Legal
Effective July 6, 2026
Privacy Policy
This Privacy Policy explains how Spinek collects, uses, stores, protects, and processes personal data when you visit our website, request a demo, contact us, or use the Spinek ticketing system and customer experience platform.
Spinek helps organizations centralize, review, automate, and resolve customer tickets from manual requests, external applications, Genesys calls, WhatsApp, social media channels, and other support sources.
At a glance
What we collect
Account information, Ticket metadata, SLA workflow activity, knowledgebase content, and technical information needed to provide the service.
How we use it
To operate Spinek, improve product reliability, respond to requests, and meet legal obligations.
Your choices
You can request access, correction, deletion, portability, or restriction of your personal information.
Contact us
Questions about this policy can be sent to sales-spinek@alasilaicx.sa.
1. What This Policy Covers
This Privacy Policy applies to personal data processed through:
Spinek website
Spinek ticketing platform
Customer support workflows
Customer profiles
Ticket comments and attachments
Knowledge base content
Integrations and connected systems
AI-assisted support features Sales, demo, and support communications
This policy applies to website visitors, platform users, agents, supervisors, administrators, business customers, and customer end-users whose information may be processed inside support tickets.
2. Our Role
Spinek may act as a data processor when we process ticketing and customer support data on behalf of an organization using our platform. Spinek may also act as a data controller when we collect data directly for our own business purposes, such as website inquiries, demo requests, account administration, security monitoring, support, billing, and platform improvement. Each customer organization using Spinek is responsible for ensuring that it has the required permissions, notices, and legal basis to collect and process data through the platform.
3. Data We May Collect
Depending on how Spinek is used, we may process the following types of data:
Name
Email address
Phone number
Company name
Job title
User account details
Role and permission information
Customer profile information
Ticket content
Ticket status and history Internal notes and comments
Ticket attachments
SLA and workflow activity Agent actions and audit logs
Call-related case information
WhatsApp and social media request details
External application request data
Knowledge base content
Technical logs IP address and device information Browser and usage data Support and communication records
We only process data that is needed to provide, secure, operate, support, or improve Spinek services.
4. How We Use Data
We may use personal data to:
Provide and operate the Spinek platform
Create, assign, process, escalate, and resolve tickets
Manage customer profiles and case history
Support workflow automation
Track SLA performance
Enable user authentication and access control
Manage tenant configuration
Connect Spinek with approved third-party systems
Provide customer support and technical assistance
Improve platform reliability and performance
Monitor security and prevent misuse
Maintain audit logs and operational records
Respond to demo, sales, and support requests
Comply with legal, contractual, and regulatory obligations
5. AI-Assisted Support Features
Spinek may include AI-assisted features that help agents search knowledge base content, understand system usage, summarize information, or respond faster to customer inquiries. When AI features are enabled, Spinek may process ticket content, customer inquiries, knowledge base content, and related operational data to provide assistance to authorized users. Spinek is designed to keep customer data within the relevant tenant and controlled environment. Customer ticket data and knowledge base content are not used to train public AI models unless separately agreed in writing with the customer. Customers may request additional details about AI processing, data flow, hosting, and configuration before enabling AI-assisted features.
6. Hosting and Data Residency
For Saudi Arabia deployments, Spinek can be hosted inside the Kingdom of Saudi Arabia using Saudi-based infrastructure or approved hosting environments, depending on the customer’s contract and deployment model.
This helps support:
KSA data residency requirements
Regional hosting preferences
Lower latency for Saudi users
Improved governance and operational control
CST-aligned hosting discussions
Enterprise security and compliance reviews
Final compliance depends on the selected hosting provider, deployment model, customer configuration, and applicable legal or regulatory obligations.
7. Data Sharing
We do not sell personal data.
We may share data only when needed with:
Authorized users inside the customer’s tenant
Customer administrators and support teams
Approved hosting and infrastructure providers
Technology and integration providers
Security, monitoring, backup, and support providers
Professional advisers where required Government, regulatory, or legal authorities where legally required
Any third-party provider used to support Spinek must process data only for the agreed purpose and according to appropriate security and confidentiality requirements.
8. Integrations
Spinek may connect with third-party systems based on customer configuration.
Examples may include:
Genesys platforms
WhatsApp channels
Social media channels
External business applications
Identity providers
Notification services
Reporting or analytics tools
The data shared through integrations depends on how the customer configures the platform. Customers are responsible for approving integrations and ensuring that connected systems comply with their internal policies and applicable laws.
9. Security Measures
Spinek applies technical and organizational controls to protect customer and platform data.
These controls may include:
Tenant-based data separation
Role-based access control
Secure authentication
Encryption in transit
Encryption at rest where applicable
Audit logging Access monitoring Backup and recovery controls
Network and infrastructure security
Application security practices
Administrative access control
Security monitoring
Incident response procedures
No digital system can be guaranteed to be completely secure, but we work to maintain appropriate safeguards based on the nature of the data and the risks involved.
10. Data Retention
We keep personal data only for as long as needed to provide the service, meet contractual obligations, comply with legal requirements, resolve disputes, maintain security, and support legitimate business operations. Ticket data, attachments, audit logs, customer records, and workflow history are retained according to the customer’s contract, configuration, and applicable requirements. When data is no longer required, we delete, anonymize, or securely dispose of it according to applicable retention and deletion procedures.
11. Data Subject Rights
Depending on applicable law, individuals may have rights related to their personal data, including the right to:
Be informed about how data is processed
Request access to personal data
Request correction of inaccurate data
Request deletion where applicable
Withdraw consent where processing is based on consent
Object to certain processing activities where applicable
Request restriction of processing where applicable
Submit a complaint to the relevant authority
Where Spinek processes data on behalf of a customer organization, requests should usually be submitted directly to that organization. Spinek will support customers in responding to valid requests where required.
12. International Data Transfers
Spinek aims to process and host data according to customer requirements and applicable data residency obligations.
For Saudi Arabia deployments, data may be hosted inside Saudi Arabia where agreed with the customer.
If any personal data transfer outside Saudi Arabia is required, it will be handled according to applicable legal, contractual, and regulatory requirements.
13. Cookies and Website Analytics
The Spinek website may use cookies or similar technologies to improve website performance, understand visitor activity, support security, and enhance user experience.
Cookies may collect information such as:
Browser type
Device type
Pages visited
Time spent on pages
Referral source
Approximate location
Technical usage data
Visitors can control cookies through browser settings. Some website features may not work properly if cookies are disabled.
14. Customer Responsibilities
Organizations using Spinek are responsible for:
Informing their customers and users about data processing
Obtaining required permissions or consents where needed
Configuring user roles and permissions correctly
Approving integrations and data flows
Managing retention and deletion requirements
Ensuring ticket content is appropriate and lawful
Responding to data subject requests where they act as controller
15. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, security practices, or business operations. When we make updates, we will revise the “Last Updated” date above. For material changes, we may notify customers through appropriate channels.
Questions about privacy?
Contact Spinek at sales-spinek@alasilaicx.sa for questions, requests, or concerns about this Privacy Policy or the way your information is handled.