Privacy Policy

Munch Content Platform LTD (‘We’ or ‘Munch’) values your privacy and wishes to let you know how it handles and processes personal data.

This Privacy Policy (“Privacy Policy”) is an integral part of our Terms of Use and governs the collection, processing, use, and transfer of personal data by us, from our business clients who engage with our Services and their personnel (“you” or “End User”).

What does Munch do?

Munch provides high-end video content editing technology solutions, powered by AI. We provide our solutions to individuals as well as to Business Clients (‘’The Services’’). The Services allow our Business Clients to provide their personnel with access to our Services, making them our End Users. Individuals who independently enroll to our Services (self-served users) or otherwise use our website at getmunch.com are also considered as End Users.

As an End User, you might need to register with your personal or work e-mail or account before starting to use our Services and uploading your desired content.

Acceptance of terms

This Policy is a legally binding agreement between you and Munch. If you are entering into this agreement on behalf of a business or other legal entity, you represent that you have the authority to bind such entity to this agreement.

We may change this Privacy Policy at any time and from time to time. Any such change will be effective as of the date it is posted on this page. Your continued use of the Website after the effective date of any changes to this Privacy Policy, will be deemed to constitute your acceptance of all such changes.

Children

The Services are not directed to individuals under 18. Munch does not knowingly collect or process personal data from individuals under the age of 18, and we do not assume or have control over the content uploaded by You.

If you are holding parental responsibility over an individual under 18 and believe your child has provided personal data to Munch, please contact us or the relevant Business Client directly.

What kind of personal data we collect?

End users:
End User registration – work e-mail and log-in credentials. If you log in using Google or Facebook log in features, we may receive your public avatar from Google or Meta, which may include your profile name, picture, e-mail, and other platform data (see further information below under ‘External Websites’).
Payment, Billing & Plan upgrade – CC information (we only store the last 4 digits and cardholder name).
Social media integrations – Links to your social media profiles, as submitted, where those are personal, and the related analytics received from each social media platform regarding the videos uploaded.
Contact us/ Support – e-mail address, geolocation (by IP address), device type, browser type and your request.
Log data, usage data, and meta-data, such as: system logs (user creation, requests, user updates and login status), IP address, operating system, user/device id, geographic location and type of device used, your activities on our Platform – e.g., actions you have made on your content, features used, errors you have encountered, etc. See more information about ‘Cookies’ below.
Publicly available information – We may collect and process personal data about you from publicly available sources, such as social media platforms, online directories, websites, and blogs. This may include your name, contact information, professional details, interests, and social media activities. We process such information for purposes such as personalizing our services, communicating with you about relevant offerings, and protecting our legal interests.

Business Clients: When engaging with us, we collect your representatives contact details – such as your name, position, telephone, and e-mail address.
Affiliate program: we will collect your name, e-mail address, payment and billing information (PayPal account/ bank details), traffic and lead gen, sales information and commission earnings. We will also infer from your publicly available information, such as your social media profile regarding your lead generation potential.

You do not have to provide any of the above-mentioned personal data, and you have no legal obligation to do so. That being said, without it, we will not be able to provide our Services, in part or in full.

How do we collect personal data?

We collect the personal data at registration, throughout your use of the Services, and any time you communicate with us. We collect such personal data either as Data Controllers or as Data Processors –

If you are operating on behalf of our Business client, processing of your personal data is subject to our Data Processing Agreement, and we are Data Processors. Please refer to the relevant business client directly, as they are your data controllers, to receive more information.

How do we use the personal data collected?

We use the personal data to provide the Services to our Business Clients and End Users.

As Data Controllers - We collect, use, and process the personal data provided to establish and manage our relations with you and your related business or interest. We shall further process personal data for:

Providing and administrating the Website & Services – As necessary for the performance of our Website and Services per our contract and agreements.
Customizing and Improving the Website & the Services – Per our legitimate interests. We process personal data to streamline processes, improve loading times, and adapt the interface for different devices and browsers. We also use data to better understand general usage patterns, which aids in decision-making regarding future service development.
Monitoring and Detecting Usage Errors and Bugs – Per our legitimate interests. We analyze usage data and logs to identify technical issues or difficulties in using the platform. When we identify that a user is experiencing difficulties, or a general bug is found, we may analyze users activity to understand the problem and provide a solution.
Payment and billing purposes – As necessary for the performance of our contract and agreements.
To communicate with you and manage user communication - As necessary for the performance of our contract and agreements.
To enforce our terms, conditions, and policies - As necessary for the performance of our contract and agreements.
For analytical purposes – Per our legitimate interests.
Marketing our Website, Services or customizing offers to you - Per our legitimate interests, and where required by applicable law, based on your consent.
To detect and manage abuse or illegal activity – per our legitimate purposes.

As Data Processors - We collect, use, and process the personal data you provide through our Platform and Services. This Personal data provided by You, on behalf of our Business Client, is processed as instructed, according to our Data Processing Agreement. In this Case, we are the Processors of the personal data, and our business Client is the Controller of the Personal Data.

We may also process personal data for other legitimate purposes:

For legal compliance purposes, such as compliance with applicable law, complying with regulatory instructions, or legal defense.
To improve our services and future products, In a way which will not identify you directly, as anonymous, or aggregative personal data, per our legitimate interests.

External Websites
The Website and some of the services therein include links to external sites and services provided by external sites (e.g., links to social media platforms, log-in via Google or Facebook, and using publishing features via the available integrations to social media platforms). We are not responsible or liable for the practices employed by external Websites linked to or from our Website nor the information or content contained therein. When you use a link to go from our Website to an external Website, our Privacy Policy is no longer in effect, and you are bound by the terms of use and privacy policy of the external site – meaning, your browsing and interaction on any external Websites, including Internet sites which have a link on our Website, is subject to that external Website's own rules and policies.

For example, our Services include integration with YouTube API, allowing you to publish directly to YouTube. By doing so, we may access data, content (including audiovisual content) and information provided us through the YouTube API services –

according YouTube’s terms of use - https://www.youtube.com/t/terms, and privacy policy - http://www.google.com/policies/privacy. You may revoke the access as explained here - https://security.google.com/settings/security/permissions.

Retention

We shall retain your personal data for the period consistent with the purpose of the collection, as instructed by our Business Client, and as required to provide with the Services.

We may also retain your personal data for the time needed to pursue our individual purposes under our legitimate interests, as described above.

Sharing of personal data collected

WE DO NOT SELL or lease your personal data to third parties for their marketing purposes, nor we have done so in the past 12 months. We may share personal data, as follows:

For legal reasons

We may share your personal data if we reasonably believe that:

It is necessary to comply with a legal process or inquiry (such as a court order, subpoena, or search warrant) or any other legal requirements of any governmental authority;
(ii)It would potentially mitigate our liability in an actual or potential lawsuit;
(iii)It is necessary to investigate and prevent unauthorized transactions or other illegal activities; and/or;

With Service providers

We use a limited number of third-party service providers, who act as our sub-processors, to assist us in making our Services available. We may share data with third parties who provide services to us, as follows: data storage services (cloud services), Payment Processing Services, CRM services, Cloud-based Image and Video Management Services, E-mail and other online automation services, Analytics services. These third parties may access, process or store personal data while providing their services to us.

With Affiliates and Partners

We may share personal data that will not identify you personally, such as personal data collected through, statistical personal data, aggregated personal data, etc., with our affiliates, subsidiaries, parent companies, partners or other affiliates of us, for business purposes.

Due to Restructuring

We may also share your personal data in cases of merger, acquisition, or any other kind of control shifts at Munch. In such cases, the said entity shall undertake the provisions of this Privacy Policy

International Transfers

We may transfer, store, and process personal data about you on servers and databases located outside of your country of residence, which could have different data protection rules than those of your country of resident or the country in which you were located when you initially provided the personal data.

If you do not want your personal data transferred to Israel, U.S., or EU, please do not submit any personal data. When we transfer personal data on EU individuals outside the EEA, we conform with applicable regulations.

How do We keep personal data secure?

We use security measures designed to protect against the loss, misuse, and alteration of the personal data under our control. For certain services, data transfers are encrypted during transmission. In addition, information that we store is maintained and archived on secure, hardened servers that are hosted on industry standard secured data centers. Access to this information is protected by multiple layers of controls, including firewalls, role-based access controls, authentication mechanisms and monitoring. The information is backed up, and archives are stored in a secure location. Munch is taking reasonable action to keep your information safe. Nevertheless, Munch is not responsible for any damages to the information, or to the functionality of the Platform, caused by reasons beyond its control, force majeure, cyber-attacks, pandemics, strikes, etc.

Your Data Subject Rights

We are committed to protecting your privacy rights and ensuring transparency in how we handle your Personal Data.

You have the right to control your personal data, including the right to request its deletion. Additional rights may be available to you depending on your jurisdiction, including under the General Data Protection Regulation (GDPR) for individuals in the European Economic:

Access: Request information about what Personal Data we collect and how we use it.
Correction: Request updates or corrections to inaccurate Personal Data.
Data Portability: Receive your Personal Data in a structured, commonly used format.
Restriction: Limit how we process your Personal Data.
Objection: Object to the processing of your Personal Data.
Opt-out: Withdraw consent for processing where applicable.
Deletion: Request the deletion of your Personal Data, including data associated with social media platform integrations.

How to Exercise Your Rights:

Send your request to our privacy team at privacy@getmunch.com.
Please specify "Data Subject __________ Request" in the subject and fill in the specific right to be fulfilled (for example, "Data subject Deletion Request" for deletion requests).
Within the e-mail, specify your request and mention your account email address used for log-in to the account.

Please note, If you are operating on behalf of our business client, it is advised to direct your request to them. If not, we may forward your request to the relevant business client for their review and instructions.

Response Timeline: We will do our best to respond to any inquiry within a reasonable timeframe, and in any case no longer than 30 days.

Additional Information:

We may need to verify your identity before processing your request; When you make a request, we will first have to verify your identity, and only once we have verified and authenticated your identity, we will continue fulfilling your rights. Hence, When a request is made, we may ask for further information to authenticate your identity. Please note that we may decline any unverified request.
Certain legal obligations may prevent us from fulfilling some requests, or require further retention.
Data that has been previously shared with social media platform services through your use of our integration or log in features will be subject to the related social platform’s data retention policies.
We will never discriminate against you for exercising your privacy rights.

For EEA Residents: Detailed information about your rights under GDPR is available on the European Commission's website: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en

You have the right to lodge a complaint with your local data protection authority if you believe we have not adequately addressed your concerns.

For California Residents: Under CCPA, you have additional rights including:

The right to know what Personal Information we collect and disclose
The right to opt-out of the sale of Personal Information, if a sale occurs. For the avoidance of doubt, we are not selling your personal information.
The right to non-discrimination for exercising your rights

Contact Us: For any privacy-related inquiries or to exercise your rights, please contact our Privacy Team at: Email: privacy@getmunch.com

We use cookies other online identifiers and tools on our Platform and on our Services (together "cookies"). In general, Cookies are small text files sent by a web server to your web browser/app and saved locally on your end-point device.

The cookie allows the server to uniquely identify the browser on each page. These cookies are essential for the performance of the Platform and its various features. Without these cookies, services you have asked for may not be provided.

Our use of cookies consists of:

Essential cookies (e.g., to provide with the Services - We only use essential Cookies for operational purposes.)
Performance/analytical cookies (e.g., to understand how you use our Services)
Marketing cookies (e.g., to provide tailored advertising content based on your interests).

Removal – Some cookies are removed when you close your browser session, other cookies last for longer periods (persistent). You can view the expiry date of each cookie, through your browser settings. We may use cookies to remember your log-in details and make it easier for you to log-in the next time you access the Platform. We use this type of cookies and Session Cookies for additional purposes, to facilitate the use of the Platform's features and tools and to improve the user's experience with our Services.

You can find more information about cookies and other online tracking technologies through the following websites:

https://www.consumer.ftc.gov/articles/0042-online-tracking

http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm

In addition, you can also find additional information on how we use tracking technologies by reading the cookies section on your browser's settings. For example, for those who use Google Chrome, go to Settings; Privacy and security; Content settings; Cookies; see All cookies.

Miscellaneous and Contact

We may use your email address that you provide us, to send you messages about new features, Website/Platform updates, Services updates, etc. Some of the messages sent to your contact information may contain advertising content – You can easily opt-out from getting these messages by clicking the unsubscribe link following any opt-out instructions provided in that message.

Where applicable law requires, messages which contain advertising content, will be sent only after receiving your explicit consent.

Some Web browsers offer a "Do Not Track" ("DNT") signal. A DNT signal is a HTTP header field indicating your preference for tracking your activities on a service or through cross-site user tracking. Our Service and Platform do not respond to DNT signals.

For any other inquiry, please contact us at privacy@getmunch.com. We will do our best to reply within reasonable time.

* * *

This Privacy Policy was last updated in January 2025.

‍