Skip to main content
Back to home
Terms of UsePrivacy Policy

Socii Platform Privacy Policy

Last Updated: 11 April 2026

1. Introduction

1.1 Socii Book Pty Ltd (ACN 695 597 141) (trading as Socii) (we, us or our) operates a software platform accessible at sociibook.com and via the Socii application (together, the Platform).

1.2 We are committed to managing personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act).

1.3 This document sets out our policies for managing your personal information and is referred to as our Privacy Policy.

1.4 In this Privacy Policy, you and your refers to any individual about whom we collect personal information. This includes registered users, visitors to the Platform, and third parties whose personal information is submitted to or collected by the Platform.

1.5 If you have any queries about this Privacy Policy or the way we handle your personal information, please contact us using the details set out in section 20.

2. About the Platform

2.1 The Platform provides infrastructure for storing, tracking and managing referral relationships and related agreements. The Platform enables users to create business profiles, connect with other users, record and track introductions, manage events, communicate through a community board, access AI-assisted tools, and store referral agreements.

2.2 We are not a party to any referral agreement or arrangement between users of the Platform.

2.3 The Platform incorporates automated systems including algorithmic reputation scoring, adaptive interface personalisation, behavioural tracking, and AI-assisted features. These are described in this Privacy Policy.

3. Anonymity and Pseudonymity

3.1 The Platform requires users to register an account and provide accurate business and contact details in order to access and use the Platform.

3.2 It is not practicable for us to allow you to deal with us anonymously or using a pseudonym. This is because the Platform is designed to facilitate business-to-business referral relationships, which require users to identify themselves and their businesses to other users.

3.3 If you do not wish to provide personal information to us, you will be unable to use the Platform.

4. Information We Collect

4.1 The types of personal information we collect will depend on the circumstances of collection and your interaction with the Platform. The categories of information we may collect are set out below.

Account Registration

4.2 When you register for an account on the Platform, we collect:

  • your full name;
  • your email address;
  • your phone number (if provided); and
  • your password (stored securely using industry-standard encryption).

Business Profile

4.3 When you create and maintain a business profile, we may collect:

  • your business name;
  • your Australian Business Number (ABN);
  • your Australian Company Number (ACN);
  • your business address;
  • your industry;
  • your role and title;
  • your professional headline;
  • services offered and areas of specialty;
  • industry verticals;
  • geographic coverage areas;
  • ideal client description;
  • client types and client size preferences;
  • applicable legislation and professional conduct rules;
  • restraint of trade dates;
  • your profile photo and company logo;
  • your pitch description;
  • social media profile links; and
  • other professional information you choose to provide.

Referral Kit Data

4.4 Where you complete your referral kit on the Platform, we collect:

  • your ideal client description;
  • exclusions (clients you do not wish to receive);
  • talking points for referrers;
  • fit checklists;
  • key links and resources;
  • one-pager or capability statement uploads; and
  • deal criteria and preferences.

4.5 Referral kit data is made available to your connections on the Platform to assist them in making referrals on your behalf.

Personal and Social Data

4.6 You may optionally provide personal and social information including:

  • biography;
  • personal interests;
  • approach style;
  • birthday;
  • preferred drink order; and
  • dietary preferences.

4.7 Dietary preferences may constitute sensitive information. See section 12 for how we handle sensitive information.

Connection and Relationship Data

4.8 When you use the Platform to connect with other users, we collect information about:

  • connections made with other users;
  • connection tier and status;
  • how and where you met;
  • preferred contact cadence;
  • interaction history;
  • private insights and notes about connections; and
  • contact information for non-users added as connections (see section 11).

4.9 Private insights and notes you record about connections are visible only to you and are not shared with the connection or other users.

Lead and Introduction Data

4.10 When you record introductions or leads on the Platform, we collect:

  • lead title and description;
  • estimated value;
  • contact name, email and phone number of the introduced party;
  • lead status, conversion data and outcome;
  • attestation data, including mutual confirmation flags and client attestation tokens and responses; and
  • contextual notes about the introduction.

Agreement Data

4.11 When you create or manage agreements on the Platform, we collect:

  • commission type and fee structure;
  • billing company details;
  • agreement status and history; and
  • an audit trail of agreement actions (creation, acceptance, amendment, expiry).

Behavioural and Usage Data

4.12 When you use the Platform, we automatically collect:

  • pages viewed and features accessed;
  • clicks and interactions;
  • time spent on features;
  • feature affinity scores (computed from usage patterns); and
  • login history and timestamps.

4.13 Behavioural data is retained for 90 days on a rolling basis and is used for adaptive interface personalisation (see section 6.7).

Visitor Tracking Data

4.14 When you visit the Platform without logging in, we may collect:

  • a visitor identification cookie;
  • HMAC-signed visitor tokens (included in email links to recognise returning visitors);
  • UTM parameters and referral source data; and
  • IP-derived information (approximate geographic location, not stored individually).

4.15 Visitor tracking cookies expire after 12 months. Email visitor tokens expire after 30 days.

A/B Testing Data

4.16 We conduct A/B tests on marketing and interface copy. When you are exposed to an A/B test, we collect:

  • the variant shown to you;
  • your visitor identification cookie;
  • the timestamp of the impression; and
  • whether you completed a conversion action.

4.17 A/B test data is associated with your visitor identification cookie, not with your user account, unless you subsequently register an account.

Events Data

4.18 When you interact with events on the Platform, we collect:

  • event details (title, description, date, location, type);
  • RSVP status and responses;
  • dietary notes provided for events; and
  • invitee information (including email addresses of non-users invited to events).

Financial and Billing Data

4.19 When you subscribe to a paid plan, we collect:

  • your Stripe customer identifier;
  • your billing plan and subscription status;
  • billing company name and details; and
  • payment failure information.

4.20 We do not store your credit card number or full payment details. Payment processing is handled by Stripe, Inc. and is subject to Stripe's privacy policy.

Communications

4.21 We collect information contained in support requests, feedback, community board posts and other communications you send to us or post on the Platform.

Session and Device Data

4.22 When you access the Platform, we automatically collect:

  • IP address;
  • user agent (browser and device information);
  • session token and authentication timestamps; and
  • administrative audit log entries (for users with administrative access).

Sensitive Information

4.23 We collect the following categories of information that may constitute sensitive information under the Privacy Act:

  • dietary preferences (which may reveal information about religious beliefs or health conditions); and
  • professional conduct rules and applicable legislation (which may identify membership of a professional association).

4.24 We do not intentionally collect other categories of sensitive information. If you voluntarily include sensitive information in free-text fields (such as notes, descriptions or community posts), you consent to our collection and handling of that information in accordance with this Privacy Policy.

5. How We Collect Information

5.1 We collect personal information:

  • directly from you, when you register for an account, create or update your business profile, complete your referral kit, record introductions, create or manage agreements, RSVP to events, post on the community board, or communicate with us;
  • from other users of the Platform, when they record an introduction involving you or a third party, add you as a connection, or invite you to an event;
  • from third parties whose information is submitted to the Platform (for example, a client who provides an attestation in respect of a lead);
  • automatically, through cookies, visitor tracking technologies, behavioural tracking, analytics tools and server logs when you access the Platform; and
  • from third-party services we integrate with, including Stripe (payment processing), Google (authentication), LinkedIn (authentication), and HubSpot (CRM mirror, when you choose to connect a HubSpot portal).

6. Purposes of Collection and Use

6.1 We collect and use personal information for the following purposes:

  • to provide and operate the Platform;
  • to create and manage user accounts;
  • to enable connections between users;
  • to record and track introductions and leads;
  • to store and manage referral agreements;
  • to facilitate referral kit sharing between connections;
  • to organise and manage events and RSVPs;
  • to operate the community board;
  • to process subscriptions and billing;
  • to compute trust scores and assign trust tiers (see section 6.2);
  • to determine eligibility for Verified Dealmaker badges (see section 6.5);
  • to personalise the interface based on usage patterns (see section 6.7);
  • to provide AI-assisted features (see section 6.8);
  • to conduct A/B testing on marketing and interface copy (see section 6.11);
  • to recognise returning visitors and personalise marketing content;
  • to send automated communications (see section 6.12);
  • to communicate with you about your account, the Platform and our services;
  • to send you marketing communications in accordance with section 7;
  • to improve the Platform and develop new features;
  • to comply with our legal obligations;
  • to enforce our terms of use; and
  • for security purposes and to prevent fraud.

Trust Score and Automated Decision-Making

6.2 The Platform computes a trust score for each user based on the following dimensions:

  • profile completeness;
  • connection depth and reciprocity;
  • lead volume and conversion rates;
  • agreement compliance and renewal history;
  • vouches received from other users;
  • client attestation outcomes;
  • community engagement; and
  • platform tenure and login consistency.

6.3 Trust scores are used to assign users to trust tiers (Proven, Rising or New). Trust tiers affect:

  • default sort order in search and discovery features (higher trust users appear first);
  • priority for automatic event invitations; and
  • visibility indicators shown to other users (trust tier badges).

6.4 Trust scores are computed algorithmically without human review. You may contact us to request an explanation of your trust tier or to raise a concern about its accuracy.

Verified Dealmaker Badge

6.5 The Platform awards a Verified Dealmaker badge to users who meet the following criteria:

  • 10 or more converted leads;
  • 5 or more vouches received across at least 3 distinct vouch dimensions; and
  • at least 1 year of active Platform membership.

6.6 Verified Dealmaker status is computed daily by an automated process. It confers additional visibility and priority within the Platform.

Adaptive Interface Personalisation

6.7 The Platform uses behavioural data (see section 4.12) to personalise the user interface, including reordering navigation items and dashboard widgets based on your usage patterns. This personalisation is computed from your own activity data and does not involve profiling against other users. You may contact us if you wish to reset your personalisation data.

AI-Assisted Features

6.8 The Platform provides AI-assisted features including:

  • referral matching suggestions (identifying which connections may be suitable for a given referral);
  • draft introduction messages;
  • network health alerts (identifying dormant connections or underutilised relationships);
  • deal flow briefings (curated summaries of relevant community activity); and
  • network value analysis.

6.9 AI-assisted features are powered by language models provided by Anthropic, PBC. When you use AI-assisted features, relevant data from your profile, connections, leads and agreements may be sent to Anthropic's API for processing. Anthropic's data handling practices are described in Anthropic's privacy policy.

6.9.1 Specifically, the following profile fields may be sent to Anthropic when you use Quick-Fill enrichment: your LinkedIn URL, full name, current company, current role, the additional context you type into the Quick-Fill prompt, and any existing values for your headline, bio, expertise, location, approach style, referral philosophy, and connect-with statement. For company enrichment, we additionally send the company name, website, and your role at that company. We do not send connection lists, lead notes, vouch text, or message contents to Anthropic.

6.10 AI-generated outputs (such as draft messages or suggestions) are not sent, shared or acted upon without your review and approval.

A/B Testing

6.11 We conduct A/B tests using a statistical method (Thompson Sampling) to optimise marketing and interface copy. A/B test participation is based on your visitor identification cookie and does not use personal information from your user account to determine variant assignment.

Automated Communications

6.12 The Platform sends automated communications including:

  • agreement renewal reminders;
  • follow-up reminders for leads and introductions;
  • event RSVP reminders;
  • post-event follow-up nudges;
  • referral qualification notifications;
  • network health alerts;
  • deal flow briefings;
  • weekly activity digests;
  • client attestation requests;
  • nomination notifications; and
  • subscription and billing notifications.

6.13 Automated communications relating to your account and Platform activity are transactional and cannot be unsubscribed from while your account is active.

6.14 Marketing communications can be unsubscribed from at any time (see section 7).

7. Direct Marketing

7.1 We may use your personal information to send you marketing communications about our products, services, events and promotions that may be of interest to you.

7.2 You may opt out of receiving marketing communications from us at any time by:

  • clicking the unsubscribe link in any marketing email you receive from us;
  • updating your communication preferences in your account settings; or
  • contacting us using the details set out in section 21.

7.3 If you opt out of receiving marketing communications, we may still contact you in relation to your account, transactions, and other non-marketing matters relating to the Platform.

7.4 We do not sell your personal information to third parties for their marketing purposes.

8. Unsolicited Personal Information

8.1 From time to time, we may receive personal information that we have not requested or solicited. This may occur, for example, when a user records an introduction that contains personal information about a third party, or when a user adds a non-user as a connection.

8.2 Where we receive unsolicited personal information, we will determine whether we could have collected the information under the APPs. If so, we will handle that information in accordance with this Privacy Policy. If not, we will destroy or de-identify the information (provided it is lawful and reasonable to do so).

9. Disclosure of Information

9.1 We may disclose your personal information to:

  • other users of the Platform, to the extent that your profile information, referral kit, trust tier and badges are visible to your connections, and lead details are visible to relevant partners, in accordance with the Platform functionality;
  • our service providers, including hosting providers, payment processors, analytics providers, AI service providers and email delivery services, under appropriate contractual arrangements;
  • our professional advisers, including lawyers and accountants, who are bound by confidentiality obligations;
  • regulatory authorities or law enforcement agencies, where required or authorised by law or in response to a court order or lawful government request;
  • a third party in connection with a business transfer, if we sell, merge or transfer any part of our business;
  • third parties who provide attestations in respect of leads, to the extent necessary to facilitate the attestation process; and
  • any other party where you have consented to such disclosure.

9.2 Lead contact details are not shared beyond the relevant partner relationship on the Platform.

9.3 Private notes and insights you record about connections are not disclosed to those connections or to other users.

9.4 Community board posts are visible to all registered users of the Platform in accordance with the applicable visibility settings.

10. Cross-Border Disclosure

10.1 We use service providers that are located in, or store data in, countries outside Australia. As at the date of this Privacy Policy, these include:

  • Stripe, Inc. (payment processing) - United States;
  • Resend, Inc. (email delivery) - United States;
  • Google LLC (authentication and analytics) - United States;
  • LinkedIn Corporation (authentication) - United States;
  • Sentry (error monitoring) - United States;
  • Inngest, Inc. (workflow automation) - United States;
  • Replit, Inc. (application hosting and file storage for profile photos, agreement attachments, referral kits and other user-uploaded documents) - United States;
  • Anthropic, PBC (AI language model services) - United States; and
  • HubSpot, Inc. (CRM mirror, only for users who connect a HubSpot portal) - United States. When you connect HubSpot, we send: deal name, deal status, deal close date, deal amount, a short context summary (truncated to 280 characters), referrer name and trust score, contact first/last name, contact email, contact phone, contact headline, the dimension on which a vouch was given, and the count of vouches received. We do not send: the full body of introduction emails you write, your private memos beyond the truncated context summary, or any data about connections you have not explicitly synced.

10.2 Where we disclose your personal information to overseas recipients, we take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to your personal information, or that an exception under the APPs applies.

10.3 By using the Platform, you acknowledge that your personal information may be transferred to, stored in, and processed in the United States and other countries where our service providers operate.

11. Data Collected From and About Non-Users

11.1 The Platform allows registered users to submit personal information about individuals who are not registered users of the Platform (non-users). This section describes the circumstances in which non-user data is collected and how it is handled.

Client Attestation

11.2 A registered user may request that a client (who may be a non-user) provide an attestation confirming the outcome of a referral. When this occurs, the client receives an email containing a unique attestation link. The client's response (confirmation or decline) is recorded on the Platform.

11.3 The attestation email identifies the referring user and the nature of the referral. The client's email address and response are stored for the purpose of verifying the referral outcome.

Event Invitations

11.4 A registered user may invite non-users to events by providing their email address. Non-users who are invited to events will receive an invitation email. Their email address and RSVP response (if any) are stored on the Platform.

Lead and Introduction Contact Details

11.5 When a registered user records a lead or introduction, they may provide the contact name, email address and phone number of the introduced party, who may be a non-user. This information is stored on the Platform and is visible only to the parties to the relevant referral relationship.

Partner Applications

11.6 Individuals who apply to become a Partner submit their name, email address, company name, industry, and a description of their network. This information is stored and reviewed by our team.

Calculator Captures and Referral Audit Submissions

11.7 Visitors who use the referral fee calculator or submit a referral audit request may provide their name, email address, company name and related financial information. This information is stored for the purpose of responding to the enquiry and for marketing purposes (subject to section 7).

Connection Records About Non-Users

11.8 A registered user may add a non-user as a connection, providing their name, email, phone number and notes. This information is visible only to the user who added it. If the non-user subsequently registers on the Platform, the connection record may be linked to their account.

12. Sensitive Information

12.1 We collect the following categories of information that may constitute sensitive information under the Privacy Act:

  • dietary preferences (which may reveal information about religious beliefs or health conditions); and
  • professional conduct rules and applicable legislation (which may identify membership of a professional association).

12.2 We collect dietary preferences for the purpose of catering at events and collect professional conduct information for the purpose of agreement compliance. We do not use this information for any other purpose.

12.3 By providing sensitive information to us, you consent to our collection, use and disclosure of that information in accordance with this Privacy Policy.

12.4 If you do not wish to provide sensitive information, you may leave the relevant fields blank. This may limit certain functionality (for example, dietary preferences will not be communicated to event organisers).

13. Data Retention

13.1 We retain your personal information for as long as your account is active or as needed to provide you with the Platform and our services.

13.2 Following closure of your account, we will retain your personal information for a period of 7 years for the purposes of complying with our legal obligations, resolving disputes and enforcing our agreements.

13.3 After the expiry of the retention period, we will delete or anonymise your personal information.

13.4 Specific data types are subject to the following retention periods:

  • behavioural and usage data: 90 days on a rolling basis;
  • visitor tracking cookies: 12 months;
  • email visitor tokens: 30 days;
  • A/B test impression data: retained for the duration of the experiment plus 90 days;
  • session tokens: duration of the active session;
  • administrative audit logs: 7 years;
  • agreement documents and audit trails: 7 years following account closure; and
  • lead and introduction records: 7 years following account closure.

13.5 Non-user data (see section 11) is retained for as long as the registered user who submitted it maintains an active account, and thereafter in accordance with the retention periods above.

13.6 You may request deletion of your data by contacting us using the details set out in section 21. Deletion requests are subject to our legal retention obligations.

14. Access and Correction

14.1 You may access and update certain personal information we hold about you through your account settings on the Platform.

14.2 You may request access to any personal information we hold about you by contacting us using the details set out in section 21.

14.3 We will respond to your request within 30 days. We may require verification of your identity before providing access to your personal information.

14.4 You will not be charged for making an access request, but we may charge a reasonable fee for the time and expense of providing access if your request requires substantial effort.

14.5 If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you may request that we correct that information. We will take reasonable steps to correct the information upon receiving such a request.

14.6 We may refuse a request for access or correction in circumstances permitted by the APPs. If we refuse a request, we will provide you with written reasons for the refusal.

15. Cookies and Tracking Technologies

15.1 The Platform uses cookies and similar technologies. A cookie is a small file stored on your device that assists in managing customised settings and delivering content.

15.2 We use the following types of cookies:

  • Essential cookies, which are necessary for the Platform to function (including session authentication cookies);
  • Functional cookies, which enable enhanced functionality and personalisation (including visitor recognition cookies);
  • Analytics cookies, which help us understand how users interact with the Platform; and
  • A/B testing cookies, which assign you to test variants for copy optimisation experiments.

15.3 We use third-party analytics services to collect information about your use of the Platform. This information is used to compile reports and help us improve the Platform.

15.4 You can manage your cookie preferences through your browser settings. However, disabling cookies may affect the functionality of the Platform, including the ability to log in.

15.5 The Platform displays a cookie consent notice to first-time visitors. Essential cookies are set regardless of consent as they are necessary for the Platform to function.

15.6 For information about specific cookies used by the Platform and their retention periods, please contact us using the details in section 21.

16. Security

16.1 We take reasonable steps to protect your personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.

16.2 Our security measures include:

  • encryption of data in transit and at rest;
  • access controls to limit access to personal information to authorised personnel; and
  • regular security reviews.

16.3 However, no data transmission over the internet or data storage system can be guaranteed to be completely secure. We cannot guarantee the absolute security of your personal information.

16.4 You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

17. Data Breaches

17.1 We have procedures in place to respond to suspected or actual data breaches.

17.2 If we experience a data breach that is likely to result in serious harm to any individual whose personal information is involved, we will:

  • take reasonable steps to contain the breach and mitigate any resulting harm;
  • assess the breach to determine whether it is an eligible data breach under the Privacy Act;
  • if the breach is an eligible data breach, notify the Office of the Australian Information Commissioner and affected individuals as required under Part IIIC of the Privacy Act; and
  • take steps to prevent future breaches.

18. Third-Party Links and Children's Privacy

Third-Party Links

18.1 The Platform may contain links to third-party websites, applications or services.

18.2 We are not responsible for the privacy practices of any third party. We encourage you to review the privacy policies of any third-party websites you visit.

Children's Privacy

18.3 The Platform is not intended for persons under the age of 18.

18.4 We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information.

19. Changes to This Privacy Policy

19.1 We may update this Privacy Policy from time to time.

19.2 We will notify you of any material changes by email or through a notice on the Platform.

19.3 Your continued use of the Platform following notification of changes constitutes your acceptance of the updated Privacy Policy.

19.4 The date of the most recent update is displayed at the top of this Privacy Policy.

20. Complaints

20.1 If you have any concerns about this Privacy Policy or the way we have handled your personal information, you may lodge a complaint with us.

20.2 Complaints should be directed to our Privacy Officer using the contact details set out in section 21.

20.3 We will acknowledge receipt of your complaint within 5 business days.

20.4 We will investigate your complaint and will use reasonable efforts to respond within 30 days. If we require additional time to investigate your complaint, we will notify you.

20.5 If you are not satisfied with our response to your complaint, or you consider that we may have breached the APPs or the Privacy Act, you may make a complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted:

  • by telephone on 1300 363 992; or
  • via the OAIC website at www.oaic.gov.au.

21. Contact

21.1 If you have any questions about this Privacy Policy or wish to make an access or correction request, please contact our Privacy Officer:

Socii Book Pty Ltd
Socii Privacy Officer
Email: hello@sociibook.com
Website: sociibook.com

See also our Terms of Use.