EZ Plus (also referred to as “EZTV”, “we”, “us”, or “our”) provides digital signage software and related services operated from San Francisco, California, USA. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our websites (including eztv.plus), apps (including our tvOS app and management apps), and integrations with third-party services (e.g., Google Workspace).
By using our Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.
Google user data: When you connect your Google account, we access only the data necessary to provide specific features (e.g., showing selected Google Slides on TVs, rendering calendar events). We comply with Google’s API Services User Data Policy, including the Limited Use requirements. You can revoke access at any time at myaccount.google.com/permissions.
1) Information We Collect
- Account & Contact Info. Name, email, organization, and authentication identifiers when you register or sign in.
- Integrations Data (Google).
- Google Slides (read-only): titles, IDs, metadata such as
modifiedTime
, thumbnails, and presentation content necessary to display slides on signage. - Google Calendar (read-only): calendar lists and event data (summary, time, location, description) used to render schedules on signage.
- Google Drive (scoped access): for files you explicitly select or open with our app, we may read file metadata (e.g.,
modifiedTime
) to decide whether to re-capture or refresh displayed content.
- Google Slides (read-only): titles, IDs, metadata such as
- Device & Usage Data. IP address, device and OS information, app version, logs, and activity within the Services to operate, secure, and improve functionality.
- Support & Communications. Messages, support tickets, and contact information you send us.
2) How We Use Information
- Provide, operate, and improve the Services (including displaying selected Slides/Calendars on signage).
- Authenticate users; maintain accounts; provide customer support.
- Secure our Services, prevent abuse/fraud, and troubleshoot issues.
- Comply with legal obligations and enforce terms.
We do not use personal information for targeted advertising.
3) Google User Data – Limited Use
When you connect your Google account, we access only the data necessary to provide specific features (for example, showing selected Google Slides on TVs or rendering calendar events). Our use and transfer of information received from Google APIs will adhere to Google’s API Services User Data Policy, including the Limited Use requirements. You can revoke our access at any time at myaccount.google.com/permissions. We also comply with the Google Privacy Policy.
- We request the minimum Google OAuth scopes required to deliver the features you choose to use.
- We use Google data only to provide or improve user-facing features; we do not use it for advertising or create unrelated profiles.
- We do not sell Google user data or transfer it except as necessary to provide the Services or as required by law.
- Human access to Google data occurs only with your consent, to comply with law, or for security/abuse investigations.
4) Data Protection & Security
Security procedures are in place to protect the confidentiality of your data. We use encryption to protect your information. Specifically, we implement:
- Encryption in transit and at rest: TLS 1.2+ for data in transit; industry-standard encryption (e.g., AES-256) for data at rest. OAuth tokens and other secrets are stored encrypted.
- Access controls: least-privilege access, role-based permissions, strong unique credentials, and scoped access keys for administrative access.
- Auditing & monitoring: logging of access and changes in production systems; anomaly monitoring.
- Secure development: code reviews, dependency patching, and vulnerability management.
- Backups & availability: encrypted backups and redundancy to minimize service disruption.
- Incident response: documented procedures for detecting, responding to, and notifying (as required by law) about security incidents.
4a) Sensitive Data
We do not intentionally collect “sensitive personal information” as defined by applicable law (e.g., precise geolocation, government IDs, racial or ethnic origin, health information) unless you or your organization provide it to us for a specific purpose. If we process any such information, we apply additional safeguards and restrict access on a need-to-know basis. Security procedures are in place to protect the confidentiality of your data, and we use encryption in transit and at rest.
5) Data Retention & Deletion
- Account data is retained while your account is active. Upon account deletion, we delete or anonymize personal data within 30 days, unless we must retain it to meet legal obligations.
- OAuth tokens are retained only while integration is active and are deleted within 7 days after you revoke access or delete your account.
- Derived signage assets (e.g., slide screenshots) are cached to operate the service and are purged when you unlink the source or within 30 days of last use, whichever comes first.
- You may request deletion at any time (see Contact below) or revoke Google access at myaccount.google.com/permissions.
7) Your Rights & Choices
- Access, correct, delete: you may request access to, correction of, or deletion of your personal data.
- Portability: request a copy of certain data in a portable format.
- Revoke Google access: visit myaccount.google.com/permissions.
- California (CCPA/CPRA): California residents may exercise the rights to know, correct, delete, and opt-out of sale/share (we do not sell/share), and to limit use of sensitive personal information. You will not be discriminated against for exercising rights.
- EEA/UK (GDPR): where applicable, we rely on lawful bases such as contract, legitimate interests, and consent. You may object or withdraw consent where we rely on consent.
To exercise rights, contact us (see Contact below). We may verify your request consistent with applicable law.
For EEA/UK users, EZ Plus is the data controller for personal data collected via our websites and apps (unless we act as a processor on behalf of your organization, such as a school or district). For school deployments, please direct student data requests to the educational institution; we will support the institution in responding.
8) Children, Schools & Student Data
Our Services are intended for use by organizations (e.g., schools, districts, businesses) and are not directed to children under 13. When used by educational institutions, we act as a service provider/processor under the institution’s direction. We do not use student personal information for advertising or create student profiles unrelated to providing the Services.
10) International Data Transfers
We operate in the United States. If you access the Services from other regions, your information may be transferred to and processed in the U.S. Where required, we use appropriate safeguards (e.g., standard contractual clauses) for cross-border transfers.
11) Changes to this Policy
We may update this Policy from time to time. The “Effective” date above reflects the latest version. If changes materially affect your rights, we will provide additional notice.
12) Contact
Email: behrang@eztv.plus
Location: EZTV, San Francisco, CA 94109, USA.