Movio Privacy Policy

Vista Group (NZ) Limited (“Movio” "we" "us" or “our”) is the controller of your personal information. We are located at Shed 12, City Works Depot, 90 Wellesley Street West, Auckland Central, Auckland 1010, New Zealand, and we are responsible for your personal information and we take our data protection and privacy responsibilities seriously.

This Privacy Policy explains how we collect, use and share personal information in relation to our website www.movio.co and in the course of our business activities, including:

  • What personal information we collect
  • Legal bases for using your personal information
  • How we share personal information
  • Direct Marketing
  • Transferring personal information globally
  • How we protect and store personal information
  • Cookies
  • Legal rights available to help manage your privacy
  • How you can contact us for more support

This Privacy Policy also does not apply to information collection activities by our clients or on their behalf (“Client Data”). For example, Movio provides software to our clients, and may process information on their behalf to provide those services. This Privacy Policy does not describe the processing of Client Data, and we invite you to visit the applicable client’s privacy policy for information about their privacy practices. Any questions you have relating to such information and your rights under data protection law should be directed to the client, as the controller of that information, and not to Movio.

This Privacy Policy will also not apply to any information we collect about you when you apply for a job with us. For our job candidate privacy notice, please click the link here.

Data Privacy Framework

With respect to personal information processed in the scope of this Privacy Policy, Movio’s wholly owned subsidiary, Movio, Inc, located at 335 N. Maple Dr, Ste 150, Beverly Hills, CA 90210, USA, acts as a service provider of Movio with regard to its handling of EU, UK and Swiss data, and complies with the EU-U.S. Data Privacy Framework (and its UK Extension) and Swiss-U.S. Data Privacy Framework (the “Data Privacy Framework”) as adopted and put forward by the U.S. Department of Commerce regarding the processing of personal information. References in this Privacy Policy to “Movio” will include Movio, Inc, as service provider for Movio, where applicable. Movio commits to upholding, and has certified to the Department of Commerce that it adheres to, the Data Privacy Framework Principles for the processing of all personal information received from the EU, UK and Switzerland in reliance on the Data Privacy Framework.

To learn more about the Data Privacy Framework, and to view Movio’s certification, please visit https://www.dataprivacyframework.gov/s/ and https://www.dataprivacyframework.gov/s/participant-search, respectively.

Updates

We may amend this Privacy Policy from time to time to keep it up to date with legal requirements and the way we operate our business, and we will place any updates on this webpage. This Privacy Policy was last updated on the date as set out at the bottom of this Privacy Policy. Please regularly check these pages for the latest version of this notice. If we make fundamental changes to this Privacy Policy, we will seek to inform you by notice on our website or email.

Third Party Websites

This Privacy Policy does not apply to your use of a third party site.

What personal information we collect

When we collect information

We collect information about you if you register with or use our website or services, work with us as a business partner, register or attend an event organised or hosted by us, subscribe to our newsletter or other forms of marketing communications, respond to a survey or fill out a form created or sent by us, or if you otherwise contact us (together, “Services”).

We may also collect personal information from third parties, such as your employer, public databases or social media networks.

Legal bases for using your personal information

We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do this because the legal bases we may rely on include:

Consent – sometimes we ask for your consent to use your data.  

Contract – if we have a contract in place with you, the terms of that contract may requires us to process personal information necessary for that contract, or because you’ve asked us to take specific steps before entering into a contract.

Legitimate interest – we can process your data when this is necessary for us to achieve a business purpose, or where this is necessary for someone else to achieve their purpose.  We explain below what interests we, or others, are trying to achieve when we process your data. Where we process personal information on the basis of a legitimate interest, then – as required by data protection law – we have carried out a balancing test to document our interests, to consider what the impact of the processing will be on individuals and to determine whether individuals’ interests outweigh our interests in the processing taking place. You can obtain more information about this balancing test by using the contact details at the end of the notice.

Legal obligation – we have obligations to comply with legal and regulatory requirements under the laws applicable to us in each of the territories that we operate in. In certain cases, we have to use your data to meet these obligations.

If you would like to find out more about the legal basis for which we process personal information, please contact our Data Protection Officer at dpo@vista.co or the Movio privacy team at privacy@movio.co.

Personal information we collect from you and use if you use our website or Services
  • Contact information (consent or contract) – we collect and use your contact information such as your title, name, email address, phone number, and address.
    Usage
    - We use this information to operate, maintain and provide the Services to you. We also use this information to communicate with you, including sending service-related communications and marketing communications in accordance with your preferences.
  • Device Data (consent) - including data about the type of device or browser you use, your device’s operating software, your internet service provider, your device’s regional and language settings, and device identifiers such as IP address and Ad Id.
    Usage – We use the information to make enhancements to our website to ensure it operates efficiently and effectively for all users.
  • Location information (consent) – other than information you choose to provide us, we do not collect information about your precise location.
    Usage - Your device’s IP address may help us determine an approximate location to ensure content made available to you through our Services or marketing channels is relevant to the city or country you are using your device in.
  • Troubleshooting information (consent or contract) – we may require your personal details in order to address issues with our Services, such as your user name and user ID.
    Usage - should you require assistance from our Services Team in relation to issues with our Services, website, your account etc., we may process the above-mentioned personal information.
  • Preferences (consent) – such as preferences set for notifications, marketing communications and how our website is displayed.
    Usage - We use this information to provide notifications, send news, alerts and marketing communications and provide our Services in accordance with your choices and also to ensure that we comply with our legal obligation to send only those marketing communications to which you have consented.
  • Information provided by third parties (legitimate interests) - from time to time, we may receive information about you from third parties and other users.
    Usage - We may obtain information from third parties to enhance or supplement our existing user information. We may also collect information about you that is publicly available.

We will use the personal information we collect to operate, maintain and provide to you the features and functionality of the Services, to communicate with you, to monitor and improve the Services and business, and to help us develop new products and services.

Notwithstanding the above, we may use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law. For information on your rights and choices regarding how we use information about you, please see the “Legal rights available to help manage your privacy” section below.

Please see our Cookie Policy for information about how we use cookies and similar tracking technologies to collect information. In addition to the technologies listed in our Cookie Policy, we use pixels (also known as web beacons), which are code embedded in a website, video, email, or advertisement that sends information about your use to a server. There are various types of pixels, including image pixels (which are small graphic images) and JavaScript pixels (which contains JavaScript code). When you access a website, video, email, or advertisement that contains a pixel, the pixel may permit us or a separate entity to drop or read cookies on your browser. Pixels are used in combination with cookies to track activity by a particular browser on a particular device. We incorporate pixels from separate entities that allow us to provide you with additional functionality, such as the ability to connect our Services with your social media account.  

How we share personal information

We share your personal information in the manner and for the purposes described below:

  • with other companies within our group, where such disclosure is necessary to provide you with our products and services or to manage our business. Click here for a list of the other companies within our group companies;
  • with third parties who help manage our business and deliver services. These services providers have agreed to confidentiality restrictions and use any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us. These include IT service providers who help manage our IT and back office systems;
  • with government organisations and agencies, law enforcement and regulators, to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies, and to protect the rights property, life, health, security and safety to us, the Services or anyone else;
  • with vendors and other parties for business and commercial purposes, including analytics and advertising technology companies. Vendors may act as our service providers, or in certain contexts, independently decide how to process your information. For more information on advertising and analytics, see our Cookie Policy;
  • for facilitating requests made at your direction; and/or
  • we may share information that does not identify you (including information in aggregate, de-identified, or statistical form)  regarding the visitors to our website, traffic patterns, and website usage with our affiliates or advertisers.
  • If, in the future, we sell or transfer some of or all of our business or assets to a third party, we may disclose information to a potential or actual third party purchaser of our business or assets.

Direct Marketing

How we use personal information to keep you up to date with our products and services

If you have provided consent, we may use personal information to let you know about our products and services that we believe will be of interest to you. We may contact you by email, post, or telephone or through other communication channels that we think you may find helpful. In all cases and with your consent, we will respect your preferences for how you would like us to manage marketing activity with you.

How you can manage your marketing preferences

To protect privacy rights and to ensure you have control over how we manage marketing with you:

  • we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you and only if you have consented to receiving those communications;
  • you can ask us to stop direct marketing at any time. You can ask us to stop sending email marketing, by following the "unsubscribe" link you will find on all the email marketing messages we send you. Alternatively, you can contact us at privacy@movio.co. Please specify whether you would like us to stop all forms of marketing or just a particular type (e.g. email); and
  • you can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained in our Cookie Policy.

Your opt out is limited to the email address, device, and phone number used and will not affect subsequent subscriptions.

We recommend you routinely review the privacy policies and preference settings that are available to you on any social media platforms as well as your preferences within your account with us.

When and how we undertake profiling and analytics

We may use performance cookies like Google Analytics to recognise and count the number of visitors/users of our website and to see how such visitors/users move around our website when they are using it.

For more information about how we use profiling and analytics, please visit our Cookie Policy. We do not undertake any profiling activities which will lead to automated decision-making which produces legal effects concerning you, or similarly significantly affects you.

Social Media Integrations

We offer parts of our Service through websites, platforms, and services operated or controlled by separate entities. Some examples include:

  • Brand Pages. We may offer our content through social media. Any information you provide to us when you engage with our content (such as through our brand page is treated in accordance with this Privacy Policy. Also, if you publicly reference our Service on social media (e.g., by using a hashtag associated with Company in a tweet or post), we may use your reference on or in connection with our Service.

Please note that when you interact with other entities, including when you leave our Service, those entities may independently collect information about you and solicit information from you. The information collected and stored by those entities remains subject to their own policies and practices, including what information they share with us, your rights and choices on their services and devices, and where they store information. We encourage you to familiarize yourself with and consult their privacy policies and terms of use.

Choice

By default, we limit the use and disclosure of your personal information by only deploying strictly necessary cookies required to enable basic website functionality. If you choose to share additional information with us for marketing, personalization or analytics purposes, you must actively opt-in (i.e. consent) to sharing that information via your cookie preference settings. We will also only ever collect sensitive data about you with your express consent.

Furthermore, if you would like to opt-out of sharing your personal information with us, any third party, or for any purpose that is materially different from the purpose(s) for which is was originally collected, you can also ask us to do so by emailing privacy@vista.co. We will process any opt-out requests as promptly as we can.

Transferring Personal Information Globally

We operate on a global basis. Accordingly, your personal information may be transferred and stored in countries outside the country you are located in, including the UK, EU, New Zealand and the United States of America, that are subject to different standards of data protection.

We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:

  • we ensure transfers within our group of companies will be covered by an agreement entered into by members of our group of companies (an intra group agreement) which contractually obliges each member to ensure that personal information receives an adequate and consistent level of protection wherever it is transferred within our group of companies;
  • where we transfer your personal information outside our group of companies or to third parties who help provide our products and services, we may rely on an EU Commission adequacy decision or a UK adequacy decision where applicable, or we will obtain contractual commitments (such as the EU Standard Contractual Clauses (EU SCCs) or the UK International Data Transfer Agreement (the UK equivalent to the EU SCCs) where applicable) from them to protect your personal information. We may rely on appropriate frameworks like the EU-US Data Privacy Framework, UK Extension or Swiss-U.S. Data Privacy Framework to transfer your personal information outside of the EU/UK (as applicable); or
  • where we receive requests for information from public authorities, law enforcement or regulators (e.g. to meet legal, national security or law enforcement requirements), we carefully validate these requests before any personal information is disclosed.

You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.

Movio remains liable for the protection of your personal information that we transfer to third parties, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.

If we must disclose your personal information in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your personal information will maintain the privacy or security of your personal information.

How we protect and store your information

Security

We have implemented and continue to maintain appropriate technical and organisational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorised disclosure or access to such information appropriate to the nature of the information concerned. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you. If you have any questions about how we store your information, please contact us via the “Contact Us” section below.

Measures we take include:

  • placing confidentiality requirements on our employees and service providers;
  • ensuring that only authorised devices and authorised relevant employees with a work-related need for data processing have access to personal information and that any employee who changes roles within Movio does not retain access to personal information unless such personal information is required for their new role.
  • when an employee leaves Movio ensuring they do not have access to, or take with them, any personal information. Movio will ensure that no previous employees or external consultants have access rights to the Movio systems holding personal information;
  • destroying or permanently anonymising personal information if it is no longer needed for the purposes for which it was collected;
  • following strict security procedures in the storage and disclosure of your personal information to prevent unauthorised access to it;
  • keeping our networks and systems up to date with regards to new versions, updates and patches on an ongoing basis;
  • using secure/encrypted transfer of personal information on the internet;
  • ensuring appropriate physical security of personal information, including:
  • fitting appropriate locks or other physical controls to the doors and windows of rooms where computers are kept;
  • destroying or removing all personal information from media such as CDs before disposing of them; and
  • ensuring that all personal information is removed from the hard drives of any used computers before disposing of them;
  • implementing best practice access controls, including:
  • that best practise password procedures must be in place, including using strong passwords; and
  • having industry standard hard drive encryption for internal or external hard drives; and
  • ensuring suitable firewall and infrastructure logging to ensure the ongoing logging of failed login attempts or attacks on Movio systems, including log of time, user, etc. and block access after a certain number of failed login attempts for each user;
  • protecting our networks, systems and logs against tampering;
  • having a vulnerability management program, including regular monitoring of potential vulnerabilities and performance of penetration tests of networks and Movio systems;
  • having a Security Incident Response Plan in place in the event of a serious security incident;
  • using secure communication transmission software (known as "secure sockets layer" or "SSL") that encrypts all information you input on our website before it is sent to us.  SSL is an industry standard encryption protocol, which ensures that the information is reasonably protected against unauthorized interception; and
  • monitoring and keeping up to date with all security measures, processes and risk analyses.

As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect User IDs and passwords, please take appropriate measures to protect this information.

Storing your personal information

We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this Privacy Policy. Where your information is no longer needed, we will ensure that it is disposed of in a secure manner within 20 business days. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

Children

Our Services are intended for a general audience, and are not directed at children under (16) years of age or under (18) years of age in the UK.

We do not knowingly gather personal information (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) in a manner not permitted by COPPA. If you are a parent or guardian and you believe we have collected information from your child in a manner not permitted by law, contact us at privacy@movio.co. We will remove the data to the extent required by applicable laws.

We do not knowingly “sell,” as that term is defined under the CCPA, the personal information of minors under 16 years old who are California residents. For more information, please review the Additional Disclosures for California Residents section below.

Cookies

A cookie is a small text file containing small amounts of information which is downloaded to / stored on your computer (or other internet enabled devices, such as a smartphone or tablet) when you visit a website.

Cookies may collect personal information about you. Cookies help us remember information about your visit to our website, like your country, language and other settings. Cookies allow us to understand who has seen which webpages and advertisements, to determine how frequently particular pages are visited and to determine the most popular areas of our website. They can also help us to operate our website more efficiently and make your next visit easier. Cookies can allow us to do various other things, as explained further in our Cookie Policy.

For more information about the types of cookies we use, how they work and information about how to manage your cookie settings, please visit our Cookie Policy. Please be aware that if you disable or remove tracking technologies some parts of the Service may not function correctly.

Do Not Track. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals.  For more information on “Do Not Track,” visit http://www.allaboutdnt.com.

Contact us

The primary point of contact for all issues arising from this Privacy Policy is our Data Protection Officer at dpo@vista.co or the Movio privacy team at privacy@movio.co.

We have appointed a representative in the EU: Vista Entertainment Solutions (NL) B.V., who can be contacted by email at EUprivacy@vista.co or in person / by post at TSH Collab Amsterdam City, Wibautstraat 131D, 1091 GL Amsterdam, Netherlands.

We have appointed a representative in the UK: Vista Group International (UK) Limited, who can be contacted by email at UKprivacy@vista.co or in person / by post at FORA, Thomas House, 84 Eccleston Square, London SW1V 1PX.

If you have any questions, concerns or complaints regarding our compliance with this Privacy Policy, the information we hold about you or if you wish to exercise your rights, we encourage you to first contact Movio Privacy. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible and, in any event, within the timescales provided by applicable data protection laws.

To contact your data protection supervisory authority

You have a right to lodge a complaint with your local data protection supervisory authority (i.e. your place of habitual residence, place or work or place of alleged infringement) at any time.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

This Policy has been designed to be accessible to people with disabilities.  If you experience any difficulties accessing the information here, please contact us via the details above to obtain this Policy in an alternate format.

Issue date of Privacy Policy: 22 August 2024