Why does WAVE-AVI gather and hold data in the first place? What is its purpose?

WAVE-AVI develops and offers a cloud based streaming, recording and online video platform. Hence WAVE-AVI is acting as a data processor.

All of WAVE-AVI’s clients own their media and data and are also responsible for it.

One of the core features in the WAVE-AVI cloud platform is to upload, store and manage video content together with other data content. This is to offer a user friendly solution to manage large volumes of data with the purpose of enabling communication inside and outside of an organization. For WAVE-AVI to do this we need to store personal data such as email, login details, country and region of users and viewers and of course video content containing people and personal data.

In normal use, our servers need to handle some potentially Personal Data to provide satisfactory operation. This is contained in the configuration data, history database, and log files.

Configuration data can include such things as VMR names, endpoint or telephone numbers for automatic dial out and email addresses for configuration reminders. Configuration data is required in order for the servers to operate correctly.

Whilst operating, our servers log significant events for security and service diagnostic purposes. These log files could contain information such as VMR names, end point identifiers and telephone numbers, IP addresses to which connections were placed or from which they were received.

Both history data and log data is required for administrators to verify the correct operation of the system and to diagnose reported issues.

Upon what legal basis are you justifying holding that data? Consent or legal requirements?

WAVE-AVI are holding, storing and processing data for our clients and we do this with consent from the client. All users logging into the platform from March 2022 will have to give their consent and the consent will be documented in our platform database.

Who has access to that data?

In WAVE-AVI there are several different levels of security and data classification.

Depending of the security level and need of the client different access rights are given to the data. Standard security level means that End user has to give consent for a WAVE-AVI or WAVE-AVI reseller Support Representative to access the End user account and End user data. All access and changes done in the system is logged and can be extracted for further analysis.

How is WAVE-AVI protecting data from breaches?

WAVE-AVI have built the infrastructure and the software system based on high security standards. WAVE-AVI has a complex server and infrastructure setup with only chosen senior developers with access to the server structure. The data in WAVE-AVI’s server infrastructure is protected by firewalls against DDoS attacks and has redundant backups, electricity and internet connections.

The WAVE-AVI services and platform has full functionality to tag and index video material with metadata to offer a GDPR proof platform where end users and clients can organize their content accordingly.

What data does WAVE-AVI store?

WAVE-AVI stores video recordings and video media together with metadata for our clients and partners.

Data from viewers that is collected and stored is data such as IP addresses, email addresses, geographical data, screen size, operating system, browser. Data stored about end users and administrators is username, email address and preferred language.

Our platform management server will store a record of successful calls in the system in its History database. This will also contain information such as VMR names, end point identifiers and telephone numbers, IP addresses to which connections were placed or from which they were received.

When system snapshots are taken they will contain database, log, and configuration files. They potentially contain Personal Data and are treated accordingly.

Third parties

WAVE-AVI will not share any data to a third party and WAVE-AVI will not store any data after a contract with a client is finished or after an end user have deleted their account.

Where is the data stored?

All our data is stored and contained within the EU in different data centers. Depending on which region the client is based and, on the clients, demands the data will be stored in chosen or recommended region.

How to get your personal data exported and/or deleted

With GDPR every person owns their own personal data. To get your personal data exported and/or deleted you have to contact your WAVE-AVI partner, reseller or with WAVE-AVI support at [email protected]

What is WAVE-AVI’s data deletion routine?

When data is deleted in WAVE-AVI it follows a strict routine and it first gets deleted from the WAVE-AVI application database. After 24 hours data gets deleted from the main database first backup, after one week data gets deleted from the weekly backup and after one month the data is completely deleted in WAVE-AVI.

Deleted data before the last monthly backup can be restored and the data-restore work will be billed hourly. For any further questions about WAVE-AVI and our data compliance please contact us at [email protected]