Menu

INTRODUCTION

Touchpoint Group Ltd (NZ), Touchpoint Group Pty Ltd (AU), Touchpoint Group International Ltd (NZ), Touchpoint Group UK Limited (UK) (collectively, “Touchpoint Group”, “we”, “us” or “our”) use cookies and other tracking technologies as described in this Cookie Notice to collect Personal Information, or to collect information that becomes Personal Information if we combine it with other information. For more information about how we process your Personal Information, please consult our Privacy Policy.

As we describe more fully below, we use these technologies to administer our websites and products (the "Sites" as defined in our Privacy Policy), analyse trends, track users’ movements around our Sites, serve targeted advertisements and gather demographic information about our user base as a whole. This page explains what these technologies are and why we use them, as well as individuals’ who visit our Sites and/or who use any of our products or otherwise interact with us (“you” or “your”) rights to control our use of them.

Last modified: 2022-05-31
Effective date: 2022-06-20

WHAT ARE COOKIES?

A cookie is a small file containing a string of characters that is sent to your browser and may be stored on your computer or mobile device when you visit a website. It can enable you to use certain functionality of the website, and to provide you with a tailored visitor experience. Cookies are sent back to the originating website on each subsequent visit, or to another website that recognises that cookie and your device. Cookies can remember your preferences, track your usage and allow for a personalised user experience

Cookies set by the website owner (in this case, Touchpoint Group) are called "first party cookies". Cookies set by parties other than the website owner are called "third party cookies". Third party cookies enable third party features or functionality to be provided on or through the website (e.g. like advertising, interactive content and analytics). The parties that set these third party cookies can recognise your computer or mobile device both when you visit our Sites and also when you visits certain other websites.

Web beacons are typically transparent graphic images placed on a site. They are used to obtain information such as the URL of the page on which the beacon appears, the time the page containing the beacon was viewed, and the type of browser used to view the page. Web beacons are used in combination with cookies to measure the actions of visitors on websites and so declining cookies will impair their functioning.

WHY DO WE USE COOKIES?

We use first party and third-party cookies for several reasons. Some cookies are required for technical reasons in order for our Sites to operate, and we refer to these as “essential” or “strictly necessary” cookies. Other cookies enable us to track and target the interests of our users to enhance the experience on our Sites. We also may use web beacons, tags, HTML5, and scripts in the Sites or in emails to help us to deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon. We may receive reports based on the use of these technologies by our service/analytics providers on an individual and aggregated basis.

We use cookies for security reasons to authenticate your identity, such as confirming whether you are currently logged into our Sites. We may store user preferences in cookies to provide you with personalised content or to enable or disable certain features, e.g. to ensure that users can’t retake certain surveys that they have already completed. To improve our services we use cookies to measure your usage of our Sites and track referral data, as well as to occasionally display different versions of content to you. This information helps us to develop and improve our services and optimise the content we display to users. When you use the "Remember me" feature when you sign into your account, we may store your username in a cookie to make it quicker for you to sign in whenever you return to our Sites.

Touchpoint Group partners with third parties to manage our advertising on other sites. Our partners may use technologies such as cookies, web beacons, tags, HTML5, scripts, or other tracking technologies to gather information about your activities on our Sites and other sites in order to suggest advertisements based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you can manage your preferences as described below and here. Please note if these cookies are switched off, you will continue to see advertisements, but they will no longer be tailored to your interests.

We may use any of the following categories of cookies on the Sites as detailed below. Each cookie falls within one of the four following categories:

Types of cookies and their purpose
Type of cookies Purpose Expiry/Max age
Strictly necessary These cookies are strictly necessary to provide you with our products and services and to use some of their features, such as the ability to sign in and gain access to secure areas.

During your visit to our Sites, these cookies are used to remember information you have entered or choices you made on the Sites. Without these cookies, certain functionality may become unavailable.
The longest expiry period is 14 days.

The longest expiry period is 20 years.
Tracking and Performance These cookies are used to enhance the performance and functionality of our Sites but are non-essential to their use (e.g. collecting performance and error data, enabling customer support for users). Some of these cookies collect information that is used either in aggregate form to help us understand how our Sites are being used or how effective our marketing campaigns are, or to help us customise our Sites for you. The cookies are used to enhance the performance and functionality of our Sites but are non-essential to their use (e.g. collecting performance and error data, enabling customer support for users). The third party platforms who set these cookies may subsequently use these cookies to track the browser across other sites. The longest expiry period is 2 years.
Advertising These cookies are placed by third party advertising platforms or networks in order to deliver ads and track ad performance, enable advertising networks to deliver ads that may be relevant to you based upon your activities (this is sometimes called “behavioral” “tracking” or “targeted” advertising). They may subsequently use information about your visit to target you with advertising that you may be interested in, on other websites. For example, these cookies remember which browsers have visited the Sites. The longest expiry period is 2 years.
Embedded Content Our Sites make use of different third party applications and services to enhance the experience of website visitors and users of our products. These includes an integrated help desk and knowledge base to solve customer problems, social media platforms such as LinkedIn, or embedded content from Vimeo. As a result, cookies may be set by these third parties, and used by them to track your online activity. Your interaction with these features is governed by the privacy policy of the third party company providing it. The longest expiry period is 2 years.

WHAT COOKIES ARE SERVED THROUGH OUR WEBSITES AND PRODUCTS?

The specific types of first and third-party cookies served through our websites and products and options to refuse these cookies are described in the tables below.

Websites Cookie Table Show Table
Ipiphany Cookie Table Show Table
TouchpointMX Cookie Table Show Table

Please note that customers using TouchpointMX to publish or host their own websites, surveys and emails may place additional cookies. These are subject to their privacy policies.

TouchpointCX Cookie Table Show Table

Please note that customers using TouchpointCX to publish or host their own websites, surveys and emails may place additional cookies. These are subject to their privacy policies.

 

HOW CAN YOU CONTROL COOKIES?

You have the right to decide whether to accept or reject cookies. You can exercise your cookie preferences by clicking on the appropriate opt-out links provided in the cookie table above. You can also set or change your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our Sites but your access to some functionality and areas of our Sites may be impaired or restricted. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser’s help menu for more information.

If you want to learn more about cookies, or how to control, disable or delete them, please visit http://www.aboutcookies.org for detailed guidance. In addition, certain third party advertising networks, including Google, permit users to opt out of or customise preferences associated with your internet browsing. To learn more about this feature from Google, click here.

Opt-out of interest-based advertising

To opt-out of interest-based advertising by third parties, please visit:

In the mobile environment, most mobile operating systems offer device-based opt-out choices that are transmitted to companies providing interest-based advertising. To set an opt-out preference for a mobile device identifier (such as Apple’s IDFA or Android’s GAID), visit the device manufacturer’s current choice instructions pages, or read more about sending signals to limit ad tracking for your operating system here: http://www.networkadvertising.org/mobile-choices.

Please note that these settings must be performed on each device (including each web browser on each device) for which you wish to opt-out, and if you clear your cookies or if you use a different browser or device, you will need to renew your opt-out preferences.

UPDATES TO THIS COOKIE NOTICE

We may update this Cookie Notice from time to time in order to reflect, for example, changes to the cookies we use or for other operational, legal or regulatory reasons. Please therefore re-visit this Cookie Notice regularly to stay informed about our use of cookies and related technologies.

The date at the top of this Cookie Notice indicates when it was last updated.

IF YOU NEED FURTHER INFORMATION

If you have any questions about our use of cookies or other technologies, please email us at privacy@touchpointgroup.com.

INTRODUCTION

We at Touchpoint Group Ltd (NZ), Touchpoint Group Pty Ltd (AU), Touchpoint Group International Ltd (NZ), Touchpoint Group UK Limited (UK) (collectively, “Touchpoint Group”, “we”, “us” or “our”) are committed to protecting your privacy.

This Privacy Policy (Policy) applies to the information and data collected by Touchpoint Group as a controller, including the information collected on our websites (touchpointgroup.com, manage.touchpointmx.com, manage.au.touchpointcx.com, login.ipiphany.ai) as well as the other websites that Touchpoint Group operates and that link to this Policy, collectively referred to as the "Sites". This includes all individuals ("you") who

  • Visit the Site or individuals who request us to contact them via our online web forms ("Visitors").
  • Register and/or use the products and services which we market for subscription ("Users"), e.g. Ipiphany, TouchpointMX, TouchpointCX.

Information which is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to as “Personal Information” in this Policy. The Policy describes how the Touchpoint Group collects, uses, shares and secures the Personal Information that you provide. It also describes your choices regarding use, access and correction of your Personal Information.

By visiting the Sites, you are agreeing to the terms of this Policy.

Last modified: 2020-10-28
Effective date: 2020-11-16

WHEN THIS POLICY DOES NOT APPLY

Third party websites

The Sites may contain links to third-party websites that incorporate comment and social media features, including the LinkedIn and Twitter “follow” buttons. If you choose to use these features, you may be disclosing your Personal Information not just to those third-party websites and services, but also to their users and the public more generally. Because these third-party websites and services are not operated by Touchpoint Group, Touchpoint Group is not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your Personal and Other Information will be subject to the privacy policies of the third-party websites or services, and not this Policy. We encourage you to review the privacy statements of any such other websites to understand their information practices.

Customer Data

With the exception of information you provide to us (as defined below) and other information we collect in connection with your registration or authentication to the Sites, this Policy does not apply to our security and privacy practices in connection with any data submitted to and stored within the Sites by you, your agents and end-users (“Customer Data”). Customer Data security and privacy practices are detailed in and governed by our Terms and our Touchpoint Group Product Privacy Policy, or such other applicable agreement between you and any member of Touchpoint Group relating to your access to and your use of the Sites (collectively referred to as the “License Agreement”).

Our customers are solely responsible for establishing policies for, and ensuring compliance with, all applicable laws and regulations, as well as any and all privacy policies, agreements or other obligations, relating to the collection of Personal Information in connection with the use of the Sites by individuals (also referred to as “end users”) with whom our customers interact.

We collect or process information under the direction of our customers, and have no direct relationship with individuals whose Personal Information we process in connection with our customers’ use of the Sites. The use of information collected or processed through the Sites shall be limited to the purpose of providing the service for which customers have engaged a member of Touchpoint Group. If you are an individual who interacts with one of Touchpoint Group's customers and require assistance or would either like to amend your contact information or no longer wish to be contacted by one of our customers that use the Sites, please contact the customer or organisation that you interact with directly.

 

INFORMATION WE COLLECT

Touchpoint Group collects both Personal Information and Other Information about users and visitors of the Sites as described below.

Other Information is any information that is not Personal Information. Touchpoint Group may combine Personal Information with Other Information, in which case Touchpoint Group will treat the combined information as Personal Information. Touchpoint Group also may combine Personal Information or Other Information that Touchpoint Group has about you with additional information that Touchpoint Group or third parties collect in other contexts - such as Touchpoint Group’s communications with you via email or phone, or your customer service records. In those circumstances, Touchpoint Group will treat the combined information in accordance with this Policy.

Information that you provide to us

Personal Information that you may provide to us when you register yourself or other users for an account to access the Sites, or when you interact with our Sites includes

  • Contact information, such as your first name, last name, professional title, organisational affiliation, postal address, office location, email address and telephone number.
  • Profile information, such as your username, password and preferences.
  • Communications, such as information you provide when you respond to surveys, participate in market research activities, participate in telephone conferences with our representatives (which may be recorded with your permission where permitted by law); report a problem with the Sites, receive customer support or otherwise communicate with us.
  • Transaction information, such as your billing information and transaction history.
  • Marketing information, such as your preferences for receiving marketing communications and details about how you engage with them.
  • Other information that you choose to provide but is not specifically listed here, which we will use as described in this Policy or as otherwise disclosed at the time of collection.

We use this Personal Information to fulfil our obligations under our Terms or our agreement with you. If we have not entered into a service agreement with you, we base the processing of your Personal Information on our legitimate interest to operate and administer the Sites and to provide you with the content you access and request. By voluntarily providing us with this information, you represent that you are the owner of such Personal Information or otherwise have the requisite consent to provide it to us.

You also may upload additional types of Personal Information about you or Personal Information which belongs to another person to the Sites, for example for referrals or "Tell a Friend" campaigns. You are responsible for ensure you are disclosing such information in accordance to applicable data and privacy laws.

Data collected automatically

We, our service providers, and our business partners may automatically log the following information about you, your computer or mobile device, and your activity over time on the Sites and other online services

  • Device data, such as your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, unique identifiers, and general location information such as city or town.
  • Usage data, such as the website you visited before browsing to the Sites, pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.

The automatic collection is facilitated by server and application logs, as well as

  • Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
  • JavaScript libraries: Snippets of code within web pages that execute when certain actions take place.
  • Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Sites.

Please see our Cookie Notice for more information regarding our use of cookies and other technologies described above as well as how to opt out.

Information collected from other sources

We may combine Personal Information and Other Information collected on our Sites with information from other sources. This includes information which is similar to that which is typically included on a business card, business email signature block, or an online professional profile, including name, company name, job title, email address, phone numbers, business address, and social media links.

HOW WE USE INFORMATION WE COLLECT

You have choices about the data we collect. When you are asked to provide Personal Information, you may decline. But if you choose not to provide data that is necessary to provide a product or feature, you may not be able to use that product or feature.

When Touchpoint Group is the controller of Personal Information, we may use the information we collect about you in order to perform our obligations under our Terms or our agreement with you with you and on the basis of our legitimate interest including

  • To provide, update, maintain and protect the Sites, our services, products and business, to meet our obligations and pursue our rights; or to enter into a contract with you or legal entity you may represent, at your request.
  • To verify your identity to enable you to access and use the Sites and our services and products.
  • To allow us to run our business, and perform administrative and operational tasks (including among others our subcontractors and third party service providers in the course of providing our services).
  • To communicate with you by responding to your requests, comments and questions. If you contact us, we may use your Personal Information to respond and provide technical and implementation support.
  • To send emails and other communications related to changes to the service or important announcements. We may send you product or service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our products or services, our product or service offerings and important product or service related notices, such as security and fraud notices. These communications are considered part of the services and you may not opt out of them.
  • To better understand how customers are using the product or service, to improve and optimise our products or services. We may analyse trends, monitor usage of user activity as well as traffic patterns to help us better understand our performance so we can optimise and improve our products or services.
  • To carry out training and marketing related to the service. We sometimes send emails about new product features, promotional communications or other news about Touchpoint Group. These are marketing messages so you can control whether you receive them or not.
  • To deliver tailored advertising. We may use your Personal Information to serve and manage ads on our products or services or on third party sites and to tailor ads based on your interests and browsing history. Please see Your right to access, correct, and remove your Personal Information for additional information on how to manage the ads you see.
  • For profiling. We may analyse your Personal Information to create a profile of your interests and preferences so that we only send information that is relevant to you. We may make use of additional information about you when it is available from external sources to help us to do this effectively.
  • To investigate and prevent fraudulent transactions, unauthorised access to the Sites and our services and products, and other illegal activities.
  • To comply with applicable laws, legal processes or regulations.
  • To defend our positions and pursue our legal claims before courts or other bodies in the context of litigation or other disputes where Touchpoint Group is a party.
  • As described to you at the time of collection or as otherwise described in this Privacy Policy.

If information is aggregated or de-identified so it is no longer reasonable associated with an identified or identifiable natural person, Touchpoint Group may use it for any business purpose. Touchpoint Group may also use Other Information for any other business purpose permitted by law.

Legal basis for processing your Personal Information

The legal basis on which we process your Personal Information as described in this Policy will depend on the type of Personal Information and the specific context in which we process it. However, the legal basis we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your Personal Information, contact us.

Processing purpose Legal Basis
Service delivery
Site operation
Processing is necessary to perform the services you have engaged us for, to operate the Sites inline with our Terms or our agreement with you, or to take steps that you request prior to engaging our services. Where we cannot process your Personal Information as required to operate the Sites or provide services on the grounds of contractual necessity, we process your Personal Information for this purpose based on our legitimate interest in providing you with services you access and request.
Marketing Processing is based on your consent where that consent is required by applicable law. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or here. Where such consent is not required by applicable law, we process your Personal Information for these purposes based on our legitimate interests in promoting our business.
Research & Development Processing is based on our legitimate interests in performing research and development to improve our products and develop new products and services.
Compliance & Protection Processing is necessary to comply with our legal obligations or based on our legitimate interests in protecting our or others’ rights, privacy, safety or property.
Other purposes with your consent Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated when you consent or by contacting us.
 
Marketing and advertising - Opt out

We do not use your Personal Information for marketing or advertising without your consent. As part of your use of the Sites, Touchpoint Group allows you to elect to receive, or not receive, certain information from Touchpoint Group. Touchpoint Group adheres strictly to permission-based email policy. Except as mentioned above, Touchpoint Group will not send you unsolicited email information, commercial offers or advertisements. Touchpoint Group will not sell, rent, or loan your Personal Information to a third party.

You can opt out of receiving marketing communications by following the unsubscribe instructions included in our marketing communications or by contacting us. Opting out of marketing communications will not impact your usage of the Sites. Please note that if you unsubscribe from Touchpoint Group marketing communications, you will still receive administrative messages.

 

SHARING AND DISCLOSURE OF YOUR INFORMATION

Touchpoint Group will not share your Personal Information with or disclose your Personal Information to any third party for commercial purposes that are not related to Touchpoint Group products and services. We may, however, share your information with third parties for the purposes for which we use and process your information as described in this Policy. Touchpoint Group will ensure that appropriate technical and organisational measures are in place to ensure such third party is bound by the same obligations as set out in this Policy and will meet the necessary legal requirements in relation to such processing. We do not permit our third-party service providers to use the Personal Information that we share with them for their marketing purposes or for any other purpose than in connection with the services they provide to us.

The types of third parties we share or disclose Personal or Other Information are listed below. For more detailed information about subcontractors used please see here.

Third-party service providers

Touchpoint Group may disclose Personal Information to third-party service providers for technical and customer support and to help Touchpoint Group manage and improve the Sites. These service providers may collect and/or use your Personal or Other Information to assist us in achieving the purposes discussed in this Policy. For example, Touchpoint Group uses third parties which provide IT infrastructure and to help manage relationships with our customers who use the Touchpoint Group Sites.

Third-Party analytics and targeted advertising

Touchpoint Group may partner with certain third parties to collect Other Information and to engage in analytics, auditing, research, and reporting. These third parties may use web logs or pixel tags, and they may set and access cookies on your computer or other device. In particular, the Sites use Google Analytics to help collect and analyse certain information for the purposes discussed above. You may opt out of the use of cookies by Google Analytics here.

The Sites also may enable third-party tracking mechanisms to collect Other Information over time and across unaffiliated websites for use in online behavioural advertising. For example, third parties may use the fact that you visited the Sites to target online ads for Touchpoint Group products and services to you on non-Touchpoint Group websites. In addition, third-party advertising partners might use information about your use of the Sites to help target non-Touchpoint Group advertisements based on your online behaviour in general. For information about behavioural advertising practices, including privacy and confidentiality, visit the Network Advertising Initiative website or the Digital Advertising Alliance website.

The use of online tracking mechanisms by third parties is subject to those third parties’ own privacy policies, and not this Policy. If you prefer to prevent third parties from setting and accessing cookies on your computer, you may set your browser to block cookies. Additionally, you may remove yourself from the targeted advertising of companies within the Network Advertising Initiative by opting out here, or of companies participating in the Digital Advertising Alliance program by opting out here.

Business partners

Touchpoint Group may disclose your Personal or Other Information to Touchpoint Group business partners to fulfil your requests for services; complete a transaction that you initiate; or meet the terms of any agreement that you have with Touchpoint Group or our business partners. We may also share your Personal or Other Information with our professional advisers, where required to enable them to provide advice to us which may be necessary for us in order to serve our legitimate interests.

Your direct sharing of Personal Information through the Sites and third-party websites

The Sites may enable you to share Personal Information directly through the Sites. For example, the Sites may include a blog to which you may post comments. Please ensure when using these features that you do not submit any Personal or Other Information that you do not want to be seen, collected, or used by other users. In addition, the Sites may contain links to third-party websites that incorporate comment and social media features, including the LinkedIn and Twitter. If you choose to use these features, you may be disclosing your Personal Information not just to those third-party websites and services, but also to their users and the public more generally. Because these third-party websites and services are not operated by Touchpoint Group, Touchpoint Group is not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your Personal and Other Information will be subject to the privacy policies of the third-party websites or services, and not this Policy.

Third-party plugins

The Sites may integrate certain third-party plug-ins (such as a chat service for product support). Even if you do not click on these plug-ins, they may collect information about you, such as your IP address and the pages that you view. They also may set and/or access a cookie. These plugins are governed by the privacy policy of the company providing them.

 
Compliance with laws and law enforcement requests; Protection of our rights

Touchpoint Group may use or share your Personal or Other Information with third parties when Touchpoint Group believes, in its sole discretion, that doing so is necessary: (i) to comply with applicable law or a court order, subpoena, request from government or law enforcement, or other legal process; (ii) to investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of Touchpoint Group’s terms and conditions, or situations involving threats to Touchpoint Group property or the property or physical safety of any person or third party; (iii) to establish, protect, or exercise Touchpoint Group’s legal rights or defend against legal claims; or (iv) to facilitate the financing, securitisation, insuring, merger, acquisition, sale, assignment, bankruptcy, or other disposal of all or part of our business or assets.

We will not disclose your Personal Information to law enforcement unless required by law or requested by the owner of the information. Should law enforcement contact Touchpoint Group with a demand for Personal Information, we will attempt to redirect the law enforcement agency to request that data directly from the owner (the customer). If compelled to disclose Personal Information to law enforcement, then Touchpoint Group will promptly notify the owner and provide a copy of the demand unless legally prohibited from doing so. We will cooperate with requests that you receive regarding the disclosure of Personal Information we hold for you by a law enforcement authority as per our Terms or our agreement with you.

De-identified or aggregated information

Touchpoint Group also may share de-identified and aggregated information about Sites users. E.g. the information we hold may be processed by our data analytics products to assist us in improving our service, and to operate, maintain, develop, test and upgrade our systems and infrastructure. The aggregated data contains no unique identifying information.

Do Not Track

Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Recording of disclosures of Personal Information

As per above Touchpoint Group may share your information with third parties for the purposes for which we use and process your information as described in this Policy. In some cases the sharing of the information could be defined as "disclosure", depending on the applicable privacy laws.

Where we share or disclose Personal Information outside the reasons listed in Sharing and disclosure of information or other purposes mentioned in this Policy, we will record and maintain information of this disclosure including to whom and at what time and date this was disclosed. This includes security breaches, or requests by a law enforcement authority. If you have questions about the records of disclosing your information, contact us.

International transfer and geographical location of Personal Information

We store Personal Information about visitors and users of the Sites within New Zealand, Australia, the UK, the United States and in other countries and territories. To facilitate our global operations, we may transfer and access such Personal Information from around the world, including from other countries in which Touchpoint Group has operations. Therefore, your Personal Information may be processed, shared or disclosed in countries which are not subject to an adequacy decision by the New Zealand Privacy Commissioner, the European Commission or your home country and which may not provide for the same level of data protection as your home country. This Policy shall apply even if we transfer Personal Information to those countries. We have taken appropriate technical and organisational measures to require that your Personal Information will remain protected and any third party is bound by the same obligations as set out in this Policy and will meet the necessary legal requirements in relation to such processing. Touchpoint Group will remain responsible if a third party provider processes your Personal Information in a manner inconsistent with this Policy, unless we prove that we are not responsible for the event giving rise to the damage.

By using the Sites, or providing information to Touchpoint Group, you expressly consent to Touchpoint Group's transfer and processing of your Personal Information in accordance with this Policy.

Before using or sharing your information with third parties in ways not discussed in this Policy or previously authorised by you, we will provide you notice and an opportunity to control the further use or disclosure of your Personal Information. However, please note that, if you object to the overseas transfer of your information, we may not be able to provide the services you have requested in whole or in part.

More information about third parties and the geographical location of Personal Information can be found here.

If you have any concerns regarding the transfer of your Personal Information overseas, please contact us.

BUSINESS TRANSFERS

Touchpoint Group may transfer Personal and Other Information and User content to any successor to all or substantially all its business or assets that concern the Sites. In the event of such a transfer, such successor will have all the rights and be subject to all of the obligations of this Privacy Policy, including, without limitation, the right to modify or replace this Privacy Policy, as provided herein.

SECURITY

Touchpoint Group maintains a comprehensive security program with appropriate organisational and technical security practices and measures to protect the Personal Information we collect, in accordance with applicable privacy law. While Touchpoint Group endeavours to provide a secure environment, no online service is 100% secure and we cannot guarantee the security of your information. It is important for you to protect against unauthorised access to your password and to your computer.

Read more on Security at Touchpoint Group.

 
Retention of information

We retain Personal Information for as long as we maintain our relationship with you or as otherwise required for our business operations or any applicable laws, including to enforce our rights, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping purposes. If you have elected to receive marketing communications from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our content, products, or services, such as when you last opened an email from us or ceased using your account to access the Sites. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

When Personal Information Touchpoint Group collects is no longer required, we will take reasonable steps to destroy it, anonymise it or, if this is not possible, securely store your Personal Information and isolate it from any further processing until deletion is possible. We will delete this information at an earlier date if you so request, as described in the section Your right to access, correct, and remove your Personal Information below.

 
Notification of a data breach involving Personal Information

Touchpoint Group has established a formal incident management procedure which is invoked when interruptions to IT services adversely affect customers, internal staff or both. In the event of a security breach leading to accidental loss, disclosure or alteration of your Personal Information, we will comply with all our obligations under the applicable privacy laws including reporting to the relevant authorities or notifying you of such breach where required by law to do so. We will attempt to notify you electronically so that you can take appropriate protective measures.

 

YOUR RIGHT TO ACCESS, CORRECT, AND REMOVE YOUR PERSONAL INFORMATION

You agree that subject to any applicable privacy laws, any Personal Information you give to Touchpoint Group will be accurate, correct and up to date, and that when acting on behalf of a business or other person, you are authorised to give such information to us. You must inform us if any of your Personal Information changes, to ensure that the details we hold about you are up to date and correct.

You have a right to access, correct and request the removal of the Personal Information we hold about you. Whenever you use our Sites we strive to make sure that the Personal Information is correct. If that information is wrong, please contact us so that we can correct or remove it - unless we have to keep that information for legitimate business or legal purposes. When updating your Personal Information, we may ask you to verify your identity before making any changes.

Depending on the privacy laws in your country you might have additional statutory rights, in relation to your Personal Information, including the following rights:

  • Right to be informed. You have the right to obtain information relating to whether or not your Personal Information is being processed by Touchpoint Group. To the extent that Touchpoint Group is a controller of your information, you have the right to be informed of the categories of data that will be collected prior to its collection or at the point of collection and to be informed of any changes to this collection. Please see here about which information we collect and why.
  • Right to request a copy of your information. You have the right to see or view your own Personal Information, as well as to request copies of the Personal Information.
  • Right to consent or object. Where we base the right to process your information on your consent (e.g. marketing) you have the right to give consent for Touchpoint Group to control your data. At the same time, you have the right to rescind the consent or object. In this case we will securely erase your Personal Information unless we have reasons to retain it, as described in this Policy and in Retention.
    We use TouchpointMX as our platform for recording consent to marketing communications to keep track of when consent was received, and how.
  • Right to be notified of a breach. Please see here how we handle breach notifications.
  • Right to be informed of an enforced disclosure. Please see here how we handle enforced disclosures.
  • Right to complain. You have the right to complain to your local data protection authority if you are unhappy with our data protection practices.
  • Right to data portability. You have the right to ask for transfer of your Personal Information. We will return or transfer the information requested in a machine-readable electronic format.

To exercise your privacy rights contact us at privacy@touchpointgroup.com. We will act on any request within 10 working days. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems). Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.

End user rights

If you are an end user who interacts with one of our customers and you seek to access, or correct, amend, or delete inaccurate data or no longer want to be contacted by one of our customers, you should direct your inquiry to the customer because the customer is the data controller. If the customer requests Touchpoint Group to remove the Personal Information, we will respond to their request within 30 days. We will retain personal information that we process and store on behalf of our customers for as long as needed to provide the services to our customers.

CHILDREN

The Sites are not intended for or targeted at children under 13 and Touchpoint Group does not knowingly collect Personal Information from any person that is under the age of 13. If Touchpoint Group becomes aware that a person under 13 has provided such information, Touchpoint Group will take commercially reasonable steps to remove the information and terminate the respective registration.

CHANGES TO PRIVACY POLICY

This Policy may be updated from time to time to reflect changing legal, regulatory or operational requirements. We encourage you to periodically review this page for the latest information on our privacy practices. We will use reasonable efforts to notify you of any material change prior to the changes becoming effective, either by email, a prominent notice on the Sites or another manner through the Sites that we believe is reasonably likely to reach you. Continued use of the Sites following such notice of any change to the Policy constitutes your acceptance of those changes. Information collected by the Sites is subject to the Privacy Policy in effect at the time of use.

HOW TO CONTACT TOUCHPOINT GROUP

If you have questions or complaints regarding this Policy or about the Touchpoint Group’s privacy practices, please contact us by email at privacy@touchpointgroup.com, or at:

Touchpoint Group Limited
PO Box 90882, Victoria Street West
Auckland 1142
New Zealand

Phone: 0800 800 324 or +64 9 353 6870

INTRODUCTION

Touchpoint Group Ltd (NZ), Touchpoint Group Pty Ltd (AU), Touchpoint Group International Ltd (NZ), Touchpoint Group UK Limited (UK) (collectively, “Touchpoint Group”, “we”, “us” or “our”) are committed to protecting your privacy.

This Product Privacy Policy addresses the data Touchpoint Group collects and processes to provide our SaaS products and services to our clients, e.g. Ipiphany, TouchpointMX, TouchpointCX. This policy does not apply to any information or data collected by Touchpoint Group as a controller, such as information information collected on our websites (touchpointgroup.com, manage.touchpointmx.com, manage.au.touchpointcx.com, login.ipiphany.ai). Please refer to the Touchpoint Group Privacy Policy that covers this information.

In this Product Privacy Policy, we use the following terms:

  • Touchpoint Group Products refers to the SaaS products (such as Ipiphany, TouchpointMX and TouchpointCX) and related online services, as well as the accompanying professional services we provide to our customers.
  • Customer (you) refers to a business to which Touchpoint Group provides its products and services.
  • End User refers to an individual who has had an interaction with a Touchpoint Group Customer. Customer interactions can span a wide variety, and include purchasing goods or services, contacting customer support, checking in to a hotel or property, and visiting a client’s web page or using its mobile app.
  • Customer Data refers to any data submitted to and stored within Touchpoint Group Products by you, your agents and End Users.

Defined terms used herein shall have the same meaning as defined in the Standard Terms.

Touchpoint Group processes Customer Data under the direction of our Customers, and has no direct control or ownership of the Personal Information we process on behalf of our Customers. Customers are responsible for complying with any regulations or laws that require providing notice, disclosure, and/or obtaining consent prior to transferring the Personal Information to Touchpoint Group for processing purposes. In the event of a conflict between this Product Privacy Policy and the agreement with the Customer, the terms of the customer agreement will control.

Last modified: 2020-10-28
Effective date: 2020-11-16

TOUCHPOINT GROUP’S AND CUSTOMERS’ ROLES AND USE OF CUSTOMER DATA

Customers use the Touchpoint Group Products to engage with their customers (End Users) or to analyse End User engagement:

  • TouchpointCX is a cloud-based customer experience management platform that executes and consolidates customer feedback data into unified dashboards with an interactive resolution system and analytics reporting function.
  • TouchpointMX is a cloud-based omni channel marketing solution that helps businesses design, automate and manage marketing campaigns across various websites, email and mobile.
  • Ipiphany analyses unstructured digital feedback & CRM data to uncover key factors influencing changes in brand or product perception and engagement.

When the Customer uses Touchpoint Group Products, they may decide to collect or manage Personal Information. Touchpoint Group does not control the content of any websites, email, mobile messages or the types of Personal Information that the Customer may choose to collect or manage using Touchpoint Group Products. That Personal Information is controlled by the Customer and is used, disclosed and protected by the Customer according to the Customer's own privacy policies.

Touchpoint Group processes Customer Data as the Customer directs and in accordance with our agreements with them. Our agreements with our the Customer prohibit us from using that information, except as necessary to provide and improve Touchpoint Group Products, as permitted by this Product Privacy Policy, and as required by law.

We have no direct relationship with End Users who provide Personal Information to our Customer. Our Customer controls and is responsible for correcting, deleting or updating information they have collected from or are managing using Touchpoint Group Products. We may work with the Customers to help them provide notice to their End Users about their data collection, processing and usage.

Legal basis for processing

The Customer provides instructions with regard to the upload, collection, transfer, and access of Personal Information in Touchpoint Group Products. As such, the Customer determines the legal basis they have for data processing. The Customer can use legitimate interest or consent as a legal basis for processing Personal Information in Touchpoint Group Products, although others may apply.

Identity of the data controller

As data controllers, the Customer is responsible for identifying themselves, where appropriate, in communications sent by Touchpoint Group Products to End Users.

SOURCES AND TYPES OF CUSTOMER DATA BEING PROCESSED

The data processed, e.g. managed, collected, analysed and stored, in Touchpoint Group Products may originate from the following sources. It is the Customer's responsibility to decide which Personal Information will be processed in Touchpoint Group Products.

Data provided by Customers

In order to use Touchpoint Group Products the Customer can manually upload or integrate other tools, processes or platforms as inbound sources of data for Touchpoint Group Products. The Customer can, for example, provide Touchpoint Group Products with End User names, email addresses, mobile phone numbers, and information about the customers’ interactions with their business (e.g., the name of the client’s store where the customer shopped or the hotel at which they are staying), and any feedback they might have. In addition, the Customer can provide Touchpoint Group Products with information that segments customers into groups, such as the type of account the customer holds, the type of product or service purchased.

Data provided by End Users interacting with Touchpoint Group Products

The Customer may use Touchpoint Group Products to create and manage interactions with their End Users. This includes websites, marketing campaigns, feedback collection via surveys and other interactions. The data collected can include End User names, email addresses, mobile phone numbers, and information about the customers’ interactions with their business (e.g., the name of the client’s store where the customer shopped or the hotel at which they are staying), and any feedback they might have.

Data collected automatically from End Users interacting with Touchpoint Group Products

Touchpoint Group Products may automatically log the following information about End Users, their computers or mobile devices, and their activity over time.

  • Device data, such as computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, unique identifiers, and general location information such as city or town.
  • Usage data, such as the website visited before browsing to the Touchpoint Group Product managed websites, any pages or screens viewed, time spent on a page or screen, navigation paths between pages or screens, information about any activity on a page or screen, access times, and duration of access.

The automatic collection is facilitated by server and application logs, as well as tracking technologies, e.g.

  • Cookies
  • JavaScript libraries
  • Web beacons,” “tags,” and “pixels

Please see the Cookie Notice for more information regarding our use of tracking technologies.

Information Touchpoint Group does not collect

Unless configured by the Customer to do so, Touchpoint Group Products do not collect or process sensitive data, such as credit card numbers or government identification numbers, nor does it collect information defined as “sensitive personal data” under EU law, such as race, sexual orientation, or union membership.

ACCESS TO CUSTOMER DATA

In addition to the Customer and their employees who access Customer data as part of their use of Touchpoint Group Products, the following parties will also access Customer Data.

Touchpoint Group staff
  • Customer support: If there is a support request, troubleshooting issue, or technical error (e.g., bug or product malfunction) that requires access to Customer data, Touchpoint Group staff who are needed to address the issue will access that data.
  • Professional services: When a Customer engages Touchpoint Group’s professional services teams, Touchpoint Group professional services employees will access Customer Data of that Customer to perform work associated with tasks Touchpoint Group has been engaged to deliver.

Access to Customer Data stored in Touchpoint Group Products is provided using systems, procedures and controls approved by Touchpoint Group’s Information Security Management System. Access is provided on a need-to-know basis.

Third party professional services and support

If permitted by a Customer, Touchpoint Group may use third parties to provide support for the use of Touchpoint Group Products, perform systems integration, consulting, market research or other professional services. For examples of Touchpoint Group’s partners, see https://www.touchpointgroup.com/partners.

Third parties - Sub processors and subcontractors

Touchpoint Group employs third parties to assist it in providing Touchpoint Group Products and may need to share Customer Data with them to provide information, products or services to the Customer. Examples include vendors who support our technical operations (including visitor analytics, 3rd tier technology support and backup services), assist with data transmission (including content delivery networks), and provide cloud infrastructure and data storage. Depending on the technology integrations or features chosen by the Customer, we also transfer Customer Data including Personal Information of our Customer’s End Users as needed to provide the integrations or features (including, for example, interactive SMS, machine translation, or chat and video functionality). Which third parties are being employed depends on the Touchpoint Group Product the Customer subscribed to. Examples of these third parties for each product can be found on the Touchpoint Group sub-processors and subcontractors page.

Third parties that are provided access to Customer Data in Touchpoint Group Products are evaluated by Touchpoint Group’s supplier management program and agree to appropriate security and data processing controls.

DISCLOSURE OF CUSTOMER DATA FOR MERGER, ACQUISITION OR SALE

Touchpoint Group may transfer Customer Data to facilitate the financing, securitisation, insuring, merger, acquisition, sale, assignment, bankruptcy, or other disposal of all or part of our business or assets. In this circumstance, the Customer will be notified about the change in ownership and use of their Customer Data, as well as any choices they may have regarding the data. In such an event, a successor will have all the rights and be subject to all of the obligations of this Product Privacy Policy, including, without limitation, the right to modify or replace this Product Privacy Policy.

DISCLOSURE OF CUSTOMER DATA FOR LEGAL OBLIGATIONS

Touchpoint Group may use or share Customer Data with third parties when Touchpoint Group believes, in its sole discretion, that doing so is necessary: (i) to comply with applicable law or a court order, subpoena, request from government or law enforcement, or other legal process; (ii) to investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of Touchpoint Group’s terms and conditions, or situations involving threats to Touchpoint Group property or the property or physical safety of any person or third party; (iii) to establish, protect, or exercise Touchpoint Group’s legal rights or defend against legal claims.

We will not disclose Customer Data to law enforcement unless required by law or requested by the owner of the information. Should law enforcement contact Touchpoint Group with a demand for Customer Data, we will attempt to redirect the law enforcement agency to request that data directly from the owner (Customer). If compelled to disclose Customer Data to law enforcement, then Touchpoint Group will promptly notify the owner and provide a copy of the demand unless legally prohibited from doing so. We will cooperate with requests that the Customer receives regarding the disclosure of Personal Information we hold for the Customer by a law enforcement authority as per our our Terms or our agreement with you.

SECURITY

Touchpoint Group maintains a comprehensive security program with appropriate organisational and technical security practices and measures to protect the Customer Data we process, in accordance with applicable privacy law. Read more on Security at Touchpoint Group.

International data transfer and adequacy laws

Touchpoint Group operates in New Zealand, Australia, the UK, the United States and in other countries and territories. Customer Data, including Personal Information, can be processed by Touchpoint Group or third parties in countries that have data protection laws different from those applicable to the data controller and the data subjects. To satisfy adequacy requirements related to this international data transfer Touchpoint Group signs data processing agreements with our vendors and clients that have robust privacy and security terms, including, where appropriate, the Standard Contractual Clauses. If you are a Customer and would like to obtain a copy of our data processing agreement, contact us.

Third parties engaged by Touchpoint Group and authorised by the Customer for the Touchpoint Products they have subscribed to are listed here.

Retention of information

Touchpoint Group retains Customer Data for as long as we maintain our relationship with the Customer or as otherwise required for our business operations or any applicable laws, including to enforce our rights, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping purposes. Customer data is deleted upon the Customer's written request or after an established period following the termination of a Customer agreement.

Notification of a data breach involving Personal Information

Touchpoint Group has established a formal incident management procedure which is invoked when interruptions to IT services adversely affect customers, internal staff or both. In the event of a security breach leading to accidental loss, disclosure or alteration of Customer Data, we will comply with all our obligations under the applicable privacy laws including reporting to the relevant authorities or notifying you of such breach where required by law to do so. We will attempt to notify you electronically so that you can take appropriate protective measures.

 

DATA SUBJECT REQUESTS

Touchpoint Group Products provides the Customer tools and processes for data modification, export, or deletion to address the needs of individual data subjects to modify, access, or delete Personal Information.

If you are a customer, prospect, or otherwise interact with one of our Customers and would no longer like to be contacted by one of our customers that use our Touchpoint Group Products, please contact the customer that you interact with directly. If you want to access, correct, amend, or delete data controlled by a Touchpoint Group customer, you should direct your query to the Customer (the data controller). We will work with customers to respond to data subject requests.

If you are seeking to exercise your data subject access rights for the data Touchpoint Group processes as a controller, please see the Touchpoint Group Privacy Policy.

 

CHANGES TO THE PRODUCT PRIVACY POLICY

This Product Privacy Policy may be updated from time to time to reflect changing legal, regulatory or operational requirements. We will post any Product Privacy Policy changes on this page and, if the changes are material, we will provide a more prominent notice by sending you an email notification, or through the a notification in our Touchpoint Group Products.

While we will notify you of any material changes to this Product Privacy Policy prior to the changes becoming effective, we encourage you to review this Product Privacy Policy periodically.

HOW TO CONTACT TOUCHPOINT GROUP

If you have questions or complaints regarding this Policy or about the Touchpoint Group’s privacy practices, please contact us by email at privacy@touchpointgroup.com, or at:

Touchpoint Group Limited
PO Box 90882, Victoria Street West
Auckland 1142
New Zealand

Phone: 0800 800 324 or +64 9 353 6870

INTRODUCTION

Touchpoint Group Ltd (NZ), Touchpoint Group Pty Ltd (AU), Touchpoint Group International Ltd (NZ), Touchpoint Group UK Limited (UK) (collectively, “Touchpoint Group”, “we”, “us” or “our”) use certain sub processors (including third parties, as listed below) and subcontractors to assist it in providing Touchpoint Group products and services (Ipiphany, TouchpointMX, TouchpointCX, as well as the accompanying professional services we provide to our customers, collectively "Touchpoint Group Products") as described in the Standard Terms. Defined terms used herein but not defined below shall have the same meaning as defined in the Standard Terms.

This document does not give Touchpoint Group Customers any additional rights or remedies and should not be construed as a binding agreement. The information herein is only provided to illustrate Touchpoint Group's engagement process for sub-processors as well as to provide the actual list of third party sub-processors used by Touchpoint Group as of the date of this document (which Touchpoint Group may use in the delivery and support of Touchpoint Group Products).

Last modified: 2021-12-10
Effective date: 2022-01-18
Definitions

Customer Data means any data submitted to and stored within Touchpoint Group Products by you, your agents and end-users in connection with your use of Touchpoint Group Products, which may include, without limitation, Personal Information as described in the Touchpoint Group Product Privacy Policy. Customer Data does not include the Personal Information of your agents in the context of "Users" as described in the Touchpoint Group Privacy Policy. These are defined as User Data, see below). Touchpoint Group is the processor of Customer Data, not the controller.

User Data means Personal Information of Users and Visitors as covered by the Touchpoint Group Privacy Policy. Touchpoint Group is the controller of User Data.

A sub-processor is a third party data processor engaged by Touchpoint Group, including entities from within the Touchpoint Group, who has or potentially will have access to or process Customer and User Data (which may contain Personal Information). Touchpoint Group engages different types of sub-processors to perform various functions as explained in the tables below.

A subcontractor is a third party that does not have access to or processes Customer Data but who is otherwise used to provide Touchpoint Group Products and might have access to User Data, e.g. as part of providing support to you or us communicating with you.

DUE DILLIGENCE

Touchpoint Group undertakes to use a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of proposed third parties that will or may have access to or process Personal Information in form of Customer Data or User Data.

CONTRACTUAL SAFEGUARDS

Touchpoint Group generally requires its sub-processors to satisfy equivalent obligations as those required from Touchpoint Group (as a Data Processor) as set forth in Touchpoint Group's Data Processing Agreement (“DPA”), including but not limited to the requirements to:

  • Process Customer Data on behalf of Touchpoint Group Customers in accordance with Customer instructions as communicated by Touchpoint Group, and in accordance with the terms of a written contract between Touchpoint Group and the sub-processor.
  • In connection with their sub-processing activities, use only personnel who are reliable and subject to a contractually binding obligation to observe data privacy and security, to the extent applicable, pursuant to applicable data protection laws.
  • Provide regular training in security and data protection to personnel to whom they grant access to Personal Information.
  • Implement and maintain appropriate technical and organisational measures (including measures consistent with those to which Touchpoint Group is contractually committed to adhere to insofar as they are equally relevant to the sub-processor’s processing of Personal Information on Touchpoint Group's behalf) and provide an annual certification that evidences compliance with this obligation. In the absence of such certification Touchpoint Group reserves the right to audit the sub-processor.
  • Promptly inform Touchpoint Group about any actual or potential security breach.
  • Cooperate with Touchpoint Group in order to deal with requests from data controllers, data subjects or data protection authorities, as applicable.

If you are a Touchpoint Group Customer and wish to enter into our DPA, please email us at privacy@touchpointgroup.com.

PROCESS TO ENGAGE NEW SUB-PROCESSORS

For all Customers who have executed Touchpoint Group’s standard DPA, Touchpoint Group will provide notice via this document of updates to the list of sub-processors that are utilised or which Touchpoint Group proposes to utilise to deliver it's Products and Services. Touchpoint Group undertakes to keep this list updated regularly to enable its Customers to stay informed of the scope of sub-processing associated with Touchpoint Group Products.

Pursuant to the DPA, a Customer may object in writing (acting reasonably) to the processing of its Personal Information by a new sub-processor within ten (10) days following the update of this document and such objection shall describe a Customer's legitimate reason(s) for objection. If Customer does not object during such time period the new sub-processor(s) shall be deemed accepted.

If a Customer objects to the use of a new sub-processor pursuant to the process provided under the DPA, Touchpoint Group shall have the right to cure the objection through one of the following options (to be selected at Touchpoint Group’s sole discretion):

  • Touchpoint Group will cease to use the new sub-processor with regard to Personal Information;
  • Touchpoint Group will take the commercially reasonable efforts to resolve the objection of a Customer (which steps will be deemed to resolve Customer’s objection) and proceed to use the sub-processor to process Personal Information; or
  • Touchpoint Group may cease to provide or Customer may agree not to use (temporarily or permanently) the particular aspect of a Touchpoint Group Service that would involve use of the sub-processor to process Personal Information.

Termination rights, as applicable and agreed, are set forth exclusively in the Standard Terms.

SUB-PROCESSORS

Touchpoint Group works with certain third parties to provide specific functionality within our Products and Services. These providers are the sub-processors set forth below and include infrastructure sub-processors who store Customer Data. In order to provide the relevant functionality these sub-processors access Customer Data. Their use is limited to the indicated Products and Services. If a sub-processor is not listed as such under one of the Products, they do not store or have access to Customer Data in that particular Product.

The following is an up-to-date list (as of the date of this document) of the names and locations of Touchpoint Group sub-processors.

Ipiphany
Entity name Purpose Entity country
Amazon (AWS) Cloud infrastructure provider Australia
Google Cloud Translation and sentiment overlay.
Customer Data are only submitted to Google Cloud only after the consent of the customer (data controller).
United States
TouchpointMX and TouchpointCX
Entity name Purpose Applicable service Entity country
Amazon (AWS) Cloud infrastructure provider AU customers and DR. All of MX and CX Australia
Bulletin SMS gateway SMS notifications, surveys, promotions (NZ) New Zealand
Sinch UK SMS gateway for Australian numbers SMS notifications, surveys, promotions (AU) United Kingdom
Theta Database and network consultants
Only accesses data on Touchpoint Group systems. Does not store data.
All of MX and CX New Zealand
Vocus NZ data centre, Internet and backup provider. All of MX and CX New Zealand
Zoho Reports Custom email campaign reporting.
Customer Data are submitted to Zoho Reports only after the consent of the customer (data controller).
Campaign reporting India

SUBCONTRACTORS

Touchpoint Group uses cloud-based applications and third parties in the operations necessary to provide Touchpoint Group Products as described in the Standard Terms. User Data may be stored in these applications at various times. These subcontractors do not store or have access to Customer Data.

The following is a list (as of the date of this document) of the names and locations of material third-party subcontractors for the different Products as well as for general business operation.

Ipiphany
Entity name Purpose Entity country
Intercom Chat, support, help, notification tool US
Heap Analytics Tracking user behaviour: Web analytics
Heap collects and stores data about Ipiphany user behavior, including user details, IP address and device details.
US
LogRocket Tracking user behaviour: Replay user sessions
During the recording of user sessions LogRocket will gain access to the user name (email address) and the data accessed by the user during their session. The recording is being stored on LogRocket's systems.
US

Ipiphany uses third party cookies and other tracking technologies to enhance the experience as described in the Cookie Notice.

TouchpointMX and TouchpointCX
Entity name Purpose Entity country
Email on Acid Email testing US
General business operation
Entity name Purpose Entity country
Hubspot Customer relationship management US
Insightly Customer relationship management US
Google Communication and productivity, backups US
Pegasus Systems Accounting system Australia
Wrike Customer support and project management US

UPDATES

If you would like to receive an email when we make updates to this document, please contact us.