Data Protection Statement

We value the trust you place in Qumu. We are committed to providing our customers and partners with a secure environment utilizing state of the art technologies to safeguard your information and respect your privacy. Qumu is also committed to fulfilling its obligations under the data protection laws of the countries in which we operate and in so doing meeting the expectations of our customers, partners and employees worldwide. Qumu has in place internal mechanisms to verify ongoing compliance as required or allowed by law to meet its legal, governmental, law enforcement and national security obligations.

In 2000, the United States Department of Commerce and the European Commission agreed to a set of “Safe Harbor” principles to ensure necessary protection for European individuals whose personal data is transferred from within the European Economic Area (EEA) to the United States. Qumu certified its commitment to protect personal data in accordance with those standards. In October 2015, the Court of Justice of the European Union (CJEU) issued a ruling invalidating the EU-US Safe Harbor framework as the basis for the secure transfer of personal data from the European Union to the United States. The rules under which Qumu operated were suddenly gone.

A significant step was taken towards the establishment of a new Safe Harbor framework when the Judicial Redress Act (JRA) became US law on February 24, 2016. That law provides a legal mechanism that entitles EU citizens to sue in US court for violations of US privacy laws. The signing of the JRA is believed to pave the way for the execution of a “EU-US Privacy Shield” agreement concerning commercial data transfers, which will replace the Safe Harbor Agreement. An agreement was reached at a political level by the EU and US on February 2, 2016 and On July 12, 2016 the European Commission deemed the Privacy Shield Framework adequate to enable data transfers under EU law. Qumu intends to comply with the EU General Data Protection Regulation by the deadline of May, 2018. Until then, Qumu will continue to safeguard your information under the same privacy policies we apply to our own data. For our UK customers, Qumu has also registered with the UK Information Commissioner’s Office as being compliant with the Data Protection Act of 1998.

Qumu uses physical, technical and organizational security measures to prevent unauthorized or unlawful processing, accidental loss of or destruction of or damage to personal information, but of course these problems cannot be prevented by Qumu if caused by our partner or customer. When appropriate, personal data collected or displayed through our systems and software are protected by industry standard encryption processes; however, we cannot guarantee the security of any information, we can only endeavor to protect it. To that end, we have implemented our security framework based on a comprehensive set of security requirements and controls that meet or exceed those utilized by similar companies in our business segment.

We are committed to fully protecting all of the information you have entrusted to us and will continue to update our security framework as information regarding the EU-US Privacy Shield becomes available.

Please contact your Qumu representative or Qumu Legal Counsel, Arthur J. Glassman, with any questions concerning this statement or any of our privacy practices.