Social.So Self-Serve Terms of Service
Last modified: June 13, 2019
Please review these terms (the “Agreement”) carefully. By accessing or using the Self-Serve Services offered by Social.So. (“Social.So”, “we” or “us”), you are confirming that you have read, understand and accept this Agreement. This Agreement can be updated from time to time as set out in Section 37 below. You are responsible for regularly reviewing the most current version of this Agreement, which is published at: http://www.Social.So/p/terms-of-service, though we will notify you of any changes that, in our sole discretion, materially impact this Agreement. Continued use of the Self-Serve Services after any such changes have been made will constitute your consent to such changes. When we change this Agreement, we will update the “Last
Modified” date above.
This Agreement applies to the “Self-Serve Services”, which are services that you access or purchase through our website or mobile applications, as further defined below.
By using our Self-Serve Services, you confirm that:
A. You will only use our Self-Serve Services for business and professional reasons;
B. You are at least 18 years old or otherwise able to enter into a legally binding agreement;
C. You accept and will comply with this Agreement;
D. If you are using our Self-Serve Services as a representative of an organization, you have the power to enter into legally binding agreements for the organization; and
E. You are responsible for anyone that uses our Self-Serve Services through your account, such as your employees, consultants or contractors (“Authorized Users”).
Social.So Terminology
1. We use capitalization for terms that have a special meaning in this Agreement. While some terms are defined elsewhere, this section sets out the definitions of some key terms.
“Content” is a generic term that means all information and data (such as text, images, photos, videos, audio and documents) in any format that is uploaded to, downloaded from or appears on our Self-Serve Services.
“Customer Content” is Content that you or your Authorized Users provide to us, or upload to our Self-Serve Services.
“Mentions” are the Content that a third party (in other words, someone other than you, your Authorized Users or Social.So) creates and that we obtain on your behalf and at your instruction from Social Networks or other Third-Party Services that you connect to our Self-Serve Services. For example, posts created by your followers that appear on your Facebook page would be considered Mentions.
“Self-Serve Services” means our websites, such as Social.So (and all its current and future subdomains), and mobile applications, and any services that you access or purchase through our websites or mobile applications.
“Third-Party Services” are services that are not provided by Social.So but that you may access or use in connection with our Self-Serve Services. They include the
“Social Networks”, which are the social networking sites supported by our Self-Serve Services (such as Twitter, Facebook, LinkedIn and Instagram).
“you”, “your”, “Customer”, and similar terms mean the person or legal entity accessing or using the Self-Serve Services. For the avoidance of doubt, if you are accessing and using the Self-Serve Services on behalf of a company (such as your employer) or other legal entity, “you”, “your” or “Customer” means the company or other legal entity that you are using the Self-Serve Services on behalf of.
Social.So’s Self-Serve Services
2. Subject to the rest of this Agreement, we will allow you and your Authorized Users to access and use our Self-Serve Services in the way set out in the plan you subscribed to. You may not use or access the Self-Serve Services in any other way, such as using robots, spiders, crawlers and scraping technologies.
3. Our Self-Serve Services evolve constantly. We may change our Self-Serve Services, such as by changing, adding or removing features at any time, for any reason. We may or may not provide notice of those changes to you. We will not be liable to you or any third party for the modification, price change, suspension or discontinuance of any of our Self-Serve Services.
4. Our Self-Serve Services interact with Social Networks and depend on the availability of those Social Networks and the features and functionality they make available to us, which we do not control and may change without notice. If at any time a Social Network stops making some or all of its features or functionality available to us, or available to us on reasonable terms as determined by Social.So in its sole discretion (each an “API Change”), we may stop providing access to those features or functionality and we will not be liable to you or any third party for any such change.
Acceptable Use Rules
5. You and any Authorized Users using your account must comply with the Acceptable Use Rules and all laws. If we reasonably believe that you have breached the Acceptable Use Rules or any applicable law, we may, at any time and without notice, remove any of your Content and suspend, restrict or terminate your account or your access to the Self-Serve Services.
Customer Content
6. You are solely responsible for Customer Content. We may, but do not have to, review, filter, block or remove Content, including Customer Content.
Submitted Content
7. If you use the Self-Serve Services for contests or otherwise ask people to submit Content through the Self-Serve Services (“Submitted Content”), you acknowledge and agree that:
(A) the Self-Serve Services do not help you comply with any laws, rules, or regulations that may apply to your collection or use of Submitted Content, which is solely your responsibility; and
(B) we will not be liable to you or any third party for the Submitted Content, and we make no warranty that any Submitted Content obtained or displayed through the Self-Serve Services is accurate or complete.
Account Information
8. You are responsible for the completeness, security, confidentiality and accuracy of the account information you provide to us. You will promptly notify us of any unauthorized access to or use of your log-in credentials or account.
Content and Third-Party Services
9. We are not responsible for Content provided by others, including Mentions and Content from Third-Party Services (such as Content from Social Networks and Content in apps from the App Directory). You and anyone else who accesses our Self-Serve Services may access Content that might be unlawful, offensive, harmful, inaccurate or otherwise inappropriate. We will not be liable to you or any third party for Content provided by others.
10. If you access or purchase a Third-Party Service through our Self-Serve Services, you do so at your own risk. Your relationship with the Third-Party Service provider is an agreement between you and them. You specifically understand that we are not responsible for Third-Party Services and will not be liable to you or any third party for any losses or damages resulting from your use of Third-Party Services.
11. If you access or enable a Third-Party Service, you grant them permission to access or otherwise process your data as required for the operation of the Third-Party Service. We are not responsible for disclosure, use, change to or deletion of your data and will not be liable to you or any third party for access to your data by a Third-Party Service.
12. We may, but do not have to, preview, verify, flag, modify, filter, block or remove Third-Party Services.
13.You must comply with all agreements and other legal requirements that apply to Third-Party Services.
Data Protection & the GDPR
14. If your use of our Self-Serve Services includes processing Content that contains “personal data” that is subject to the General Data Protection Regulation (EU) 2016/679, you may enter into a Data Processing Addendum (“DPA”) with Social.So, as set out at http://www.social.so/p/dpa. If you sign a DPA, it will apply to the processing of that personal data and be part of this Agreement. Please review our Privacy Notice (published at http://www.social.so/p/privacy_policy) for more information on how we collect and use data relating to the use and performance of our Self-Serve Services.
Confidentiality
15. If we share non-public information about Social.So or our Self-Serve Services with you, you must keep it confidential and use reasonable security measures to prevent unauthorized disclosure of or access to that information.
Intellectual Property
16. Customer Content. You retain your rights to any Customer Content you submit, post or display on or through the Self-Serve Services. You grant us a non-exclusive, worldwide, perpetual, irrevocable, transferable, sublicensable, royalty-free license to use, host, run, copy, reproduce, process, adapt, translate, modify, publish, transmit, display and distribute Customer Content for the purposes of providing, supporting, enhancing, and developing our products and services.
17. Feedback. We welcome your suggestions, comments, bug reports, feature requests or other feedback (“Feedback”). We do not have to keep Feedback confidential, even if you tell us it is confidential. If you provide Feedback, you grant Social.So a non-exclusive, worldwide, perpetual, irrevocable, transferable, sublicensable, royalty-free, fully paid-up license to use the Feedback for any purpose.
18. Self-Serve Services. We keep all rights and interests in our Self-Serve Services. The Self-Serve Services contain Content owned or licensed by Social.So (“Social.So Content”). Social.So Content is protected by copyright, trademark, patent, trade secret and other laws, and, as between you and Social.So, we own and retain all rights in the Self-Serve Services and in any Social.So Content.
Payment Terms, Trials and Renewal
19. Fees and Trials. You must pay all fees for the Self-Serve Services you purchase, except for Self-Serve Services that we expressly offer free of charge. If you sign up for a free trial of a paid Self-Serve Service, we may require you to provide a valid credit card or other payment method. We will charge you automatically on the first day after the free trial is over, unless you cancel or downgrade to a charge-free service and uninstall any paid apps before the end of the free-trial period.
20. Paid Services. The Social.So Online Payment Terms apply to your purchase of any paid Self-Serve Services.
21. Auto-Renewal of Self-Serve Services. Self-Serve Services plans will renew automatically at the end of the term (which may be monthly or annually, depending on the plan you chose when you purchased our Self-Serve Services), and we will automatically bill you on renewal unless you cancel or downgrade our Self-Serve Services under Section 23 below.
22. Taxes. You are responsible for paying all taxes on all fees that you pay to us. Local taxes may differ based on your payment method.
Cancellation and Termination of Self-Serve Services
23. You may cancel or downgrade your Self-Serve Services plan at any time by following the steps outlined here: https://help.Social.So/hc/ . If you cancel (or downgrade) paid Self-Serve Services, you must continue to pay for the rest of your plan term, and you are not entitled to a refund.
24. We may refuse to provide service (including the Self-Serve Services) to anyone for any reason at any time. We may also immediately suspend or terminate your access to our Self-Serve Services for any reason, at any time, without notifying you in advance. If we terminate this Agreement because you violated the Acceptable Use Rules or any other part of this Agreement, you will not receive a refund. If we terminate your access to the Self-Serve Services under this section for no reason, we will refund you for the Self-Serve Services you have not yet received.
Disclaimer of Warranties and Limitation of Liability
25. We offer our Self-Serve Services “as is” and are not making any warranties, conditions, representations or guarantees of any kind, whether express, implied, statutory or otherwise, including all express or implied warranties of design, merchantability, fitness for a particular purpose, title, quality and non-infringement, that our Self-Serve Services will meet your requirements or that our Self-Serve Services will always be available, accessible, uninterrupted, timely, secure, accurate, complete or error-free. Use our Self-Serve Services at your own risk. You hereby release us and our affiliates and the directors, officers, employees, agents, licensors and service providers of Social.So and our affiliates (the “Social.So Parties”) from any claims, known or unknown, you have against them.
26. We will not be liable for indirect, punitive, incidental, special, consequential or exemplary damages, or for loss of profits, goodwill or data or other intangible losses, that result from the use of, or inability to use, our Self-Serve Services or any other aspect of this Agreement. Under no circumstances will we be liable for any Third-Party Services, Social Networks or activities of third parties, any connection to or transmission from the Internet, or for any damage, loss or injury resulting from hacking, tampering, theft or other unauthorized access to or use of our Self-Serve Services or your account or the information contained in your account, including Customer Content.
27. Our aggregate liability to you for all losses or damages arising out of this Agreement or your use of our Self-Serve Services, even if we have been advised of the possibility of such losses, will not exceed the greater of the fees we received from you for our Self-Serve Services that are subject to the claim during the three-month period immediately preceding the date on which the damages arose and USD$100. The limitations of liability in this section also apply to the Social.So Parties and to claims brought based on any cause of action, including breach of contract, tort (including negligence), statute or other legal or equitable theory. If there is a law that limits how the limitation of liability in this section applies to you, our liability will be limited to the fullest extent permitted by law.
28. No advice or information, whether oral or written, obtained from us or elsewhere will create any warranty or condition not expressly stated in this Agreement.
29. Our prices are set based on limitations of liability and the disclaimers of warranties in this section. You acknowledge that they will survive and apply even if found to have failed their essential purpose.
30. If you are dissatisfied with our Self-Serve Services or believe that you’ve been harmed by your use of our Self-Serve Services or this Agreement, you may terminate your use of our Self-Serve Services (as set out above). That termination is your sole and exclusive remedy (and our sole and exclusive liability) under this Agreement.
Claims and Disputes
31. The laws of England and Wales will govern any dispute, cause of action or claim arising out of this Agreement or your use of our Self-Serve Services, including against any Social.So Party (“Dispute”), without giving effect to conflict-of-law principles.
32. You will indemnify and hold harmless the Social.So Parties from and against all losses, damages, penalties, liability and costs, including reasonable legal fees, of any kind or nature related to any claim against a Social.So Party related to: (a) Customer Content or Submitted Content; (b) your breach of this Agreement or any laws; or (c) your use of our Self-Serve Services or any Third-Party Services (including your breach of terms for any Third-Party Services).
33. If you breach this Agreement or violate our rights or another person’s rights, we may ask a court to stop you; if we bring a claim against you, you will reimburse us for our reasonable legal fees for that claim.
34. If you have any kind of Dispute with us, the exclusive means of resolving it will be by confidential, binding arbitration before a single arbitrator chosen by you and Social.So. You will give notice of your Dispute to us in writing. If we do not decide together on an arbitrator within 15 days after we receive that notice, we both agree to ask the Arbitration Centre in the United Kingdom to appoint one for us. The arbitration will take place in London, England, under the Arbitration Act, and will follow the Domestic Commercial Arbitration Rules of the Arbitration Centre. The arbitrator will have the right to decide how the costs should be divided between us. The arbitrator will have the right to accept whatever kind of evidence they think is appropriate and will have the right to make whatever award they consider fair and equitable, based on legal and equitable principles, including giving an order such as an injunction (to stop one of us from doing something) or an order that you or we pay damages to the other. The arbitrator’s award can be entered into the registry of the Supreme Court in London, England, and enforced in the same way as a court order if the court in the enforcing jurisdiction allows.
35. Any Dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated or representative action. Social.So and you each waive any right to a trial by jury.
Miscellaneous
36. Export Compliance. You will not use or access our Self-Serve Services if you are located in any jurisdiction in which the provision of our Self-Serve Services is prohibited under England and Wales, U.S. or other laws (a “Prohibited Jurisdiction”) and you will not provide access to our Self-Serve Services to any government, entity or individual located in any Prohibited Jurisdiction. You confirm that you are not named on any British or U.S. government list of persons or entities prohibited from transaction with any British or U.S. person; (b) you are not a national of, or a company registered in, any Prohibited Jurisdiction; (c) you will not allow Authorized Users to access or use our Self-Serve Services in violation of any British, U.S. or other export embargoes, prohibitions or restrictions; and (d) you will comply with all laws regarding the transmission of data exported from the country in which you (or your Authorized Users) are located to England and the United States.
37. Amendment. We may change any part of this Agreement (including any terms or documents incorporated by reference in this Agreement) at any time by posting the revised terms on the Social.So website, and your use of the Self-Serve Services after the effective date of the updated Agreement or other terms constitutes your agreement to the updated Agreement or other terms, as applicable. It is important for you to review this Agreement before using our Self-Serve Services and from time to time. The updated Agreement will be effective as of the time of posting, or on such later date as may be specified in the updated Agreement, and will apply to your use of the Self-Serve Services from that point forward.
38. Assignment. You may not assign your rights under this Agreement to anyone else. We may assign our rights to any other individual or entity.
39. Severability. If a court finds part of this Agreement to be invalid, the rest will continue to apply with the minimum changes required to remove the invalid part.
40. Force Majeure. We will not be liable to you or any third party for any failure to perform our obligations under this Agreement if that failure results from any cause beyond our control, such as the elements; fire; flood; severe weather; earthquake; vandalism; accidents; sabotage; power failure; denial of service attacks or similar attacks or other acts of hackers; Internet or network failures or interruptions; acts of God and the public enemy; acts of war; acts of terrorism; riots; civil or public disturbances; strikes, lockouts or labor disruptions; any laws, orders, rules, regulations, acts or restraints of any government or governmental body or authority, civil or military, including the orders and judgments of courts; or if another person (including a Social Network) changes their services or terms or no longer offers their services to you or Social.So on terms we believe are reasonable.
41. Remedies. If we fail to enforce this Agreement, we are not waiving our right to do so. Any remedies we have under this Agreement are not exclusive of any other remedies we may have under this Agreement, at law or otherwise.
42. Notices to You. Social.So may give notice to you by placing a banner notice on the Social.So platform or Social.So’s website. We may also contact you or your Authorized Users through your Social.So account or contact information you provide, such as email or telephone or through your account on one or more Social Networks. If you fail to maintain accurate account information, such as contact information, you may not receive critical information about our Self-Serve Services or this Agreement.
43. Notices to Social.So. For any notice to Social.So that you give under or regarding this Agreement, you must notify Social.So by email to [email protected] with a duplicate copy sent via registered mail to the following address: 160 Kemp house, London, EC1V 2NX.
44. Entire Agreement. This Agreement, including the other documents referred to as applicable to the Self-Serve Services in this Agreement, is the entire agreement between you and Social.So for your use of our Self-Serve Services. Any prior understandings, statements or and agreements (oral or written) do not apply, including additional terms that you may present (such as terms in a unilateral notice from you to us or printed on a purchase order or any other document generated by you). This Agreement is binding on the parties and their permitted successors and assigns.
Cookie Policy
This cookie notice provides information about how and when Social.So uses cookies and other similar tracking technologies on its Website, in its Applications and Platforms (“Services”). Capitalized terms used in this policy but not defined have the meaning set forth in our Privacy Notice, which also includes additional details about the collection and use of information at Social.So.
Social.So uses tracking technology (“cookies”) on its Website, in its Applications, and in its Platforms, including mobile application identifiers and a unique Social.So user ID to help us recognize you across different Services, to monitor usage and web traffic routing for the Services, and to customize and improve the Services. By visiting the Website or using the Services you agree to the use of cookies in your browser and HTML-based emails. Cookies are small text files placed on your device when you visit a website, in order to track use of the site and to improve your user experience.
Session Cookies
The Services use “session cookies”, which improve your user experience by storing certain information from your current visit on your device, such as log-in information. These enable us to remember your log-in session so you can move easily within the Website or the other Services. Without these session cookies, we would not be able to provide the Services to you. These session cookies have limited functionalities and expirations, and you will be required to re-enter your Social.So log-in information after a certain period of time has elapsed to protect you against others accidentally accessing your account contents and related Personal Information. Other examples of our use of session cookies include to track the number of visits by a particular visitor to a page and to store items in an online shopping cart for the Shop.
Performance and Remarketing Cookies
Partners who help us serve advertising on and off the Website and analytics companies may also put cookies on your device. We use several third-party vendors to help deliver ads for relevant Social.So products and services to you when you visit certain pages on our Website and then visit certain third-party sites. We may share with third-party ad partners a cryptographic hash of a common account identifier (such as an email address), to help us measure and tailor ads and services provided to you. Below is information about one such vendor. Please note that this cookie notice covers only our use of cookies and does not include use of cookies by any third parties.
i) Google Analytics
Social.So uses a specific cookie in order to facilitate the use of Google Universal Analytics for users logged-in to the Applications or the Platforms (“Logged-In User). If you are a Logged-In User, Social.So may use your Social.So user ID in combination with Google Universal Analytics and Google Analytics to track and analyze the pages of the Services you visit. We do this only to better understand how you use the Website and the other Services, with a view to offering improvements for all Social.So users; and to tailor our business and marketing activities accordingly, both generally and specifically to you. Google Analytics cookies do not provide Social.So with any personal information.
ii) Google Display Advertising
Additionally, Social.So uses Google Analytics code that allows for certain forms of display advertising and other advanced features. Subject to change, the Google Display Advertising features Social.So currently uses are Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics Demographics and Interest Reporting.
These features are used to advertise online; to allow third-party vendors, including Google, to show you advertising across the Internet; to allow Social.So and third-party vendors, including Google, to use first-party cookies (such as the Google Analytics cookie) and third-party cookies together to inform, optimize, and serve ads based on your past visits to the Website and to report how ad impressions, uses of ad services, and interactions with these ad impressions and ad services are related to visits to the Website. Data from Google's interest-based advertising or third-party audience data (such as age, gender, and interests) is also combined with Google Analytics to better understand the needs of Social.So users and to improve the Services.
Social.So uses other third-party performance and remarketing cookies, and further information on those third-party cookies can be obtained by contacting us.
Other Related Technologies
Social.So may also use related technologies including web beacons, bugs, pixels, and software tokens in order to facilitate your use of the Services. Most notably, the Services use software tokens (stored securely on Social.So-controlled servers) in order to facilitate the logging in to and the functioning of both the Supported Platforms and Third-Party Apps.
Opting-Out, Removing or Preventing the Setting of Cookies
Most browsers give you the ability to manage cookies to suit you. In some browsers you can set up rules to manage cookies on a site-by-site basis, giving you more fine-grained control over your privacy. This means you can disallow cookies from all sites except those that you trust.
Browser manufacturers provide help pages relating to cookie management in their products. We have collected a short list of the main manufacturer’s help pages for your convenience below:
Google Chrome
Internet Explorer
Mozilla Firefox
Safari (Desktop)
Safari (Mobile)
Android Browser
For other browsers, please consult the documentation that your browser manufacturer provides.
For display advertising, you may opt out at any time by visiting your Google Ads Settings page or by installing and running the Google Analytics Opt-out Browser Add-on. The Network Advertising Initiative has also developed a tool that may help you understand which third parties have currently enabled cookies for your browser and opt-out of those cookies. Further information can be found here.
In addition, on your iPhone, iPad or Android, you can change your device settings to control whether you see online interest-based ads.
If you block or delete cookies you may not be able to take full advantage of our Website, Applications, Platforms, and/or Shop. Further, if you do not want to receive tracking pixels, you will need to disable HTML images in your email client, which may affect your ability to view images in other emails that you receive.
Does Social.So Respond to “Do Not Track” Signals?
Our Website and Services do not collect personal information about your online activities over time and across third-party websites or online services. Therefore, “do not track” signals transmitted from web browsers do not apply to our Website or Services, and we do not alter any of our data collection and use practices upon receipt of such a signal.
DPA Social.So has updated its Data Processing Addendum (DPA) for GDPR. The GDPR DPA and some FAQs are available to all of our Customers. If you would like to incorporate the GDPR DPA into your existing agreement with Social.So, please email us and we will promptly send you Social.So’s Data Processing Addendum for you to complete, sign and return to us.
SECUIRTY PRACTICES Social.So maintains organizational and technical measures to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These measures take into account the sensitivity of the information Social.So collects, processes and stores; the current state of technology; the costs of implementation; and the nature, scope, context, and purposes of the data processing Social.So engages in.
Where used in this Security Practices document, “Social.So Services” means the Self-Serve Services or Enterprise Services, as applicable and as defined in the terms applicable to your access to and use of the Social.So Services (the “Agreement”). Capitalized terms not defined in this document have the meanings given to them in the Agreement.
Confidentiality
Social.So maintains appropriate controls to restrict its employees’ access to the Customer Content that you and your Authorized Users make available via the Social.So Services, and to prevent access to Customer Content by anyone who should not have access to it.
All of Social.So’s employees are bound by Social.So policies regarding the confidential treatment of Customer Content.
Personnel Practices
Social.So employees receive security training during onboarding and on an ongoing basis. Employees are required to read and sign information security policies covering the confidentiality, integrity, availability and resilience of the systems and services Social.So uses in the delivery the Social.So Services. Where applicable, including for particularly sensitive positions, Social.So also conducts criminal background checks on employees before employment.
Compliance
PCI DSS: When payments are processed via credit card, Social.So uses third-party vendors that are PCI DSS compliant. At no point does Social.So store, transmit, or process your credit card information; Social.So simply stores anonymous tokens that identify the applicable processed transactions.
Additional Security Features
Access and System Logging
All systems used in the provision of the Social.So Services, including firewalls, routers, network switches, and operating systems, log information to secure log servers in order to enable security reviews and analysis.
Data Encryption In Transit and At Rest
The Social.So Services support the latest industry-standard secure cipher suites and protocols to encrypt all traffic in transit. Social.So currently supports only TLS 1.2 on its main website and all pages that accept credit card information. Migration to 1.2 on subsidiary pages will be completed later in 2018.
Customer Content is also encrypted at rest, where appropriate and having regard to the nature of the content and associated risks. Almost all of the information Social.So processes is already publicly available elsewhere and so there is no associated privacy risks, but all scheduled and approval-pending messages, for example, are encrypted at rest for additional protection.
Social.So monitors the changing cryptographic landscape closely and makes commercially reasonable efforts to upgrade the Social.So Services to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, Social.So does this while also balancing the need for compatibility for older clients.
Disaster Recovery
When your use of the Social.So Services requires Social.So’s systems to store Customer Content, such Customer Content is stored redundantly at multiple locations in Social.So’s hosting provider’s data centers to ensure availability. Social.So has backup and restoration procedures to allow recovery from a major disaster. Customer Content and Social.So’s source code is automatically backed up on a nightly basis. Social.So’s operations team is alerted in the event of any failure with this system. Backups are fully tested at least every 90 days to confirm that these processes and tools work as expected.
Network Protection
In addition to system monitoring and logging, Social.So has implemented firewalls that are configured according to industry best practices, and ports not utilized for delivery of the Social.So Services are blocked by configuration with our data center provider.
Host Management
Social.So performs automated vulnerability scans on its production hosts and uses commercially reasonable efforts to remediate any findings that present a material risk to the Social.So environment. Social.So enforces screen lockouts and the usage of full disk encryption for company laptops.
Logging and Intrusion Detection
Social.So maintains an extensive, centralized logging environment in its production environment which contains information pertaining to security, monitoring, availability, access, and other metrics about the Social.So Services. These logs are analyzed for security events via automated monitoring software, overseen by Social.So’s security team.
Social.So monitors the Social.So Services for unauthorized intrusions using network-based and host-based intrusion detection mechanisms. Social.So analyzes data collected by users' web browsers (e.g., device type, screen resolution, time zone, operating system version, browser type and version, system fonts, installed browser plug-ins, enabled MIME types, etc.) for security purposes, including to detect compromised browsers, to prevent fraudulent authentications, and to ensure that the Social.So Services function properly.
Physical Security
Social.So currently uses Amazon Web Services (AWS) for its production data centers to provide the Social.So Services. AWS has been selected for its high standards of both physical and technological security, and has internationally recognised certifications and accreditations, demonstrating compliance with rigorous international standards, such as ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2 and SOC 3, PCI DSS Level 1, and others. For more information about Amazon Web Services' certification and compliance, please visit the AWS Security website and the AWS Compliance website.
Security Policies and Procedures
Social.So implements and maintains industry-standard security policies and procedures that align with the National Institute of Standards and Technology (NIST) cybersecurity framework. In particular, the Social.So Services are operated in accordance with the following policies and procedures:
Customer passwords are stored using a one-way salted hash.
User access logs are maintained, containing date, time, user ID, URL executed or entity ID operated on, operation performed (created, updated, deleted), and source IP address.
If there is reasonable suspicion of inappropriate access, Social.So may provide customers (on a time and materials basis, on request and at Social.So’s sole discretion) with copies of relevant log records to allow customers to conduct their own forensic analysis.
Customer passwords are not logged.
Social.So personnel will not set a defined password for a user. Passwords are reset to a random value (which must be changed on first use) and delivered automatically via email to the requesting user.
Product Design Security Practices
New features, functionality, and design changes go through a review process facilitated by
Social.So’s security team. In addition, Social.So’s code is tested and manually peer-reviewed prior to being deployed to production. Social.So’s security team works closely with its product and engineering teams to resolve any additional security or privacy concerns that may arise during development.
Incident Management & Response
Social.So maintains security incident management policies and procedures. Social.So notifies impacted customers without undue delay of any unauthorized disclosure of their Customer Content by Social.So or its agents of which Social.So becomes aware, to the extent permitted by law.
Scope
These security practices apply to the Social.So Services defined in your Agreement with Social.So, excluding the Social.So Ads Services.
Acceptable user rules
Last Modified: May 24, 2019
We have a few rules on how our services can and cannot be used and this policy explains them (the “Acceptable Use Rules”). The rules apply to all of Social.So’s services (the “Services”) and to all our users regardless of their plans (Free, Professional, Team, Business, and Enterprise). These rules form part of our broader terms of service. If you see an undefined term here, it has the same definition as in the terms of service applicable to your service (the “Terms”).
GENERAL RULES
1. You must:
a. Use your best efforts to prevent unauthorized access to or use of the Services, including by maintaining a strong password;
b. Keep your passwords and other login credentials for the Services confidential;
c. Monitor and control all activity conducted through your Social.So account;
d. Notify us promptly if you become aware of or suspect any security breach regarding your account, including any loss, theft, or unauthorized disclosure or use of your (or any of your Authorized Users’) username, password, or account; and
e. Comply with the Social Networks’ applicable terms which you connect through the Services (the “Social Network TOS”). These include for example the Twitter Terms of Service published at www.twitter.com/tos; the Facebook Terms of Service published at www.facebook.com/legal/terms; the LinkedIn User Agreement published at www.linkedin.com/legal/user-agreement; and the YouTube Terms of Service published at www.youtube.com/t/terms(as applicable).
2. You must not:
a. Make the Services available to anyone other than your Authorized Users;
b. Allow more than one individual Authorized User to use a single log-in to the Services, or use the Services in excess of the quantities or limits set out in your Services plan;
c. Sell, trade, or otherwise transfer any Services to another party;
d. Upload or share Customer Content that you do not own or otherwise have the right to share;
e. Use the Services to store or transmit any Content, including Customer Content, that may be infringing, defamatory, threatening, harmful, or otherwise tortious or unlawful, including any content that may violate intellectual property, privacy, or publicity rights, or other applicable laws, or any of the Social Network TOS;
f. Use the Services to send spam or other unsolicited messages in violation of applicable laws;
g. Upload to, or transmit from, the Services any Content that contains or redirects to a virus, Trojan horse, worm, or other harmful component;
h. Attempt to reverse engineer, de-compile, hack, disable, interfere with, disassemble, modify, copy, translate, or disrupt the features, functionality, integrity, or performance of the Services or the Social Networks (including any mechanism used to restrict or control the functionality of the Services or the Social Networks) or any data from third parties (in other words, someone other than you, your Authorized Users or Social.So) contained in the Social Networks (except to the extent such restrictions are prohibited by applicable laws);
i. Attempt to gain unauthorized access to the Services, the Social Networks, or related systems or networks or to defeat, avoid, bypass, remove, deactivate, or otherwise circumvent any software protection or monitoring mechanisms of the Services or the Social Networks;
j. Access the Services in order to build a similar or competitive product or service or copy any ideas, features, functions, or graphics of the Services or the Social Networks;
k. Engage in any abusive practices that degrade the performance of the Services (or any part of the Services) for you or any of our other customers (for example, by tracking singular high-frequency terms such as “love”, “yes”, or “the” or other similar activities);
l. Use the Services for redistribution, syndication, or fraudulent activities; or
m. Allow or encourage any third party to do any of the above.
ADDITIONAL RULES IMPOSED BY SOCIAL NETWORKS
3. If you are a public-sector entity, you must not use the Services to access or use content from Twitter for surveillance purposes.
4. If you are a public-sector entity whose primary function includes conducting surveillance/gathering intelligence, you must not use the Services to access or use content from Twitter.
5. You must not use the Services to access or use content from Twitter for any unlawful, discriminatory purposes or profiling based on sensitive categories of information prohibited by applicable laws (see Section VII.A. User Protection of the Twitter Developer Agreement published at https://developer.twitter.com/en/developer-terms/agreement).
ADDITIONAL RULES APPLICABLE IF YOU USE THE SERVICES FOR CONTESTS OR OTHERWISE ASK INDIVIDUALS TO SUBMIT CONTENT THROUGH THE SERVICES (“Submitted Content”)
6. You must not:
a. Request that any participant submit personal medical information, social security information, payment card details, financial or other sensitive information;
b. Request Submitted Content that would violate any applicable laws, rules, or regulations; or
c. Refer to Social.So or use our name, trademarks, or trade names in connection with your request for Submitted Content.
CONFLICT
7. In the event of any conflict between these Acceptable Use Rules and the Terms, the Terms will govern.
Payment terms
Last Modified: January 14, 2019
These payment terms apply to any of Social.So’s paid services (including Basic, Standard or Professional plans) you purchase through our website (the “Paid Services”). For greater certainty these payment terms do not apply to any services purchased via an Authorization Form. These payment terms form part of our broader terms of service. If you see an undefined term here, it has the same definition as in the terms of service applicable to your service (the “Terms”).
Payment for Paid Services. For Paid Services, you must provide us with a valid credit card or other form of electronic payment (such as PayPal). We will automatically charge you based on your chosen plan (monthly or yearly as you select for Basic, Standard or Professional plans). We will share your account information with financial institutions and payment processing companies, including your submitted payment information, to process your purchase.
Terms; Prices; Payment Methods. Subscription to our plans are for fixed terms, and the associated fees payable for Paid Services are non-refundable. Prices for Paid Services are subject to change on 30 days’ notice, provided that no price change will apply during your then-current subscription term (monthly or annual as applicable). Depending on where you live, foreign exchange fees or differences in prices may apply, including because of exchange rates. We do not support all payment methods, currencies or locations for payment. If the payment method you use is no longer valid (such as a credit card that has expired) and you do not edit your payment information or cancel or downgrade your account to a plan that is free of charge, you authorize us to keep billing you for our Paid Services and you remain responsible for uncollected amounts.
Unpaid Fees. If you owe us any unpaid fees, we may suspend your access to our Paid Services without prior notice until you pay us in full. Your obligation to pay fees continues through to the end of the period (monthly or annual as applicable) in which you cancel or downgrade your plan.