Privacy Policy

Updated - 14th March 2022
Opening statement
MediaFabric does its best to make sure your data is safe and that your privacy is respected.
This starts with us internally acknowledging and understanding any incentives that we might have that might be misaligned with the health and interests of our users. We then try to minimise or counteract those incentives so that we can systematically be trusted to make the right choices as often as possible. This approach applies not just to our incentives as an organisation or as a company, but also as a team and as individuals.
This attention to our alignment with our users shows up both in our choice of what ideas to pursue and in the implementation of those ideas. We design our services to use the minimum amount of data needed for us to provide those services and to minimize how much of that data must pass through our own servers or stay in storage. We also strive to use and design technologies and user interfaces that make it really clear to our users how our systems work.
We are continually reviewing and renewing and data privacy practices to ensure we offer a secure and safe experience for our customers and users.
Product specific policies
The following sections describe policies and practices specific to Grapevine which is a product designed and owned by MediaFabric Ltd.
Here are some of our data practices that we use for the Grapevine platform:
1. We do not store or view any user video/audio. They are encrypted in transit, not end-to-end, which is the same encryption policy taken by services like Google Meet
2. Any user editable text-based items, such as chat, whiteboard, notepads and any other such element that the user can input text into is stored as text on a secure database which is only accessible to members from that space and is read-only to guests.
3. If you log into our site, we store your email address, when you created your account, and the last time you logged in.
4. We keep store metadata about our spaces, including:
4.1. Which environment the space was created with.
4.2. The unique identifier for that space.
4.3. The unique secret for spaces that have been made public via an invite link.
4.4. Who created the space, and who are the administrators.
4.5. The list of emails in the members list, if any is set.
5. We store anonymised metrics, like how many users visit our site in total. This helps us understand the usage of the Grapevine, which helps us what to prioritise and refine the product.
6. If you use our feedback form, we store your message, along with your name and email if you provide them. This lets us read and respond to your feedback.
General Policies
The following sections apply to all of Grapevine’s services.
Types of Data Collected:
1. Personal Data
While using our services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally, identifiable information may include:
Your email address.
Your full name if provided.
The nickname you assign to your avatar.
2. Usage Data
We may also collect information that your browser sends whenever you visit our services or when you access our services by or through a mobile device (“Usage Data”).
This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access our services with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
3. Cookies
We use cookies and similar technologies to track the activity on our services and hold certain information.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies may also be used to collect and track information and to improve and analyse our services.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our services.
Examples of Cookies we use:
Session Cookies: We may use Session Cookies to operate our services.
Preference Cookies: We may use Preference Cookies to remember your preferences and various settings.
Functionality Cookies: We may use Functionality Cookies to implement necessary functionality for our services.
Security Cookies: We may use Security Cookies for security purposes.
We do not use advertising cookies.
Uses of Data
We use the data we collect for various purposes:
To provide and maintain our services.
To notify you about changes to our services.
To allow you to participate in interactive features of our services when you choose to do so
To provide customer support.
To gather analysis or valuable information so that we can improve our services.
To monitor the usage of our service.
To detect, prevent and address technical issues
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
To fulfil any other purpose for which you provide it
In any other way we may describe when you provide the information.
For any other purpose with your consent.
Retention of Data
We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our service, or we are legally obligated to retain this data for longer time periods.
Transfer of Data
We will not sell your personal information.
We only disclose your information to other affiliates:
(i) to fulfill the purpose for which you provide it.
(ii) for any other purpose disclosed by us when you provide the information.
(iii) if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others.
(iv) with your consent in any other cases.
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
We may use a third-party service to monitor and analyse the use of our service.
Your Rights under the General Data Privacy Regulation (GDPR)
If you are a resident of the European Union (EU) and European Economic Area (EEA), GDPR affords you certain rights. These include:
1. The right to access, delete, or update the information we have on you.
2. The right to have your information rectified if that information is incomplete or incorrect.
3. The right to object to our processing of your data.
4. The right to request that we restrict the processing of your data.
5. The right to request a copy of your personal data in machine-readable and commonly-used format.
6. The right to withdraw your consent at any time where we rely on your consent to process your personal information.
To exercise any of the above rights, please send a request to [email protected]
Please note that we may ask you to verify your identity before responding to such requests.
Additionally, you have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
Children’s Privacy
Our services do not address anyone under the age of 13. If you are a parent or guardian, and you are aware that your child under the age of 13 has provided us with Personal Data, please email us immediately at [email protected]. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our systems.
Changes to our Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.