Highfive and CCPA Compliance

Last Updated: August 3, 2020

The California Consumer Privacy Act (CCPA), extends certain rights to California consumers starting January 1, 2020.

Information collected and stored by Highfive

Highfive, as a video conferencing services provider, collects minimal personal information that includes email address, first name and last name of a user to both identify and authenticate the user as well as to personalize the services for that user. While scheduling and conducting meetings, certain call detail records (start date/time, duration, etc.) are collected and stored for reporting. If a user records a meeting, such recordings are stored encrypted, for which the user manages the sharing permissions and the life cycle.

Highfive’s privacy and security practices and compliance with CCPA.

Our Privacy Policy provides a clear explanation on how we collect, use and share personal information. The information collected is used only for the purpose of the user’s utilization of Highfive’s services and, if needed, shared with our subprocessors and subcontractors for the same purpose. Highfive has data processing agreements in place with the subprocessors and subcontractors and reviews their annual certification reports for adherence to the required data security obligations and controls. Highfive does not sell personal information to any third parties. Additionally, Highfive sells its services directly to businesses and not to individual consumers, signs terms and conditions and service agreements with those businesses, and complies with common privacy regulations such as European Union’s General Data Protection Regulation (GDPR).

Highfive has documented the information flow and has implemented adequate data protection for the personal information at rest, in transit and at use based on risk assessment. These practices are reviewed and adjusted whenever there is a significant product or process change. Our applications provide links to the Privacy Policy and the Terms of Service at prominent points of interaction where personal information or credentials are input. Account holders can request their personal information to be deleted by sending an email to legal@highfive.com or by calling us at one of our global support numbers. Highfive will respond to the request within 45 days after verifying the authenticity of the request.