Advocacy: Data & security information for Haiilo Advocacy

The Employee Advocacy platform articles are relocating! Please visit the new Employee Advocacy platform knowledge base to continue reading these articles in the future.

ISO 

Haiilo has the ISO 27001 security certificate, which is the strictest international standard in information security management.

The audit and certification process to gain the certificate covers a very extensive range of fields from security policies to operational continuity management, physical security, access management, compliance with legal requirements, in-house processes and backup systems. It gives rise to the regular reassessment of risks and results in constant improvement.

You can read more about the ISO 27001 Certification here

Our Privacy Policy (here) and Terms of Service (here) are also available for your review. 

Data 

In addition, you may also ask the question: What personal data does Haiilo save and for what purposes is the data saved for?

The answer is: 

  • First name, last name, email address and/or phone number used for communication and authentication
  • Authentication code from social network in the form of OAuth (version 1 and 2) tokens, which are random strings generated by social networks and do not include the username nor the password to the respective social networks, but are only used to interact with respective social network on behalf of user (with his/her consent) in situations such as sharing content to social media.

For each social media network you connect, Haiilo also collects data about the number of your connections (your reach) and uses your public profile from your social account to update your profile picture on Haiilo. Haiilo does not collect personal data about your connections or other actions you take on your social media accounts that do not concern Haiilo. 

When you complete a share from Haiilo, Haiilo collects the data on how many clicks, likes, comments and re-shares your connections do with the content shared. Haiilo does not collect information about who engages with your content or what/how they comment.

Your personal data will not be visible to Haiilo and Haiilo will only post the content on your accounts that you have selected to share.

Social network permissions

When connecting social media accounts to Haiilo for social sign-in or content sharing, users will be prompted by the social networks to grant certain permissions to enable these features. Below is a list of permissions per social network.

The permission levels for third-party applications are defined by the social networks, not by Haiilo.

LinkedIn

A clarification on the permissions LinkedIn asks for:

  • 'Create, modify, and delete posts, comments and reactions on your behalf / your organization's behalf' – for Haiilo to share a post from the user's Haiilo account to the user's LinkedIn account. Only when a user clicks the LinkedIn sharing icon under a Haiilo post will it be shared to LinkedIn from Haiilo. 
  • 'Use your name and photo' – Haiilo will use the name and profile picture from a LinkedIn account as the name and profile picture in Haiilo, so that users won't have to add this information manually by themselves.
  • 'Use your 1st-degree connections' data' – for Haiilo to report the "reach" of the shared posts. We need access to the 1st connection data in order to calculate a reach that the Haiilo user has in LinkedIn.
  • 'Retrieve your posts, comments, reactions, and other engagement data' – for Haiilo to report the engagement data on shared posts, such as number of likes and comments, and associate the engagement figures with specific shared posts.

Facebook 

A clarification on the permissions Facebook asks for:

  • 'Your name and profile picture' – Haiilo will use the name and profile picture from a Facebook account as the name and profile picture in Haiilo (unless you also connect your LinkedIn account whereby this information will be taken from there), so that users won't have to add this information manually by themselves.

Twitter (X)

A clarification on the permissions Twitter asks for:

  • 'See Tweets from your timeline' / 'Create, manage and delete Lists and collections for you' – for Haiilo to share a post from the user's Haiilo account to the user's Twitter account. Only when a user clicks the Twitter sharing icon under a Haiilo post will it be shared to Twitter from Haiilo. 
  • 'See your Twitter profile information and account settings' – Haiilo will use the name and profile picture from a Twitter account as the name and profile picture in Haiilo (unless you also connect your LinkedIn account whereby this information will be taken from there), so that users won't have to add this information manually by themselves.
  • 'See accounts you follow, mute, and block' / 'Follow and unfollow accounts for you' – for Haiilo to report the "reach" of the shared posts. We need access to the 1st connection data in order to calculate a reach that the Haiilo user has in Twitter.
  • 'Post and delete Tweets for you, and engage with Tweets posted by others' – for Haiilo to report the engagement data on shared posts, such as number of likes and comments, and associate the engagement figures with specific shared posts.

Was this article helpful?