<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=YOUR_ID&amp;fmt=gif">

GDPR & CCPA-CPRA

How VIDIZMO supports EU data protection and California consumer privacy requirements.

What It Is

The General Data Protection Regulation (GDPR) governs data protection and privacy in the EU. The California Consumer Privacy Act and its successor, the CPRA, do the same for California residents. Both give individuals rights over their personal data and place obligations on the organizations that process it.

What They Majorly Require, and How VIDIZMO Supports Them

  • A lawful basis for processing and a data processing agreement between controller and processor: a Data Processing Agreement (DPA) is available, naming VIDIZMO as Processor and the customer as Controller.
  • Security of processing (GDPR Article 32): AES-256 encryption at rest, TLS in transit, and role-based access control.
  • Breach notification to the supervisory authority within 72 hours (GDPR): VIDIZMO commits to notifying the customer within 2 business days of confirmation, ahead of that window, so the customer can meet its own regulatory deadline.
  • Support for Data Protection Impact Assessments (DPIAs) on high-risk processing: VIDIZMO cooperates in good faith with audits and provides reasonable DPIA support.
  • Data residency for EU personal data: supported through the Europe region, in two ways.
    • Local deployment in Europe: VIDIZMO can be deployed on the customer’s own infrastructure, physically located in Europe.
    • SaaS with a European-region Azure Blob: the SaaS itself is still VIDIZMO-hosted, but the underlying Azure Blob Storage can be set to a customer-chosen European region, so data at rest stays there.
    For AI-driven processing, such as redaction, transcription, or search, data moves temporarily into VIDIZMO’s processing systems and is deleted immediately once processing completes. This handling is governed under the Data Processing Agreement.
  • Consumer rights to know, delete, and opt out of sale (CCPA/CPRA): supported through the same access-control and data-handling practices applied platform-wide.
back to top