“We” and “us” refer to our company “SOCIALTY.IO LIMITED”, with its registered office at 278 Langham Road, N15 3NP, London, United Kingdom, registered with the Company Registration Number: 11158083.
“You” are the individual or the entity (represented by an individual) that enters into this agreement with us, in order to use the Services.
The Services refer to the Services mentioned and described in our website available at https://sociality.io/tr (the “Website”) provided by us.
As the data controller, We implement appropriate technical and organisational measures to safeguard your rights, freedoms and legitimate interests regarding processing of your personal data and ensure that processing of your personal data is performed in accordance with the GDPR.
1- Legal Basis
We will collect your personal data only if (i) You have given your consent to the processing of your personal data for one or more specific purposes; or (ii) processing is necessary for the performance of a contract with You, or (iii) processing is necessary for compliance with a legal obligation, or (iv) processing is necessary for the purposes of the legitimate interests pursued by the us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.
2- What type of personal data we collect or receive?
As the data controller, We collect personal data of our customers, who subscribed to the Services and users of the Services (users appointed by our corporate customers).
We collect your personal data when You subscribe for the Services, You register an account with us, complete forms on the Website and contact us on a customer service issue.
We may collect (i) your e-mail address and postal address, (ii) contact information, (iii) IP address, (iv) information that You and/or your employees or representatives allow the users to access in your social media pages.
We may also automatically collect and store the information regarding your device and the browser via third parties’ software. In such case, the software will be in compliance with the applicable law. And such third parties that are in a contractual relationship with us will take the appropriate technical and organizational safeguards measures.
The Services is a social media management service; therefore, We may obtain personal data from social media platforms via these platforms’ APIs. The scope of data obtained from these platforms is subject to the type of APIs and the authorizations granted by the social media platforms. You can see details of these API services via:
And you can check these platforms privacy policies with following links:
Also you can revoke our platform’s access to your data with following links:
The Data Processing Agreement annexed to the Terms, which is available at https://sociality.io/terms, must apply where you are the data controller and instruct us to process personal data in connection with the Services.
3- How do we use your personal data?
We use your personal data to provide and administer the Services and more specifically (i) for marketing and sales purposes, (ii) to provide support and customer services to You, when necessary, (iii) to monitor use of the Services, (iv) to send You updates, security alerts and other administrative messages, (v) to make available other offers, products or services, (vi) to make relevant statistics regarding your transactions and to gather commercial statistic and analyses regarding the use of the Services, (vii) to communicate with You, (viii) to fulfil our legal duties and/or governmental authorities’ requests.
We may share your information with third parties to the extent necessary (i) to comply with our legal obligations and requirements of governmental authorities, (ii) to protect the security of our network and (iii) to fulfill our obligations in connection with a merger or acquisition.
We will not subcontract any of our processing operations performed on behalf of You without your written authorization. You agree that this paragraph shall be considered a general written authorization in the meaning of Article 28.2 of the GDPR. We always makes sure that our business partners provide adequate data protection and security safeguards. The sub-processors that are currently engaged by us are as follows:
200OK LLC Profitwell, 109 Kingston St. Floor 4 Left Boston, 02211, MA, US; used for tracking financial performance;
Announcekit by Restpack Inc; 2035 Sunset Lake Road Suite B-2, DE 19702 Newark, DE 19702 United States; used for in-app announcements;
Amazon Web Services, Inc., 410 Terry Avenue, Seattle, WA 98109 (“AWS”); AWS cloud is used to host our platform and Services;
Cloudflare, Inc., located at 101 Townsend St., San Francisco, California 94107 for Web Performance & Security Solution
DigitalOcean, LLC, 101 Avenue of the Americas, 10th Floor New York, NY 10013, Digital Ocean is used to host our platform and Services;
Google Inc., headquartered at 1600 Amphitheatre Parkway Mountain View CA 94043, United States; Google Cloud Platform is used to host our platform and Services;
Hotjar Limited, Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta; used for collecting customer feedbacks and understanding user behaviors;
Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Republic of Ireland; used for outbound messaging and messages measurement, optimization and integrations;
Leadfeeder by Liidio Oy, Mikonkatu 17, 00100 Helsinki, Finland; used for identifying prospects and customers on our website;
Microsoft Corporation Inc., One Microsoft Way, Redmond, WA 98052-6399, United States; Azure Cognitive Services API is used in gathering news;
Sentry.io by Functional Software, Inc., 1 Baker Street Suite 5B San Francisco, CA 94117 United States; used for tracking errors on our website;
Sqreen SAS, a Société par Actions Simplifiée registered in Nanterre, France, under number 812 826 071; used for Web Security Solution
Stripe, Inc., headquartered at 510 Townsend St, San Francisco, CA 94103, used for card payment processing;
The Rocket Science Group LLC d/b/a Mailchimp, 675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308 USA; used to manage e-mail campaigns;
Webhose Ltd, 7 Metsada St. B.S.R Tower 4, POB 195 Bnei Brak 5126112 ISRAEL; Webhose.io API is used in gathering news, blogs and online discussions;
Zapier at Zapier, Inc., 548 Market St. #62411, San Francisco, CA 94104-5401; used for integrating third-party platforms;
4- Data Retention
We will not retain your personal data longer than is necessary for the purposes for which it was processed. Where it is no more necessary to retain your personal data, We will either delete it or make it anonymous.
5- Your rights in connection with your privacy
a. Automated individual decision making
You have the right not to be subject to a decision based solely on automated processing, including profiling, except when it is necessary for entering into, or performance of our agreement (the Terms) or the Services or is authorised by the applicable law to which We are subject.
b. Your right of access
You have the right to request us confirmation as to whether or not your personal data is being processed. If your personal data is processed, You will have access to your personal data and the following information: (i) the purposes of the processing, (ii) the categories of your personal data, (iii) the recipients or categories of recipient to whom your personal data have been or will be disclosed, (iv) where possible, the envisaged period for which your personal data will be stored, or, if not possible, the criteria used to determine that period, (v) the existence of the right to request us rectification or erasure of your personal data, (vi) your right to lodge a complaint with a supervisory authority, (vii) where your personal data is not collected from the data subject, any available information as to their source, (viii) the existence of automated decision-making, including profiling.
c. Your right to rectification
You have the right to obtain the rectification of your inaccurate personal data that is inaccurate. You also have the right to have your incomplete personal data completed.
d. Your right to data portability
You have the right to receive your personal data You shared with us in a structured, commonly used and machine-readable format. You also have the right to have your personal data transmitted directly to another data controller, where it’s technically feasible and it does not adversely affect the rights and freedoms of others.
e. Your right to object to processing
You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on (i) the necessity for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or (ii) the necessity for the purposes of our or a third party’s legitimate interests. In such case, We will cease to process your personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
f. Your right to object to direct marketing
You have the right to object at any time to processing of your personal data for direct marketing,
g. Your right to restriction of processing
You have the right to request us to restrict processing of your personal data if You contest the accuracy of your personal data or lawfulness of the processing. Upon your request, We will restrict the processing of your personal data, with the exception of storage and/or or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform You immediately if and when the restriction is lifted.
h. Your right to be forgotten
You have the right to request us to erase your personal data without undue delay where your personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed or You withdraw your consent and there is no other legal ground for the processing. In such case we will immediately delete your personal data except when the processing of your personal data is necessary for exercising the right of freedom of expression and information or for compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or for the establishment, exercise or defence of legal claims.
i. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, You have the right to lodge a complaint with a supervisory authority, if You think that the processing of your personal data infringes the applicable law.
6- Notification of a personal data breach
In the case of a personal data breach, We will notify the breach to the competent supervisory authority not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
If the breach is likely to result in a high risk to the rights and freedoms of natural persons, We will communicate the personal data breach to You without undue delay, unless if;
(i) appropriate technical and organisational protection measures have been implemented, and those measures were applied to the personal data affected by the personal data breach, or
(ii) the subsequent measures which ensure that the high risk to the rights and freedoms of data subjects is no longer likely to materialize, have been implemented, or
(iii) it would involve disproportionate effort. In such a case, We will make a public communication or similar measure whereby the data subjects are informed in an equally effective manner.
7- Transfer of personal data to third countries
We may transfer your personal data to a third country or to an international organization, provided that all the conditions laid down in the applicable law are complied with and that there will be an adequate level of protection and safeguards measures for the privacy of your personal data.
If your personal data is transferred to a third country or to an international organisation, You will have the right to be informed of the appropriate safeguards relating to the transfer.
8- Contact us