We, Verbit Software Ltd., company no. 515547735 (“Verbit“, “we“, “us” or “our”), with place of business at Alon Tower II, 14th Floor, 94 Yigal Alon Street, Tel Aviv, Israel, and our corporate affiliates, are committed to protecting and respecting your privacy. We believe in transparency and want you to feel comfortable using our platform, and we are committed to being upfront about how we treat your personal information.
- Important information and who we are
It is important that you also read the other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements the other notices and is not intended to override them.
b. Data Protection Officer
We have appointed a data protection team (hereafter: “DPO”) who are responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, including any other inquiry regarding your privacy rights, please contact the DPO using the details set out below.
c. Contact Details
Our full details are:
Verbit Software Ltd.
Email address: Privacy@verbit.ai
Postal address: Alon Tower II, 22nd Floor, 94 Yigal Alon Street, Tel Aviv, Israel.
If you are an EU resident, you have the right to make a complaint at any time to the relevant supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach such authority, and encourage you to do so.
d. Changes to the Policy and Your Duty to Inform us of Changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
e. Third-Party Links
- The Personal Data we collect and process:
“Personal Data”, or personal information, means any information that relates to a natural person that person can be identified. It does not include data which cannot be used to identify a natural person (anonymous data).
a. Verbit processes three types of Personal Data:
- Personal Data that users of our Services (“Customers”) ask us to process on their behalf (“Processor Data”), which will include any Personal Data which be included in materials that our Customers provide to us to transcribe, caption, translate, or otherwise process for them. When Verbit processes personal data on behalf of a Customer, Verbit is the “processor” of the data under applicable law, and the Customer is the “controller”.
- Personal Data that we may collect from or about you and other end users visiting the Site (together with the information indicated under section 2(a)(iii) below, “Controller Data”). This includes, for example, the e-mail address that you provide when you fill out contact us forms, sign up for or to receive quote requests, pricing requests, trial requests, webinars, white papers, blog subscriptions and other forms in our Services, as further described below. Under applicable law, Verbit is the “controller” of such data.
- Personal Data that we may collect from our Customers, vendors and their representatives, in order to provide the Services. This includes, for example, the names and contact information of our Customers and vendors. Under applicable law, Verbit is the “controller” of such data.
Details of our processing of these types of Personal Data is described below.
b. Our Collection of Processor Data
We receive information from or on behalf of our Customers and their users. Because of the nature of the Services, we do not control the information received. This information may contain any type of Personal Data, including names, contact information, other identifying information, as well as sensitive information.
c. Our Collection of Controller Data
When you interact with us through the Site or the Services, or become a Customer or one of our service providers, we may collect personal data and other information from you, as further described below:
When you sign up for our Services, you need to provide certain information, such as your name and email address. We collect and process this data for the purpose of registering you as a user. The legal grounds for collecting, processing and using your personal data is your consent, the performance of the agreement between you and Verbit to provide you with the Services and our legitimate interests of protecting the security of our users’ accounts.
When you communicate or interact with us via email, telephone, online or in person, we collect and process Personal Data, such as your name, mailing address, phone number, email address and contact preferences.
We use this information to provide you with our Services and customer support and to monitor the quality and types of customer support we provide to our Customers. The legal ground for processing this information for these purposes is Verbit’s legitimate interests in providing quality customer support.
If you request or actively consent to receiving newsletters, marketing and promotional information from us, we will also process your email address for the purpose of providing you with the same. The legal ground for processing your email address for this purpose is your consent. You may withdraw your consent at any time through the “unsubscribe” link at the bottom of each of our marketing emails.
You may withdraw your consent to the use of the Personal Data described above at any time. However, certain information is required in order for you to register and enjoy the full benefits of our Services, and a withdrawal of your consent might limit your ability to enjoy our Services, in whole or in part.
Controller Data we collect from your use of the Services
When you interact with our Services, for example by visiting our Site, we may automatically collect (by cookies, web beacons, tracking pixels and similar technologies) certain information about you: (a) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, language preferences, browser plug-in types and versions, operating system, version, device information and the geographic location of the device that you are using to log-in; (b) information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for, the frequency and scope of your use of the Services, page interaction information (such as scrolling, clicks, and mouse-overs), the content you viewed (including advertisements you clicked on) and pages you visited, your communications with other users and third parties, and cookie data.
Tracking Pixels. We use several third-party services which use tracking pixels on our website to collect information that we use to provide the Services, improve our products and services, and for other purposes. These include:
- Google Ads – We use conversion pixels from Google to track the success of campaigns and to learn about which cross sections of people are most interested in our products and services. You can learn more about how Google collects data at https://policies.google.com/technologies/ads?hl=en-US and specifically about Google enables customers like us to use conversion tracking here: https://support.google.com/google-ads/answer/1722022.
- Adroll is a marketing tool provided by Adroll, Inc., which allows us to retarget unknown visitors to the site through banners and social media ads. You can visit https://www.adrollgroup.com/privacy to learn more about how Adroll is used to collect data for customers like us.
- Google Analytics. We use Google Analytics to evaluate how users use our website and who uses our website. You can learn more about how Google collects and uses data by visiting https://policies.google.com/technologies/partner-sites (“How Google uses information from sites or apps that use our services”).
- We use Facebook for social media advertising and to generate new leads and traffic to our website. You can learn more about how Facebook collects information generally and on behalf of its customers like us, at https://www.facebook.com/policy.php.
- We use LinkedIn for social media advertising and to generate new leads and traffic to our website social media advertising. You can learn more about how Facebook collects information generally and on behalf of its customers like us, at https://www.facebook.com/policy.php.
Disabling Location Tracking. You can grant or revoke your consent to our collection of your location at any time or prevent us from continuing to access your GPS information by disabling the GPS or other location-tracking functions on your device, provided your device allows you to do this.
Disabling Cookies. To learn more about cookies, please visit http://www.allaboutcookies.org/. Most Internet browsers allow you to delete or decline cookies by changing your browser settings. The “Help” function in the toolbar of most browsers should indicate how you can set your browser to notify you before accepting cookies or to disable cookies entirely. However, if you refuse to accept cookies, you may not be able to access and take advantage of many features of our Services properly.
d. Collaboration with Google and other Third-Party Ad Networks.
- Google’s use of advertising cookies enables it and its partners to serve ads to you based on you visit to our sites and/ other sites on the Internet.
We also collect, use, and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from Personal Data but is not considered Personal Data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Policy.
e. If you fail to provide Personal Data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
f. When you use Verbit’s application for Zoom (“Zoom App”), Verbit will automatically record and collect audio and video from your Zoom session (including any items shared on screen, and all Personal Data included) while the Zoom App is open. The legal basis for our collection of this information is the performance of our contract with you or the entity you represent (the Customer). We use this information to provide our services. If we were not able to collect this information, we would not be able to provide the Zoom App. We retain the information for the period the applicable Customer has chosen in the account settings section of the Verbit platform.
- How we use the information we collect and store
a. In addition to the uses described under Section 2, we will most commonly use your Personal Data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
b. Use of Processor Data:
Subject to our contractual obligations with our Customers, and depending on the particular Services, we use any information that is qualified as Processor Data as follows:
- To provide, maintain, and improve the Services, including by analyzing the Services and addressing security and business continuity issues.
- To improve the quality of the Services through repetitive use of artificial intelligence methodology.
- For other purposes requested or permitted by our Customers or their users, or as reasonably required to perform our business.
- We may retain data received as Processor Data in aggregated and anonymised form, i.e. so that it can no longer be associated with any data subject, and does no longer qualify as personal data, for research or analytical purposes.
c. Use of Controller Data:
We use any information that is qualified as Controller Data to help us to:
- provide services or customer support and respond to inquiries;
- deliver relevant website content;
- communicate back to you;
- allow you to access Services, or otherwise engage in activities in the Site that you select;
d. We use information that we automatically collect as follows:
- to perform network communications, to administer our site and to support internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and as part of our efforts to keep our site safe and secure;
- for maintaining and analysing the function of the Services’ features and offerings, advertisements, and e-mail communications, and to improve them when necessary.
- to improve website optimization.
Verbit limits access to your personal information by Verbit personnel to those whom we believe reasonably need that information to provide products or services to you or in order to do their jobs.
- DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES
We share your personal information with the parties set out below for the purposes indicated in Sections 2 and 3 above:
a. Disclosure of Processor Data:
- With our Customers. We disclose data to the relevant Customers, as requested or permitted by our Customers or their users, or as reasonably required to provide our Services.
- Service providers acting as processors located around the world who provide transcription services. Our policy is to have each service provider sign a confidentiality agreement which prohibits use of any content we provide, including personal information that may be included, for any other purposes.
b. Disclosure of Controller Data:
- With our affiliates. This relates to companies that are legally part of the same group of companies that we are part of, or that become part of that group. Currently our affiliates are based in the United States and perform sales support, customer support, and other functions on behalf of our group.
- Professional advisers including lawyers, bankers, auditors and insurers as well as regulators and other authorities based in Israel and the United States.
- We may disclose Personal Information (i) as a response to a legal request (such as a court order, search warrant, or subpoena) if we believe that we are required to do so by applicable law; or (ii) when we believe that such disclosure or use is necessary in order to: reveal, prevent and address fraud, intellectual property infringement, piracy, or other illegal activities; enforce this Policy, or our Terms and Conditions (available at https://verbit.ai/terms-and-conditions/) and other agreements we have entered into, including in order to investigate potential breaches; protect our rights, property or safety, or those of our users or from members of the public from harm, as required or permitted by law; and prevent death or imminent bodily harm.
- Service providers who provide marketing, analytics, customer management and other services that we use to contact you, provide and improve our Services, provide customer support and for other purposes.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Policy.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Non-Personally Identifiable Information.
- We may also share aggregated or non-personally identifiable information that we collect under any of the above circumstances with our business partners, affiliates or other third parties to develop and deliver targeted advertising on our websites and on websites of third parties. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our website and the most popular features or services accessed. This information does not contain any Personal Date and may be used to develop website content and services that we hope you and other users will find interesting and to customise content and advertising.
- Transfers of Personal Data
We are an Israeli private company headquartered in Israel. Please be aware that we may need to transfer your information, including your Personal Data, to other countries, including, Ireland and the United States, other countries around the world where our service providers, such as our transcibers, may be located.
When we transfer Personal Data of EU individuals out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- Where we use service providers, these service providers are bound by specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
- The country in which the service provider is located has been approved by the European Commission as providing legal adequate protection of Personal Data.
Please Contact us Privacy@verbit.ai if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
- Data Retention
Verbit will retain your information only for as long as is necessary for the purposes set out in this Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements, or for as long as your account is active, or as needed to provide you services, or for the relevant term under the respective statute of limitation that may apply to the relationship between you and us.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
If you no longer want Verbit to use your information to provide you services, you may close your account. Verbit will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
In some circumstances we may anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
- How do We Secure Your Information?
We consider data security a top priority and we do our best to keep your Personal Data secure. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Such measures include:
- End-to-End Network Isolation
- External & Internal enforcement points
- Server Hardening
- Denial of Service (DOS) Protection
- Segregation between Office and Production Networks
- Penetration Tests
- Access Control
- Data Encryption
- Vulnerabilities Management
- Segregation of Customer Data
- Identity and Access Management (IAM)
- Password Policy
- Recertification of Access Permissions:
- Configuration and Patch Management
- Security Incident Response
In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. Our policy is to require such persons to only process your Personal Data on our instructions and to execute confidentiality agreements (or be otherwise subject to a duty of confidentiality).
We have put in place procedures to deal with personal data breach (whether such breach is actual or a probable threat) and will notify you and any applicable regulator of a breach where we are legally required to do so.
Please keep in mind that we update and change the security measures we employ from time to time. In addition, no method of transmission over the Internet, or method of electronic storage, is 100% secure. As a result, although we strive to protect your Personal Data, we cannot promise or guarantee that such information will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contact Us” section above.
- Protection of Children’s Privacy
Our Services are not directed to children under sixteen (16) years and we do not knowingly collect Personal Data from children under the age of 16. If we learn that we have collected personal data of a child under the age 16 without the legal guardian’s consent, we will take reasonable steps to delete such information from our system as soon as is practical. Please contact us at Privacy@verbit.ai if you believe we have any information from or about a child under the age of 16.
- Your Legal Rights
If you reside in the European Union, you have certain rights under European Data Protection Law with regard to your personal data. In order to exercise rights or choices with respect to Processor Data, please make your request directly to the Customer for whom we process the Personal Data. With respect to Controller Data, you have the right to:
- Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which, if applicable, will be notified to you at the time of your request.
- Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above, please contact us under Privacy@verbit.ai .
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you do not reside in the European Union but you believe that you have a right to restriction of processing or a right to object to processing under your local laws, please contact Verbit at Privacy@verbit.ai
Any changes we may make to this Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or other appropriate means. Please check back frequently to see any updates or changes to this Policy. To the extent permitted by law, your continued use of our Services following the posting of changes to this Policy or providing notice to you, whichever occurs first, means that you accept those changes.
If any provision of this Policy is deemed invalid by a court of competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of this Policy, which shall remain in full force and effect, provided, however, that in such event this Policy shall be interpreted so as to give effect, to the greatest extent consistent with, and permitted by, applicable law, to the meaning and intention of the excluded provision as determined by such court of competent jurisdiction.
- Governing Law and Jurisdiction
This Policy shall be governed by the laws of the State of Israel, without respect to its conflict of laws principles. We each agree to submit to the personal and exclusive jurisdiction of the courts located in Tel Aviv, Israel, and waive any jurisdictional, venue, or inconvenient forum objections to such courts.
Our Services are controlled and operated from Israel, and we make no representations that they are appropriate or available for use in other locations.
- Note to International Users