Information Collection And Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Additional POPIA and GDPR relevant information can be found here
Types of Data Collected
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (Personal Data). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
- Cookies and Usage Data
- Social Media handles
Further data is outlined in Annexure A
We may also collect information how the Service is accessed and used (Usage Data). This Usage Data may include information such as your computers Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking & Cookies Data
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies. We use Session Cookies to operate our Service.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
- Security Cookies. We use Security Cookies for security purposes.
Use of Data
Social Places uses the collected data for various purposes:
- To provide and maintain the Service
- To notify you about changes to our Service
- To allow you to participate in interactive features of our Service when you choose to do so
- To provide customer care and support
- To provide analysis or valuable information so that we can improve the Service
- To monitor the usage of the Service
- To detect, prevent and address technical issues
Deletion of Data
The Data Processor shall delete or return, at the choice of the Data Controller, all personal data/information processed pursuant to this DPA in accordance with the procedures and timeframes set out in the Principal Agreement, save that this requirement shall not apply to the extent the Data Processor is required by applicable law to retain some or all of the personal data/information, or to personal data/information it has archived on back-up systems, which data the Data Processor shall securely isolate and protect from any further processing and delete in accordance with its deletion practices. The Data Processor shall provide written certification to the Data Controller that he/she has fully complied with this clause once this DPA ceases to exist.
User Deletion of Data
Please send any data deletion requests to email@example.com and your request will be attended to within 48 hours.
Transfer Of Data
Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside South Africa and choose to provide information to us, please note that we transfer the data, including Personal Data, to South Africa and process it there.
Disclosure Of Data
Social Places may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of Social Places
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
- Provide the service to the companies we are being contracted from. Where this is info is supplied to the relevant companies, that companies privacy policies will also be in effect.
Security Of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
We may employ third party companies and individuals to facilitate our Service (Service Providers), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
- Google Business
- Agencies or other third parties that manage business listings on behalf of end-clients must follow the Business Profile third party policies and the Guidelines for how to represent your business on Google: Additional guidelines for authorized representatives.
- Google Maps
We may use third-party Service Providers to monitor and analyze the use of our Service.
Links To Other Sites
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
Our Service does not address anyone under the age of 18 (Children).
We do not knowingly collect personally identifiable information from anyone under the age of 18, except in use of the bookings software in which parents provide necessary data, including name and age. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
Software Governance Features
User Feature options:
- Access to Customer Email or Tel Number
- Removal on notifications
- Removal on dashboard
- Removal on exports
- Access to export data
- Removal of customer data from publicly accessible Review links after defined period
- 2 factor authentication for key priveledges
- Optional bookings data hidden after defined period
Password reset required after 3 months, with strong password required (SHA512 encrypted passwords: no plain password saving at all.)
Data is anonymized after 5 years.
All services are hosted on Amazon Web Services, all users require 2FA within the organisation to have an account on Amazon Web Services and all services share a VPN (virtual private network). Only senior developers have direct access to the database – passwords expire after a short duration.
GoReview form fields / opt ins are decided on by the client and their data policies in processing this info will be in effect.
Data Classifications (Annexure A)
If you have any questions about this Privacy & Data Policy, please contact us:
- By email: firstname.lastname@example.org