Privacy policy

General information

This website and the Clypp video documentation software are provided by the company Zesavi GmbH, a business with headquarters in Germany (https://www.getclypp.com). We provide you with this data privacy policy to inform you of how we handle your personal data collected on this website, our application and services.

Data controller

The controller under data protection law is:
Zesavi GmbH
Fellhornstrassse 4
87477 Sulzberg
Phone: +49 / 173 135 6292
Commercial register entry number:  HRB 15216
Registration Court: Amtsgericht Kempten (Kempten Local Court)
Data Protection Officer contact: support@zesavi.com

Website

Access and activity logs (server logs)

Each access to this website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual.

Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is section 15 subsection 1 of the German Telemedia Act (TMG), as well as article 6 (1) f of the GDPR.

Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web.

These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is section 15 subsection 1 of the German Telemedia Act (TMG), as well as article 6 (1) f) of the GDPR.

When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected.

These error logs are stored for a period of up to 7 days. There is no right to object to this.

Use of cookies

So-called cookies are used on parts of this website. They are small text files which are stored on the device with which you access this website. Different categories of cookies are used:

Essential cookies are necessary for ensuring the core functionality of our website
Functional cookies are cookies that are used for tracking user behaviour on our website to improve the functionality of our website
Marketing cookies are cookies we are using for serving interest-based ads
External media cookies: These cookies serve the purpose of displaying external media (such as videos or maps)
The legal basis for the use of essential cookies is Art. 6 (1) (f) GDPR -a legitimate interest. Our legitimate interest for the usage of these cookies is providing a functioning website.

The legal basis for the usage of the other cookies is Art. 6 (1) (a) GDPR — your consent. Without your consent no non-essential cookies will be set. You can withdraw your consent anytime with effect for the future. Alternatively, you can deactivate all non-essential cookies.

Website hosting

The website is hosted by Hetzner Online GmbH in Germany (privacy policy). The provider thereby processes the personal data transmitted via the website, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide a website, so that the legal basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR.

Use of third-party provider tools

In order to provide and continuously improve our services, we are using the services of the following third-party providers which may also process personal data. These third-party providers have been selected diligently and in line with the requirements of the GDPR.

a. Google

Unless otherwise stated in the data privacy policy, the operator of all Google services mentioned here is Google Ireland Limited,Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

i. Google Tag Manager

This website uses the service “Google Tag Manager”. The tag manager is a tool for managing so-called tags that are used during tracking in online marketing. In doing so, the tag manager does not process any personal data, since it merely serves to manage other services – e.g., Google Analytics, etc.

You can find further information on the tag manager here.

ii. Google Analytics

This website uses the service “Google Analytics”. The operator of this service is the company Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Google Analytics is a web analysis service, and, by placement of cookies and the information acquired by this, it enables us to make inferences about user behavior on our website. The information generated by the cookies is sent to a Google server in the USA and stored there. Our website uses the service Google Analytics on an exclusively pseudonymous basis. Your IP address is only recorded in abbreviated form and is hence anonymized.

The following data is collected and processed:

IP-Addresses (anonymized)
Usage data
Click path
App updates
Browser information
Device information
JavaScript support
Pages visited
Referrer URL
Downloads
Flash-version
Location information
Purchase activity
Widget interactions
Date and time of visit
The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR.. If you do not want Google Analytics to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

As part of the processing, the data may be transferred to the following recipients besides Google Ireland Limited:

Google LLC.
Alphabet Inc.
Data may be transferred to the USA as part of processing by Google Analytics. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

iii. Google Audiences / Remarketing

This website uses the service “Google Audiences/Remarketing”. The operator of this service is the company Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. The purpose of this service is to display advertising to users based on their interests. This requires conducting an analysis of website use, which is carried out using cookies. In this process, the cookies store anonymized or pseudonymized data regarding the use of the website. If you visit additional websites that also use these services, then you will be shown advertising that matches your previous interests. You can find more information at https://www.google.com/privacy/ads/

The following data is collected and processed:

Pages visited
IP Addresses
Duration of visit
Other data on use of websites
Content user is interested in
The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want Google Audiences to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

As part of the processing, the data may be transferred to the following recipients besides Google Ireland Limited:

Google LLC.
Alphabet Inc.
Data may be transferred to the USA as part of processing by Google Audiences. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

iv. Google Ads (formerly GoogleAdwords) and Google Ads Conversion Tracking

This website uses the service “Google AdWords”. The operator of this service is the company Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. The purpose of this service is so-called conversion tracking, i.e., we can detect what happened after you clicked on our advertisements. Cookies are placed for this purpose, but they are only valid for a limited time.

The following data is collected and processed:

Cookie-ID
Visited Pages
IP Addresses
Duration of visit
Usage data
Content user is interested in
Clicked Ads
Web requests
Cookie information
Referrer URL
Browser language
Browser type
The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want Google Ads to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

As part of the processing, the data may be transferred to the following recipients besides Google Ireland Limited:

Google LLC.
Alphabet Inc.
Data may be transferred to the USA as part of processing by Google Ads. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

v. Google Web Fonts

On this website the service Google Web Fonts is used. The service is provided by Google Ireland Limited Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Google Web Fonts enables us to load and display external fonts, so-called Google Fonts, on our website. Google Web Fonts is locally integrated on our website. This means that the fonts are not loaded from Google servers.

In the context of processing via Google Web Fonts, the following personal data is collected and processed:

IP address
The legal basis for this processing is Art. 6 (1)(f) GDPR — a legitimate interest. Our legitimate interest in the processing is to present the website in an attractive and user-friendly manner. Local hosting ensures that no data is transferred to Google, and no data transfer takes place.

Personal data is stored for as long as it is necessary to fulfill the purpose of processing. The data is deleted as soon as it is no longer required for the purpose.

b. BingAds

This website uses the service “BingAds”. BingAds is a conversion and tracking service of the Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Microsoft places cookies in the users’ devices that analyze the user behavior on our website. This presupposes that the user has reached our website through a BingAds advertisement. This only serves to provide use with information on the total number of users who have clicked on this type of advertisement. In this process, no IP addresses are stored, and no personal information on our users’ identity is shared. You can find further information in Microsoft’s data privacy statement in: https://privacy.microsoft.com/de-de/privacystatement.

The following data is collected and processed:

Engagement metrics
Number of visits
Bounce rates
Microsoft Click ID
Digital signature
UET ID tag
URLs
Referrer URL
Page title
Conversions
Screen height
Screen width
Browser language setting
Duration of visit
Screen color depth
Page response times
Clicked Advertisement
The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want Microsoft to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

Data may be transferred to the USA as part of processing by Microsoft. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

c. HubSpot

On this website we use HubSpot for different purposes. HubSpot is a software company from the USA with a branch office in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telephone: +353 1 5187500.

Hubspot is an integrated software solution that we use to cover different aspects of our online marketing. This includes, among others:

Email marketing, social media publishing & reporting, reporting, contact management (e.g., user segmentation & CRM), landing pages and contact forms.

Our registration service enables visitors to our website to find out more about our company, to download contents and to provide their contact information, together with further demographic information. This information, together with the contents of our website are stored on the servers of our software partner HubSpot. We can use it to make contact with visitors to our website and to determine which of our company’s services are interesting for them. All information collected by us is subject to this data privacy policy. We use all information collected exclusively for optimizing our marketing measures.

More information about the Privacy Policy can be found here.
More information about Hubspots regarding the EU-Data Protection Regulations can be found here.

More Information about HubSpots Cookies can be found here and here.
As part of the optimization of our marketing activities, Hubspot may collect and process the following data:

Geographical position
Browser type
Navigation information
Reference URL
Performance data
Information about how often the application is used
Mobile apps data
HubSpot subscription service credentials
Files that are displayed on site
Domain names
Viewed pages
Aggregated use
Version of the operating system
Internet service provider
IP address
Device identification
Duration of the visit
Where the application was downloaded from
Operating system
Events that occur within the application
Access times
Clickstream data
Device model and version
We also use HubSpot’s contact forms. More information about this can be found under “Forms” in this Privacy Policy

The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

Data may be transferred to the USA as part of processing by Hubspot. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, Art. 49 (1)(a) GDPR can serve as a legal basis. Please note the reference to the risk of data transfer to an unsafe third-country under sub-item “Forms”.

d. JotForm

This website uses JotForm services to implement forms for requesting exclusive content. These services are provided by JotForm Inc., which is based at 111 Pine St. #1815 San Francisco, CA 94111,  USA. 

JotForm services allow visitors to our website to receive exclusive content, such as case studies and reports, via email. When you fill out a form provided by JotForm, the data you submitted will be sent to JotForm and forwarded to HubSpot (for data handling using HubSpot, see “c. HubSpot”). The processing of the submitted personal data by JotForm takes place exclusively on European servers. We may use JotForm services to analyze visitors’ interest in services provided by Zesavi. All information collected by us is subject to this data privacy policy. We use all information collected exclusively for optimizing our marketing measures.

For more information on data handling performed by JotForm, visit the JotForm Privacy Policy.
More information on security measures implemented by JotForm can be found here.
More information on JotForm’s compliance with EU-Data Protection Regulations can be found here.

JotForm does not collect or sell information gathered from form responses. As part of optimizing our marketing activities, we may collect and process the following data submitted by website visitors in forms provided by JotForm:

First name
Last name
Email address
Phone Number
More information about our usage of forms provided by JotForm can be found under “Forms” in this Privacy Policy.

The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. You can refuse your consent or withdraw it at any time with effect for the future. The data will be stored for as long as it is necessary for the purpose of the procession or until you withdraw your consent. The data will be deleted as soon as it is no longer needed for the processing purposes. We consider JotForm a third party data processor. Jotform services are bound by the EU General Data Protection Regulations (GDPR). 

e. LinkedIn

We use the retargeting tool and the conversion tracking of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”). For this purpose the LinkedIn Insight Tag is incorporated into our webpage. LinkedIn uses it to collect statistical, pseudonymized data from your visit and use of our website and to provide us with the corresponding aggregated statistics based on these. In addition, this information serves to be able to show you relevant offers and recommendations specific to your interests, after you have inquired on the website about certain services, information and offers. The information in this regard is stored in a cookie. More information about Data Privacy of LinkedIn can be found here.

In this process this data will be collected and processed:

IP Address
Device information
Browser information
Referrer URL
Timestamp
The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want LinkedIn to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

Data may be transferred to the USA as part of processing by LinkedIn. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

Forms

We use HubSpot and JotForm to provide you with the following online forms. For this purpose, we forward your data to HubSpot and JotForm, which process the data exclusively at our request. See the data privacy policies on “HubSpot” and “JotForm”.

Please note: If you contact us via contact forms, personal data may be transferred to service providers in third countries. These third countries do not have an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without you possibly being entitled to legal remedies. The security of the transfer is regularly ensured by so-called standard contractual clauses, which ensure that the processing of personal data is subject to a level of security equivalent to that of the DSGVO. If the standard contractual clauses and binding corporate rules are not sufficient to establish an adequate level of security, your approval of this privacy policy will be deemed to be consent within the meaning of Art. 49 (1)(a) GDPR, which justifies data transfer to unsafe third countries.

a. Free offer of digital contents

In order to provide you with our downloadable content, we collect personal data from you. Below we explain these data.

Collected data: Email address, last name, first name, job title, phone number
Purpose of use: Customized sending of contents requested
Storage period: As a general rule, the data is only stored for as long as is needed to fulfill the purpose. The data is deleted after sending the content.
Legal basis: article 6 (1) b) GDPR

b. Newsletter

If you subscribe to our newsletter, then we store your email address and use this to send the newsletter. Your email address is not made public or disclosed to third parties.

Collected data: Email address
Purpose of use: Sending of the newsletter requested
Storage period: As a general rule, the data is only stored for as long as is needed to fulfill the purpose. For the newsletter, the data are stored as long as it is expected that a newsletter will be sent and as long as you have not objected to the use of your data.
Legal basis: article 6 (1) a) GDPR – consent
Revocation: You can unsubscribe from our newsletter at any time using a link included in each issue. We will then delete your email address from our distribution list. As an alternative, you can also unsubscribe from our newsletter at any time by sending an email to support@zesavi.com.

c. Web demo

If you request an appointment for a web demo, then we use your data to contact you and coordinate together with you an appointment and to hold the appointment.

Collected data: Email address, last name, first name, telephone number, (business)
Purpose of use: Coordination and holding of the web demo, as well as preparation for and follow-up on the demo
Storage period: As a general rule, the data is only stored for as long as is needed to fulfill the purpose. The data are stored as long as is needed to prepare, hold and follow-up on the appointment.
Legal basis: article 6 (1) b) GDPR

d. Free and trial account

If you register for a free or trial account, then we use your data to ensure that you receive the necessary information and to introduce you to the account and the features of the software.

Collected data: Email address, last name, first name, telephone number
Purpose of use: Provision of the requested account and explanation of the features of the software
Storage period: As a general rule, the data is only stored for as long as is needed to fulfill the purpose. After the deletion of your free account or the expiration of the test phase your data is deleted.
Legal basis: article 6 (1) b) GDPR

Application

Your privacy is important to Zesavi. Zesavi is committed to protecting your privacy at all times and applying the highest ethical and regulatory standards. For this reason, all communications from and within our Clypp Software-as-a-Service (the “SaaS”) are encrypted using state-of-the-art SSL encryption. This Zesavi Privacy Policy (the “Privacy Policy”) provides you with information about how we collect, use, disclose, transfer and store your information, as well as the choices you have regarding your information, including but not limited to personally identifiable information (the “Personal Information”). 

Our collection and use of personal data differs depending on whether you are an end user or an organization. If you are an organization such as a business, we process your information based on the Clypp for Businesses section of this Privacy Policy. If you are an end user of our Application for your personal use or if you are using an Application provided by your organization, please refer to the sections Application provided by your organization and Your Clypp account.

You will also receive information about our use of cookies (see detailed description and definition below), analytics tools, marketing and advertising practices, and offline activities. Our primary goal is to provide you with information about the following:

Except as expressly set forth in this Privacy Policy or as otherwise required or permitted by law, we will not share, sell, or distribute any of the information you provide to us without your consent (which in certain cases must be expressly given).

Declaration of consent

By reading and accepting the privacy prompt, activating the checkbox in the app, or using our Software-as-a-Service, you expressly consent to the collection, use, and transfer of information as set forth in this Privacy Policy in compliance with the principles of data avoidance and data economy.

We collect, use, transfer or transmit personal data in compliance with the data protection laws of the Federal Republic of Germany, as well as the data protection regulations of the European Union.

As part of our provision of the SaaS to you and from our interactions with you, Zesavi needs to collect and has a legitimate interest in personal data. The personal data we collect is limited to information that relates to our legitimate business purposes and that is necessary to carry out our legitimate business purposes and/or to fulfill obligations to you and to comply with our legal obligations as described in this Privacy Policy. Otherwise, Zesavi may not be able to provide you with services or information or enter into commercial transactions with you. We may have access to the following categories of information about you, and only some of this information is personally identifiable information that could directly identify you, but each category may provide some information about your interests and activities that could be used to draw conclusions about you.

Below are details about how we collect and use the information you provide when browsing our website and using our application.

Products and services

The SaaS enables more efficient knowledge sharing within the organization or between organizations and external entities such as partners or customers. Specifically, users of the SaaS have the ability to share information through a variety of media – primarily video, voice, and text. Users are guided through a step-by-step process to make their knowledge content as compelling and concise as possible. In version 1.0 of the SaaS, users can create videos from their screen with voice-over, their webcam with voice-over, a document with voice-over, or upload a video created with an external source, such as their smartphone. Sharing a video or other type of media content on the target web application, as well as sharing user-generated content, inherently requires sharing certain information that may include personal data.

The SaaS also provides interfaces to general and custom knowledge management systems and messenger services. Associated with this are possible additional services and consulting services for conception, video shooting, and pre- and post-production of videos and custom programming of interfaces to the customer’s information systems. In addition, the user can take advantage of the following features of the software: Suggesting videos for faster delivery of relevant short videos in the web application, sending marketing information about new features via email, aggregating data to create management-level evaluations of platform usage, most viewed videos and categories, and “power users.” In addition, a cookie is set when the software is used to simplify the registration process or to avoid multiple registrations.

Like many companies, we store all data in a cloud solution provided by Telekom Deutschland AG (Open Telekom Cloud, “OTC”) and Microsoft Corporation (Microsoft Azure Cloud). For more information, please refer to the respective privacy policies of Telekom or Microsoft. Zesavi restricts both Deutsche Telekom and Microsoft to store data exclusively on servers located in Germany. The storage of User Generated Content on OTC or Microsoft may be considered contract data processing (the “Contract Data Processing”), depending on the information stored in the User Generated Content. This Contract Data Processing is subject to a separate agreement.

The SaaS provides the user to automatically transcribe, summarize and tag generated video content. For these services, Zesavi uses an API to Microsoft Corporation’s Text-To-Speech, Intelligent Tagging Services and other Cognitive services. Please refer to the respective privacy policy of Microsoft for potential limitations that result from or in using the third party services. All data processing takes place exclusively in Germany and Western Europe (NL).

To provide online payment solutions when using our SaaS, we work with Stripe Inc, e.g. to enable automatic upgrading or downgrading of Free & Pro licenses. Please refer to the privacy policy of Stripe for further information.

We use this information only to provide you with the best possible Zesavi SaaS solution. We may do this by sending a “digital fingerprint” of your session. However, we remove all personal information. We store certain information about the URLs browsed in a session (in anonymized form) and use it for debugging, statistical purposes and to improve our SaaS.

Audio, video and screen recording

When you use a feature of our SaaS that enables audio, video and screen recording, we collect information from you in connection with such use and through such audio, video and screen recording to the extent you provide it to us. This information may include personally identifiable information if you provide us with personally identifiable information. By creating an audio, video and screen recording using our SaaS, you and your company represent and warrant that (1) you have obtained legally sufficient consent from any recorded employee or customer, (2) that we may collect, process, use and store the personal data provided to us as set forth in this Privacy Policy and any commercial agreement you have entered into with us, (3) that you have provided consent for such audio, video and screen recording prior to the commencement of the applicable audio, Video and Screen Recording (4) that you will only create, use, store and otherwise process such Audio, Video and Screen Recording in accordance with all applicable laws, rules and regulations, including data protection laws, (5) you will store and otherwise restrict access to the applicable Audio, Video and Screen Recording by implementing appropriate technical and organizational security measures, and (6) you are responsible for ensuring that your (and, if applicable, your Your employees or agents) use, control, process and treat such information, and any legal policies You may have in relation thereto, in accordance with all applicable laws, rules and regulations.

Any individual and/or entity that expressly requests an audio, video and screen recording is the data controller in respect of the relevant audio, video and screen recording and we are the data processor in respect of the relevant audio, video and screen recording.

Your Clypp account

In order to activate and/or use some of our SaaS, you must create an account (“Account”). During the account setup process, we will ask you for certain personal information, such as.

Company email address
Personal Name
Department
Team
Position
Location
Manager status
Profile Image


We need this information to enable you to activate, manage or use your Zesavi products and services. We may associate your email address and other personal information (such as name, department, team) with your account and access to our products or services. For more information, see the User Experience and Statistics section below.
When using the SaaS, in addition to the personal data that the user actively provides, we also collect data that the user passively provides, as well as their actions when using the SaaS:

Login times (date and time)
IP address
Published videos
Created videos in ‘draft’ status
Published playlists
Viewed videos
People who follow me
People I follow
Videos I mark as helpful and not helpful
Videos I download (only managers have this option)
Comments I write under videos
Videos I request

Invite others to use our products or services

You can invite a third party, for example, your customer, to try our SaaS by making the video available on a public website of the SaaS. To use this feature, you need to check a box within the content creation process and provide the public link to the third party.

Application provided by your organization

If Clypp is provided by your organization, your organization may control and manage your Clypp account and access as well as process your data. Zesavi’s processing of your personal data in connection with Clypp is contractually regulated between Zesavi and your organization. Zesavi processes your personal data in order to provide Clypp to you and your company.

Clypp for Businesses

Zesavi offers Clypp as a SaaS for enterprises. In doing so, Zesavi processes information of an organization’s users as specified in the Your Clypp Account section. In addition, Zesavi and the organization reach agreement(s) for Clypp settings as well as on privacy-related terms under an agreement for contract data processing. Zesavi shall be the processor and the customer shall be the controller within the terms of the General Data Protection Regulation.

Final provisions

Rights of data subjects

If the company Zesavi GmbH processes personal data as data controller, then you as the data subject have certain rights derived from Chapter III GDPR, which depend on the legal basis and purpose of the processing. These rights include when relevant especially the right to information (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to cancellation (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to data portability (Art. 20 GDPR), and the right to objection (Art. 21 GDPR). If the processing of personal data is based on your consent, then you have the right pursuant to Art. 7 III GDPR to revoke this consent granted under data protection law.

Please contact the Zesavi GmbH (see section “Data controller” in this privacy policy) in order to assert your rights as data subject regarding the data processed for the operation of this website. Please be aware that you must contact the data controller directly to assert your rights as data subject derived from the processing by us, as data processor of our customers. We reserve the right not to respond to corresponding queries or to redirect them to the corresponding companies.

Right to lodge a complaint

We would hereby like to inform you that pursuant to article 77 GDPR you have the right to lodge a complaint with the supervisory authority if you believe that your personal data have been processed illegitimately by us.

Right to object

You can object to the use of your data by using the appropriate opt-out or by making the appropriate adjustments in the Usercentrics consent management system.

Final clauses

Zesavi reserves the right to adjust this data privacy policy at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced or modifications are made on the website. In this case, the new data privacy statement applies to any later visit of this software.

Version 02-2023