Government Data Request Policy
Last Updated: March 17, 2023
This Government Data Request Policy describes how we will respond to requests from law enforcement agencies or government authorities (collectively, “Government Authority”).
Hootsuite is committed to protecting the privacy of personal data under its custody and control. We will not disclose our customers’ personal data to any Government Authority unless we are instructed by the customer to do so, or as described in this Policy.
If we do receive an order by a Government Authority to disclose personal data relating to a particular customer, we will take the following steps:
Redirection of the request
We will first inform the Government Authority that we are not the original source of social media data. The original source of the social media data is managed and stored by the social networks. Hootsuite does not permanently store social media data received from social networks, except in very limited cases, as Hootsuite relies on real time APIs to retrieve the data which enables this information to be displayed in the services, and therefore, we are not the appropriate entity to receive these requests.
We will then attempt to redirect the request to the relevant customer so the customer may directly respond to the request. We may need to provide the customer’s basic contact information to the Government Authority for these purposes.
Notification
In the event that redirection is not possible, we would attempt to notify the customer unless we are legally prohibited from doing so. This would provide the customer with an opportunity to manage the request and seek a protective order or other appropriate remedy.
Reviewing the legality and enforceability of the request
Where we are compelled to respond, we would review the request to assess whether it is lawful and enforceable in the jurisdiction of the Hootsuite entity or Affiliate that controls the records that are the subject of the request, and determine if the request may need to be challenged. If the request is not lawful and enforceable, we will notify the Government Authority that we are unable to disclose any data.
Incompatibility with GDPR requirements
If Hootsuite is legally prohibited from notifying the customer of the request, and we have reason to believe that the request is incompatible with European data protection requirements and conflicts with our existing contractual commitments to our customers, we will notify the customer of our inability to comply with European Data Protection Laws, and the customer will have the right to immediately suspend any further processing of personal data and/or terminate its agreement with Hootsuite.
Minimizing the data provided
If it is determined that Hootsuite is required to provide information in response to a valid and legally binding request and/or order from a Government Authority, only the minimum information will be provided to the extent legally permissible.
Information Request - Statistics
Government Authority Statistics
The table below sets out the number of Government Authority information requests that Hootsuite receives annually.
Year | Number of Requests Received | Number of Times Data Disclosed |
---|---|---|
2022 | 3 | 0 |
2021 | 3 | 0 |
2020 | 0 | 0 |
2019 | 6 | 0 |
2018 | 2 | 0 |
2017 | 3 | 0 |
United States National Security Requests |
The table below sets out the number of Government Authority information requests that Sparkcentral receives annually.
Year | Number of Requests Received | Number of Times Data Disclosed |
---|---|---|
2022 | 0 | 0 |
2021 | 0 | 0 |
2020 | 0 | 0 |
2019 | 0 | 0 |
2018 | 0 | 0 |
2017 | 0 | 0 |
United States National Security Requests |
The table below sets out the number of Government Authority information requests that Heyday receives annually.
Year | Number of Requests Received | Number of Times Data Disclosed |
---|---|---|
2022 | 0 | 0 |
2021 | 0 | 0 |
2020 | 0 | 0 |
2019 | 0 | 0 |
2018 | 0 | 0 |
2017 | 0 | 0 |
United States National Security Requests |