Last updated: 27 October, 2025
Floop Pty Ltd ('Floop', 'we', 'us', or 'our') is committed to protecting your privacy and maintaining the confidentiality of personal data. This policy explains how we collect, use, store, disclose, and process personal data in connection with the Floop Platform and related services, in alignment with the principles of leading international data protection laws, including the EU General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA/CPRA), Australian Privacy Principles (APPs), and the New Zealand Privacy Act 2020.
1. Introduction
Floop provides enterprise analytics tools that process customer feedback and unstructured data sources in a secure, responsible, and privacy-conscious manner. We design our systems and processes in accordance with privacy-by-design and security-by-default principles. This policy outlines our approach to handling data as both a controller (for our own purposes) and a processor (on behalf of customers).
2. Scope
This policy applies to personal data processed by Floop in the following contexts: (a) users and administrators of the Floop Platform; (b) individuals whose data is processed by Floop on behalf of customers; and (c) visitors to our website and other digital properties.When Floop acts as a Data Processor, customers are responsible for ensuring a lawful basis for processing and providing necessary notices to end-users. Floop processes such data only under written agreement and documented instruction, as set out in our Data Processing Addendum (DPA). Our DPA is available upon request (see Section 14).
3. Roles and Responsibilities
Customers typically act as Data Controllers, determining the purposes and means of processing. Floop acts as a Data Processor for Customer Data and may act as an independent controller for billing, account management, and analytics purposes. All Floop personnel and contractors are bound by confidentiality and access control obligations.
4. Types of Personal Data
We collect and process data as follows:
- Account and contact details such as name, email, company, and role.
- Subscription and billing details, excluding full financial account numbers.
- Platform usage data such as IP address, access logs, and device identifiers.
- Customer Data such as support tickets, transcripts, reviews, and surveys provided by customers, which may contain personal data.
Floop applies best-efforts to remove or anonymise personally identifiable information prior to storage, consistent with its data minimisation policy.
5. Purpose of Processing
Floop processes data to provide and improve the Floop Platform, ensure security and service integrity, manage billing, perform analytics, provide support, and comply with legal obligations. Floop may also process de-identified data for internal analytics and product improvement purposes. De-identified or aggregated data is not considered personal data.
6. Legal Basis for Processing
Where Floop acts as a controller, we rely on consent, contractual necessity, legal obligations, or legitimate interests as appropriate. When acting as a processor, Floop processes Customer Data only under the controller’s lawful basis and documented instructions.
7. International Data Transfers
Floop stores Customer Data primarily in the ap-southeast-2 (Sydney) region, with optional regional configurations. Transfers may occur to other jurisdictions for authorised personnel, contractors, and sub-processors, all subject to confidentiality and least-privilege access. Floop implements appropriate safeguards such as Standard Contractual Clauses and equivalent mechanisms consistent with GDPR, APP 8, and NZ Privacy Act requirements.
8. Retention and Deletion
Floop retains personal data only as long as necessary to fulfil contractual, legal, or operational requirements. Customer Data is deleted within thirty-one (31) days of Subscription termination or cancellation unless longer retention is required by law. Metadata such as billing and audit logs may be retained beyond this period where necessary for legitimate business or compliance purposes.
9. Individual Rights and Requests
Individuals may have rights to access, correct, delete, or restrict processing of their personal data, or to withdraw consent where applicable. Requests related to Customer Data should be directed to the relevant Customer (data controller). If Floop receives such a request directly, it will notify and cooperate with the Customer in accordance with the DPA.
10. Marketing Communications
Floop may contact you with information about products and services relevant to your account or interests. You can opt out at any time via the unsubscribe link or by contacting Floop directly. We maintain opt-out lists securely and do not use Customer Data for unrelated marketing purposes.
11. Cookies and Tracking Technologies
Floop uses cookies and similar technologies for functional and analytical purposes. We do not use behavioural advertising or tracking cookies. You may disable cookies in your browser, though this may affect service functionality.
12. Data Security
Floop maintains robust technical and organisational controls aligned with the tenets of ISO 27001 and SOC 2 Type II frameworks, including encryption, access management, monitoring, and incident response. We do not claim certification under these frameworks. Access to Customer Data is restricted to authorised personnel using multi-factor authentication and least-privilege principles.
13. Sub-Processors and Data Sharing
Floop may engage sub-processors to support service delivery. Each sub-processor is contractually bound to provide at least the same level of data protection as Floop. Floop maintains a current list of sub-processors on its website and provides seven (7) days' notice prior to any addition or replacement. We may also share personal data with affiliates, regulators, or law enforcement as legally required, or in the event of a corporate transaction.
14. Complaints and Contact Information
For questions, concerns, or privacy requests, contact:
Email: legal [at] floop.com.au
We will respond within thirty (30) days.
You may also lodge a complaint with your local data protection authority if unsatisfied with our response.
15. Updates to this Policy
Floop may update this policy periodically to reflect changes in operations, legal requirements, or best practices. Material updates will be communicated to Customers via email or Platform notification. Continued use of the Platform constitutes acceptance of the revised policy.
16. Children’s Data
The Floop Platform is not intended for minors. We do not knowingly collect or process data from minors. If such data is inadvertently collected, Floop will take steps to promptly delete it upon discovery.
17. Data Protection Officer and Representatives
Floop may appoint a regional Data Protection Officer (DPO) or privacy representative as required by applicable laws. You may contact Floop’s privacy team using the contact information provided above for any privacy-related matters.
We believe your most unhappy customers are your greatest source of learning. This is why we help product teams build better products through strong customer feedback loops. Floop will harness the data across support tickets and customer conversations to bring actionable insights that drive better product roadmaps.
