send your data to these systems. If you don’t agree with or understand our reasoning, please email us at privacy@loom.com. If you do not agree with your data going to a specific system, and you have an individual Loom account, deleting your Loom account (found at the bottom of your account settings) will permanently delete all of your data from all our systems and third-party providers. If you participate in a Loom Business or Loom Enterprise account, only the Loom account administrator at your organization can delete your data.

For folks coming to figure out GDPR compliance, the following third-party services act as data processors for us. When we work with these service providers in our capacity as a data processor for our User’s personal data, the General Data Protection Regulation (GDPR) calls these third-party service providers a sub-processor. A subprocessor is a third party data processor engaged by Loom who may have access to or process personal data: (i) on behalf of Loom customers; (ii) in accordance with customer instructions as communicated by Loom; and (iii) in accordance with the terms of a written contract between Loom and the subprocessor.

Subscribe to an RSS feed to be notified when we add new Loom subprocessors (note: you may need to cut and paste the "Subscribe to an RSS feed" URL into an RSS Feed Reader to monitor updates).

👤 Clearbit

Location: United States

Nature of Processing: Data enrichment service

What: Clearbit is a business intelligence API. What Clearbit basically does is take your email and scrapes public web profiles (LinkedIn, Twitter, etc.) to figure out core demographic information about you. We believe this is our most obviously intrusive system, so we list it first to clear up what it does and why we use it.

Why: Loom is looking to revolutionize workplace communication. A big part of creating a tool that is has so many horizontal use cases, is being able to serve relevant content to our users and provide new product experiences and tweak current ones to fit your workflow. Useful videos for an engineer will not be useful for a marketer. Useful videos for a marketer will not be useful for a sales rep. How we practically use this information is as follows:

  1. Pre-filling your welcome screen on-boarding to make signup easier. You can always change and update your persona or use case from this flow.

  2. Pre-filling your videos dashboard with a "How to Use Loom" folder with relevant use cases.

  3. Tying your persona to anonymous data points within our analytics dashboards so we can better understand which features of our platform are being used by different individuals and how we might build on top of these features to better serve you.

🤖 Segment

Location: United States

Nature of Processing: Data analytics distribution service

What: Segment is a data pipeline service that lets us send data to the other third-party services listed here in a standardized way and ensures this data does not get lost.

Why: Our core competency at Loom is ensuring workplace communication happens more effectively and humanely. With that being said, we’re a small team, and data pipelines certainly are not our core competency, so we let our friends at Segment do the heavy lifting in ensuring our data gets to where it needs to go (analytics services, Intercom and the like). Since this data goes to other services where we need your information (such as analytics platforms), personal data invariably gets passed through Segment.

💭 Intercom

Location: United States

Nature of Processing: Customer support service

What: Intercom is a messaging and marketing platform that allows us to do customer success better. This is where you’re able to chat with us from that little bubble in the bottom-right of our web pages.

Why: Intercom has drastically increased our ability to address bugs and handle requests from our users (that’s you!) over when we used to primarily use email. As a part of being able to maintain your relationship with us on this platform, we have to know who you are. We only know this once you’ve signed up and given us consent, but we use this information for various debugging purposes and to send you product updates and announcements.

📈 Amplitude

Location: United States

Nature of Processing: User analytics service

What: Amplitude is our main analytics platform. It allows us to track whether a feature or product is successful in delivering impact to our users, and it lets us discover new (anonymized) trends of usage via conversion funnels, event segmentation, data pathways, retention charts, and cohort analysis.

Why: If we are going to be a platform that delivers immense value to our users, we have to constantly be innovating. At over half a million users around the world, it’s no longer feasible for us to do user interviews and conduct surveys with all of our users. We need a way to see trends in usage on our products to understand if they're loved or hated, and then we swiftly nix things that don’t deliver value.

☎️ Zendesk

Location: United States

Nature of Processing: Customer support service

What: Zendesk is our customer support ticketing system. It allows us to help track, prioritize, and solve customer support interactions.

Why: Zendesk has helped us nurture customer relationships with personalized, responsive support. It also allows us to have tool which centralizes customer support request and inquiries to ensure our customers receive the best response.

🖥️ FullStory

Location: United States

Nature of Processing: Product analytics service

What: FullStory is used to enable us to look at session replays. A session replay is a recreation of your session interactions on our site. We take measures to utilize the FullStory controls to exclude and block all input field values and any property on our site where we think sensitive user information can be entered. We only run FullStory for a limited period of time in order to collect a statistically significant number of sessions for us to learn and be able to improve our product. Usually this happens when we’ve just released a new product or are considering improving an existing product.

Why: When we decided that Loom was a horizontal use case product (a product with many use cases, not just one), we implicitly became an on-boarding company. Our on-boarding has fluctuated between being "too light" to "overbearing" (direct words from our users and customers), and our company’s ability to survive largely depends on our ability to get our users to sign up and quickly understand how they can use Loom to best help them with their job. Unfortunately, we can’t efficiently and continually run user interviews with our hundreds of thousands of users. FullStory allows us to understand user behavior for users who drop off or become upset so we can continue to make sure the Loom experience is delightful and useful for as many people as possible.

📊 Google Analytics

Location: United States

Nature of Processing: Data analytics service

What: Google Analytics is an analytics platform that more uniquely gives us certain nice-to-have "vanity" analytics and serves as a good place for understanding where on the web our users are coming from.

Why: It’s good to know where our users are finding us so we can promote our product more with those partners and channels or figure out whether there are tangential products that should be introduced to our platform.

🐦 Sentry

Location: United States

Nature of Processing: Error logging service

What: Sentry is used as our error logging platform. When you get an error, we get it too so we can better fix these bugs as soon as possible.

Why: No one likes bugs! All data sent to Sentry includes IP and your Loom ID and nothing else. We grab your IP to get a general location the error is happening in and potentially pin-down bugs that have to do with timezones. We send your user ID so we can more quickly search and diagnose issues surfaced by our users in our customer support panel (Intercom). Your user ID does not reveal any of your personal information to the engineer investigating the issue.

Who has access to what within Loom?

Our non-technical team members have access to Intercom, which allows every person at Loom to be able to do customer support. Over time, this will become more restricted as we scale up the team to only be customer support individuals.

Our technical team can be granted temporary access to our servers, video and thumbnail storage layers. This is always for debugging and development purposes. Each engineer has a unique key that identifies them within our systems. All actions are logged for 6 years. If their key is compromised, we have an instantaneous way of expiring that key, checking if their key was used by an outsider, and processes to remedy such situations and alert the affected user base. So far, this has never happened in Loom's history, and we’re very proud of that.

How can I export my data?

Videos: You can export all of your video data by downloading each individual video.

Text-based Data: Your user information, folders and video metadata, comments, comment replies, and emoji reactions can be exported using the "Get my Data" button in your account settings.

If you ever want to delete your data, deleting your account (at the bottom of you account settings) will permanently delete all of your data off our systems.

Useful Vocabulary

🔒 Encrypted

Encryption is a process where data is scrambled with a specific secret that only a select few have. If this data is stolen, it cannot be understood unless the stealer has the proper secret. All of your personally-identifiable data (videos, images and text) are encrypted at-rest and in-transit across all systems.

🏃 In-transit

Your data is being sent from one location to another (usually one server/computer to another)

🛌🏾 At-rest

Your data is physically being stored on a device (usually a server)

🕳️ S3 Bucket

This is where we store larger (usually media) files such as images and videos

⚡ Cache Layer

A group of servers that uses faster storage for the purpose of being able to retrieve it faster

🤝 Database

This is a server that stores data that relates to one another. In other words, this is where we can query to answer questions like: "what is a user?", "does a user own one or many videos?", "could you get me a list of all of this user's comments?"

🔥 VPC

A firewall that blocks access to a server or group of servers only to users/robots that have the proper permissions

🌐 CDN

A CDN (Content Delivery Network) is a network of computers around the world whose purpose is to store data as close as possible to the downloader to speed up delivery of media.

🤖 AWS

Short for Amazon Web Services. This is the cloud provider we use at Loom that allows us to rent storage and compute capacity from their data centers.

If you have any questions on this terminology, we are here to help. Email us at privacy@loom.com.