Privacy Policy

Effective Date: January 16, 2025

Introduction

At Videotto, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below and consent to our collecting, using, and sharing your information as described here.

Remember that your use of Videotto’s Services is at all times subject to our Terms of Services, which incorporates this Privacy Policy. Any terms used in this Policy without defining them have the definitions given to them in the Terms of Services.

You may print a copy of this Privacy Policy by clicking here.

As we continually work to improve our Services, we may need to change this Privacy Policy from time to time. Upon such changes, we will alert you by placing a notice on the Videotto website, by sending you an email, and/or by some other means. Please note that if you opt not to receive legal notice emails from us (or haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are responsible for reading and understanding them. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all the changes.

---

Privacy Policy Table of Contents

1. What this Privacy Policy Covers
2. Personal Data
   • Categories of Personal Data We Collect
   • Categories of Sources of Personal Data
   • Our Commercial or Business Purposes for Collecting or Disclosing Personal Data
3. How We Disclose Your Personal Data
4. Cookies and Tracking Tools
5. Data Security
6. Data Retention
7. Personal Data of Children
8. California Resident Rights
9. Exercising Your Rights under CPRA
10. Other State Law Privacy Rights (California)
11. Supplemental Terms for International Users
12. Contact Information

---

What this Privacy Policy Covers

This Privacy Policy covers how we treat personal data (“Personal Data”) that we gather when you access or use our Services. “Personal Data” means any information that identifies or relates to a particular individual and also includes terms like “personally identifiable information” or “personal information” under applicable data privacy laws. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.

---

Personal Data

Categories of Personal Data We Collect

We collect and have collected over the past 12 months the following categories of Personal Data solely for the purposes described in this Privacy Policy:

1. Email Address
   Used for account creation, login credentials, and identification. Shared only with Service Providers handling essential operations (e.g., AWS for hosting) or when you authorize sharing with your social media accounts.
2. Social Network Data (if you choose to link your social accounts)
   We store tokens to allow auto-posting or integration at your request. We delete these tokens immediately if you revoke or unlink your social network.
3. Device/IP Data
   IP address and basic browser/device information to ensure system security, prevent fraud, and maintain user sessions. Stored in logs for as long as necessary and deleted according to our retention policy.

We do not collect names, phone numbers, mailing addresses, or full payment details. All payment processing is handled by Stripe, Inc. (“Stripe”). For more information, please see Stripe’s privacy policy.

Categories of Sources of Personal Data

• You: When you provide information directly (e.g., creating an account, linking social media, contacting us).
• Cookies: When you use the Services, we set a cookie for authentication purposes only.
• Public Records: We do not actively collect from public records.
• Third Parties:
  • Payment Processor (Stripe): They process payment data; we do not store your card details.
  • Social Networks: If you link your social media accounts, we may receive tokens that allow you to post content on your social network directly from Videotto.

Our Commercial or Business Purposes for Collecting or Disclosing Personal Data

We use your Personal Data for the following business purposes:

• Providing and Improving the Services: Creating and managing your account, processing transactions (via Stripe), offering support, and enhancing your experience through internal analytics.
• Corresponding with You: Responding to your communications and sending updates or necessary account/service information.
• Meeting Legal Requirements and Enforcing Legal Terms: Complying with laws, protecting our rights and the rights of others, detecting and preventing fraud or security issues, and resolving disputes.

We will not collect additional categories of Personal Data or use your Personal Data for materially different, unrelated, or incompatible purposes without providing notice.

---

How We Disclose Your Personal Data

We disclose your Personal Data to the following categories of service providers and other parties:

1. Service Providers
   • Hosting (AWS): We host our platform on Amazon Web Services located in Singapore.
   • Payment Processor (Stripe): Stripe processes all voluntary payment card information and handles transactions on our behalf.
2. Parties You Authorize or Authenticate
   • Social Media: If you connect a social media account for auto-posting, we share necessary token/authentication data with that network until you revoke access.
3. Legal Obligations
   We may share Personal Data when required by law or to protect our rights and the rights of others (e.g., in response to legal process).
4. Business Transfers
   If Videotto undergoes a merger, acquisition, or other transaction in which a third party assumes control of our business, we may transfer your Personal Data to that entity. We will make reasonable efforts to notify you before your information becomes subject to a new privacy policy or practices.
5. Data That Is Not Personal Data
   We may create aggregated or anonymized data from your Personal Data, which cannot identify you, and share it for lawful business purposes.

---

Cookies and Tracking Tools

Cookies for Authentication

We use only essential cookies to enable you to log into secure areas of our Services and maintain your session. Disabling cookies in your browser may make certain features or services unavailable (e.g., staying logged in).

No Advertising or Retargeting Cookies: We do not use cookies for personalized advertising or cross-site tracking.

Do Not Track: Our Services do not respond to Do Not Track signals.

---

Data Security

We seek to protect your Personal Data from unauthorized access, use, or disclosure, using appropriate physical, technical, organizational, and administrative security measures—relying on AWS’s security protocols and encryption. You should also protect your account by using strong passwords and logging out after your session. While we work to protect your data, no method of transmission over the internet or storage is entirely secure.

---

Data Retention

We retain Personal Data as long as necessary to provide our Services or as needed for our business or legal obligations. Specifically:

• Account Data: Retained as long as you have an active account. If you delete your account, we remove your data immediately from our active systems, and backups are cleared after one day.
• Email & Social Tokens: Retained only to provide the features you request; deleted when you revoke or delete your account.
• IP/Device Data: Retained as needed for security, fraud prevention, and analytics, then removed or anonymized.

We may retain data longer if required by applicable law, or for legitimate business interests such as dispute resolution or auditing. Data may also be stored in an aggregated or anonymized format.

---

Personal Data of Children

Clips. If we learn that Personal Data from a child under 16 has been collected, we will delete it as quickly as possible. If you believe a child under 16 may have provided Personal Data, please contact hi@videotto.com.

---

California Resident Rights

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Access: You may request information about our collection and use of your Personal Data over the past 12 months.
• Data Deletion: You may request that we delete Personal Data collected about you at support@videotto.com.
• Correction: You may request that we correct inaccurate Personal Data at support@videotto.com.
• Sale Opt-Out: We do not sell your Personal Data or the Personal Data of minors under 16 years of age.
• No Discrimination: We will not discriminate against you for exercising your rights under the CPRA.

To exercise your rights, see “Exercising Your Rights under CPRA” below. If you have questions about whether these rights apply to you, contact us at support@videotto.com.

---

Exercising Your Rights Under CPRA

To make a request under the CPRA, you must send us a notice that:

1. Provides enough information for us to verify you are the person about whom we collected Personal Data (or their authorized agent).
2. Clearly describes your request.

You do not need an account with us to submit a request. We will not charge a fee unless your requests are excessive or repetitive, in which case we will let you know in advance. We aim to respond within the timeframe required by applicable law.

• Email: support@videotto.com
• Phone: +65 8849 3420

If you authorize an agent to act on your behalf, we may request written proof of this authorization.

---

Other State Law Privacy Rights (California)

Under California Civil Code Sections 1798.83–1798.84, residents of California are entitled to contact us to prevent disclosure of Personal Data to third parties for direct marketing. As we do not share your Personal Data for such marketing, this section simply confirms that you may reach out with questions at support@videotto.com.

Do Not Track: Some browsers have a “Do Not Track” feature. We do not currently respond to Do Not Track signals.

---

Supplemental Terms for International Users

Singapore PDPA
Videotto is based in Singapore and complies with the Personal Data Protection Act (PDPA). If you live outside Singapore or California, please note that your data is stored on AWS servers in Singapore, and any Personal Data you provide will be processed under Singapore law.

EEA, Switzerland, and UK
If you reside in the European Economic Area (EEA), Switzerland, or the UK, certain additional rights may apply, including the right to access, delete, or correct your data, and the right to restrict or object to some processing. We do not currently transfer or process your data outside Singapore except as necessary to provide our Services; if we do, we will take appropriate safeguards as required by law.

Other International Users
By using Videotto, you consent to the collection and transfer of your Personal Data in and to Singapore. If you have questions about your data rights in your jurisdiction, please contact hi@videotto.com.

Data Deletion: You may request that we delete Personal Data collected about you at support@videotto.com.

---

Contact Information

If you have any questions or comments about this Privacy Policy, how we collect and use your Personal Data, or your choices and rights regarding such collection and use, please do not hesitate to contact us:

• Website: www.videotto.com
• Email: yaoming@videotto.com
• Phone: +65 87497621
• Address: Woodlands Circle, Singapore
• Owner: Videotto Pte Ltd, Tay Yao Ming

We reserve the right to update or modify this Privacy Policy at any time. Changes will become effective upon posting to videotto.com, and continued use of the Services after any changes indicates your acceptance of the new policy.