Privacy Policy

1. Introduction

This document sets out the privacy policy of Hoogly Pty Ltd (referred to in this privacy policy as ‘we’, ‘us’, ‘Hoogly’, or ‘our’). For the purposes of applicable data protection law, (in particular, the General Data Protection Regulation (EU) 2016/679 (the “GDPR”), the UK Data Protection Act 2018), your data will be controlled by us.

The Privacy Act 1988 (Cth) (Privacy Act) also requires entities bound by the Australian Privacy Principles to have a privacy policy.

This privacy policy applies whenever we collect your personal information and/or personal data (your personal data). This includes between you, the visitor to this website (whether directly as our customer or as personnel of our customer), and us, the owner and provider of this website and also where we are directed by a third party to process your personal data. This privacy policy applies to our use of any and all data collected by us or provided by you in relation to your use of the website, or any other website or application operated by us and the provision of our services to you.

We take our privacy obligations seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data in connection with your use of our website. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint.

2. Types of personal information we collect

The personal data we collect may include the following:

  1. name;
  2. picture(s) or images you upload;
  3. descriptions of mood, feelings and emotions along with the context provided as photos, voice, videos;
  4. your comments and reactions to other users’ posts;
  5. mailing or street address;
  6. email address;
  7. social media information;
  8. telephone number and other contact details;
  9. age;
  10. date of birth;
  11. credit card or other payment information;
  12. information about your business or personal circumstances;
  13. sensitive information as set out in clause 10;
  14. information in connection with any client surveys, questionnaires and promotions you participate in;
  15. when we use analytical cookies, your device identity and type, I.P. address, geo-location information, page view statistics, advertising data and standard web log information;
  16. information about third parties; 
  17. slack ID or Teams ID; and
  18. any other information provided by you to us via this website, in the course of us providing services to you, or otherwise required by us or provided by you.

3. How we collect personal information

We endeavour to ensure that information we collect is complete, accurate, accessible and not subject to unauthorised access.

We may collect personal data either directly from you via your profile updates, check-ins, comments and participation in various activities on Hoogly (such as ‘Moments’, ‘Huddles’), or from third parties, including where you:some text

  1. contact us through on our website;
  2. communicate with us via email, telephone, SMS, social applications (such as LinkedIn, Facebook, Twitter, Instagram) or otherwise;
  3. engage us to perform services to you;
  4. where your organisation has subscribed to our services and you have agreed to our End User Licence Agreement (EULA);
  5. where your organisation gives us consent to synchronise information with existing HR or Communication systems at place within the company; 
  6. when you or your organisation offer to provide, or provides, services to us;
  7. where you authorise access from your mobile device to provide us information (e.g. camera, or images on your camera roll, access to your contacts, location services etc.);
  8. interact with our website, social applications, services, content and advertising; and
  9. invest in our business or enquire as to a potential purchase in our business.
How you provide information for someone else

If you are providing personal and/or sensitive information on behalf of someone else, you must have the consent of that person to provide their personal and/or sensitive information to us to be collected, used, and disclosed in accordance with this privacy policy.

How we collect information from cookies

We may also collect personal information from you when you use or access our website or our social media pages. This may be done through use of web analytics tools, ‘cookies’ or other similar tracking technologies that allow us to track and analyse your website usage. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites. If you do not wish information to be stored as a cookie, you can disable cookies in your web browser.

We may use Google Analytics to collect and process data, including when you use third party websites or apps. To find out more see How Google uses data when you use our partners’ sites or apps.

4. Use of your personal information

  1. We collect and use personal data for the following purposes:some text
    1. to provide services or information to you, such as creating a log of your responses to social features such as Huddle, Moments and Pulse, allowing other people to comment and to react on your check-ins and to allow others to see your comments and reactions to their check-ins
    2. for record keeping and administrative purposes;
    3. to create a detailed profile on you in order to serve you in a more personalised way;
    4. to comply with our legal obligations, resolve disputes or enforce our agreements with third parties;
    5. where we have your consent, including to send you marketing and promotional messages and other information that may be of interest to you. In this regard, we may use email, SMS, social media or mail to send you direct marketing communications. You can opt-out of receiving marketing materials from us by using the opt-out facility provided (e.g. an unsubscribe link);
    6. for our legitimate interests including:some text
      1. to develop and carry out marketing activities and to conduct market research and analysis and develop statistics;
      2. to improve and optimise our service offering and customer experience;
      3. to conduct academic and/or scientific research on our offering and study its impact;
      4. to send you administrative messages, reminders, notices, updates and other information requested by you;
      5. to send you push notifications relating to our services, which in most cases can be opted-out of by visiting your device settings, and/or changing the settings on the mobile application.
      6. to consider an application of employment from you; and
      7. the delivery of our services.

5. Sharing your data

We may share your personal data in certain circumstances, as follows:

  1. where there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal data and non-personal data contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances;
  2. to your employer or organisation (including HR Departments), where they have subscribed to our services and you have agreed to our End User Licence Agreement (EULA), and only limited to the information that you have consented to share or disclose;
  3. to our AI-partners (such as Open AI, Google and Anthropic) in order to personalise and improve your experience. Open AI and Google are our preferred AI partners and here are their terms & conditions: https://openai.com/policies/; https://ai.google.dev/gemini-api/terms.
  4. credit-checking agencies for credit control reasons should there be any concerns with your payments;
  5. disclosures required by law or regulation; 
  6. service providers and other affiliated third parties to enable us to provide our services to you including other professional advisers such as accountants, disaster recovery service providers or auditors and/or overseas counsel; and
  7. de-identified and anonymised information to our AI-partners, universities (such as Columbia Business School in NY (USA), and William & Mary in Virginia (USA)), colleges and other institutions for the purpose of research from time to time.

6. Security

We take reasonable steps to ensure your personal data (including where a third-party may have access) is secure and protected from misuse or unauthorised access. Our information technology systems are password protected, your information is encrypted and we use a range of administrative and technical measures to protect these systems.

7. Links

Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.

8. Marketing

We may at times send you marketing communications which will be done in accordance with the Spam Act 2003 (Cth) (Spam Act).

If we do, we may use email, SMS, social media, phone or mail to send you direct marketing communications.

Where consent is needed, we will ask you for your consent before sending you marketing communications, except where you:

  1. have explicitly opted-in to receiving email marketing from us in the past; or
  2. were given the option to opt-out of email marketing when you initially signed up for one of our platforms or webinars or events and you did not do so.

You can, at any time, opt out of receiving marketing materials from us by using the opt-out facility provided (e.g., an unsubscribe link on emails we send you) or by contacting us via the details provided at the end of this privacy policy. We will deal with all such requests within a reasonable timeframe.

9. Your rights

You have various rights with respect to our use of your personal data:

  1. Access: You have the right to obtain access to your information (if we’re processing it) and certain other information (similar to that provided in this privacy notice). This is so that you’re aware and can check that we’re using your information in accordance with data protection law.
  2. Be informed: You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this privacy policy.
  3. Rectification: We aim to keep your personal data accurate, current, and complete. We encourage you to contact us using our contact form to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.
  4. Objecting: You also have the right to object to processing of your personal data in certain circumstances, including processing for direct marketing.
  5. Restricting: You have the right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further.
  6. Erasure: You have the right to ask us to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data have been unlawfully processed.
  7. Portability: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.
  8. Complaints: If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority.
  9. Withdraw consent: If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time. This includes your right to withdraw consent to us using your personal data for marketing purposes.

You may, at any time, exercise any of the above rights, by contacting our email address provided below.

10. Sensitive Information

Collection of sensitive information

We may collect sensitive information about you during the course of providing you our services. We will only collect this sensitive information where you consent to such collection and directly provide us with this information (e.g. you choose to share health information about yourself through a chat feature with other users, or through a check-in).Or where your employer gives us access to the Human Resources Information System (HRIS) as a way of integration with our platform, and we can collect information on gender, ethnicity, and performance for the purpose of research and development.

How we use your sensitive information

Your sensitive information will only be used for the purpose of:

  1. providing you with our services;
  2. training and fine tuning our AI algorithms in order to serve you better;
  3. advising your colleagues on how best to work with you: ‘Relational Intelligence’;
  4. complying with our legal obligations, resolving disputes or enforcing our agreements with you;
  5. sending you messages, reminders, notices, updates, security alerts, and other information requested by you; or
  6. any other purpose which is permitted or required under applicable privacy laws.
How we disclose your sensitive information

Your sensitive information will only be disclosed to third parties with your express consent for the purpose of:

  1. providing referrals to third-parties e.g. your employer or organisations Human Resources (HR) Teams, Employee Assistance Programs (EAPs)), Suicide Prevention helplines; or
  2. any other purpose which is permitted or required under applicable privacy laws.
How you can withdraw consent

If you wish to withdraw your consent to our collection, use or disclosure of your sensitive information, please contact us using the contact details set out below. We will deal with all such requests within a reasonable timeframe.

11. Storage of your personal information

All personal information we collect is stored on servers located in the US.

However, the cloud service providers we engage to provide us US-based servers may operate overseas disaster recovery sites or have personnel overseas who may access the personal information we hold to assist us in managing our servers.

Google Cloud is our preferred hosting service, of which the terms and conditions are available at https://cloud.google.com/terms and as updated from time to time.

We also may use Google Analytics to track web traffic information which is operated by Google which stores information across multiple countries.

When you communicate with us through a social media service such as Facebook or Twitter, the social media provider and its partners may collect and hold your personal information overseas.

12. How long we keep data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will securely destroy your personal data in accordance with applicable laws and regulations when your contract with us ends or when you ask us to.

If you would like further information about our specific retention periods for your personal data, please contact us using our email address provided below.

13. Processing of personal data using the following services

  1. Analytics such as Google Analytics and Amplitude;
  2. Device permissions: Camera permission, Contacts Permission, Photo Library permission, Notification permissions
  3. Displaying content from external platforms
  4. Fonts such as Google Fonts
  5. Personal data: Trackers; Usage Data
  6. Email systems such as Gmail
  7. Personal data: email address, first name, last name, phone number, gender, profile picture, date of birth
  8. Hosting and backend infrastructure
  9. Firebase Cloud Firestone, Firebase Cloud Functions, Firebase Cloud Storage and Firebase Realtime Database, Authentication, Big Query
  10. Infrastructure monitoring
  11. Firebase Performance monitoring
  12. Personal data: various types of data as specified in the privacy policy of the service
  13. Location-based interactions 
  14. Activecampaign Email system, Pipedrive CRM
  15. Twilio
  16. Firebase Notifications and Firebase Cloud Messaging
  17. Google: Play Store, Email, Tag Manager, Gmail
  18. App Store Connect
  19. Registration

14. Transfers outside the European economic area (‘EEA’) – UK/EEA individuals

To provide our services, we may transfer the personal data we collect to countries outside of the UK or EEA which do not provide the same level of data protection as the country in which you reside and are not recognised by the European Commission as providing an adequate level of data protection.

When we do this, we will make sure that it is protected to the same extent as in the EEA and UK as we will put in place appropriate safeguards to protect your personal data, which may include standard contractual clauses.

For more information, please contact us at our email address provided below.

15. De-identified information

The information we collect may have analytical, educational, or commercial value to us, or third parties for research purposes (e.g. our university research partners). Where we have de-identified and anonymised the information we have collected, we reserve the right to process and distribute such information.

16. Contact us

For further information about our privacy policy or practices, or to access or correct your personal data, please contact Hoogly using the details set out below. If you wish to complain about how we handle your personal information held by us, please contact us using the details set out below including your name and contact details. We will investigate your complaint promptly and respond to you within a reasonable timeframe.

Email: cto@hoogly.com

We may change this privacy policy from time to time by posting an updated copy on our website and we encourage you to check our website regularly to ensure that you are aware of our most current privacy policy. Where we make any significant changes, we will endeavour to notify you by email.

Our privacy policy was last updated on 11 October 2024