Fathom Video Inc. (“Fathom,” “we,” “our,” and/or “us”) values the privacy of individuals who use our application, websites, and related services (collectively, our “Services”). This privacy policy (the “Privacy Policy”) explains how we collect, use, and disclose information from users of our Services (“Users”). By using our Services, you agree to the collection, use, disclosure, and procedures this Privacy Policy describes. It also informs you about your rights and choices with respect to your personal information, and how you can contact us if you have any questions or concerns. Beyond the Privacy Policy, your use of our Services is also subject to our Terms of Service (https://fathom.video/terms).
In this Privacy Policy, “personal information” means any information related to an identified or identifiable individual, and does not include aggregated data or data whereby personally identifiable information has been removed (such as anonymous data). Personal information also includes both Registration Information and Meeting Content Information. “Registration Information” means personal information used to create an account for our Services, which includes your first and last name, and email address. “Meeting Content Information” means certain personal information we collect from you or create for you when you use the Services, including meeting notes, meeting recordings including audio and video, meeting transcripts, meeting content, names and emails of meeting attendees and other meeting information on your Google or Outlook calendar.
Please read this Privacy Policy carefully so that you understand your rights in relation to your personal information, and how we will collect, use and process your personal information. If you do not agree with this Privacy Policy, our Terms of Service or any part thereof, you should not access or use any part of our Services, or otherwise provide us with your personal information. If you change your mind in the future, you must stop using our Services and you may exercise your rights in relation to your personal information as set out in this Privacy Policy.
Fathom is the entity responsible for the processing of your personal information, and for the purpose of the European Union’s General Data Protection Regulation, is the data controller in respect of the processing of your personal information. Where we have an arrangement in place with a customer who is encouraging you to use our Services (for example, your employer or another business or organization), we in some circumstances obtain and process your personal information on behalf of and at the instructions of such a customer. Such customers will be considered as the data controllers under the European Union’s General Data Protection Regulation and we will be considered as the data processors. Their privacy policies will apply to the processing of your information and we encourage you to read their privacy policies.
We may collect a variety of information from or about you or your devices from various sources, as described below.
Profile Information. You provide us with Registration Information when you connect to our Services using third-party login options such as Google, Microsoft, or a single sign-on (“SSO”). At account registration, our Services will link to your Google Calendar or Outlook Calendar. You may also elect to connect your Fathom account to your Zoom account or other compatible third-party conferencing applications. If you sign up for notifications or updates, or participate in our surveys, we may ask you for your name, email address, and job title or role.
Communications. If you contact us directly, we may receive additional personal information about you. For example, when you contact our Customer Support Team, we will receive your name, email address, the contents of a message or attachments that you may send to us, and other information you choose to provide. If you subscribe to our newsletter, then we will collect certain information from you, such as your email address. When we send you emails, we may track whether you open them to learn how to deliver a better customer experience and improve our Services. You may unsubscribe from these emails at any time by clicking the “Unsubscribe” link in the email.
Meeting Recordings. If you use our Services to record or transcribe your meetings, we will receive the personal information contained in the content of those meetings. If you use our Services to tag, take notes on, or rate your meetings, we will similarly receive the personal information contained in the content and timestamps of those actions.
Device Information. We receive information about the device and software you use to access our Services, including IP address, web browser type, operating system version, application installations, and device identifiers.
Usage Information. To help us understand how you use our Services and to help us improve them, we automatically receive information about your interactions with our Services, like the pages or other content you view, the searches you conduct, on-page events, your comments, any content you post, and the dates and times of your visits.
Information from Cookies and Similar Technologies. We and third party partners collect information using cookies, pixel tags, or similar technologies. Our third party partners, such as analytics and advertising partners, may use these technologies to collect information about your online activities over time and across different services. Cookies are small text files containing a string of alphanumeric characters. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Services.
Please review your web browser’s “Help” file to learn the proper way to modify your cookie settings. Please note that if you delete or choose not to accept cookies from the Service, you may not be able to utilize the features of the Service to their fullest potential.
Meeting Information. When you use our Services to record or transcribe meetings, we receive information about those meetings, such as the date and time of the meeting and the parties’ names, attendee identifiers, and email addresses. We also receive Meeting Content Information of the meeting including the meeting audio, video, and speaker identification. By using our Services to record or transcribe meetings, you understand that your meeting will be recorded, and you agree to allow us to monitor and/or record your meeting. Please note that the contents of the meeting may also contain the personal information of other meeting participants, such as your co-workers or individuals from other organizations. Some states or countries require all parties to consent before recording a video or audio meeting — not just the consent of one party to the communication (i.e., yourself). Please make sure you have the necessary permissions and consents from other meeting participants before using our Services and/or sharing personal information with us.
As a data controller, we do not collect any sensitive data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data nor do we collect any information about criminal convictions and offenses. If this type of data is discussed in your meeting, you are the controller of this data and such data will be considered Meeting Content Information. You must have a proper legal basis to collect such data.
Information from other Users of our Services. We may receive personal information about you when a User uses our Services to send you an invite to join a meeting or uses our Services to record or transcribe a meeting in which you are a meeting participant. This information may include your name and email address, as well as the contents of the meeting including the meeting audio, video, and speaker identification.
Information from third party services. When you link our Services to a third party service, such as Outlook, Google, HubSpot, Salesforce, Slack, Zapier, or Zoom, we will receive personal information about you, including your name, email address, calendar and meeting information (such as meeting title, date, time, location, meeting join URL and attendees), profile information, and photo. Please note that linking an Outlook Calendar or a Google Calendar account is core to our Services and without linking either an Outlook Calendar or a Google Calendar, you will not be able to successfully use our Services.
Other third parties. We may receive additional information about you, such as usage data from third parties such as vendors, and other advertising partners and combine it with other information we have about you.
Please note that personal information collected by a third party in this manner is subject to that third party’s own data collection, use, and disclosure policies. Please see the “Third Parties” section below for more information.
We use the information we collect:
If you are in the European Economic Area or the UK, we only process your personal information when we have a valid lawful basis.
Other Meeting Participants. When you use our Services to record a meeting, we may share a copy of that meeting with other meeting participants (according to your Services automatic sharing configurations and requests) if we have their email address.
Vendors and Service Providers. We may disclose any information we receive with vendors and service providers retained in connection with the provision of our Services. We disclose Meeting Content Information with a limited number of service providers and vendors solely to help us provide and deliver the Services to you.
Third Party App Integrations. When you connect a third party application such as Google, Microsoft, Zoom or any other compatible third-party conferencing application to our Services, we may share information such as your meeting notes, links to video clips, or portions of the meeting transcript with that third party. Please note that you will not be able to successfully use our Services without connecting your Google or Microsoft calendar to our Services.
Marketing. We do not sell, or share your personal information with non affiliated companies for their own direct marketing purposes, unless we have your permission. We do not sell Meeting Content Information or information about your meeting attendees to anyone.
Advertising Partners. We work with third party advertising partners to show you ads that we think may interest you. Some of our advertising partners are members of the Network Advertising Initiative (https://optout.networkadvertising.org) or the Digital Advertising Alliance (https://optout.aboutads.info). If you do not wish to receive personalized ads, please visit their opt-out pages to learn about how you may opt out of receiving web-based personalized ads from member companies. You can access any settings offered by your mobile operating system to limit ad tracking, or you can install the AppChoices mobile app to learn more about how you may opt out of personalized ads in mobile apps.
As Required By Law and Similar Disclosures. We may access, preserve, and disclose your personal information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order, subpoena or other legal process; (b) respond to your requests; (c) detect and investigate security incidents and potentially illegal or prohibited activities; or (d) protect your, our, or others’ rights, property, or safety. For the avoidance of doubt, the disclosure of your information may occur if you post any objectionable content on or through the Services.
Merger, Sale, or Other Asset Transfers. We may transfer your personal information to advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets or stock. The use of your personal information following any of these events will be governed by the provisions of this Privacy Policy in effect at the time the applicable information was collected.
Consent. We may also disclose your personal information with your permission.
Marketing Communications. You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt out of receiving promotional messages from us, you will continue to receive administrative messages from us.
Do Not Track. There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals. We honor the Global Privacy Control (GPC).
California Residents. If you are located in California, you also have the following additional rights in relation to your personal information that we hold under the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2020 (“CPRA”):
To exercise these rights with respect to your personal information, you must provide us with sufficient information to verify your identity. Alternatively, you may also authorize an agent to exercise your rights on your behalf (“Authorized Agent”). To do this, you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf. We endeavor to respond to a verifiable Consumer request within the timeframes set forth in the CCPA.
We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under the CCPA.
Sell and Share of Personal Information in California. Fathom does not sell your personal information to third parties for profit. Like most companies that operate online, Fathom uses online analytics to measure the ways users engage with our websites, services, and to provide targeted marketing. These analytics, in turn, inform how we perform online advertising. In order to provide these analytics for cross-contextual behavioral advertising and facilitate online advertising, we use third-parties that collect device identifiers and place tags, cookies, beacons, and similar tracking mechanisms on our website as set forth in the Cookies Section of this Privacy Policy. As such, California law may classify this limited sharing with contracted third parties as a “sale” or “share” of personal information.
EEA or UK Residents. If you are located in the EEA or in the UK, you also have the following additional rights in relation to your personal information that we hold:
Please note that, prior to any response to the exercise of such rights, we will require you to verify your identity. In addition, we may have valid legal reasons to refuse your request and will inform you if that is the case. For more information on your rights, please email [email protected].
Our Services may contain links to other websites, products, or services that we do not own or operate. We are not responsible for the privacy practices of these third parties. Please be aware that this Privacy Policy does not apply to your activities on these third party services or any information you disclose to these third parties. We encourage you to read their privacy policies before providing any information to them.
Fathom uses third-party payment processors, such as Stripe, to process payments. Your credit card details are communicated directly from your browser to these payment processors. Fathom only sees the payment card type, the last four digits of your credit or debit card number and billing address. Please see Stripe’s terms of service and privacy policy for more information on how they use, and store your personal information.
We make reasonable efforts to protect your information by using reasonable physical, technical, organizational and electronic safeguards designed to improve the security of the information we maintain. However, as no electronic transmission or storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your information.
We do not knowingly collect, maintain, or use personal information from children under the age of 18, and no part of our Services is targeted or directed to children. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we may delete such information. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce our Privacy Policy by instructing their children never to provide personal information on our website and/or our Services without their permission. If you learn that a child under the age of 18 has provided us with personal information in violation of this Privacy Policy, then you may alert us at [email protected]. We will take reasonable steps to delete that information as quickly as possible.
This section describes how the types of cookies we use and the choices that you have to manage the cookies that we use.
We use the following types of cookies:
Strictly Necessary Cookies. These cookies are necessary – or “essential” – for the website to function and cannot be switched off in our systems. They are mostly only set in response to actions made by you, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but if you do block them, some portions of the Site will not work. These cookies do not store any personally identifiable information.
Targeting Cookies. These cookies may be set through our website by our advertising and marketing partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other websites (e.g., retargeting), including social media platforms. Note that when targeting cookies are dropped, your personal information (such as Device Information) will be shared with multiple other parties with whom Fathom does not have a relationship.
Managing your Cookie Preferences. You can disable and/or delete cookies from your computer, tablet or mobile phone by managing your browser settings. How to manage and disable cookies depends on your browser, so you should visit your browser settings for more information.
Our Services are hosted in the United States and intended for visitors located within the United States. If you choose to use the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your personal information outside of those regions to the United States for storage and processing.
Also, we may transfer your personal information from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services. By providing any information, including personal information, on or to the Services, you consent to such transfer, storage, and processing.
When we transfer your personal information outside of the European Economic Area, including to the U.S., we shall ensure that relevant safeguards are in place to afford adequate protection for your personal information in compliance with relevant data protection laws such as Standard Contractual Clauses or the Data Privacy Frameworks.
Fathom complies with the EU-U.S. Data Privacy Framework (the “EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Fathom has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (the “EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Fathom has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Fathom commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States, the European Union, the United Kingdom, and/or Switzerland (as applicable). If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Fathom acknowledges that it is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) regarding privacy and data protection matters.
Under certain conditions, individuals have the right to invoke binding arbitration. Fathom is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to Fathom and following the procedures and subject to conditions set forth in Annex I of Principles.
Fathom complies with the Principle regarding accountability for onward transfers. Fathom remains liable under the Principles if its onward transfer recipients process personal information in a manner inconsistent with the Principles, unless Fathom proves that it was not responsible for the event giving rise to the damage.
Depending on the circumstances, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We store all personal information for as long as necessary to fulfill the purposes set out in this Privacy Policy, or for as long as we are required to do so by law or in order to comply with a regulatory obligation. When deleting personal information, we will take measures to render such personal information irrecoverable or irreproducible, and the electronic files which contain personal information will be permanently deleted.
You can delete your Fathom account at any time from your account settings. If you no longer use our Services, your account and the personal information in it will remain unless you actively delete the account from your account settings. If we receive an account deletion request, we will use commercially reasonable efforts to delete your recordings and personal information within 30 days of your account deletion request, although we cannot guarantee that deletion will always occur within this timeframe. However, if we are legally required to retain that information under applicable laws, we will retain your personal information, subject to the “Data Retention” Section above, but we will take measures to pseudonymize it.
If you deauthorize Fathom through your Google or Outlook account settings, your Fathom account will be disabled until you reconnect either an Outlook Calendar or Google Calendar account. As noted above, linking an Outlook Calendar or a Google Calendar account is core to our Services and without a linked Outlook Calendar or a Google Calendar, you will not be able to successfully use our Services.
Please note that, if you use our Services through a business account of one of our customers, for example your employer or another business or organization, their privacy policies will apply to the processing and deletion of your information. We will not be able to delete the personal information on the business account on your request. If you have questions about your privacy on the Services or this Privacy Policy, please contact us at [email protected].
We will post any adjustments to the Privacy Policy on this page, and the revised version will be effective when it is posted. If we materially change the ways in which we use or disclose personal information previously collected from you through the Services, we may notify you through the Services, by email, or other communication. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes.
If you have any questions, comments, complaints or concerns about this Privacy Policy, our privacy practices, or if you would like to exercise your rights with respect to your personal information, please email us at [email protected] or write to us at Fathom Video Inc., 2261 Market Street #4156, San Francisco, CA 94114. We will endeavor to respond to your query as soon as possible. This does not prejudice your right, if applicable, to bring your complaint to a supervisory authority in the EU or UK.
If you are located in Europe or the UK, you may alternatively write to our EU or UK representative at DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland or at DataRep, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom.