Privacy Notice | Interact software
As of March 4, 2025
Introduction
This Privacy Notice explains what information Odyssey Interactive Ltd. and its associated entities (collectively “Interact”) collect and what we do with it.
It also explains the choices available to you regarding our use of your personal information and how you can access and update this information.
Data Protection Officer
We have appointed Katy Thorogood, C-DPO, as our Data Protection Officer to oversee compliance with this Privacy Notice and data protection related matters which affect Interact.
If you have any questions about this Privacy Notice or how we handle your Personal Data, please contact our Data Protection Officer by email at security@interactsoftware.com.
Privacy Notice Scope
Our Privacy Notice applies to the information we collect when you use one of our Services, when other sources provide it to us, or when you otherwise engage with Interact, including, but not limited to:
- When you visit our website or community website (“Websites “).
- When you contact us for assistance.
- When we connect with you as a prospective customer or as a customer.
- When you use one of our SaaS or On-Premises products (“Services “).
- When an account or profile is created on your behalf in one of our SaaS or On-Premises products (typically by your employer).
- When you attend customer or prospective customer events.
- When you meet us at third party events, gatherings or meetups.
- When you request any of our document packs.
- When we collect Personal Data that you submit to us via our website or third-party tools including, for example:
- when applying for a job via our website
- when requesting support in relation to one of our services.
Profile & Account Information
We collect information about you (“Personal data “) and your company in the provision and usage of the Services. This information generally includes: .
- Profile information such as first name, surname, email, job title
- Preferences information such as notification and marketing preferences
- Company & Billing information such as billing address, headquarters address and place of work
For information on how we protect your information, please refer to the Data Security section below.
Content Creation in our Services
We may incidentally collect your personal information as part of the content we allow you or other users to create, upload or store in the process of using our services.
The Services include the Interact products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include.
Information From Other Sources
We may receive information about you from:
- Other Service users (including your employer).
- Third-party services.
- Our related companies.
- Social media platforms.
- Public databases.
- Our business and channel partners.
We may combine this information with information we collect through other means described above. This helps us to update and improve our records, identify new customers, create more personalized advertising and suggest services that may be of interest to you.
Lawful Bases for Processing your information (for UK and EEA users)
If you are an individual in the United Kingdom (UK) or the European Economic Area (EEA), we collect and process your Personal Data only where we have a legal basis for doing so under applicable EU laws. The legal basis depends on the Services you use and how you use them.
| Applicable Lawful Basis | Activity |
| Performance to a contract | Provide you Services – including but not limited to: Operating the Services, customer support and personalization of features, protecting the safety and security of the Services. |
| Legitimate Interest | Where it is equally in your interest (As determined by a legitimate interest assessment) for us to conduct research and development, to market or promote the Services and to keep our records up to date. |
| Consent | Any activity where you give us consent to process data in a certain way directly or where you provide information that is not mandatory directly into the platform. |
| Legal Obligation | We need to process your data to comply with a legal obligation. |
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this may not affect any processing that has already taken place.
Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you may have the right to object to that use; though, in some cases, this may mean you may no longer use affected Services.
Using The Information Which We Collect
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you:
- To provide the Services and personalize your experience
- For research and development
- To communicate with you about the Services
- To market, promote and drive engagement with the Services
- To support our customers
- To protect our business interests and legal rights
Your Rights
Where the Services are managed for you by an administrator, you may need to contact your administrator to assist with your requests.
For all other requests, you may contact us as provided in the Contact Us section below to request assistance.
You have the right, in accordance with relevant Data Protection Laws, to:
- Be informed of what we are doing with your data.
- Request a copy of your information, in a structured, electronic format – also known as a Data Subject Access Request.
- Have any mistakes in our records of your personal data corrected.
- Object to our use of your information (including for marketing purposes).
- Request the deletion of your data – also known as an Erasure Request or the ‘Right to be Forgotten’.
- Restrict our processing of your information.
If you are not happy with the action we take in response to any of your requests, or the timeliness in which your request is completed, you have the right to make a complaint to the Information Commissioner (www.ico.co.uk) and seek judicial remedy
But we do hope if you have any further queries or there is anything else we can do for you, you will let us know before approaching the regulator.
Accessing and Updating Your Information on the Intranet
In reference to the data that is held within the Interact Intranet, you can take some actions yourself:
- Amend or remove your Personal Data in your account settings. This can also be done by your intranet administrator.
- Amend or remove content using the editing tools associated with that content. In some cases, you may need to contact your intranet administrator to request the removal of Content.
- Deactivate or remove your Services account by contacting your intranet administrator.
Information Sharing
We will not sell your Personal Data or content. However, where it is necessary we may share or disclose your Personal Data as follows:
- In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
- As required by law, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to our Company.
- When we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss.
- To report suspected illegal activity or to investigate violations of our agreements.
- We may provide your information to our business partners, vendors or service providers who perform functions on our behalf particularly as part of our Services.
- A list of the main sub processors to provide our services, their purposes and geographical locations is available on the Subprocessor page of our website.
Data Security
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We limit access to your Personal Data to only employees, agents, contractors and other third parties who need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality and have signed written agreements prior to accessing any data.
We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
ISO27001 is the internationally recognised standard for information security, and we hold this certification. You can request a copy of our certificate and the rest of our security documentation for free on the Security page of our website.
International Transfers
We will store our Personal Data in your own geolocation in accordance with the wishes of your employer who will be able to provide this information. We use cloud storage and ensure that there is an adequate level of protection for your personal information.
We have employees based in the UK, EEA, United Arab Emirates (UAE) and United States (US) to be able to support our customers, our staff may access your information from their country of residence.
We assess the suitability of the level of protection awarded to your data in the countries where the transfers are conducted to ensure appropriate security measures are in place. We ensure your personal information is treated in a way that is in accordance with data protection law.
We utilise binding corporate rules as our data transfer mechanism.
If you require further information about these measures, you can request it from our Data Protection Officer.
Children’s Privacy
Interact Services are not directed towards minors. We do not knowingly collect information from children under the age of 13. If you are aware that a child has provided us with Personal Information, please contact us immediately.
California Consumer Privacy Act (CCPA) Rights
In addition to the general rights set out under this Privacy Notice, if you are a resident of California, Californian law means you have several important rights free of charge. In summary, those rights include:
- Portability of such information and receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations.
- The erasure of personal information concerning you in certain situations.
- Request information – including a list of the categories of Personal Information, for example:
- Name.
- Email.
- Mailing address.
- The type of services provided to the customer.
Analytics & Logs
We collect analytics and log information when you use our websites or services to help us improve our product and services. Analytics information also consists of data we collect from running queries against Content created by a user of our SaaS and On-Premises services for the purposes of generating Usage Data. For example, we query the Content to determine the average number of content areas per customer.
Though we may encounter sensitive or other Personal Data as we compile Usage Data from Content across user instances, this is simply a by-product of our efforts to understand broader patterns and trends. It is not a concerted effort by us to examine the Content of any customer.
Cookies
Cookies are small data files placed on your computer by the websites you visit and the emails you read which can be used to help recognize you when you return to a website, or when you visit other sites. We or third-party service providers, may use cookies to among other things to measure activity, personalize your experience, remember your viewing preferences or track your status or progress when accessing our site. For some of these purposes, our cookies may be tied to Personal Information.
We use Google Analytics, a service that enables analysis of our site provided by Google, Inc. for marketing purposes. Google Analytics uses cookies to allow us to see how you use our site so we can improve your experience. Google’s ability to use and share information collected by Google Analytics about your visits to the site is restricted by the Google Analytics Terms of Use available at the analytics terms page on Google’s website and the Google Privacy Notice available at the Privacy Notice page on Google’s website You can prevent Google Analytics from recognizing you on return visits to the site by disabling cookies in your browser. If you prefer to not have data reported by Google Analytics, you can install the Google Analytics Opt-out Browser Add-on available at the Google Analytics, opt out page on Google’s website.
Notice to End Users
Many of our products are intended for use by organizations. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services and is the Data Controller under GDPR and is responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator. Your use of the Services is subject to that organization’s policies.
We are not responsible for the privacy or security practices of an administrator, which may be different to this policy. Your data will never be held for longer than 2 months after the Service ends.
Changes to our Privacy Notice
We may amend this Privacy Notice from time to time. When there are changes to this Privacy Notice, we will update this page. The date will always indicate when we last made changes.
Contact Us
If you have any questions about our Privacy Notice, please contact us. If you are an employee of an Interact customer and have a query or would like us to stop processing your information, please contact your employer in the first instance.
Attn: Data Protection Officer
Interact Software
5th Floor,
24 Mount St,
Manchester M2 3NX
