Loom Terms & Policies
Effective: January 31, 2022
Information We Collect
We collect and receive the following types of information:
Information You Provide to Us:
- Account Information: To create an account for the Services or to enable certain features, we require that you provide us with information for your account such as name, email, password, and authentication credentials. If you sign up for a paid subscription, we (or our payment processors) may need your billing details such as credit card information, banking information, and billing address.
- Video and Other Customer Data: In using our Services, our customers submit or upload video recordings, seek user support, or provide other Customer Data (defined in our Terms of Service) to us. Our use of and processing of Customer Data is governed by our Terms of Service.
- Other Information You Provide: We receive other information from you when you choose to interact with us in other ways, such as if you sign up for one of our webinars or e-books, participate in a research study, contest, sweepstake, or event, apply for a job, or otherwise communicate with us.
Information We Collect Automatically:
- Usage Data: We automatically collect usage data about how you interact with our Services when you use them. For example, this could be actions you take on our platform, such as number of videos you’ve recorded or viewed, your sharing activity, or what third-party integrations you enabled.
- Log Data: Our servers automatically log certain types of data when you visit or use our Services, for example, when you navigate through our website. This data is stored in our log files and includes, Internet Protocol (IP) address, type of device, operating system or browser, unique device identifiers, browser settings, date and time you visited or used our Services, the referring website, URL parameters, and error and crash reporting data.
Information We Receive from Third Parties:
- Third-Party Integrations: Third parties may create integrations built on Loom technology so that their applications can interoperate with Loom. If you choose to enable an integration, the third-party may share some information about you with us to make your experience more seamless, such as your name, email, or other content or information needed to facilitate the integration. Additionally, if you sign up or login to our Services using one of our single-sign-on providers (e.g., Google, Apple, etc.), we collect authentication information provided to us by the provider to allow you to log in.
- Marketing Information: We may receive marketing or demographic information about you from third parties or partners, for example, data about your organization or industry or other public information from sources like social media or online professional profiles. We may combine this information with other data we already have to improve your experience with our Services or inform you of Services we think may be of interest to you.
How We Use Your Information
We use your information in the following ways:
- To provide and maintain our Services.
- To analyze and improve our Services.
- To keep our Services secure and protect against fraud, abuse, and intrusion.
- To provide user support, information, and services requested by you.
- To send important account or security notifications.
- To promote our Services in accordance with applicable laws and regulations. If you’d like to unsubscribe from our marketing emails, click the “unsubscribe” link at the bottom of the email. You can also update your notification preferences in your account settings.
- To comply with our legal obligations, including responding to a court order or other valid legal process.
- For other purposes with your consent.
Please keep in mind that customers control their accounts and associated Customer Data. We use Customer Data according to our customers’ instructions and our Terms of Service. Customers are able to: (1) restrict, remove, disclose, and access content and information associated with the accounts in their Workspaces; (2) grant, deny, or limit access to those accounts and Workspaces; and (3) configure the privacy settings for those accounts and Workspaces. If you create a Loom account with your work email and you aren’t already part of your company’s Workspace, your company may have the ability to add your account (including the content in it) to its Workspace. We’ll give you notice before that happens.
If information is aggregated or de-identified so that it can no longer be reasonably associated with an identifiable person, we may use it for any lawful purpose.
How We Share Your Information
We share information outside of Loom only as described below:
- Trusted Third Parties: We disclose information to our service providers or other third-parties so they can help us provide our Services and run our business. Examples include for storing Customer Data, payment processing, providing customer service, and helping us with our marketing activities. We’ll only disclose the information necessary for these parties to perform their services for us, and they’ll be bound by contractual obligations to protect your personal information.
- Other Users: When you collaborate with others, we display your basic account or profile information for context. For example, if you share a Loom recording with another user, we’ll let them know that it was you who shared it. Also, when users interact with a video or other content on our Services, we make certain usage information visible to the video owner and viewers, such as who viewed a video (if the viewer is logged in at the time of viewing) or how many times a video was viewed.
- Administrators: If you join a Workspace owned by another person or entity, the administrator of that Workspace has the right to access the content in it. Customers and their authorized users may choose to share and disclose information according to their own policies. Also, if you sign up for Loom with an email domain that is owned or managed by your employer or organization, we may share the fact that you have an account with us and some basic account information with your employer or organization.
- Change in Business Structure: If Loom is involved in a merger, acquisition, public offering, asset sale, insolvency, bankruptcy, or similar change in our business structure, we may need to disclose your information to those involved in the transaction, subject to confidentiality requirements.
- For Legal Reasons: We may release your information if we believe it is necessary to comply with the law, regulation, valid legal process, an enforceable government request, to prevent fraud or a security breach, enforce our policies or agreements, or protect our or others’ rights, property, or safety.
- With Your Consent: We’ll otherwise share your information only with your consent.For example, if you choose to enable a third-party integration, we may share account information and/or content from your account, but only as authorized by you when you enable or use the integration.
How We Protect Your Information
We are committed to protecting your information from unauthorized access, use, disclosure, and loss. We use industry-standard security practices to keep your information secure, such as encryption, access controls, physical security measures, and internal reviews of data collection, use, and storage. We’ve also obtained various compliance certifications and undergo ongoing audits to ensure continued security and compliance best practices.
However, data transmissions over the internet cannot be guaranteed to be 100% secure or safe from intrusion by others. Be sure to use secure internet connections, protect your login credentials, and create strong passwords for your account.
Learn more about our security and compliance efforts on our Security page.
To provide our Services, we transmit, process, and store data in the United States and other locations around the world. For example, if you access our Services from a foreign country, data may be stored locally on the device you use to access the Services.
We perform data transfers in accordance with applicable data protection law, using the following safeguards:
- Standard Contractual Clauses: Where required, we use standard contractual clauses to meet the data transfer requirements for processing personal data that is subject to the data protection laws of the European Economic Area (EEA), Switzerland, and UK and for other international transfers of Customer Data to the extent required by applicable law. Our Data Processing Addendum incorporates the standard contractual clauses.
- Other Valid Transfers: We will otherwise only transfer personal data to a country that the European Commission or UK authorities have determined provides an adequate level of protection for personal data or pursuant to another legally valid personal data transfer mechanism.
- Privacy Shield: While Loom remains self-certified under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and is committed to applying the Privacy Shield Principles to personal data received from the EU or Switzerland, we do not rely on those frameworks as a legal basis for personal data transfers. With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Loom is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. We are responsible for personal data we receive under the Privacy Shield, including onward transfers to third party agents acting on our behalf. Loom commits to cooperate with EU data protection authorities and comply with the advice given by those authorities with regard to human resources data transferred from the EU in the context of the employment relationship. Please send any questions or complaints regarding our Privacy Shield compliance to firstname.lastname@example.org or for unresolved complaints you may invoke binding arbitration, at no cost to you, from JAMS, which is an independent dispute resolution body in the United States. Competent EU and Swiss data protection authorities (or a panel established by those authorities) may also address complaints and provide appropriate recourse free of charge with respect to our Privacy Shield compliance. You can view Loom’s Privacy Shield certification on the Privacy Shield website.
When it comes to your personal information, you have the right to (subject to certain exemptions by law):
- Access your personal information.
- Delete your personal information.
- Correct or update your personal information.
- Transmit your personal information elsewhere.
- Object to or restrict the processing of your personal information.
You can exercise most of these rights through your Loom account. For example, if you wish to delete your personal information from Loom, you may permanently delete your account. You can also access and update your account information via your account settings page. If you are unable to exercise your rights through your Loom account, please contact the administrator of your Workspace, or otherwise you can send us your request.
For EEA, Switzerland, and UK Data Subjects
In general, Loom is a processor of Customer Data. This means that we process Customer Data only according to our customers’ instructions in accordance with our Terms of Service. For a list of our subprocessors, please visit our Privacy for Humans page. Loom acts as a controller for other types of personal data where Loom determines the purposes and means of processing of that data, such as personal data used for marketing or research purposes.
Where Loom acts as a controller of personal data, our lawful bases for processing include:
- Our legitimate interests (for example, to send you information about new features or upcoming product launches). You have the right to object to our use of your personal data for direct marketing at any time.
- As needed to comply with our contractual obligations (for example, if you sign up for a contest or promotion, we’ll process your personal data as needed for us to perform our obligations under the contest or promotion terms).
- To comply with legal obligations (for example, to respond to a law enforcement request or enforce or defend our legal rights).
- With your consent (for example, if you opt into receiving email marketing from us). You have the right to withdraw your consent at any time.
You may email us or contact one of our appointed representatives in the EU and UK below if you have questions or issues relating to your personal data:
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
Phone: +44 (20) 4532 2003
Verasafe Contact Form (UK)
If you feel we have not adequately addressed an issue, you have the right to lodge a complaint with your local data protection authority or the Irish Data Protection Commission, which is Loom’s lead supervisory authority in the European Union.
For California Residents
The California Consumer Privacy Act (CCPA) grants additional privacy rights to California consumers, such as the right to:
- Request to know about the categories or specific pieces of their personal information we collect, use, and disclose (including why we collect the information, where we get it from, and who we share it with).
- Request to delete their personal information.
- Not receive discriminatory treatment for exercise of their CCPA privacy rights.
If you send us a request, we will first validate your request by verifying your identity using your account information or other form of valid identification. An authorized agent may also make a request on a consumer’s behalf. Please note that, if you use Loom as an employee or agent of a business, we may not be required to grant your request to access/know or delete personal information, and we may ask that you contact your account administrator.
CCPA also requires specific disclosures for California consumers:
- We explain the categories of personal information we have collected in the preceding 12 months and sources of that information above under “Information We Collect.”
- We explain the business or commercial purposes for collecting personal information above under “How We Use Your Information.”
- We explain the categories of personal information that we have disclosed to third parties in the preceding 12 months above under “How We Share Your Information.”
We do not sell personal information.
Email us questions at email@example.com.