Legal

Effective July 6, 2026

Privacy Policy

This Privacy Policy explains how Spinek collects, uses, stores, protects, and processes personal data when you visit our website, request a demo, contact us, or use the Spinek ticketing system and customer experience platform.

Spinek helps organizations centralize, review, automate, and resolve customer tickets from manual requests, external applications, Genesys calls, WhatsApp, social media channels, and other support sources.

At a glance

What we collect

Account information, Ticket metadata, SLA workflow activity, knowledgebase content, and technical information needed to provide the service.

How we use it

To operate Spinek, improve product reliability, respond to requests, and meet legal obligations.

Your choices

You can request access, correction, deletion, portability, or restriction of your personal information.

Contact us

Questions about this policy can be sent to sales-spinek@alasilaicx.sa.

1. What This Policy Covers

This Privacy Policy applies to personal data processed through:

Spinek website

Spinek ticketing platform

Customer support workflows

Customer profiles

Ticket comments and attachments

Knowledge base content

Integrations and connected systems

AI-assisted support features Sales, demo, and support communications

This policy applies to website visitors, platform users, agents, supervisors, administrators, business customers, and customer end-users whose information may be processed inside support tickets.

2. Our Role

Spinek may act as a data processor when we process ticketing and customer support data on behalf of an organization using our platform. Spinek may also act as a data controller when we collect data directly for our own business purposes, such as website inquiries, demo requests, account administration, security monitoring, support, billing, and platform improvement. Each customer organization using Spinek is responsible for ensuring that it has the required permissions, notices, and legal basis to collect and process data through the platform.

3. Data We May Collect

Depending on how Spinek is used, we may process the following types of data:

Name

Email address

Phone number

Company name

Job title

User account details

Role and permission information

Customer profile information

Ticket content

Ticket status and history Internal notes and comments

Ticket attachments

SLA and workflow activity Agent actions and audit logs

Call-related case information

WhatsApp and social media request details

External application request data

Knowledge base content

Technical logs IP address and device information Browser and usage data Support and communication records


We only process data that is needed to provide, secure, operate, support, or improve Spinek services.

4. How We Use Data

We may use personal data to:

Provide and operate the Spinek platform

Create, assign, process, escalate, and resolve tickets

Manage customer profiles and case history

Support workflow automation

Track SLA performance

Enable user authentication and access control

Manage tenant configuration

Connect Spinek with approved third-party systems

Provide customer support and technical assistance

Improve platform reliability and performance

Monitor security and prevent misuse

Maintain audit logs and operational records

Respond to demo, sales, and support requests

Comply with legal, contractual, and regulatory obligations

5. AI-Assisted Support Features

Spinek may include AI-assisted features that help agents search knowledge base content, understand system usage, summarize information, or respond faster to customer inquiries. When AI features are enabled, Spinek may process ticket content, customer inquiries, knowledge base content, and related operational data to provide assistance to authorized users. Spinek is designed to keep customer data within the relevant tenant and controlled environment. Customer ticket data and knowledge base content are not used to train public AI models unless separately agreed in writing with the customer. Customers may request additional details about AI processing, data flow, hosting, and configuration before enabling AI-assisted features.

6. Hosting and Data Residency

For Saudi Arabia deployments, Spinek can be hosted inside the Kingdom of Saudi Arabia using Saudi-based infrastructure or approved hosting environments, depending on the customer’s contract and deployment model.

This helps support:

KSA data residency requirements

Regional hosting preferences

Lower latency for Saudi users

Improved governance and operational control

CST-aligned hosting discussions

Enterprise security and compliance reviews


Final compliance depends on the selected hosting provider, deployment model, customer configuration, and applicable legal or regulatory obligations.

7. Data Sharing

We do not sell personal data.

We may share data only when needed with:

Authorized users inside the customer’s tenant

Customer administrators and support teams

Approved hosting and infrastructure providers

Technology and integration providers

Security, monitoring, backup, and support providers

Professional advisers where required Government, regulatory, or legal authorities where legally required


Any third-party provider used to support Spinek must process data only for the agreed purpose and according to appropriate security and confidentiality requirements.

8. Integrations

Spinek may connect with third-party systems based on customer configuration.

Examples may include:

Genesys platforms

WhatsApp channels

Social media channels

External business applications

Identity providers

Notification services

Reporting or analytics tools


The data shared through integrations depends on how the customer configures the platform. Customers are responsible for approving integrations and ensuring that connected systems comply with their internal policies and applicable laws.

9. Security Measures

Spinek applies technical and organizational controls to protect customer and platform data.

These controls may include:

Tenant-based data separation

Role-based access control

Secure authentication

Encryption in transit

Encryption at rest where applicable

Audit logging Access monitoring Backup and recovery controls

Network and infrastructure security

Application security practices

Administrative access control

Security monitoring

Incident response procedures


No digital system can be guaranteed to be completely secure, but we work to maintain appropriate safeguards based on the nature of the data and the risks involved.

10. Data Retention

We keep personal data only for as long as needed to provide the service, meet contractual obligations, comply with legal requirements, resolve disputes, maintain security, and support legitimate business operations. Ticket data, attachments, audit logs, customer records, and workflow history are retained according to the customer’s contract, configuration, and applicable requirements. When data is no longer required, we delete, anonymize, or securely dispose of it according to applicable retention and deletion procedures.

11. Data Subject Rights

Depending on applicable law, individuals may have rights related to their personal data, including the right to:

Be informed about how data is processed

Request access to personal data

Request correction of inaccurate data

Request deletion where applicable

Withdraw consent where processing is based on consent

Object to certain processing activities where applicable

Request restriction of processing where applicable

Submit a complaint to the relevant authority


Where Spinek processes data on behalf of a customer organization, requests should usually be submitted directly to that organization. Spinek will support customers in responding to valid requests where required.

12. International Data Transfers

Spinek aims to process and host data according to customer requirements and applicable data residency obligations.

For Saudi Arabia deployments, data may be hosted inside Saudi Arabia where agreed with the customer.

If any personal data transfer outside Saudi Arabia is required, it will be handled according to applicable legal, contractual, and regulatory requirements.

13. Cookies and Website Analytics

The Spinek website may use cookies or similar technologies to improve website performance, understand visitor activity, support security, and enhance user experience.

Cookies may collect information such as:

Browser type

Device type

Pages visited

Time spent on pages

Referral source

Approximate location

Technical usage data

Visitors can control cookies through browser settings. Some website features may not work properly if cookies are disabled.

14. Customer Responsibilities

Organizations using Spinek are responsible for:

Informing their customers and users about data processing

Obtaining required permissions or consents where needed

Configuring user roles and permissions correctly

Approving integrations and data flows

Managing retention and deletion requirements

Ensuring ticket content is appropriate and lawful

Responding to data subject requests where they act as controller

15. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, security practices, or business operations. When we make updates, we will revise the “Last Updated” date above. For material changes, we may notify customers through appropriate channels.

Questions about privacy?

Contact Spinek at sales-spinek@alasilaicx.sa for questions, requests, or concerns about this Privacy Policy or the way your information is handled.