Effective Date: October 26, 2024
Last Updated: October 26, 2024
This Privacy Policy ("Policy") explains how Closed Caption Converter Inc. ("we," "us," "our") collects, uses, protects, and shares information. This Policy is designed to provide you with a comprehensive understanding of our data practices and to demonstrate our firm commitment to protecting your privacy and the confidentiality of your content.
This Policy applies to your use of the Closed Caption Converter website located at https://www.closedcaptionconverter.com, our downloadable standalone application, our Command Line Interface (CLI), our Application Programming Interface (API), and any other related products, software, or services we provide (collectively, the "Services").1
For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the data controller for the personal data described in this Policy is:
Closed Caption Converter Inc.
83 Barrie Street
Cambridge, Ontario N1S 3B1
Canada 2
As a company based in Canada, we operate under a robust privacy framework, and this Policy is governed by the laws of Canada.3
We recognize that our Services are professional tools designed for the broadcast media and film industries, where the confidentiality and integrity of user content are paramount.1 This Policy is built on the core principles of transparency, data minimization, and security. We are committed to handling your information responsibly and have structured our Services to protect the intellectual property you entrust to us.
A critical aspect of this commitment is distinguishing between the data needed to operate your account and the content you upload for processing. This distinction is fundamental to how we provide our Services and protect your information, ensuring that your valuable files are handled with the highest standard of care. The failure of many generic policies to address this specific concern for professional users is a gap we aim to close, building a framework of trust from the very beginning.
Our data processing activities are carefully tailored to the specific functions of our Services. To provide clarity, we differentiate between our roles as a "Data Controller" and a "Data Processor," as these roles carry different responsibilities under data protection laws like the GDPR.
Understanding the two different roles we play is essential for understanding our privacy commitments.
To fulfill our transparency obligations under global privacy laws, the following table provides a detailed summary of our data processing activities. It outlines the categories of data we process, the sources of that data, our purposes for processing it, and the legal basis we rely on under the GDPR.4 This structured approach provides a clear, at-a-glance overview that is more accessible than dense prose, demonstrating a commitment to accountability that goes beyond generic templates.7
Table 1: Summary of Our Data Processing Activities
| Category of Data | Examples of Data | Source | Purpose of Processing | Legal Basis (under GDPR) |
|---|---|---|---|---|
| Account Information | Name, email address, password (securely hashed). | Provided by you during registration for a trial or paid plan.2 | To create, secure, and manage your user account; to authenticate your access to the Services; to communicate with you about your account, transactions, and essential service-related updates. | Performance of a Contract: Necessary to create and maintain your account to provide the Services you have requested.8 |
| Payment Information | Billing address, payment instrument number (e.g., credit card number), security code associated with your payment instrument. | Provided by you when you subscribe to a paid plan.2 | To process payments for your subscription; to fulfill and manage your orders; to prevent and detect fraudulent transactions. All payment data is securely collected and vaulted by our third-party payment processor, Stripe.2 | Performance of a Contract: Necessary to process payment for the Services you have purchased.8 |
| Content Data | Subtitle and closed caption files in various formats (e.g., SCC, MCC, EBU-STL), including the textual content and timecode information contained within those files.1 | Uploaded or submitted by you to the Services (via web browser, application, CLI, or API) for processing.1 | To provide the core functionality of the Services, including file conversion, segmentation, timecode offsetting, frame rate conversion, and inspection, as initiated by you. This processing is automated.1 | Performance of a Contract: We process this data to perform the specific service you have requested and paid for.8 |
| Communications Data | Your email address and the content of your messages, including any attachments, when you contact our support team or provide feedback.1 | Provided by you when you email us, submit a support ticket, or otherwise communicate with us.2 | To respond to your inquiries; to provide technical support and troubleshooting; to gather feedback for the improvement of our Services; to address your requests for new features or formats.1 | Legitimate Interest: To provide effective customer service and to improve our products based on user feedback.2 |
| Log & Usage Data | Internet Protocol (IP) address, browser type and settings, device information, operating system, referring URLs, date/time stamps of your usage, pages and files viewed, features used, and device event information such as system activity and error reports (crash logs).2 | Collected automatically when you access or use our Services, including the website, application, and API.2 | To maintain the security, stability, and operational integrity of our Services; to monitor for and prevent malicious activity; for internal analytics to understand service performance and usage patterns; to diagnose and troubleshoot technical issues.2 | Legitimate Interest: To ensure our Services are secure, reliable, and performing correctly.2 |
| Device Data | Information about the computer, phone, tablet, or other device you use to access the Services, which may include your IP address (or proxy server), device and application identification numbers, location, browser type, and hardware model.2 | Collected automatically when you use our Services.2 | To optimize the delivery and presentation of our Services for your specific device; for security purposes, such as identifying and preventing fraudulent access to your account.2 | Legitimate Interest: To provide a functional and secure user experience tailored to your device.2 |
| Cookie Data | Small data files stored on your device that may include unique identifiers. | Collected via your browser when you visit our website.2 | For essential site functionality such as session management and authentication (keeping you logged in); for performance analytics to help us understand and improve website traffic and user interaction. Please see Section 5 for more details. | Consent (for non-essential cookies) or Legitimate Interest (for strictly necessary cookies).8 |
We are committed to being transparent about when and with whom we share your information. Our sharing practices are limited and are for the specific purposes described below.
We state unequivocally that we do not "sell" or "share" (for the purpose of cross-context behavioral advertising) your personal information, as those terms are defined by the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA). We have not engaged in such activities in the preceding 12 months and will not do so in the future.2 Your trust is not for sale.
We engage a limited number of third-party companies and individuals to perform services on our behalf (our "Service Providers"). These Service Providers are contractually obligated to handle your data securely and only for the purposes we specify. We share information with the following categories of providers:
We may disclose your information where we are legally required to do so in order to comply with applicable law, a governmental request, a judicial proceeding, court order, or other legal process, such as in response to a subpoena (including in response to public authorities to meet national security or law enforcement requirements).2 We may also disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the physical safety of any person, illegal activities, or as evidence in litigation in which we are involved.2
Our operations are global, which may require the transfer of your information across borders.
We have implemented and maintain a robust security program designed to protect the personal information we process.
We have implemented appropriate technical and organizational security measures designed to protect the security and confidentiality of your information. While no electronic transmission or storage technology can be guaranteed to be 100% secure, we take steps to safeguard your data, including 2:
You are responsible for maintaining the security of your account credentials. We recommend using a strong, unique password and enabling two-factor authentication if available. You should only access the Services from within a secure environment.2
We practice data minimization by retaining personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.7 Our retention periods vary depending on the type of data.
We use cookies and similar tracking technologies to operate and improve our website and Services.
Cookies are small text files placed on your computer or mobile device by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.2
We categorize the cookies we use to provide you with transparency and control:
Most web browsers are set to accept cookies by default. You have the right to decide whether to accept or reject non-essential cookies. You can typically set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our website, though your access to some functionality and areas may be restricted. To learn more about how to manage cookies, you can visit the help pages of your browser or visit http://www.aboutads.info/choices/ to opt-out of interest-based advertising from participating companies.2
Some web browsers offer a "Do-Not-Track" feature. At present, there is no uniform technology standard for recognizing and implementing DNT signals. Therefore, like many other websites, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.2
We respect your right to control your personal information. Depending on your location, you may have certain rights under applicable data protection laws. We are committed to facilitating the exercise of these rights.
To exercise any of the rights described below, please contact us using the information provided in the "Contact Us" section. You can reach our privacy team directly at privacy@closedcaptioncreator.com.2 We will respond to your request in accordance with applicable law and within the legally mandated timeframes (e.g., within one month for requests under GDPR). We may need to verify your identity before processing your request to protect your information from unauthorized access.
If you are a resident of the EEA, UK, or Switzerland, you have the following data protection rights 4:
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), provides you with specific rights regarding your personal information. This section describes your CCPA rights and explains how to exercise them.13
You have the following rights:
Verification Process: To process your request to know, delete, or correct, we must verify your identity to a reasonable degree of certainty. We will typically do this by matching the identifying information you provide in your request with the personal information we already maintain. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.2
Authorized Agents: You may designate an authorized agent to make a request under the CCPA on your behalf. We may require that you provide the authorized agent with written permission to do so and that the agent verify their own identity directly with us.2
"Shine the Light" Law: California Civil Code Section 1798.83 permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us using the information provided below.2
CCPA Data Categories: The CCPA requires us to disclose the categories of personal information we have collected over the past 12 months. This information is detailed in the table below, which corrects and clarifies the generic information found in our previous policy version.2
| Category | Collected | Business or Commercial Purpose for Collection |
|---|---|---|
| A. Identifiers. (e.g., name, email address, IP address, account name) | YES | To create and manage accounts, provide services, process payments, communicate with users, and ensure security. |
| B. Personal information categories listed in the California Customer Records statute. (e.g., name, address, telephone number, credit card number) | YES | To process payments and manage user accounts. |
| C. Protected classification characteristics under California or federal law. | NO | We do not intentionally collect this information. |
| D. Commercial information. (e.g., records of products or services purchased, obtained, or considered) | YES | To fulfill and manage orders, process payments, and maintain transaction history for accounting and support. |
| E. Biometric information. | NO | We do not collect this information. |
| F. Internet or other similar network activity. (e.g., browsing history, interaction with our website, application, or advertisement) | YES | To maintain security and operations, for internal analytics, and to troubleshoot issues. |
| G. Geolocation data. | YES | We may collect imprecise location data (e.g., country) from your IP address for analytics and security purposes. We do not collect precise geolocation data. |
| H. Audio, electronic, visual, thermal, olfactory, or similar information. | NO | We do not collect this information, aside from the Content Data you provide for processing. |
| I. Professional or employment-related information. | NO | We do not collect this information as part of our service offering. |
| J. Education Information. | NO | We do not collect this information. |
| K. Inferences drawn from other personal information. | NO | We do not create profiles about consumers reflecting their preferences, characteristics, or behavior. |
Our Services are intended for a professional audience and are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal information from a child under 16, we will take steps to delete such information from our files as soon as possible.
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated version will be indicated by a "Last Updated" date at the top of this Policy. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to stay informed of how we are protecting your information.2
This Privacy Policy and any disputes related thereto shall be governed by and construed in accordance with the laws of Canada and the Province of Ontario, without regard to its conflict of laws principles. This is consistent with the governing law clause in our Terms of Service.3
If you have questions, comments, or concerns about this Privacy Policy, our data practices, or your privacy rights, please do not hesitate to contact us.
For general privacy inquiries or to exercise your rights:
For CCPA-specific requests, you may also use the following:
Mailing Address:
Closed Caption Creator Inc.
Attn: Privacy Officer
83 Barrie Street
Cambridge, Ontario N1S 3B1
Canada 2