1.Who we are
This Privacy Policy explains how Spiike ("Spiike", "we", "us") collects, uses, and protects personal data when you use the Spiike platform at spiike.ai (the "Service").
For data we process about our own users and visitors, we act as a data controller. For personal data contained in the content and lists you upload to run your campaigns, we generally act as a data processor on your behalf — you remain the controller and are responsible for having a lawful basis. For any data question, contact hello@spiike.ai.
2.Information we collect
We collect the following categories of personal data:
- Account information — your name, work email, organisation, and securely hashed login credentials.
- Usage & technical data — actions taken in the product, features used, plus IP address, approximate location derived from it, browser, and device information, collected for security, performance, and product analytics.
- Payment data — handled by our payment provider Paddle. We receive limited transaction metadata (e.g. plan, status, country, last four digits) but never your full card number.
- Communications — messages, support requests, and feedback you send us.
- Creator submissions — videos, audio, images, captions, and the transcripts and analysis we generate from them, uploaded for review (see section 5).
- Influencer data — information about public creator profiles and content (see section 6).
3.How & why we use your data
We use personal data to operate, secure, and improve the Service, and we rely on the following legal bases under the GDPR / UK GDPR:
- Performance of a contract — to create your account, provide the Service, and process your Subscription.
- Legitimate interests — to secure and improve the Service, prevent fraud and abuse, understand product usage, and provide Influencer Data, balanced against your rights.
- Legal obligation — to comply with law, including tax and accounting.
- Consent — where we ask for it, such as optional product emails. You can withdraw consent at any time.
We do not sell your personal data, and we do not use the content you upload to train our own or any third party's general-purpose AI models.
4.AI & automated processing
The Service uses AI to generate transcripts, scores, brand-match estimates, and creative-review feedback. We send the relevant content to third-party AI providers strictly to produce these outputs for you.
AI outputs are decision-support only. We do not make solely automated decisions about individuals that produce legal or similarly significant effects — a person on your team reviews and approves outcomes. Our AI providers process your content only to generate outputs for you and do not use it to train their models.
5.Creator submissions
When a creator uploads content through a branded submission link, we process that content (and the audio, transcript, and analysis derived from it) to perform the review requested by the customer who owns the campaign. For this content we act as a processor on behalf of that customer.
If you generate submission links, you are responsible for informing creators, as the law requires, that their submission will be processed and analysed by automated means for campaign review. Creators with questions about a specific submission should contact the brand or agency that requested it; we will support that customer in responding.
6.Influencer data
Influencer Data is sourced from publicly accessible social-media profiles and content through public interfaces and other public means. We process only information creators have made public in a professional capacity. We do not knowingly collect private content or special categories of personal data.
Our legal basis is legitimate interest: professionals who publish their information publicly for business purposes reasonably expect it to be used for business and marketing discovery. A creator may object to this processing or ask us to remove their information by emailing hello@spiike.ai; we will action reasonable requests.
7.Sharing & sub-processors
We do not sell personal data. We share it only with service providers ("sub-processors") that are strictly necessary to run the Service, each bound by contract to protect it and to process it only on our instructions. These providers fall into the following categories: application hosting and database; media and file storage; payment, tax and invoicing (Merchant of Record); product analytics; AI providers that generate transcripts, scores, brand-match estimates and creative-review feedback; public data sourcing for Influencer Data; and transactional email delivery. Business customers can request our current, named list of sub-processors under our Data Processing Agreement (DPA). We keep that list current and notify customers under a DPA before a new sub-processor starts processing their data. We may also disclose data where required by law, or to protect our rights, our users, or the public.
8.International transfers
Spiike operates internationally, so your data may be processed in countries outside your own, including the United States. Where we transfer personal data from the EEA or UK to a country without an adequacy decision, we put appropriate safeguards in place, such as the European Commission's Standard Contractual Clauses (and the UK Addendum). You can request more detail at hello@spiike.ai.
9.Data retention
We keep account and campaign data while your account is active and for as long as needed to provide the Service. Creator submissions and their transcripts are retained for the period needed to run and reference the campaign, then deleted or anonymised. We may keep limited records longer where required for legal, tax, or fraud-prevention purposes. You can ask us to delete your data at any time, subject to those obligations.
10.Security
We apply industry-standard measures to protect your data, including encryption in transit (HTTPS/TLS), hashed passwords, access controls, and secure session cookies. No system is perfectly secure, but we work to protect your data and will notify you and any regulator of a breach where the law requires. Report concerns to hello@spiike.ai.
11.Cookies & analytics
We use a strictly necessary authentication cookie to keep you signed in. We also use Mixpanel (hosted in its EU data centre) for privacy-conscious product analytics that help us understand how the Service is used and improve it. We do not run advertising or cross-site tracking cookies. Where required, we ask for consent to non-essential analytics, and you can control cookies through your browser settings.
12.Your rights
Depending on where you live, you may have the right to:
- access the personal data we hold about you, and receive a copy;
- correct inaccurate data, or complete incomplete data;
- delete your data, or restrict or object to certain processing;
- port your data to another service;
- withdraw consent where processing is based on it.
To exercise these rights, email hello@spiike.ai. We will respond within the time the law allows. EEA/UK residents may also lodge a complaint with their local supervisory authority. California residents have rights under the CCPA/CPRA, including to know, delete, and opt out of "sales" (we do not sell personal data) — you will not be discriminated against for exercising them.
13.Children
The Service is for business use by people aged 18 or over and is not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact hello@spiike.ai and we will delete it.
14.Changes to this policy
We may update this Privacy Policy from time to time. If a change is material, we will notify registered users by email or in-product notice before it takes effect. The "last updated" date above always reflects the current version.
15.Contact
For any privacy question or data request, contact us at hello@spiike.ai.