social-pinpoint-logo
Book a Free Demo

Privacy Policy

Last updated: January 2026

1. Introduction

1.1 This Privacy Policy applies to the entities listed here: Social Pinpoint Entities (together, “Social Pinpoint”, “we”, “us” or “our”).

1.2 This Privacy Policy sets out how we collect, use, protect, disclose and maintain your Personal Information (also known as ‘Personal Data’) when you interact with or use:

  • (a) one of our websites;
  • (b) one of our online software applications (such as Consultation Manager or Social Pinpoint); or
  • (c) any of our other digital products and services

(together, the Platforms).

1.3 In this Privacy Policy, we use the terms:

  • (a) ‘clients’ to refer to individuals who engage us to provide goods and services;
  • (b) ‘client users’ to refer to individuals who interact with one of our clients via our Platforms;
  • (c) ‘suppliers’ to refer to individuals who provide us with goods or services, and individuals at businesses who provide us with goods or services;
  • (d) ’visitors’ to refer to individuals who engage with us on our websites, or who enquire about our functions, activities or Platforms via electronic means; and
  • (e) ‘applicants’ to refer to individuals who apply for employment or other engagement with us.

1.4 In some circumstances, you may belong to more than one of these groups, and multiple sections of this Privacy Policy will then apply to you. Depending on where you’re located, additional terms in the appendices may also apply to you.

1.5 We will update this Privacy Policy from time to time. The current version will always be available on our website at https://www.socialpinpoint.com/privacy-policy/.

2. What Personal Information do we collect?

2.1 The kinds of Personal Information we collect about you depends on our relationship with you, and we limit the information we collect to what is reasonably necessary for one or more of our functions or activities. Generally, we will collect your name, commentary or opinion about you, and other information relevant to providing you with the information, goods and services (as applicable) you or someone on your behalf are seeking.

2.2 If you are a client, we will also collect your contact details, business name and registration number (for sole traders and partnerships), information about your role, marketing and communications preferences, information related to your Platform interactions with us, feedback you provide to us, your IP address, and other unique ID numbers.

2.3 If you are client user, the type of Personal Information we collect will vary depending on the client you are engaged with. This may include your name, email address, username, profile picture, phone number, IP address, user-agent string, other unique ID numbers, social network account IDs, address or other locational attributes, demographic information (such as your age or gender), information about your preferences or your recorded thoughts, ideas or opinions, as expressed by you. You will need to check the Privacy Policy of the client you are engaged with to confirm what Personal Information is being collected.

2.4 If you are a supplier, we will also collect your contact details, business name and registration number (for sole traders and partnerships), bank account details (for payment of your invoices), and information about your role.

2.5 If you are a visitor, we will also collect your email address, information about your use of our website and the device you are using (including numbers that identify your device, IP address, geographic location of your IP address and device where that is relevant to the services and information we are providing, cookie information, and user preferences). You may choose to enable or disable information you share with us via the website in your browser or device settings. Disabling the sharing of some information may affect your ability to use certain features of the website, and your visitor experience generally.

2.6 If you are an applicant, depending on your potential or actual position with us, we will also generally collect your Personal Information contained within an application and CV/resume, employment history, Personal Information derived from a reference, Personal Information derived from an interview, Personal Information derived through testing (including psychometric or aptitude testing, as applicable), licences and other certificates and qualifications, and information included in a passport, birth certificate, visa or other documentation demonstrating your right to work for us.

2.7 We support your ability to make decisions about the Personal Information you provide to us, however if you choose not to provide us with the information requested, or it’s incomplete or inaccurate, we may not be able to provide you with the information, goods, and services you are seeking. If you are an applicant, refusal to provide Personal Information may mean we are unable to process your application.

2.8 We do not generally collect Sensitive Information (also known as Sensitive Data or Special Categories of Data in some jurisdictions) about individuals except in the case of where one of our clients stores Sensitive Information of client users on our Platforms. If you are a client user, we encourage you to review the Privacy Policy of the client with whom you are engaged to confirm what Personal Information is being collected.

3. How we collect your Personal Information

3.1 We will generally collect Personal Information directly from you when you interact with us, such as in person, by email, by phone, by enquiry or feedback form, or via our Platforms, social media channels, interviews (via any method), any of our standard forms (including application forms), contract negotiation, our employment and engagement application process, when you participate in our surveys, marketing, profiling, product development or research campaigns (where applicable), or any other means when you provide us with your Personal Information.

3.2 We may also need to collect Personal Information about you from third parties from time to time where it is necessary for us to do so and it is unreasonable or impractical to collect directly from you, where you have consented to us doing so, or where we are otherwise required to or authorised to by law. Those third parties include:

  • (a) if you are client user: from the client with whom you are engaged;
  • (b) if you are a client or supplier: publicly available records such as company registration databases (in Australia: the Australian Securities Investment Commission, and Australian Business Register);
  • (c) if you are a visitor: technology service providers and social media platforms;
  • (d) if you are an applicant: referees when they provide references, academic institutions or training and certification providers, providers of licence and background-checking services, recruiters and other service providers who assist in the engagement process, and other publicly available sources such as social media platforms

3.3 If you provide us with Personal Information about someone else, you must ensure that you are authorised to disclose that information to us and that, without us taking any further steps required by applicable privacy laws, we may collect, store, use and disclose such information for the purposes described in this Privacy Policy. Where we request you to do so, you must assist us with any requests by the individual to access or update the Personal Information you have collected from them and provided to us.

4. Why do we collect, hold, use and disclose your Personal Information?

4.1 We generally collect, hold, use, and disclose your Personal Information if it is reasonably necessary for or directly related to the performance of our functions and activities, and for:

  • (a) establishing our relationship with you;
  • (b) maintaining and managing our relationship with you, and communicating with you in the ordinary course of that relationship;
  • (c) supplying you with information, goods and services;
  • (d) updating your Personal Information, including destroying or de-identifying it when it is no longer relevant (to the extent applicable);
  • (e) fulfilling our legal requirements, both at law and under our contractual arrangements with you;
  • (f) analysing our goods and services, and client and supplier needs with a view to developing new or improved goods, services, and business operations;
  • (g) conducting market research and monitoring use of our goods and services;
  • (h) contacting you to ask for your feedback or a testimonial;
  • (i) if you are a supplier: purchasing goods or services from you, and enquiring about your products and services;
  • (j) if you are a visitor, client, or client user: streamlining and personalising your experience within our Platforms, and tailoring our information, goods and services for you; and
  • (k) if you are an applicant: considering your application with us.
  • (l) to provide you with information about other goods and services that we or our related entities and other affiliated organisations offer that may be of interest to you. You may unsubscribe from our mailing/marketing lists at any time by using the unsubscribe feature on any emails we send, or otherwise by contacting us in writing. We do not use your Sensitive Information for direct marketing purposes;
  • (m) to de-identify and aggregate Personal Information about you and your use of our goods and services to improve the quality of our goods and services, and for research purposes. After we delete Personal Information, we may retain de-identified and anonymised information (that can no longer be associated with you) and may continue to use this de-identified data indefinitely without further notice to you; and
  • (n) for any other purpose identified at the time of collection.

4.2 If you provide us with information directly, we may use that information to make offers or invite you to participate in events or trade promotions which we think could be of interest to you. That information may be used in an aggregate form to help improve our Products and Services.

4.3 We may use or disclose Personal Information for secondary purposes where it would be reasonable to expect us to do so, and that secondary purpose is related (or directly related in the case of Sensitive Information) to the primary purpose set out above.

5. Who do we disclose Personal Information to?

5.1 We generally disclose your Personal Information for the purposes for which it was collected. We may disclose Personal Information about you to:

  • (a) our related entities;
  • (b) our employees, contractors, consultants and other parties who require the information to assist us with the purposes for which it was collected, and with establishing, maintaining or terminating our relationship with you
  • (c) government departments and agencies where required by law;
  • (d) third parties to whom you have agreed we may disclose your information and where the information was collected from you (or from a third party on your behalf) for the purposes of passing it onto the third party where you consent to us; and
  • (e) any other entity as otherwise required or authorised by law, including regulatory bodies.

5.2 We may also disclose your Personal Information third party service providers who assist us in operating our business and providing information, resources, goods and services to you or someone else on your behalf (including insurers, IT and technology service providers, recruitment providers, and professional advisers such as lawyers, accountants, and auditors). For more information, please see the ‘Third party service providers / Subprocessors’ section of this Privacy Policy.

5.3 We may expand or reduce our business, and this may involve the sale and/or transfer of control of all or part of our business. Personal Information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided.

6. Overseas Disclosure

6.1 We are assisted by a variety of external service providers to operate our business and to provide you or someone else on your behalf with the information and services sought. Some of these service providers may be located overseas from where you are located.

6.2 We take reasonable steps to ensure that overseas recipients handle Personal Information in a manner consistent with applicable privacy laws. Please see the relevant appendix for your jurisdiction for additional information about overseas transfers.

7. Security

7.1 We store Personal Information:

  • (a) contained in paper based and other hard copy documents both at our office and at offsite secure storage facilities; and
  • (b) contained in electronic records, in a controlled and secure environment.

7.2 Those records are only accessible by those persons who require access to the Personal Information for the purposes of carrying out their work on our behalf.

7.3 We take reasonable steps to protect the Personal Information we hold from misuse and loss and from unauthorised access, modification or disclosure.

7.4 We offer use of a secure server with our Platforms so that all supplied information is transmitted via a secure socket layer (SSL) technology and can only be accessed by those persons with special access rights. We keep any passwords within our control confidential but are not responsible for any misuse or loss of, or unauthorised access to, Personal Information where the security of information is not within our control.

7.5 We will take reasonable steps to destroy or de-identify Personal Information when our legal obligations to retain the information have expired and the information is no longer needed by us. For the avoidance of doubt, we may reasonably consider that information is still required by us in order to recommence providing our Products and Services.

8. Third Party Websites

8.1 Our Sites may contain links to websites owned or operated by third parties, including websites owned or operated by our related bodies corporate or affiliated companies. In addition, other websites may also link to our Sites.

8.2 We take no responsibility for the privacy practices, content or policies of third party websites, or any contractual or legal obligations of the operators of third party websites. These third party websites may contain their own privacy policies and their owners or operators are responsible for informing you about their security and privacy practices. We recommend that you thoroughly read the privacy policies of these third-party websites.

9. Cookies, pixels and web beacons

9.1 Our Platforms use cookies, pixels and web beacons (Tracking Tools), including through the use of third-party service providers.

9.2 Cookies are small data files placed on your machine or device which lets our digital service store information. Cookies are not executable programs and cannot do anything to your computer.

9.3 A pixel or web beacon is a transparent graphic embedded in a web page or email that collects data about user interactions and behaviour. Pixels are often used for remarketing (that is, serving targeted ads on social media platforms or other websites).

9.4 The main purpose of cookies is to identify users to create a personal record of when that user visits our websites and to prepare customised web pages for them so that we may provide our services more effectively. We may also use cookies to monitor the use of our websites and digital services, like the numbers and frequency of visitors to our websites, to help us improve our services and identify any problems that need fixing. If you choose not to accept cookies from our websites, you will not be able to maintain a session-based interaction and will be treated as an anonymous browser.

9.5 Our websites also use a number of third-party services that utilise Tracking Tools. Use of your Personal Information by these third parties is also subject to their own privacy policies. For details on how each provider uses information collected through Tracking Tools, please refer to their respective websites. The third party services we use include:

  • (a) Google ReCaptcha for spam prevention;
  • (b) HubSpot for audience measurement and website functionality;
  • (c) Gainsight for audience measurement, product usage metrics and functionality;
  • (d) Loggly for session tracking;
  • (e) Microsoft Azure for session tracking;
  • (f) ZoomInfo for audience measurement and visitor tracking;

9.6 The information that is disclosed in relation to Tracking Tools is:

  • (a) information about your use of our website, your IP address, browser type, ISP, and referring/exit pages;
  • (b) pseudonymous identifiers such as cookie, browser and session IDs
  • (c) session metrics such as your session start time, duration, pages per session and engagement time; and
  • (d) user experience metrics such as mouse movements, clicks and scroll behaviour.

9.7 If you are a client user, the types of Tracking Tools deployed and the information that is disclosed in relation to those Tracking Tools may vary depending on how the relevant client has configured the Tracking Tools. We encourage you to check the Privacy Policy of the client you are engaged with to confirm how your Personal Information is collected via Tracking Tools.

9.8 Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our websites. You may also adjust your browser settings or use browser extensions to block other Tracking Tools. However, please note that if you do this, you may not be able to use the full functionality of our websites.

10. Complaints

10.1 Complaints about our Privacy Policy or the way we handle your Personal Information should first be directed to us. If you have a complaint, please contact the entity with whom you are engaged via the relevant contact details in paragraph 1 of this Privacy Policy.

10.2 We will investigate and attempt to resolve your complaint in accordance with applicable privacy laws. We will acknowledge receipt of your complaint and provide a written response within a reasonable timeframe.

10.3 If you are not satisfied with the outcome of our investigation, you may contact the relevant privacy regulator in your jurisdiction. For information about how to contact your privacy regulator, please see the appendices.

11. Contact Details

11.1 If you require any further information or have any queries regarding our Privacy Policy, please contact us via the contact details relevant to the entity with whom you are engaged (as set out in paragraph 1 of this Privacy Policy.

Appendix 1 – Australia and New Zealand

This appendix applies to individuals subject to Australian or New Zealand privacy laws. The information in this appendix supplements the main Privacy Policy.

12. Accessing or correcting your Personal Information

12.1 You may access the Personal Information we hold about you, subject to certain exceptions. If you wish to access your Personal Information, please contact us via the contact details in the main body of the Privacy Policy.

12.2 There are no charges for requesting access to or the correction of your Personal Information, however we reserve our rights to charge you any reasonable administration fees associated with your request. We will notify you in advance of any applicable fees.

12.3 We endeavour to respond to those requests within 30 days, but will otherwise respond within a reasonable period. We may decline a request for access to Personal Information in circumstances prescribed by the Australian or New Zealand Privacy Acts (as applicable). If we decline a request for access, where reasonable, we will provide you our reasons and information about your ability to complain about such refusal.

12.4 If you are a client user, we may not be able to provide you with the requested information and in those circumstances will recommend that you contact the client who has engaged you.

12.5 In order to protect the confidentiality of your Personal Information, details of your information will only ever be passed on to you where we are satisfied that the information relates to you. Accordingly, we may request documentation from you which confirms your identity before passing on any Personal Information which relates to you.

12.6 If you believe the information we hold about you is incomplete, not up to date, or is inaccurate, please advise us as soon as practicable. We will take reasonable steps to correct the information if we agree that it is incomplete, out of date, or inaccurate. We will strive to process any request within 30 days.

13. Privacy Regulators

13.1 If you are not satisfied with our response to your complaint, you may contact the OAIC (Australia) or OPC (New Zealand) using the details below:

Office of the Australian Information Commissioner (OAIC)

  • Address: GPO Box 5288, Sydney NSW 2001
  • Phone: 1300 363 992
  • Email: enquiries@oaic.gov.au
  • Website: www.oaic.gov.au

Office of the Privacy Commissioner (OPC)

  • Address: PO Box 10094, Wellington 6143
  • Phone: 0800 803 909
  • Email: enquiries@privacy.org.nz
  • Website: www.privacy.org.nz

Appendix 2 – United Kingdom

This appendix applies to individuals subject to the UK GDPR. The information in this appendix supplements the main Privacy Policy.

14. Our commitment to you

14.1 Your Personal Information will:

  • (a) be processed lawfully, fairly, and transparently;
  • (b) only be collected for the specific purposes we have identified in the Privacy Policy, and Personal Information will not be further processed in a manner that is incompatible with the purposes we have identified;
  • (c) be collected in a way that is adequate, relevant and limited to what is necessary in relation to the purpose for which the Personal Information is processed;
  • (d) be kept up to date, where it is possible and within our control to do so (please let us know if you would like us to rectify any of your Personal Information);
  • (e) be kept in a form which permits us to identify you, but only for so long as necessary for the purposes for which the Personal Information was collected or required by an applicable controller; and
  • (f) be processed securely and in a way that protects against unauthorised or unlawful processing and against accidental loss, destruction or damage.

15. Data Transfers

15.1 The countries to which we send data for the purposes listed above may not have the same data protection laws as the country in which you initially provided the information. If we transfer your Personal Information to third parties in other countries. If we transfer your Personal Information to third parties in other countries:

  • (a) we will perform those transfers in accordance with the requirements of the UK GDPR (for example, by using the Standard Contractual Clauses as a safeguard); and
  • (b) we will protect the transferred Personal Information in accordance with the Privacy Policy and this Appendix.

15.2 Countries to which we may transfer Personal Information include Australia, the Philippines, Canada and the United States of America.

16. Data Retention

16.1 We retain your Personal Information for as long as necessary to fulfil the purposes for which it was collected. The specific retention period depends on the nature of the Personal Information and the purpose for which it was collected.

16.2 Where we cannot specify an exact retention period, we use the following criteria to determine the period:

  • (a) the duration of our relationship with you;
  • (b) legal, regulatory, tax, accounting or reporting requirements;
  • (c) the purposes for which the information was collected; and
  • (d) whether we need to retain the information to establish, exercise or defend legal claims.

17. Your data rights

17.1 UK residents have certain rights under the UK GDPR, including the right to:

  • (a) request confirmation of whether we process your Personal Information and to access a copy of that information;
  • (b) request any inaccurate Personal Information we hold about you is corrected;
  • (c) in certain circumstances, have your Personal Information erased;
  • (d) restrict processing of your Personal Information;
  • (e) to receive your Personal Information in a structured, commonly used and machine-readable format and transmit it to another controller;
  • (f) to object to processing based on legitimate interests or for direct marketing purposes;
  • (g) to withdraw consent at any time where processing is based on consent;
  • (h) to not to be subject to automated decision-making, including profiling, where it produces legal or similarly significant effects.

17.2 To exercise any of your rights, please contact us using the relevant details provided in this Privacy Policy. We will endeavour to respond to your request or inquiry within 30 days.

18. Representative

18.1 We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions: United Kingdom (UK)

18.2 Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://app.prighter.com/portal/11827582238.

19. Privacy regulator

19.1 If you are not satisfied with our response to your complaint, you can get in contact with the relevant privacy regulator using the details below.
Information Commissioner’s Office (ICO)

  • Website: https://ico.org.uk/make-a-complaint/
  • Phone: 0303 123 1113
  • Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Appendix 3 – United States

This appendix applies to individuals subject to U.S. privacy laws. The information in this appendix supplements the main Privacy Policy.

20. Your data rights

20.1 Depending on your state of residence, you may have the right to:

  • (a) request disclosure of the Personal Information we collect, use, and disclose about you;
  • (b) request a copy of the Personal Information we hold about you;
  • (c) request correction of inaccurate Personal Information;
  • (d) request deletion of your Personal Information;
  • (e) opt out of the sale of your Personal Information or its use for targeted advertising (where applicable);
  • (f) opt out of profiling in furtherance of decisions that produce legal or similarly significant effects;
  • (g) receive your Personal Information in a portable data format; and
  • (h) not be discriminated against for exercising your rights.

20.2 To exercise any of the above rights, please contact us using the details provided in this Privacy Policy and provide sufficient information to allow us to verify your identity.

20.3 We will respond to your request within 45 days (which may be extended by a further 45 days where necessary). You may designate an authorised agent to make requests on your behalf, provided you give that agent written permission and the agent can verify their identity and authority.

20.4 If we decline to take action on your request, you may appeal our decision by contacting us using the details in this Privacy Policy and providing details of your concerns. We will respond to your appeal within 45 days.

21. State-Specific Information

21.1 Your rights and our obligations may vary depending on your state of residence. For state-specific information, please contact your state’s Attorney General’s office or consumer protection agency.

Appendix 4 – Canada

This appendix applies to individuals subject to Canadian privacy laws. The information in this appendix supplements the main Privacy Policy.

22. Your data rights

22.1 You have the right to:

  • (a) access your Personal Information and obtain information about how it is used and disclosed, and to whom it has been disclosed;
  • (b) challenge the accuracy and completeness of your Personal Information and have it amended as appropriate;
  • (c) withdraw consent for the use and disclosure of your Personal Information;
  • (d) make a complaint about our handling of your Personal Information.

22.2 Individuals in Quebec have the following additional rights:

  • (a) You have the right to receive your Personal Information in a structured, commonly used technological format, unless this raises serious practical difficulties. We will communicate this information to you within 30 days of your request.
  • (b) You have the right to have your Personal Information de-indexed if the dissemination of the information contravenes the law or a court order

22.3 To exercise these rights, please follow the procedures set out in the main Privacy Policy.

23. Privacy Regulator

23.1 If you are not satisfied with our response to your complaint, please contact the relevant privacy regulator:

Alberta residents:

Office of the Information and Privacy Commissioner of Alberta (OIPC)

  • Address: 410-9925 109 Street NW, Edmonton, AB T5K 2J8
  • Phone: 780-422-6860
  • Email: generalinfo@oipc.ab.ca
  • Website: www.oipc.ab.ca

British Columbia residents:

  • Address: 4th Floor, 947 Fort Street, Victoria, BC V8V 3K3
  • Phone: 250-387-5629
  • Email: info@oipc.bc.ca
  • Website: www.oipc.bc.ca

Quebec residents:

Commission d’accès à l’information du Québec (CAI)

  • Address: 2045 Stanley Street, Suite 900, Montreal, QC H3A 2Y4
  • Phone: 1-888-528-7741
  • Email: renseignements@cai.gouv.qc.ca
  • Website: www.cai.gouv.qc.ca

Other provinces:

Office of the Privacy Commissioner of Canada

  • Address: 30 Victoria Street, Gatineau, Quebec K1A 1H3
  • Phone: 819-994-5444
  • Website: www.priv.gc.ca

Appendix 5 – Social Pinpoint Entities

Australia

MySite Design Pty Ltd

  • ACN: 104 027 812
  • Address: Level 5, 12 Commercial Road, NEWSTEAD QLD 4006 AUSTRALIA
  • Attention: Privacy Officer
    Email: privacy@socialpinpoint.com
  • Phone: 1300 690 150
  • Website: https://www.socialpinpoint.com

Social Pinpoint Pty Ltd

  • ACN: 164 471 425
  • Address: Level 5, 12 Commercial Road, NEWSTEAD QLD 4006 AUSTRALIA
  • Attention: Privacy Officer
  • Email: privacy@socialpinpoint.com
  • Phone: 1300 690 150
  • Website: https://www.socialpinpoint.com

SPP HoldCo Pty Ltd

  • ACN: 673 030 870
  • Address: Level 5, 12 Commercial Road, NEWSTEAD QLD 4006 AUSTRALIA
  • Attention: Privacy Officer
  • Email: privacy@socialpinpoint.com
  • Phone: 1300 690 150
  • Website: https://www.socialpinpoint.com

New Zealand

MySite Design Pty Ltd

  • ACN: 104 027 812
  • Address: Level 5, 12 Commercial Road, NEWSTEAD QLD 4006 AUSTRALIA
  • Attention: Privacy Officer
  • Email: privacy@socialpinpoint.com
  • Phone: 0800 141 480
  • Website: https://www.socialpinpoint.com

Social Pinpoint Pty Ltd

  • ACN: 164 471 425
  • Address: Level 5, 12 Commercial Road, NEWSTEAD QLD 4006 AUSTRALIA
  • Attention: Privacy Officer
  • Email: privacy@socialpinpoint.com
  • Phone: 0800 141 480
  • Website: https://www.socialpinpoint.com

United Kingdom

MySite Design Pty Ltd

  • ACN: 104 027 812
  • Address: Level 5, 12 Commercial Road, NEWSTEAD QLD 4006 AUSTRALIA
  • UK GDPR representative details:
    • Attention: Prighter Ltd (UK)
    • Address: 20 Mortlake High Street, London SW14 8JN UNITED KINGDOM
    • Website: https://app.prighter.com/portal/11827582238

Social Pinpoint Pty Ltd

  • ACN: 164 471 425
  • Address: Level 5, 12 Commercial Road, NEWSTEAD QLD 4006 AUSTRALIA
  • UK GDPR representative details:
    • Attention: Prighter Ltd (UK)
    • Address: 20 Mortlake High Street, London SW14 8JN UNITED KINGDOM
    • Website: https://app.prighter.com/portal/11827582238

United States

Social Pinpoint Inc.

  • FEIN: 37-1864317
  • Address: Suite B-2 2035 Sunset Lake Road, Newark, 19702, DE County of New Castle, UNITED STATES
  • Attention: Privacy Officer
  • Email: privacy@socialpinpoint.com
  • Phone: 888 328 9611
  • Website: https://www.socialpinpoint.com

Canada

Social Pinpoint Software Inc.

  • BN: 887316438
  • Address: 1006 – 1166 Alberni Street, Vancouver, BC V6E 3Z3
  • Attention: Privacy Officer
  • Email: privacy@socialpinpoint.com
  • Phone: 888 328 9611
  • Website: https://www.socialpinpoint.com

Appendix 6 – Third-party service providers / Subprocessors

Consultation Manager software application third-party service providers / subprocessors:

Microsoft Azure

  • Purpose: Hosting & Infrastructure
  • Applicable Service: Used as an on-demand cloud computing platform and APIs
  • Region: Australia / USA / EU / Canada (depending on the client’s location)
  • Categories of data: All data related to the running and operating of the application is stored and processed. Clients are hosted in their local geographic region or otherwise in the closest region with an available data centre.

Mapbox

  • Purpose: Geolocation and maps
  • Applicable Service: Used for searching places and displaying maps
  • Region: USA
  • Categories of data: IP address, device and browser information, operating system.

Google Maps

  • Purpose: Geolocation and maps
  • Applicable Service: Used for searching places and displaying maps
  • Region: USA
  • Categories of data: Google Places collects a range of information related to any interaction the application and device has with the service, including IP addresses.

Google Analytics

  • Purpose: Analytics
  • Applicable Service: Used for usage analytics of the platform
  • Region: USA
  • Categories of data: IP address, device and browser information, operating system.

Loggly

  • Purpose: Application logging
  • Applicable Service: Log service
  • Region: USA
  • Categories of data: IP address, device and browser information, operating system.

Raygun

  • Purpose: Application error monitoring
  • Applicable Service: Error reporting
  • Region: USA
  • Categories of data: IP address, device and browser information, operating system.

SendGrid

  • Purpose: Cloud-based email delivery services
  • Applicable Service: Used to send all email notifications generated by Consultation Manager and to track key analytics
  • Region: USA
  • Categories of data: Email addresses and metadata.

Twilio

  • Purpose: SMS
  • Applicable Service: Used to send SMS generated from Consultation Manager and track key analytics
  • Region: USA
  • Categories of data: Phone numbers, message content.

Gainsight

  • Purpose: Analytics
  • Applicable Service: Gainsight PX is used to gather product usage analytics and feedback
  • Region: USA
  • Categories of data: IP address, device and browser information, operating system, name, email address, and user interactions.

 

Social Pinpoint software application third-party service providers / subprocessors:

In this section, “Site Content” means any information that a Client may publish on a website built using the Social Pinpoint platform. Social Pinpoint does not have any control over Site Content.

Amazon Web Services (AWS)

  • Purpose: Hosting & Infrastructure
  • Applicable Service: Used as an on-demand cloud computing platform and APIs
  • Region: Australia / USA / EU / Canada (depending on the client’s location)
  • Categories of data: All data related to the running and operating of the application is stored and processed.

Cloudflare

  • Purpose: Content Delivery Network and Security
    Applicable Service: Cloudflare DNS, CDN and DDoS
  • Region: Global (depending on the client’s location and client user’s location)
  • Categories of data: All data related to the running and operating of the application is transferred through Cloudflare.

New Media Services

  • Purpose: Content moderation
  • Applicable Service: 24/7 screening of all public comments and images submitted by End Users
  • Region: Philippines
  • Categories of data: Public comments posted by Client Users may inadvertently contain Personal Information such as the Client User’s name.

SendGrid

  • Purpose: Cloud-based email delivery services
  • Applicable Service: Used to send all email notifications generated by Social Pinpoint and track key analytics
  • Region: USA
  • Categories of data: Email addresses and metadata.

NewRelic

  • Purpose: Application logging and debugging
  • Applicable Service: Logging, error monitoring and alerting across the back-end of the client application
  • Region: USA
  • Categories of data: IP address, device and browser information, operating system.

Google Maps

  • Purpose: Geolocation and maps
  • Applicable Service: Used for searching places and displaying maps
  • Region: USA
  • Categories of data: Information related to interactions between the application and device, including IP address, location data, interaction data, user input, and cross-service data.

Mapbox

  • Purpose: Geolocation and maps
  • Applicable Service: Used for searching places and displaying maps
  • Region: USA
  • Categories of data: IP address, device and browser information, operating system.

Google reCAPTCHA

  • Purpose: Form submission spam prevention
  • Applicable Service: Used for engagement tools and registration form spam prevention
  • Region: USA
  • Categories of data: Browser and device information, user behavioural data such as mouse movements and interaction with reCAPTCHA widgets.

Auth0

  • Purpose: Identity Management (SSO / MFA)
  • Applicable Service: Used to deliver Single Sign-On and MFA for Client User accounts
  • Region: Australia / USA / EU / Canada (depending on the client’s location)
  • Categories of data: Name, email, IP address (of login).

Amazon Web Services (AWS) – Amazon Comprehend

  • Purpose: Natural Language Processing (NLP)
  • Applicable Service: Used to analyse open-ended responses in participation tools, detecting sentiment, key phrases, named entities and language
  • Region: Australia / USA / EU / Canada (depending on the client’s location)
  • Categories of data: Recorded thoughts, ideas, opinions.

Google Translation

  • Purpose: Content translation
  • Applicable Service: Automatic content detection and translation storage and delivery
  • Region: USA
  • Categories of data: Site Content.

Azure Language Services

  • Purpose: Content translation
  • Applicable Service: Automatic content detection and translation storage and delivery
  • Region: USA
  • Categories of data: Site Content.

ModernMT

  • Purpose: Content translation
  • Applicable Service: Automatic content detection and translation storage and delivery
  • Region: USA
  • Categories of data: Site Content.

Gainsight

  • Purpose: Analytics
  • Applicable Service: Gainsight PX used to gather product usage analytics and feedback
  • Region: USA
  • Categories of data: Name, email address, IP address, device and user analytics, including browser, operating system and interactions.

 

Other third-party service providers / subprocessors:

HubSpot

  • Purpose: CRM
  • Applicable Service: Customer relationship management
  • Region: USA
  • Categories of data: Client account and user information, names, phone number, email address, and communications.

Microsoft

  • Purpose: Productivity tools
  • Applicable Service: Office 365
  • Region: Australia / USA / Canada
  • Categories of data: Email communications and documents/attachments sent to and from clients.

Brisca

  • Purpose: Finance and payments
  • Applicable Service: Accounts Receivable / Accounts Payable
  • Region: Sri Lanka
  • Categories of data: Client finance contact information.

Chorus

  • Purpose: Meeting analytics
  • Applicable Service: Call recording
  • Region: USA
  • Categories of data: Client contact information.

Xero

  • Purpose: Finance
  • Applicable Service: Accounting
  • Region: Australia
  • Categories of data: Client finance contact information.