Data & security information for Haiilo Advocacy


Haiilo has the ISO 27001 security certificate, which is the strictest international standard in information security management.

The audit and certification process to gain the certificate covers a very extensive range of fields from security policies to operational continuity management, physical security, access management, compliance with legal requirements, in-house processes and backup systems. It gives rise to the regular reassessment of risks and results in constant improvement.

You can read more about the ISO 27001 Certification here. Additionally, Haiilo's Privacy Policy and Terms of Service are also available for your review.


Haiilo Advocacy obtains the following personal data:

  • First name, last name, and email address used for system emails and authentication
  • Authentication code from the social networks in the form of OAuth (version 1 and 2) tokens, which are random strings generated by social networks and do not include the username nor the password to the respective social networks. The tokens are only used to interact with the respective social networks on behalf of the user (with the user's consent) in situations such as sharing content on social media.

For each social media network you connect, Haiilo also collects data about the number of your connections (your reach) and uses your public profile from your social account to update your profile picture on Haiilo. Haiilo does not collect personal data about your connections or other actions you take on your social media accounts that do not concern Haiilo. 

When you complete a share from Haiilo, Haiilo collects the data on how many clicks, likes, comments and re-shares your connections do with the content shared. Haiilo does not collect information about who engages with your content or what/how they comment.

Your personal data will not be visible to Haiilo and Haiilo will only post the content on your accounts that you have selected to share.

Social network permissions

When connecting social media accounts to Haiilo for social sign-in or content sharing, users will be prompted by the social networks to grant certain permissions to enable these features.

Below are answers to frequently asked questions on obtaining data from social networks:

  • For each social media network you connect, Haiilo collects:
    • The above-mentioned token
    • The number of your connections (used to calculate potential reach)
    • The number of your shares from Haiilo
    • The number of clicks on your shares from Haiilo
    • The number of reactions (likes, comments, reshares) on your shares from Haiilo
  • No, your personal data will not be visible to Haiilo. We do not collect information about your actions on your social account other than your shares from Haiilo.
  • Only the quantitative number of your connections is collected; no information on individual connections or the actions they take on your account. Haiilo collects the quantitative number of clicks and reactions on your shares from Haiilo, but no information about who engages with your content or what/how they comment.
  • To share posts and gather clicks, reactions, and connection data from your social account, social networks require an authorization process that is standard for all third-party programs creating a connection.

    The social networks predetermine the permission message based on the authorization scope required for sharing and collecting clicks, reactions, and connections. Haiilo cannot influence the terminology in the permission messages from the social networks.

Was this article helpful?