Privacy Policy

Date of Publication: 26th June 2020
The purpose of this policy

This privacy policy explains how we will process your personal information obtained through your use of our website at getsubly.com, your use of Subly as a registered users of our website at my.getsubly.com, and through other interactions with you (for example, networking events, marketing activities, and user research activities).

Subly is a cloud-based video and audio transcription software tool, which we supply through our website to registered users. It uses speech recognition technology to automatically add subtitles, in any language, to your videos uploaded to or recorded with Subly. It enables users to edit and translate text, and download your video for sharing on any platform.

It is important that you read this privacy policy, together with any just in time privacy policies we may provide elsewhere on our website, so that you are fully aware of how and why we are using your data, and what data protection rights you have.

What does this policy cover:

You can either scroll down to read this policy in its entirety (which we recommend), or click on one of the links below to go straight to the section you are interested in.


Who we are and how to contact us

When we say we, us or our or Subly in this privacy policy, we mean Subly UK Limited, a company incorporated and registered in England and Wales with company number 12618425 and whose registered office is at Kemp House, 160 City Road, London, England, EC1V 2NX.

For the purposes of the Data Protection Legislation, we are the controller of your personal data. This means that we are responsible for deciding how we hold and use personal information about you.

If you have any questions in regard to any part of this policy, (including any requests to exercise your legal rights) please contact us either by:

We are committed to protecting your privacy and safeguarding your personal data. Our use of your personal data is subject to the data protection laws applicable in the United Kingdom, which on the date of the publication of this policy includes the EU General Data Protection Regulation, the UK Data Protection Act 2018 and other relevant UK and EU legislation concerning personal data (together Data Protection Legislation).

Even though the United Kingdom has left the European Union, the EU General Data Protection continues to apply in the United Kingdom during the transition period, until the end of 2020.

The personal data we collect

Personal data means information which relates to an identified or an identifiable individual. 

Types of personal data we may collect Examples
Identity data name; title;
Contact data address; email; telephone number;
Financial and transactional data details of orders made and processed; details of payment received/made; details of invoices received/issued;
Professional data job title; name of business or organisation; professional credentials; professional contact details;
Usage data products and services purchased and prices paid; free services you signed up to (e.g. our blogs); events you attended or expressed interest in; details of free materials you have downloaded from our website; details of the products and services you have purchased from our website with their associated purchase prices; video details (including the number of videos produced or uploaded, if the video was edited and if you chose to distribute the video);
Contract data details of your contracts with us (e.g. the terms and conditions governing your use of Subly, the start and end date of the contract, and details of the pricing package selected by you);
Profile data interests; preferences; user interviews, feedback and survey responses; posts and materials uploaded onto our website; profile type (e.g. creator, agency, company etc.);
Enquiries data details of enquiries submitted by you through our website or emailed to us;
Technical data IP address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices used to access our website).

Who can see your videos

As a registered user of Subly, you will be able to upload videos to Subly and record videos using Subly. Only you, your authorised staff, and the Subly Team (by which we mean our staff consisting of our employees and contractors) will be able to view your videos. Our team may view your videos for the purpose of resolving technical issues and for the purpose of enhancing Subly’s features. We will treat such content as confidential in accordance with our Terms of Website Use.

Anonymised data 

We may also collect, use, and share anonymised, aggregated data such as statistical or demographic data for any purpose. Anonymised data may be derived from your personal data but is not considered personal information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate information on how you use our website to calculate the percentage of users accessing a specific website feature.

How we collect personal data

We collect most of this information from you direct. However, we may also collect information from other sources.

Type of source Examples
Your use of our website and services when you sign up to create an account on our website; when you use our services; when you upload user content; submit an online enquiry; when you add or update your billing or address information.
Direct interactions with you when you first contact us (e.g. by phone or email); when you register interest in our services; when you give us your business card; when you participate in our user research activities (e.g. provide us with feedback or respond to our questionnaires).
From publicly accessible sources your website; your profiles on social media platforms (e.g. LinkedIn, Facebook, Twitter); professional networking groups and databases.
Directly from a third party another organisation or professional who told us that you would like to hear from us.
Automated technologies or interactions as you interact with our website and advertisements, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
How and why we use personal data

Under the Data Protection Legislation, we can only use your personal data if we have a proper reason for doing so, for example: consent, contact, legitimate interests, or legal obligation.

  1. Consent. We may process your data based on your consent to:

    • place cookies and similar tracking technologies on your device;
    • send you our blogs, newsletters or other electronic marketing communication;
    • send you invites to our marketing events and seminars; 
    • share your details with a third party for marketing purposes;
    • publish content which you upload to our website;
    • use your content for marketing purposes, to promote Subly, or to use as a showcase in a case study; and
    • respond to your enquiries.

    Where we want to use your data on the basis of your consent, we will ask for such consent separately and clearly.

    Right to withdraw consent 

    You have the right to withdraw consent at any time by: 

    • emailing us at legal@getsubly.com; or
    • in case of consent to marketing emails, using the ‘unsubscribe’ link in our marketing emails.

    Even if we are not required to obtain your consent for marketing purposes, you can still opt-out of receiving marketing communications at any time, so you are still in control.

  2. Contract. We will use your personal data if we need to do it to perform our obligations under a contract with you, or if it is necessary for a contract which we are about to enter with you. For example, if we need to:

    • register you as a new customer or administer your account (e.g. set up your subscription and administer invoicing and payments);
    • provide our software services and digital content to you;
    • manage our relationship with you (e.g. to respond to your enquiries or to notify you about changes to our services and to inform you about updating preferences);
    • share your data with our partner in order to provide you with a service funded by that partner;
    • provide after sale care services (e.g. technical support); and
    • enable you to partake in a competition or a prize draw.
  3. Legitimate interests. We may process your personal data when we (or third party) have a legitimate reason to use it, so long as this is not overridden by your own rights and interests. For example:

    • to manage your account and our relationship with you;
    • to manage payments, fees, charges, and to collect debts which you may owe to us;
    • to interact with you professionally (e.g. if you represent our current or prospective client, supplier or business partner) to manage our relationship with the organisation you represent;
    • to administer and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);
    • to deal with your enquiry unrelated to a contract which we may have with you;
    • to provide you with a free service (e.g. a free version of Subly or other functionalities of our website);
    • to ask you to leave a review or complete a survey;
    • to increase our business or promote our brand through delivering relevant website content and advertisements to you;
    • to measure or understand the effectiveness of the advertising we provide to you;
    • to improve our website, products, services, marketing, and customer relationships and understanding;
    • to conduct web analytics (via Hotjar and Facebook Pixel); 
    • for the prevention and detection of fraud and spam; and
    • for the establishment, exercise or defence of legal claims.

    We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or structure of our business.

  4. Legal obligation. We may process your personal data to comply with our legal obligation. For example, to:

    • notify you about changes to our terms or privacy policy;
    • address your complaint; and
    • comply with a request from a competent authority.
Who we share personal data with

We may share your information with third parties for the purposes set out in this policy. 

We share data with our contractors based in the European Economic Area (EEA) and Australia, who work for us as part of the Subly Team. We impose contractual obligations on such contractors to ensure that your personal data is protected.

We also share data with providers of cloud-based tools and services, which we use to operate our business:

  • Amazon Web Services (AWS), a US company who provides web hosting services to us. AWS host our data in the United Kingdom and Ireland;
  • Google, based in the USA, who provide Google Analytics web analytics services to us. See their privacy policy;
  • HubSpot, based in the USA, who provide customer relationship management services to us. See their privacy policy
  • Hotjar, based in Malta, who provide web user heat mapping interaction and behaviour analytics services to us. See their privacy policy; and
  • Facebook, based in the USA, who provide us with Facebook Pixel, an advertisement optimisation service. See their privacy policy.


We impose contractual obligations on the above providers to ensure that your personal data is protected.

International data transfers

Transfers of data outside the European Economic Area (EEA) are subject to special rules under the Data Protection Legislation. Those of our contractors and suppliers who are based outside the EEA, are either: based in countries that have been identified by the European Commission as providing adequate protection, or have in place an appropriate data sharing safeguard mechanism (for example, have entered into the European Commission’s standard contractual clauses with us, or subscribe to the EU-US Privacy Shield).

Those of our providers who are based in the US subscribe to the EU-US Privacy Shield framework. Transfers of personal data to US companies who subscribe to the EU-US Privacy Shield framework are deemed by the European Commission to provide an appropriate level of protection.

We use Stripe, a payment gateway, to process payments through our website. If you pay for our products through our website, you will be providing your personal data (for example, details of your payment card and billing address) to Stripe. Please see their privacy policy.

Other sharing

We may also:

  • share your personal data with members of our staff;
  • disclose your personal data to professional advisers (e.g. lawyers, accountants, auditors or insurers) who provide professional services to us;
  • disclose your personal data to certain third parties if specifically requested or agreed with you (e.g. if you ask us to introduce you to a third party);
  • disclose and exchange certain information with law enforcement agencies and regulatory bodies to comply with our legal obligations; and
  • share some personal data with other parties, such as potential and actual investors or buyers of some or all of our business or during a re-structuring. The recipient of the information will be bound by confidentiality obligations.

Such data recipients will be bound by confidentiality obligations.

How long we keep personal data

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

For example:

  • if you sign up to Subly, we will usually keep most of your personal data for up to 30 days after you delete your Subly account, but you may choose to delete items of your content at any time prior to deleting your account, and we may keep financial and transaction data for tax purposes for seven years after you cease being our customer;
  • if you agree for us to publish your content containing personal information on our website, we will keep that content for the duration corresponding with the permission you give us; and
  • if you subscribe to our updates or consent to receiving marketing communications, we will hold your data for that purpose until you unsubscribe or otherwise tell us that you no longer wish to receive such communications.


We may also anonymise your personal data (so that it can no longer be associated with you) for analytics, research or statistical purposes, in which case we may use this information indefinitely without further notice to you. 

Your rights

You have a number of rights in relation to your personal data, which allow you to access and control your information in certain circumstances. You can exercise these rights free of charge, unless your request is manifestly unfounded or excessive (in which case we may charge a reasonable administrative fee or refuse to respond to such request).

Your right Explanation
Access This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Rectification The right to require us to correct any inaccuracies in your personal data.
Erasure (to be forgotten) The right to require us to delete your personal data in certain situations.
Restriction of processing The right to require us to restrict processing of your personal data in certain circumstances (e.g. if you contest the accuracy of the data we hold).
Data portability The right to receive, in certain situations, the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party.
To object The right to object at any time to your personal data being processed for direct marketing (including profiling) or, in certain other situations, to our continued processing of your personal data (e.g. processing carried out for the purpose of our legitimate interests).
Not to be subject to automated individual decision-making The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you, or similarly significantly affects you.

If you would like to exercise any of those rights, please contact us at support@getsubly.com. Please let us know what right you want to exercise and the information to which your request relates. 

Keeping personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Complaints

We hope that we can resolve any query or concern you may raise about our use of your information. You may contact us by using the contact methods set out in the Who we are and how to contact us section of this policy.

The Data Protection Legislation also gives you a right to lodge a complaint with a supervisory authority, in particular in the European Union (or the European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws has occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns, telephone on 0303 123 1113, or by post to: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. We would, however, appreciate the chance to deal with your concerns before you approach the Information Commissioner’s Office, so please contact us in the first instance.

Changes to this privacy policy

This privacy policy was last updated on 15 June 2020.

We may change this privacy policy from time to time, when we do we will publish the new version of the policy on our website. We may also inform you via email.