Welcome to Banzai!
If you do not agree with this Policy, please do not sign up for or purchase our Services or initiate any processing of your personal data as described here.
We encourage you to read the full Policy to understand what personal data we collect, how we use it, and the circumstances in which we may share it. Please note, if you reside in the EEA, UK (as defined below) or other regions outside the United States, data collected through our Services will be transferred to and processed in the U.S. or elsewhere. While we have taken steps to in our efforts to abide by applicable laws, including the General Data Protection Regulation (“GDPR”). In some instances, the locations where personal data is transferred may not have the same level of data protection as the country where the data originated. Please read more in the GDPR/UK GDPR section of this Policy.
We may revise this Policy from time to time. If we make minor changes to it without materially changing your rights, we will post the most current version on our website (this page). If we make a modification that materially changes your rights, we will notify you by email or another appropriate method. Your continued use of our Services after a modification is shared, will be interpreted as your acceptance of the new Policy.
Contact information for Banzai and our privacy team
Company name: Banzai International, Inc. (the Controller, as per the GDPR)
435 Ericksen Ave, Suite 250 Bainbridge Island, WA 98110
Phone: (206) 414-1777
We have appointed the following Representative:
Company name: Osano International, Compliance Services Limited
Address: ATTN: 96FM 25/28 North Wall Quay, Dublin 1, D01 H104 IRELAND
If you are based in the EEA, you may contact our Representative for questions regarding how we process your personal data under the GDPR.
Data Protection Officer (DPO)
We have appointed a DPO to help us stay up to date with global data protection and privacy rules and regulations.
If you have any questions for our DPO, please contact us at firstname.lastname@example.org.
Our roles as Controller
This Policy only applies to the processing of personal data we conduct in our role as a Controller, in other words, where we determine the purposes and means of the processing of that personal data. When we process personal data on someone else’s behalf, for example for some of our customers, we act as a Processor. In this case, this Policy does not apply (for example if you are an employee of our customer or a webinar attendee). This is described in more detail below.
Overview of our personal data processing
In this section we provide information on the processing of personal data we do in connection with our business. Further details are provided in the following section. Please note that unless otherwise required or permitted by law, it is voluntary to provide us with personal data. If you choose not to provide us with your personal data, we may not be able to provide you with some or all of our Services.
Who do you process personal data about?
We process personal data about website visitors, newsletter subscribers, potential customers, customers (current and former), users of our apps/platforms (Services), job applicants, employees, contractors, collaboration partners, affiliates, partners, vendors, and other contacts.
When do you process personal data?
We process personal data when you:
- Visit/use any of our websites or apps/platforms (Services), including those listed in the first paragraph of this Policy.
- Book a demo with a Banzai expert (to see how you too can get more butts in seats!).
- Sign up for a free trial (or love Demio so much that you want to become an Affiliate or a Premium Partner.
- Subscribe to our Banzai or Demio newsletters.
- Download some of our marketing goodies.
- Sign up for and participate in any of our events (which, by the way, are jam-packed full of actionable information (for free!).
- Respond to one of our surveys.
- Apply for a job or join our awesome team!
- Subscribe to and use any of our Services or become a customer of ours in another capacity.
We also process personal data of those attending events or webinars hosted by our customers, however, the customer is the Controller for this personal data, and we are a Processor (as per the GDPR). If you have questions about the processing of your personal data in this situation, please contact the event/webinar host or respective customer directly.
What types of personal data do you process?
We process different personal data depending on the context, for example, who you are, what relationship we have with you, what you have decided to share with us, and when (as explained in the next section). Here are some typical categories of personal data we process:
Contact, account and profile data: Data about you, your account and profile, including first and last name, email address, phone number, company name, job title, profile picture, preferences and if you are an affiliate/premium partner. If you are a customer, this could also include your address.
Marketing data: Data about your marketing preferences, like newsletter subscriptions, attended events and downloads you have made.
Payment and transaction data: Data about your payments and transactions. For online payments, this includes payment method, including last four digits if you paid by card, amount and date paid, product, duration (monthly/annual), receipt number, postal code, etc.
Technical and analytics data: Data about the device you use, and analytical data related to your use of our website and Services, including IP address, geographical location, login data, browser ID, type and version, operating system, hardware version, device settings, referral source and time, length of visit, page views and website navigation paths (including links and objects you view, click or interact with), as well as information about the timing, frequency and pattern of your use. In addition, our emails contain a pixel that tracks opens (time of and number of opens), clicks on any links within that email and if the email was forwarded to anyone else. We also leverage tools such as Heap for additional analytics.
Cookies and similar technologies: Technologies like cookies and pixels (also called web beacons or clear GIFs), used for analytics or retargeting of advertisements, when we have a lawful basis for such processing, and to prevent fraud and secure our Services.
Metadata: “Data about data”, for example time stamps of emails sent and sender/recipient data.
Data from third-party partners: Data about you from third parties such as analytics from Google and HubSpot, or data to enrich your profile data from other online services and processors.
Third-Party Data Collection and Online Advertising
We participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your browsing history. We permit third party online advertising networks, social media companies and other third-party services, to collect information about your use of our online services over time so that they may play or display ads on our Services, on other websites or services you may use, and on other devices you may use. Typically, though not always, the information used for interest-based advertising is collected through tracking technologies, such as cookies, web beacons, embedded scripts, location-identifying technologies, and similar technology, which recognize the device you are using and collect information, including click stream information, browser type, time and date you visited the Sites, AdID, precise geolocation and other information. We may share a common account identifier (such as a hashed email address or user ID) with our third-party advertising partners to help identify you across devices. We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics and market research. We may also use services provided by third parties (such as social media platforms) to serve targeted ads to you and others on such platforms. We may do this by providing a hashed version of your email address or other information to the platform provider. Please see the “Control Over Your Information” section below, to learn how you can opt out of interest-based advertising.
Social Media Widgets and Advertising. Our Services may include social media features, such as the Facebook “Like” button, Pinterest, Instagram, Twitter or other widgets. These social media companies may recognize you and collect information about your visit to our Services, and they may set a cookie or employ other tracking technologies. Your interactions with those features are governed by the privacy policies of those companies.
We display targeted advertising to you through social media platforms, such as Facebook, Twitter, Instagram, LinkedIn and other social media forums. These companies have interest-based advertising programs that allow us to direct advertisements to users who have shown interest in our services while those users are on the social media platform, or to groups of other users who share similar traits, such as likely commercial interests and demographics. We may share a unique identifier, such as a user ID or hashed email address, with these platform providers or they may collect information from our website visitors through a first-party pixel, in order to direct targeted advertising to you or to a custom audience on the social media platform. These advertisements are governed by the privacy policies of those social media companies that provide them. If you do not want to receive targeted ads on your social networks, you may be able to adjust your advertising preferences through your settings on those networks.
Third Party Partners. We work with a variety of third-party partners to provide advertising services. For example, we use Google Analytics to recognize you and link the devices you use when you visit our Services on your browser or mobile device, log in to your account on our Services, or otherwise engage with us. We share a unique identifier, like a user ID or hashed email address, with Google to facilitate the service. Google Analytics allows us to better understand how our users interact with our Services and to tailor our advertisements and content to you. For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google's website, “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners/. You can learn about Google Analytics’ currently available opt-outs, including the Google Analytics Browser Ad-On here: https://tools.google.com/dlpage/gaoptout/.
We may also utilize certain forms of display advertising and other advanced features through Google Analytics. These features enable us to use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick advertising cookie) or other third-party cookies together to inform, optimize, and display ads based on your past visits to the Services. You may control your advertising preferences or opt-out of certain Google advertising products by visiting the Google Ads Preferences Manager, currently available at https://google.com/ads/preferences, or by visiting NAI’s online resources at http://www.networkadvertising.org/choices.
Details on the processing of your personal data
In this section we describe in detail when and how we process your personal data, and for what purposes. For lawful bases as per the GDPR, please see the applicable section below.
For how long do you process personal data?
We keep your personal data for as long as we have both a specified purpose and a lawful basis, as described in more detail below. We will usually either delete or de-identify personal data when we no longer have a purpose or lawful basis for processing. On some occasions, we will retain information in the case of complaints or legal claims or as permitted or required by law. Please see below for more information.
When you communicate with us
Depending on how we communicate with one another (which could be via email, phone, our website (including website forms and chat functionality) or on social media), we process your name, contact details, and other information you choose to send to us (like the content of your message). If you contact us online, we also process your IP address and metadata. We use and keep personal data in various systems, like customer relationship management (CRM) and customer service/support systems, for example, to keep meeting notes or share information with others in our business (for example to follow up on a support or privacy request).
The purposes are to be able to respond to your inquiries, manage our business efficiently, including managing all our contacts and streamlining our support, to secure your personal data and to keep records.
If you are a potential customer
We regularly send out email newsletters which sometimes contain information about our products and services. We also offer various complementary downloads, host complementary webinars and events, and offer demos for and trials of our Services, as well as conduct surveys.
When you become a subscriber, request access to a download, attend one of our events, request a demo or trial, or respond to a survey, we process personal data such as your name, email address, IP address, metadata, technical and analytics data, and other information depending on (and clearly visible in) the form you submit. The purposes are to share interesting articles, complementary downloads, relevant information, and other content we hope is useful for you, to obtain your feedback, and to give you the opportunity to see a demo or test our Services before (hopefully!) becoming our customer.
Sharing your personal data in any of these situations is completely voluntary. Please see the “Control Over Your Information” section below for more information on how to opt out of our newsletter or marketing communications. We keep your personal data for as long as we believe you are a potential customer, and then for a reasonable time after in case you decide to become a customer, and as required or permitted by applicable law.
If you are a customer or an affiliate/partner
If you become a customer of ours, we typically process your name, job-related information (such as company name and title), contact details, payment information, purchase and order history, and metadata (for example from transactional emails when we send you a receipt).
If we have an existing customer relationship with you, we may also send you marketing emails we hope you will find relevant and useful. Please see the “Control Over Your Information” section below for more information on how to opt out of our marketing emails.
The purposes for the processing mentioned above are to fulfil our obligations, to deliver the services or products you have purchased, manage our customer relationship, share relevant marketing materials and otherwise provide you with excellent customer service.
Finally, if you apply to become an affiliate or premium partner, we process personal data such as your name, email address, company name, job title, IP address, metadata, and other information depending on (and clearly visible in) the form you submit, and the purpose is to fulfil and manage our affiliate or partner agreement.
We process your personal data while you are a customer or affiliate/partner, and then for as long after as we have a legal obligation as required or permitted by applicable law. For example, we are required by national law to store business records (which may include personal data) for seven years for accounting, tax and other business purposes. We keep your account (for example for Banzai Reach or Demio) for as long as you are on a trial, you are a customer of ours (with access to an account) or you have paused your (customer) account, and then for a reasonable time after you close your customer account in case you decide to become a customer again or want to re-activate your account.
If you apply for a job or work at our company
If you apply for a job with us, we process personal data such as your name, contact details, CVs, references, and other information relevant for a particular role and as shared by you. We process this data in order to assess, manage and respond to your application. If your application is unsuccessful, you can opt to have your information stored for a future application. If you are offered and accept a job with us, we will process your data to facilitate the onboarding process and manage the employment relationship.
We process your personal data if you become an employee of Banzai in accordance and retain the data as specified in the relevant employee data retention policy. Job applicants who are unsuccessful can ask us to keep their personal data for other job applications in the future, otherwise the information will be deleted within three years after your application was processed or as required or permitted by applicable law.
If you supply services to or collaborate with us
When you enter into an agreement with us either as a vendor, partner, processor or similar, we process personal data such as your name, contact details and correspondence., The purposes for processing are to be able to enter into this agreement and to respond to your inquiries. We process your personal data for as long as we work together, and then for as long as we have a legal obligation as required or permitted by applicable law.
When you use our website
Fulfil or meet the reason the information was provided and manage our organization
Conduct research and analytics
We use personal data to identify and analyze how individuals use our Services, and conduct research and analytics on our customer and user base and our Services. The processing is necessary for our legitimate interests, namely, to tailor the Services to the user and to monitor and resolve issues with the Services and to improve the Services generally.
Prevent and investigate fraud or unlawful activity
We use personal data to prevent, investigate or provide notice of fraud or unlawful or criminal activity. We also use personal data to help maintain the safety, security and integrity of our property and Services, technology assets and business. The processing is necessary for our legitimate interests, namely, to protect our business and your account from fraud and other illegal activities.
Diagnose and fix technology problems
We also use personal data to test, enhance, update and monitor the Services, or diagnose or fix technology problems. The processing is necessary for our legitimate interests, namely, to tailor the Services to the user and to monitor and resolve issues with the Services and to improve the Services generally.
Whom we share your personal data with
We share personal data with other parties such as:
- Service providers such as our accountants, auditors, attorneys and others helping us in a professional capacity.
- Processors: Providers of services that process your personal data on our behalf (“processors”).
- IT support, which could be service providers or people working for a processor.
- Public authorities we are obliged to report to.
- For law enforcement purposes.
We use processors for:
- Email, calendar and online meetings.
- Accounting, bookkeeping, invoicing, online payments and financial operations.
- Cloud storage.
- Email services, including email marketing and transactional emails.
- Project management, timekeeping, scheduling and internal collaboration and communication.
- Customer relationship management, service and support.
- Website CMS and tools used on our website (for example chat functionality).
- Electronic signing of documents.
- Marketing and analytics.
- Job applications.
- Surveys and customer satisfaction feedback.
If you would like to know more about our processors and whom we share your personal data with, please contact us using the contact details provided at the top of this Policy.
Country/region specific information
We may choose or be required by law to provide different or additional information relating to the processing of personal information (as defined below) about residents of certain countries, regions or states. Please refer below for additional information that may be applicable to you:
Information for individuals based in the EEA (GDPR) and UK (UK GDPR)
If you are based in the EEA, which includes the EU member states and the EEA countries Iceland, Liechtenstein and Norway, and the UK, this section applies solely to you. Unless otherwise expressly stated, all terms in this section have the same meaning as defined in this Policy or as otherwise defined in the GDPR or UK GDPR.
Since we are an American company headquartered in the United States, your personal data will be transferred outside the EEA and UK, for example, where we use processors to manage payments and transactional emails. When you enter into an agreement with us (for example, if you become our customer), you accept this transfer of your personal data.
As part of our privacy efforts, we strive to select our vendors and partners carefully, and try to assess their business overall (for example, their business reputation and security measures), to check for prior data breaches, to inquire about their data protection compliance and legal documents.
Further, we check whether a country outside the EEA or UK (as applicable) offers an adequate level of data protection (has obtained an adequacy decision from the competent authority) or, if this is not the case, that an alternative transfer mechanism is in place (like the standard contractual clauses (“SCC”, also called Model Clauses) for the international transfer of personal data. Should you have any questions regarding our implementation of appropriate safeguards in connection with our international transfers of data (or require a copy of the relevant safeguards), you may contact email@example.com.
Finally, we have appointed a Data Protection Officer. Please refer to the top of this Policy for contact details.
Privacy Shield certification and compliance
Before Demio Holding Inc. was acquired by Banzai, it was certified under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce and the European Commission and Swiss Administration, respectively, for the collection, use, and retention of personal information transferred from the EU and Switzerland to the United States. Despite the invalidation of the EU-U.S. framework in the Schrems II ruling, Demio opted to renew the certification and is still subject to the investigatory and enforcement powers of the Federal Trade Commission. Further, Demio participates in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to these terms, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here.
Your data protection rights
Under the GDPR and UK GDPR, you have certain data protection rights, summarized in brief below. (To access all details pertaining to these rights, please refer to the GDPR legal text (or if applicable, the UK GDPR text)).
- Transparent information: You are entitled to receive information about the processing of your personal data, in a concise, transparent, intelligible and easily accessible form, using clear and plain language. We have tried to write this Policy in line with this and you can contact us at any time for clarifications.
- Exercising your rights: You are entitled to be able to exercise your rights under the GDPR and UK GDPR and receive information on actions taken without undue delay and in any event within one month (this may, however, be extended by two months under certain circumstances), free of charge, unless your request is found to be manifestly unfounded or excessive (in which case we will notify you).
- Withdraw consent: Where the processing of your personal data is based on your consent, you are entitled to withdraw this consent at any time.
- Access and rectification: You can request access to or a copy of the information we process about you and ask us to update any incorrect data.
- Erasure, restriction and objection: In certain circumstances, you may ask us to delete, or restrict or object to our processing of your personal data. Note, however, that we cannot delete data we are legally required to process (for example for bookkeeping, accounting, tax or other operational business purposes) or when it is necessary to retain for the establishment, exercise or defense of legal claims. We may also store your email address in our Global Suppression List where you have withdrawn your consent, to avoid contacting you again.
- Data portability: Where processing is based on either your consent or a contract, you may ask us to transmit your personal data in a structured, commonly used and machine-readable format, to you or to another controller.
- Automated individual decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning or similarly significantly affect you. We do not rely on automated individual decision-making in our business.
- Complaints: If you unhappy about how we process your personal data, we hope that you will first give us a chance to resolve your situation. Please contact us at firstname.lastname@example.org so that we have an opportunity to address your concerns directly and find a solution together. If you are still not satisfied with our follow-up, you can lodge a complaint to the competent data protection authority.
You can request to have your information deleted by filling out the Banzai Privacy Request form.
You may contact us at email@example.com at any time to exercise any of your rights listed above.
Legal grounds for processing
We only process your personal data when we have a purpose and a lawful basis. Under the GDPR, we process your personal data based on:
(a) Your consent: Wherever you clearly consent to the processing, for example when you sign up for our newsletters or events, request a demo, free trial or a download, or submit a survey. Here, your consent is implied, meaning that you consent by submitting a particular form. We also rely on your consent for using cookies and other technologies on our website and here you explicitly agree to these. Note that your default setting depends on your location (country), as the rules for using such technologies vary across the EEA and UK.
(b) It is necessary for the performance of a contract to which you are party, or to take steps at your request prior to agreeing a contract: This applies to any processing where you sign a contract with us, for example when you become our customer, participate in our affiliate or premium partner program, deliver services to us as a vendor, freelancer or contractor, or apply for a job or become our employee.
(c) We are subject to a legal obligation: For any processing where we need to comply with laws and regulations related to bookkeeping, accounting, taxation and employment, for example for keeping records.
(d) We have a legitimate interest which we believe outweighs your interests or fundamental rights and freedoms. This applies to the following processing activities:
- When we communicate: To respond to your inquiries and, on some occasions, keep records in case of complaints or legal claims.
- When you use our website or online platforms: When you access and use our website or any of our online platforms (for example Banzai Reach or Demio), we process technical and analytics data to see if and how our Services can be improved, so that we can offer you a better user experiences in the future.
- Global Suppression List: Avoid contacting you again if you have withdrawn your consent to marketing-related activities.
- Marketing to existing customers (unless you have consented to such marketing): To find, customize and offer products and services we hope you find useful and relevant, i.e., provide you with excellent customer service.
- Sharing personal data with other parties: To run our business efficiently and securely.
You can always withdraw your consent or contact us if you want us to stop processing your personal data. Please note that we cannot always delete your data, for example if we are required to keep it for legal obligations or other business purposes, but we will always explain this in detail if it applies to your situation.
Information for individuals based in the United States
If you are based in the United States, this section applies to you.
- Nevada Residents: Nevada law (SB 220) permits customers in Nevada to opt-out of the sale of certain kinds of personal information. We do not sell your personal information to third parties. If you are a Nevada resident and have questions, please contact us via phone, email, or write to us as provided above.
Control Over Your Information
You may control your information in the following ways:
- Access to Your Device Information. You may control the Services’ access to your device information through your “Settings” app on your device. For instance, you can withdraw permission for the Services to access your network devices and geolocation and to integrate with your other applications.
- Email Communications Preferences. You may withdraw your consent to receive marketing or promotional communications at any time by clicking the “unsubscribe” link found within email updates from Banzai or our customers and changing your contact preferences. (Please note that if you have an account or are a customer of ours, we sometimes need to send you non-promotional, service-related emails which are necessary to deliver our Services, and you cannot opt out of these.)
- SMS Text Messaging. You may opt-out of receiving promotional SMS text messages at any time. Please note that unsubscribing from promotional text messages will not prevent you from SMS texts from Banzai directly relating to your use of the Services, such as for account login (e.g. we may send you a security verification code). To unsubscribe from promotional SMS texts, you can reply STOP to any one of our promotional text messages. For more information, see our Terms of Service.
- Modifying or Deleting Your Information. If you have any questions about reviewing, modifying, or deleting your information, you can contact us directly at firstname.lastname@example.org. We may not be able to modify or delete your information in all circumstances.
- Online Ads: To learn more about interest-based advertising and how you may be able to opt-out of some of this advertising, you may wish to visit the Digital Advertising Alliance’s (DAA) resources and/or the Network Advertising Initiative’s (NAI) online resources, at www.aboutads.info/choices or http://www.networkadvertising.org/choices/ and you can opt-out of receiving some interest-based advertisements on mobile apps by visiting http://www.aboutads.info/appchoices. You may also be able to limit interest-based advertising through the settings menu on your mobile device by selecting “limit ad tracking” (iOS) or “opt-out of interest-based ads” (Android). You may also be able to opt-out of some — but not all — interest-based advertising served by mobile ad networks by visiting http://youradchoices.com/appchoices and downloading the mobile AppChoices app.
If you want to opt out of receiving online interest-based advertisements on mobile apps, please follow the instructions at http://www.aboutads.info/appchoices.
You may contact us at email@example.com at any time for questions or requests regarding the processing of your personal data. Please note that we may request additional information from you to verify your identity before we disclose any personal or account information.
We strive to use appropriate technical, administrative, and physical security measures designed to protect your personal data against accidental or unlawful destruction, loss, change or damage.
Our role as a Processor
This Policy describes how we process your personal data when we are the Controller. When we process personal data on your behalf, however, we act as a Processor (and in this situation, you are the Controller of the personal data in question).
When we act as a Processor, we are subject to certain legal requirements. Please see our Data Processing Addendum, which includes the SCCs, for further details.
Processing of your personal data when Banzai is a Processor
If you have signed up for or attended an event/webinar hosted by one of our customers, they are the Controller of your personal data, not us (Banzai). In this case, we are a Processor. If you have questions about the processing of your personal data in this situation, please contact the event/webinar host or relevant controller directly.
Our Services are not directed to children under the age of eighteen (18). If you become aware that your child has provided us with personal data, please contact us. If we become aware that a child under this age has provided us with personal data, we will take steps to terminate the child’s account and remove all of their data.
Links to third-party websites or services
Our Services may include links to third-party websites, plug-ins and applications. Except where we post, link to or expressly adopt or refer to this Policy, this Policy does not apply to, and we are not responsible for, any personal data practices of third-party websites and online services or the practices of other third parties. To learn about the how these other parties process your personal data, please visit their respective privacy policies.
If we are involved in a reorganization, merger, acquisition, or sale of our assets, your personal data may be included as part of such a deal. In that case, we will notify you via email and inform you of any choices you may have regarding your personal data.
This Policy was last updated: June 24th, 2022.