Services Privacy Policy

Information Collected from Viewers. In connection with our provision of Brightcove Services, we may collect certain information about Viewers. Such information may include personal information, which is information that identifies an individual or relates to identifiable person. Information that may be collected when videos are viewed via Brightcove Services includes:

• Unique IDs such as IP addresses, user IDs or device ID.
• Viewer name, address, email address, title, industry, subscription confirmation and period. Note that Brightcove collects this information about Viewers only if a Customer elects to use certain features of Brightcove Services (such as Audience) that are intended to collect such information.
• System information, such as device, browser and operating system type and version, screen resolution and preferred language.
• Referring domain, destination domain and destination path.
• Video-viewing activity, such as player loads, number of views, viewed minutes, percent of content viewed, new Viewers, unique Viewers, attention span, top domains, geography, traffic sources, search terms and other similar information. This information is aggregated and de-identified (meaning it is not connected to an individual Viewer) unless a Customer elects to use certain Brightcove Services that are intended to connect such information.
• Geolocation data.
• Other personal information of a natural person that may be included in videos or other data that our Customers upload to Brightcove Services.

Information Collected from Customers. To enable us to effectively provide Brightcove Services, we may collect the following information from individuals authorized by Customers (such as a Customer’s employees) to use Brightcove Services:

• Name, business email address, business telephone number, company, title and business billing address and payment information.
• Login credentials.

Cookies and Other Tracking Technologies. We, and our third-party service providers, may use technologies such as cookies and beacons to quantify use, to analyze viewing and engagement with videos displayed using Brightcove Services, to conduct benchmarking, to generate metrics, to report to Customers and to assess the quality of Brightcove Services.

Cookies. A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We may link the information we store in cookies to any personal information we obtain from your use of Brightcove Services. Brightcove Services may use both session cookies and persistent cookies. A session cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions of Brightcove Services. For more information about cookies, please see our product documentation.

Web Beacons. We may also use web beacons, tags and scripts in connection with Brightcove Services. Web beacons, also known as clear GIFs or single-pixel GIFs, are small image files that Brightcove Services use to communicate analytics data on Viewer activity and service usage. Alongside cookies, web beacons allow us to accurately count the number of unique Viewers who have viewed a video and activity during a viewing session. This information enables us to measure the performance of our Customer’s videos and allows Customers to evaluate Viewer interaction with their video content.

HTTP Headers. HTTP headers are information that is transmitted whenever a webpage is viewed, and contain technical information required for communication between a browsing device and a website server. Other electronic communication protocols (such as those used for email) also use headers to transmit information. Information may be transmitted through HTTP (or other electronic communication protocol) headers to Brightcove from the Customer’s use of Brightcove Services or from Viewer interaction with a Customer's video. This may include information about the device browser, the requested webpage and the computer or device being used (such as a carrier or device identifier).

Log Files. As is true of most online services, we gather certain information automatically and store it in log files. This information may include Viewer IP address, browser type, device type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp and/or clickstream data. An IP address is identified and logged automatically in our server log files whenever a Customer uses Brightcove Services or a Viewer watches a video, along with the time(s) of the visit(s) and the page(s) visited. We may combine this automatically-collected log information with other information we collect. We do this to provide analytics data to our Customers, to improve the functionality of Brightcove Services and for the other purposes described in this Privacy Policy.

Analytics. We may use third-party analytics services, such as Google Analytics, to track the use of Brightcove Services by our Customers. For information on how Google collects and processes information and how to opt out from Google’s collection of your information, please click here.

Social Media Features. The Brightcove Services enable you to utilize third party social media features, such as LinkedIn, Twitter, Facebook, and Google products, including YouTube. Your interactions with these features are governed by the privacy policy of the company providing the social media feature. If you utilize these plug ins, you agree to be bound by the terms of service and privacy policies of that Platform, as applicable. Your use of the YouTube API Services is governed by the YouTube Terms of Services policy, available at https://www.youtube.com/t/terms and its Privacy Policy is available at http://www.google.com/policies/privacy. LinkedIn's terms are available at https://legal.linkedin.com/api-terms-of-use, and its privacy policy can be accessed here https://www.linkedin.com/legal/privacy-policy. Facebook's terms are available at https://www.facebook.com/terms and its privacy policy is available at https://www.facebook.com/full_data_use_policy. Twitter's terms are available at https://twitter.com/tos?lang=en and its privacy policy is available at https://twitter.com/privacy?lang=en.

Do Not Track. Brightcove Services do not recognize if a browser sends a “do not track” signal or similar mechanism to indicate the user does not wish to be tracked or receive interest-based ads. Please see our Cookies Policy for more information including how to exercise your rights to opt-out of cookies, analytics, and personalized advertising.

To the extent permitted by applicable law, we may use information about our Customers and Viewers for the following purposes or in the following ways:

• To deliver Brightcove Services.
• To provide our Customers with analytical data and reports about video viewing activity.
• To provide Customer support.
• To enable Viewers to register with our Customers in order to be able to watch video content on our Customers’ websites or apps. Brightcove collects this information at the direction of the Customer.
• To personalize Brightcove Services.
• For internal business purposes, such as data analysis, benchmarking, audits, developing new products, enhancing Brightcove Services, facilitating product, software and applications development, conducting research, analysis, studies or surveys and identifying usage trends.
• To protect the security and integrity of Brightcove Services, our Customers’ video content and data and our business.
• To meet our contractual requirements, to comply with applicable legal or regulatory requirements and our policies and to protect against criminal activity, claims and other liabilities.
• We may also use information about our Customers: to send Customers information and updates regarding Brightcove Services, programs and promotions; to fulfill Customer requests, such as to create Brightcove Services accounts; or complete Customer purchases.
• In other ways with appropriate consent.

To the extent permitted by applicable law, we may share, disclose and transfer information, including personal information as follows:

• With the Customer, as part of the Brightcove Services.
• With third-party service providers we use to support Brightcove Services and our business. These parties include third parties providing us with services such as website hosting, data analysis, infrastructure provision, IT services, customer service, analytics and email delivery services. These third parties are authorized to use information related to you only as necessary to provide these services to us.
• With third parties where the Viewer or Customer has requested to use a third-party service (including applications) in connection with Brightcove Services and has requested that we provide information to such third parties.
• With our current affiliates and any future corporate subsidiaries or affiliates.
• With a buyer, investor, new affiliate or other third party in the event that Brightcove, or any portion, group or business unit thereof, undergoes a business transition, such as a merger or acquisition, or during steps in contemplation of such activities (e.g., negotiations and due diligence). You will be notified via email and/or a prominent notice on our website of any change in ownership, change in use of your personal information and choices you may have regarding any change in use of your personal information.
• With third parties for marketing, advertising, promotions, contests or other similar purposes.
• As we believe necessary: under applicable law, including laws outside the Viewer’s or Customer’s country of residence; to comply with any law or directive, judicial or administrative order, legal process or investigation, warrant, subpoena, law enforcement or national security investigation, or as otherwise required or authorized by law; to respond to requests from public and government authorities, including public and government authorities outside the country of residence; to enforce our policies, terms and conditions; to protect our operations or those of any of our affiliates, customers, partners, agents or others; to protect our rights, privacy, safety or property and/or that of our affiliates, customers, partners, agents and any other person or organization; and/or to permit us to pursue available remedies or limit the damages that we may sustain.

Payment Processing. We use third-party payment service(s) (“Payment Service”) to process credit card payments for certain editions of Brightcove Services. Customers acknowledge and agree within their Brightcove Services agreement that when prompted to provide credit card information, that information gets transmitted directly to the Payment Service. Brightcove does not have access to full credit card numbers and does not store such information in its own systems. Information transmitted to the Payment Service is encrypted using SSL technology. The Payment Service is required to comply with all applicable privacy and security laws and the rules and regulations issued by the payment card industry and the credit card companies. Please contact us at privacy@brightcove.com if you would like Brightcove to facilitate the correction or deletion of your personal information with the Payment Service.

Cross-Device Tracking. When Customers or Viewers use devices to display and/or view a Customer’s video content, we may receive information about their devices, including a unique identifier for each device. We and our service providers and third parties we collaborate with, including ad networks, may use cross-device/cross-context tracking. For example, a Viewer might use multiple browsers on a single device, or use various devices (such as desktops, smartphones and tablets), which can result in the individual having multiple accounts or profiles across these various contexts and devices. Cross-device/cross-context technology may be used to connect these various accounts or profiles and the corresponding data from the different contexts and devices.

Aggregate Information. To the extent permitted by applicable law, we may use, process, transfer and store any data about Viewers and Customers in a non-personal, aggregated manner. We may combine personal information with other information, collected online and offline, including information from third-party sources. We may also use information in other ways with consent or as otherwise permitted by applicable law. By using Brightcove Services, our Customers agree that we may collect, use, share and store non-personal, aggregated data collected through Brightcove Services for benchmarking, analytics, metrics, research, reporting, machine learning and other legitimate business purposes.

Automated Decisions. To the extent permitted by applicable law, we may collect data in an automated manner and make automated decisions, including using machine-learning algorithms, about Viewers and Customers in order to provide and/or optimize Brightcove Services, for security or analytics purposes and for any other lawful purpose.

The following European Privacy Policy applies to residents of the European Union, the European Economic Area, Switzerland and the United Kingdom who use Brightcove Services.

Personal Data and Processing. For the purposes of this European Privacy Policy:

“Personal Data” means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of such natural person.

“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Purposes and Legal Bases for Processing Personal Data. Brightcove Processes data for the purposes as set forth in this Privacy Policy, including to provide Brightcove Services. To fulfill these purposes, Brightcove may access data, including Personal Data, to provide Brightcove Services, to correct and address technical or service problems, or in response to contractual requirements. Please see the Information We May Collect, How We May Use Information and How We May Share Information sections for additional details on how we collect, use, disclose and share data, make automated decisions and retain data, including Personal Data, about Viewers and Customers.

Our lawful bases for the Processing of Personal Data are: (i) consent and/or (ii) any other applicable legal bases, such as our legitimate interest in engaging in commerce, offering products and services of value to the customers of Brightcove Services, preventing fraud, ensuring information and network security, direct marketing and advertising and complying with industry practices.

Additional Rights for European Residents. As a resident of the EU or a country following substantially-similar legislation regarding the protection of personal data, you may have one or more of the following additional rights available to you:

• Access. To request a copy of the Personal Data we have collected about you by contacting us at privacy@brightcove.com.
• Rectification & Erasure. To request that we rectify or delete any of the Personal Data about you that is incomplete, incorrect, unnecessary or outdated.
• Objection. To object, at any time, to Personal Data about you being Processed for direct marketing purposes.
• Restriction of Processing. To request restriction of Processing of Personal Data about you for certain reasons, such as, for example, if you consider Personal Data about you collected by us to be inaccurate or you have objected to the Processing pending the verification of whether our legitimate grounds for Processing override yours.
• Data Portability. To request and receive the Personal Data we have collected about you in a commonly used and machine-readable form.
• Right to Withdraw Consent. If Personal Data about you is processed solely based on your consent and not for any other legitimate interest, to withdraw your consent at any time, without affecting the lawfulness of our Processing based on such consent before it was withdrawn, including Processing related to existing contracts for our products and services.
• Right to Lodge a Complaint with a DPA. If you believe our Processing of Personal Data about you is inconsistent with the applicable data protection laws, to lodge a complaint with your local supervisory data protection authority (“DPA”).

To exercise any of the above-listed rights (with the exception of the right to lodge a complaint with a DPA, which you may do directly to a DPA), please contact us at privacy@brightcove.com. We will process any requests in accordance with applicable law and within a reasonable period of time. We may need to verify your identity before processing your request. Certain information may be reviewed, corrected and updated by logging into your Brightcove Service account and editing the profile information.

If Brightcove receives a request from a Viewer, we may refer the request to the Customer and support the Customer in responding to the request.

Compelled Disclosures. Brightcove may be required to disclose Personal Data in response to lawful requests by public authorities, including disclosures necessary to meet national security or law enforcement requirements, or pursuant to judicial orders.

Given the judgment of the Court of Justice of the European Union dated 16 July 2020 which invalidated the adequacy of the Privacy Shield Framework, we are increasingly relying on the European Commission Standard Contractual Clauses as a transfer compliance mechanism. We also continue to process relevant Personal Data in line with our obligations under the Privacy Shield Framework. For further information, please see our Privacy Shield Notice below.

If you have any questions regarding this Privacy Policy, please contact us by email at privacy@brightcove.com, or call +1 617 500 4947, or write to:

Attn: Privacy Team
Brightcove Inc.
281 Summer Street
Boston, MA 02210

Please be sure to include sufficient information so we can understand and respond to your specific question or request.