Privacy Policy

We take your privacy extremely seriously. This is the privacy statement of Arch Form Limited, trading as archForm ("aF", "we" or "us"). We are committed to protecting your privacy and complying with applicable data protection laws. This Privacy Policy outlines how aF collects, uses, processes, discloses, retains and protects information about you when you are using our Services or browsing our website. We also describe the choices you have about your information.

1. Our services

aF offers a number of digital advertising, social media management, reporting and distribution tools (whether current or in development) that are accessible via our website and web-based applications, including the Feed Platform (see our Terms and Conditions for a fuller description). Through these platforms, you can manage your social media marketing and advertising campaigns, engage with your audiences, schedule and publish messages and analyze the results of these activities on social media and streaming platforms.

Collectively, we refer to these tools as our "Services".

When you link your existing social media accounts to your Feed account, you can choose to instantly access, collect, process and visualise data and content on your Social Networks, and to run marketing campaigns through those Social Networks via your Feed account. Our Services also enable you to customize and connect your Feed account to a series of third-party services, including but not limited to Social Networks, Streaming Services and various e-commerce and ticketing websites ("Third-Party Services").

The collection of your information by these third parties is governed by the Third-Party Services' privacy policies and terms. We recommend you carefully review their privacy policies and terms, as aF is not responsible for Third-Party Services.

Any collection, use, and management of personal information by: social networks, including but not limited to Facebook, Instagram, Twitter, and LinkedIn (collectively, the "Social Networks"); streaming platforms, including but not limited to Soundcloud, Spotify and YouTube (collectively, the "Streaming Services"); or e-commerce and ticketing sites including but not limited to Shopify and Eventbrite are each governed by their respective privacy policies and terms. When using Social Networks and Streaming Services, you are required to comply with their privacy policies and terms. We recommend you carefully review their privacy policies and terms, as aF is not responsible for the Social Networks.

2. Personal information we collect

For the purposes of this Privacy Policy, "Personal Information" means data that allows someone to identify or contact you, including, for example, your name and email address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.

Personal information does not include information that has been anonymized or aggregated in such a way that it can no longer be used to identify a specific natural person, whether on its own or in combination with other information.

The personal information that we collect falls into three broad categories: Account Information, Content and Logs, Usage & Support Data:

a. Account Information

  • You may provide us with information in connection with the creation and management of your account for the Services. This could include: your name, email address, location, address; your preferences such as language, time zone, and the types of communication you would like to receive from us; and image (if you choose to provide this). We may also obtain this information if you choose to use a social login service, such as Facebook Login, to create or access your account.

  • Billing and other payment information: if you use paid-for or premium parts of our Services, or if you make another financial transaction using our Services (such as purchasing a Third-Party App or any payments made through Third Party Services), we (and our third-party payment processors) will collect information about the purchase or transaction. This includes billing details and credit card information, other account and authentication information. We also collect other information related to the Services you have acquired from us, including the type of plan, number of team members, and transaction information related to the Services.

b. Content

  • Your social profile information for Social Networks you choose to connect to our Services. For example, your Facebook profile information may include your Facebook username and profile image.
  • A specific location such as an address, a city, or a place (for example, a restaurant) if you choose to share this information.
  • Your messages, posts, comments, images, videos, advertising, and other material you create, upload, maintain or transmit on Social Networks and is accessible by our Services; and information that is collected from the Social Networks and Streaming Services that you choose to connect to and which is displayed on our Services.
  • Data, metrics and insights on posts, advertisements and other material you create, upload, maintain or transmit on Social Networks.
  • Content that you may send and receive through Social Networks may contain personal information that aF does not directly collect or process. This may include information such as: names, photos, age, gender, geographic location, opinions, preferences, and phone numbers.

c. Logs, Usage & Support Data

  • Log data, which may include your IP address, the address of the web page you visited before using the Services, your browser type and settings, your device information, the date and time when you used the Services, information about your browser configuration, language preferences, unique identifiers, and cookies.
  • Usage data and analytics, which may include the frequency of login, and the different types of activity undertaken by users.
  • General Location information, such as IP address and the region in which you are located when you are logging in and using the Services.
  • Customer support questions, issues, and general feedback that you choose to provide.

Marketing, surveys and research

If you choose to participate in our surveys and research, or request information from us about our Services, we may collect information about you related to those surveys and research including your contact information, such as your name, email address, telephone number, organization name and address and general information about your organization that you choose to provide, such as annual company revenue, number of employees, and industry.

In addition, we may collect information on email open and click rates, including whether individuals clicked on links, and which web pages are visited after opening the email.

Using our website

When you browse our websites, we collect information about you as described below, some of which is collected automatically. aF uses cookies and other similar tracking technologies on our websites and Services including web beacons, pixels, and software tokens. These are described in our Cookie Policy. If you use automated chat functionality (chatbots) or any other messaging service (for example, Whatsapp) to make an inquiry or other request, we may collect information about you such as your name and email address, your phone number, your specific request, and information related to your use of our Services.

3. How we use your information

We use your information for the purposes described below:

Providing, securing, understanding and developing our services

  • Providing our Services, communicating with you and providing customer support in relation to the Services.
  • Enabling the Third-Party Services to communicate with our servers in order to provide our Services. This includes collecting, transmitting and visualising your data and content from Third-Party Services on our Services as well as running advertising campaigns on Third-Party Services on your behalf.
  • Tailoring content, advertisements, and offers and customising your experience.
  • Administrative purposes such as measuring interest in our Services, developing new products, ensuring internal quality control, verifying individual identity, verifying Account information, and processing payments.
  • Better understanding your needs and the needs of users in the aggregate, diagnosing problems, analysing trends, performing analytics, conducting research and improving the features and usability of our Services, test and troubleshoot new products and better understand and market to our users.
  • Creating and sharing publicly aggregate (non-identifiable) statistics about users of our Services with a view to introducing improvements and improving the usability of the Services.
  • Sending you relevant emails and communications (including keeping you informed about our products, offerings and any promotional offers) that might be of interest to you.
  • Resolving disputes, collecting fees (if any) and troubleshooting problems.
  • Enforcing our agreements, terms, conditions, and policies, trying to prevent potentially prohibited and illegal activities, and sending you notices and alerts regarding the Services or your Account.

4. Who has access to your information

aF does not rent or sell your information. We restrict access to your information to authorized employees and we do not share your information with third parties except in the circumstances explained below.

Directors, Employees and Authorized Contractors

Our directors, employees and authorized contractors may need to access information about you when required to perform their job and provide our Services. For example, in order to carry out customer service we would need access to your account to validate your identity and respond to your question or request; our team would need access to your contact information to ensure this information is sent correctly and any unsubscribe requests are properly managed; and staff would need to review information to investigate attempted denial of service attacks, fraudulent account activity, or other attempts to compromise the Services.

All our directors, employees and contractors are required to agree to maintain the confidentiality and protect the privacy of your information.

Service Providers, Authorized Resellers, and Partners

We may share limited information about you to authorized service providers we use for marketing services, communicating with you, managing our customer database, the provision of professional services, and providing and managing the Services (including hosting data centers, securing our Services, and payment processing). For example, these may include (but are not limited to): Google Suite (email communications and other administrative tasks), Mailchimp (communication of newsletters and other updates), Google Cloud Platform (Cloud Service Provider - Infrastructure and Storage), Sendgrid (Cloud Service Provider - In-App Email), Zendesk (Cloud Service Provider - Customer Support Services).

Where you have purchased a service from an authorized reseller or partner, we may provide information about you to (and may receive information about you from) the reseller or partner as necessary to support your use of the service you purchased.

When sharing your information with any of these service providers, resellers and partners, we ensure they agree to obligations consistent with this Privacy Policy and any other appropriate confidentiality and security measures, and only use your information to carry out the Services and your requests.

Social Networks, Streaming Partners and Third-Party Services

Where you are using our Services and have chosen to connect your Social Networks or Streaming Services to our Services, or if you authorize a Third-Party Service to access your account, you are agreeing to provide information about you to the Social Networks, Streaming Services and the Third-Party Services (as applicable) under their respective terms and privacy policies.

Customer Organizations

Where your employer, manager, agent or another authorized agent or entity has purchased Services on your behalf, we may disclose information about you such as your name and email address, and some usage information including whether a user has logged in to the Service, frequency of login, time spent using the Services.

Successor Entities

If we are acquired by or merge with another entity (in which case we will require such entity to assume our obligations under this privacy policy), if we are involved in a bankruptcy, or if the ownership or control of all or part of our Services or their assets changes, information about you will be transferred to such entities.

Law Enforcement, Government Agencies, and Professional Advisors

We may need to disclose information about you where we believe that it is reasonably necessary to comply with a law or regulation, or if we are otherwise legally required to do so, such as in response to a court order or legal process, or to establish, protect, or exercise our legal rights or to defend against legal claims or demands.

In addition, we may be required to disclose information about you if we believe it is necessary to investigate, prevent, or take action: (a) against illegal activities, fraud, situations involving potential threats to our rights or property (or to the rights or property of those who use our Services), or to protect the personal safety of any person; or (b) regarding situations that involve the security of our Services, abuse of the Services infrastructure, or the Internet in general (such as voluminous spamming, or denial of service attacks).

5. aF's roles under the GDPR and UK data protection laws

aF as a Data Controller

aF acts as a Data Controller when we are:

  • Collecting information from you to set up and administer your account (for example, Account Information such as your name and email address);
  • Setting up and running your advertising campaigns on Social Networks on your behalf. This might include creating and targeting custom audiences (for example, people who have engaged with any of your accounts on Social Networks in the last year).
  • Monitoring usage information on our website;
  • Managing your contact and other related information to send marketing, Services, and other communications to you;
  • Responding to a support or general inquiry; and
  • Recruiting individuals for job opportunities.

Legal bases for processing when aF is a data controller

The legal bases for processing information about you include:

  • Your consent (for example, when you have provided your information to sign up for an account; or you have provided your employment history when applying for a job). Where we rely on your consent to process personal data, you have the right to withdraw your consent at any time.
  • It is necessary to perform a contract (for example, we may need your information to fulfill our obligations of providing Services to you under the terms relevant to the Services you are using or have acquired).
  • Legitimate interest (for example, to provide and maintain the Services to you, to maintain the security of the Services, and to attract new customers to maintain demand for the Services, all of which are described in the "How do we use your information?" section above).
  • In some cases, we may have a legal obligation to process your personal data to comply with relevant laws (for example, processing payroll and tax information to comply with relevant employment and tax legislation); or processing is necessary to protect your vital interests or those of another person (for example, obtaining health-related information during a medical emergency).

aF as a data processor

Where you are using our Services and making decisions about the personal data that is being processed in the Services (including selecting the Social Network accounts you wish to connect to the Services, or uploading and using Content), you are acting as a data controller and aF is acting as a data processor.

The Content that flows through our Services may include personal information of all types, including but not limited to the following categories:

  • user generated content (such as messages, text, posts, comments, pages, profiles, images, videos, feeds or communications exchanged on the Social Networks).
  • contact details (such as name, email address, telephone number).
  • additional individual information (such as age, gender, employer, profession, geographic location, education information, financial status, habits and preferences).

As the user, you are the data controller of your Content and we are the data processor for such Content. Where we process Content, we do so at your direction and on your behalf in accordance with the instructions you give us through the Services. When you connect your social media accounts through our Services, we only access, process, and use the Content to provide our Services subject to our Terms & Conditions and the various terms and conditions imposed by the Social Networks. We may, in limited circumstances process Content for the purposes of improving the Services and functionalities users ask for.

If you are using the Services as an authorized user or agent of an aF customer (whether that customer is your employer, another organization, or an individual), that customer determines its own policies (if any) regarding storage, access, modification, deletion, sharing, and retention of personal information and Content, which may apply to your use of the Services. Please check with that customer about the policies and settings it has in place.

6. Your rights regarding the information about you

As a user, you may update or correct most of your Account Information by logging in to your account to edit your profile. To make a request to have Account Information returned to you, removed, or to make additional corrections, please email our privacy team. Requests to access, correct, or remove your information will be handled within thirty (30) days and may be subject to a fee as permitted by applicable law.

Depending on where you reside, you may have the right to exercise additional rights available to you under applicable laws with regards to the personal information aF holds about you as a data controller (as further detailed in this Privacy Policy), including:

  • Right of erasure: In certain circumstances, you may have a broader right to erasure of personal information that we hold about you – for example, if it is no longer necessary in relation to the purposes for which it was originally collected. Please note, however, that we may need to retain certain information for as long as you maintain an account for our Services, or as needed to provide you with our Services, for record keeping purposes, to comply with our legal obligations, resolve disputes and enforce the Terms.
  • Right to object to processing: You may have the right to request that aF stops processing your personal information and/or to stop sending you marketing communications.
  • Right to restrict processing: You may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where you believe that the personal information we hold about you is inaccurate or unlawfully held).
  • Right to data portability: In certain circumstances, you may have the right to be provided with your personal information in a structured, machine readable and commonly used format and to request that we transfer the personal information to another data controller without hindrance.

If you would like to exercise such rights, please contact our privacy team. We will consider your request in accordance with applicable laws. To protect your privacy and security, we may take steps to verify your identity before complying with the request.

You also have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

7. Third-party apps and Social Networks

In order that we can carry out our Services, you can choose to connect your aF account with Social Networks, Streaming Services and distribution platforms.

If you choose to send your Content to a Social Network, Streaming Service and/or a distribution platform, aF is no longer responsible for that Content from the point in time that it leaves aF's platform. Instead, the Content will be in the control of the third party, and the relevant third party's terms and privacy policy will apply.

For example, if you use Feed to run ad campaigns to Facebook and Instagram, Facebook and Instagram's terms and privacy policy will apply to those ads and the content in those ads; if you use aF's platform to post a message on Facebook, Facebook's privacy policy and terms of service will apply to that message on Facebook's server; if you export content from an aF platform to a Streaming Service like Spotify, Spotify's terms and privacy policy will apply to that exported content.

While we endeavour only to facilitate access to Social Networks, Streaming Services and Third-Party Apps that share our respect for your privacy, we cannot take responsibility for the Content or privacy policies of any Social Networks or Third-Party Apps. We encourage you to carefully review the privacy policies of any Social Networks or Third-Party Apps you access via the Services.

8. How long we keep personal information

We retain your information only as long as required to provide the Services requested by you, for record keeping purposes, to comply with our legal obligations, resolve disputes, and enforce the terms for the Services.

After it is no longer necessary for us to retain information about you, we will dispose of it in a secure manner or anonymize the information.

Please note that certain personal information may need to be retained by aF for a period of time following the cancellation of your account where this is necessary for our legitimate business purposes or required or authorized by applicable law. Our specific retention periods for personal information are documented in our internal retention policies and any applicable retention schedules that we maintain as required by applicable law.

9. How we protect personal information

aF follows industry best practices to protect personal information from loss, misuse, and unauthorised access or disclosure. These steps take into account the sensitivity of the Account Data and Content we collect, use, process and store, and the current state of technology.

We encrypt data where appropriate to ensure that your information is kept private. We undertake vendor security and privacy reviews to ensure that vendors follow our stringent requirements to safeguard your information, and we also enter into data protection agreements with our vendors. All payment information is fully encrypted and handled only by PCI certified organizations.

10. Policy toward children

Our Services are not directed to children under 16 and we do not knowingly collect personal information from children under 16. In addition, you are not permitted to use our Services if you do not meet the minimum age requirement applicable to our Services in your jurisdiction. If you learn that your child has provided us with personal information without your consent, please contact our privacy team. If we learn that we have collected personal information of a child under 16 we will take steps to delete such information from our files as soon as possible.

11. Changes to this Privacy Policy

We may make changes to this privacy policy at any time to reflect updates to our Services, applicable laws, and other factors. We will include a prominent notice on our website and/or our Services if we make any material changes, but we encourage you to stay informed by reviewing this policy periodically.

12. How to contact us

If you have any questions, concerns or feedback, please email our Privacy team and Privacy Officer/Data Protection Officer: