Customer Content: media files, playlists/schedules, device assignments, metadata.
Device & telemetry (players): device IDs, IP address, OS/app version, uptime, storage/battery/network stats, crash logs, time sync status.
Usage & support: actions in the dashboard/API, tickets, call/chat recordings if you contact support.
Cookies & similar tech: essential cookies for login/session; optional analytics/marketing cookies (see ยง9).
Optional sensors/integrations (if you enable them): e.g., proof-of-play beacons, occupancy counters. We do not use facial recognition or store biometric templates.
How we use data
Provide, secure, and improve the Service (hosting, caching, transcoding, playbook, monitoring).
Authenticate users and prevent abuse.
Billing, account management, and customer support.
Analytics (aggregate or de-identified where possible).
Send service notices; send marketing only with consent/opt-out.
Comply with law and enforce our Terms.
Legal bases (EU/UK users)
Contract (to provide the Service), legitimate interests (security, analytics), consent (non-essential cookies/marketing), and legal obligation.
Sharing & disclosure
We share personal data only with:
Sub-processors that help us run the Service (cloud hosting/CDN, email/SMS, payments, analytics).
Your instruction (e.g., integrations you connect).
Legal reasons (court orders, to prevent fraud/security threats).
Business transfers (merger/sale).
We don't sell personal information.
International transfers
Data is primarily hosted in Australia/US. If data is transferred internationally, we use appropriate safeguards (e.g., SCCs/IDTA). For Australian users, we take reasonable steps to ensure overseas recipients protect it to a comparable standard.
Retention
We keep data only as long as needed for the purposes above:
Account & billing: while your account is active + 7 years.
Logs/telemetry: typically 30-180 days.
Customer Content: until you delete it or 30 days after account closure.
Device caches may persist until devices sync or are wiped.
Security
We use technical and organisational measures (encryption in transit, access controls, backups, auditing). No method is 100% secure. You're responsible for strong passwords, MFA, API key hygiene, and physical security of player devices.
Cookies
Essential (login, session, CSRF): required.
Analytics (product usage): optional.
Marketing (emails/ads): optional.
Manage preferences via our cookie banner or browser settings.
Your rights
Australia (Privacy Act 1988): access and correction; lodge a complaint with the OAIC.
EU/UK GDPR: access, rectification, erasure, portability, restriction/objection, withdraw consent, lodge a complaint with a supervisory authority.
California (CPRA): know, delete, correct; we do not "sell" or "share" personal info for cross-context ads.
Contact us at [email protected] or use in-app controls. If we process data for a customer (processor role), direct your request to the relevant customer.
Children
The Service isn't directed to children under 16 (or lower age where permitted). We don't knowingly collect their personal data.
Third-party services & links
Third-party services you connect (e.g., data feeds, maps, video, fonts) are governed by their own policies.
Changes
We may update this policy. If changes are material, we'll notify you (email or in-app). Continued use after the effective date means you accept the updated policy.
How to complain (Australia)
If you're not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC): oaic.gov.au or 1300 363 992.