Login ChangeMonitor hover
Login FarEarth hover
Pinkmatter-logo-with-tag-line

Calibrate new optical sensors and rapidly roll out processing for your Earth observation constellations

Pinkmatter Solutions FarEarth
Pinkmatter Solutions Antenna Hosting
Pinkmatter Solutions Change Monitor for Mines

Pinkmatter Privacy Notice 

Effective on: 1 May 2025 

Last modified on: 1 May 2025 

Introduction 

Pinkmatter Solutions (Pty) Ltd and all affiliates listed below under “Entities Covered by This Privacy Notice” (collectively “Pinkmatter”, “we”, “us”, “our”) take the protection of personal data (“Personal Data”) very seriously. Please read this privacy notice (the “Notice”) to learn what we are doing with your Personal Data, how we protect it, and what privacy rights you may have under applicable data protection and privacy laws, such as the European Union General Data Protection Regulation (“GDPR”). 

What Is Covered by this Privacy Notice? 

This Notice addresses data subjects whose Personal Data we may receive from our customers (“Customers”) in our web-based software applications “FarEarth,” “Antenna Hosting,” “Change Monitor for Mines”, and related support services (collectively, the “Services”). In these cases, we do not decide why or how that Personal Data will be processed. Our Customers use our Services to store and process their own customers’ or employees’ Personal Data. In these cases, we act only as a storage and service provider. We do not decide what Personal Data is being stored, and in general we will only access such Personal Data at our Customers’ request in connection with Customer support or account administration matters. We will only access Personal Data in such cases to provide the services that our Customers have directed us to provide, or if we are required to do so by law.  

When you give your data to one of our Customers or when we collect your Personal Data on their behalf, our Customer’s privacy notice, rather than this Notice, will apply to our processing of your Personal Data. If you have a direct relationship with one of our Customers, please contact them to exercise your privacy rights. 

In addition, this Notice addresses data subjects (which includes both individuals and households) whose Personal Data we: 

  • receive from our Customers in the course of promoting or providing the Services or Customer support services; 
  • receive directly through our website(s) and other online systems; 
  • receive from our business partners; or 
  • process to promote or provide our products and services. 

While the processing of satellite images is one of our core services, when this Notice refers to “processing,” it generally means the processing of Personal Data, unless the context clearly indicates it relates to the processing of satellite images. 

What Is Not Covered by this Privacy Notice? 

Human Resources Personal Data 

This Notice does not apply to the Personal Data of employees, job applicants, contractors, business owners, directors, or officers of Pinkmatter.  

Information Which Does Not Constitute Personal Data 

If we do not maintain information in a manner that identifies, relates to, describes, or is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular individual or household, such information is not considered Personal Data, and this Notice will not apply to our processing of that information. 

What Can You Find in this Notice? 

This Notice tells you, among other things: 

  • What Personal Data we collect about you and how we obtain it; 
  • The legal bases for processing your Personal Data; 
  • For what purposes we use that Personal Data; 
  • How long we keep your Personal Data; 
  • With whom we share your Personal Data; 
  • Your rights about the Personal Data we collect about you and how you can exercise those rights; 
  • How we protect your Personal Data; and
  • How to contact us. 

Our Role With Respect to Your Personal Data 

Within the scope of this Notice, Pinkmatter acts as a data controller for the Personal Data we process. This means that we decide how and why Personal Data is collected and further processed. 

There are a few limited instances where Pinkmatter acts as a data processor or “service provider”, for the Personal Data we process for our Customers when providing our services. This means that our Customers determine the type of Personal Data they provide for us to process on their behalf. We typically have no direct relationship with the individuals whose Personal Data we receive from our Customers. 

Entities Covered by this Privacy Notice 

This Notice covers Pinkmatter Solutions (Pty) Ltd and Pinkmatter Europe GmbH. 

Lawful Bases for Processing 

To use your Personal Data, we must have a valid reason, which under some laws is called the “lawful basis for processing” or “legal grounds for processing.” When we act as a data controller, we may process your Personal Data based on these reasons: 

  • Your Consent: Sometimes, we will use your Personal Data because you actively indicated it is okay that we do so. This includes, for example, where you provided Pinkmatter with your email address and agreed to let us contact you. 
  • Keeping Our Agreement Obligations: This includes using your Personal Data to fulfill our agreement with you by providing services to you or licenses or subscription access to our software applications and services.  
  • Legitimate Interests: We sometimes use your Personal Data because we believe it is in our best interest or the interest of someone else. Legitimate interests work when we use your Personal Data in ways that make sense and do not intrude on your privacy much. Or when we have a very good reason for it. Here is what it normally means for us: 
  • Product Improvement: We may use data to enhance the features and functionality of the Services, making them more useful and user-friendly.
  • Customer Engagement: Keeping users, subscribers and others informed about updates, new features, and content that may interest them.
  • Research and Development: Using aggregated and anonymized data to conduct research on trends and user behavior to improve the Services.
  • Marketing and Promotion: Promoting our products and servicesto a wider audience and providing tailored recommendations based on user data.
  • Security and Fraud Prevention: Protecting the Services and users from security threats, fraud, and abuse.
  • Legal Compliance: Ensuring compliance with relevant laws and regulations, including the rules from other countries besides yours.
  • Business Operations: Managing day-to-day operations and ensuring the application’s sustainability and growth. 
  • Following the Law: This includes processing your Personal Data to follow the law, such as keeping records of your cookie choices to comply with EU law, such as the e-Privacy Directive and the General Data Protection Regulation. 
  • Other Reasons: This includes using your data for any other reason that the law allows. 

When we use your Personal Data because you gave us permission (consent), you can change your mind at any time. However, this will not undo the things we did with your data before you changed your mind. It also will not change the things we are allowed to do with your data based on other reasons. 

Where we receive your Personal Data as part of providing our services to you to fulfill a contract, we require such Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to provide the services to you. 

If you gave us permission – via a cookie banner or other communication around marketing – to contact you and use your data, you can change your mind at any time by contacting us or clicking the “unsubscribe” button at the bottom of our emails. This should be true for our Customers as well, and their Privacy Notices should explain to you how to withdraw your consent to have them use your data or any kind of marketing communications.   

Within the scope of this Notice, we may also process Personal Data based on the instructions of our Customers. To learn about their lawful bases for processing your Personal Data, please read the privacy notice(s) of our Customers. 

What Personal Data We Process and How We Obtain It 

The table below describes the categories of Personal Data we have collected or that we store on behalf of our Customers. Note that our Customers choose what data to enter into the Services, so it is possible that this chart is not an exhaustive list of the data our Customers have entered about you. Please contact them and/or read their Privacy Notice for a full and accurate list of the information they process about you, including in the Services. 

Personal Data We Collect, Process, or Store How We Obtain It 
Identifiers 
A first name and surname; and email address. 		The Personal Data we collect from you is required to enter into a contract with Pinkmatter to perform under the contract, and to provide you with our products and services. If you refuse to provide such Personal Data or withdraw your consent to our processing of Personal Data (when appropriate), then in some cases we may not be able to enter into the contract or fulfill our obligations to you under it.  We may also collect this information ourselves if you visit our website or we engage with you as an actual or potential customer.  The Services are set up for our Customers to store multiple types of identifying information like your name, business email address, etc. If you are an employee of one of our Customers, your identifying business information may also be stored, for example, as part of your log-in to the platform. Please see the Privacy Notice of the Customer who entered your data into the Services or contact their privacy team to get a full list of the identifying information they have asked us to store and organize for them. 
Special Categories of Personal Data (as per California law) 
Information about your race, ethnicity, sexual orientation, religious affiliation, financial data, etc. 		The Services are not, by default, set up to store or receive any of this kind of information. We never collect this type of information as a Controller (e.g. when you visit our website or when we engage with you as an actual or potential customer). 
Commercial information 
Financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using Services.  		The Services are not, by default, set up to store or receive billing or other commercial financial data about our Customer’s customers or employees We collect business commercial information from our Customers as part of our normal business operations in billing our Customers for their use of the Services.    
Biometric information 
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. 		The Services are not, by default, set up to store or receive any of this kind of information.  We never collect this type of information as a Controller (e.g. when you visit our website or when we engage with you as an actual or potential customer). 
Internet or other similar network activity 
Browser type and browser language, your Internet Protocol (‘IP’) address, and the actions you take on the Company’s Web sites (such as the Web pages viewed, and the links clicked. 		The Services are not, by default, set up to store or receive any of this kind of information for the customers of our Customers. If you are an employee of a Pinkmatter Customer, our Customers may store or view information about your network activity or other similar information related to using the Services. You should review the Privacy Notice of your employer (if they are a Pinkmatter Customer) or the Customer who entered your data into the Services and/or contact their privacy team to understand whether they asked us to store any of this data about you.  We collect this information from website visitors when you interact with our website. 
Geolocation data
Physical location or movements.		The Services are not, by default, set up to store or receive any of this kind of information.
As a company, we do not collect this information.
Sensory data
Audio, electronic, visual, thermal, olfactory, or similar information.		The Services are not, by default, set up to store or receive any of this kind of
information.
As a company, we do not collect this information.
Professional or employment-related information
Current or past job history or performance evaluations, job title.		The Services are not, by default, set up to store or receive any of this kind of information for the customers or employees of our Customers. However, our Customers can customize and add fields to their Services instance which we generally do not have visibility into. You should review the Privacy Notice of the Customer who entered your data into the Services and/or contact their privacy team to understand whether they sked us to store any of this data about you.
We do not collect this information under this Privacy Notice. We may collect this information as part of our normal internal hiring and HR practices, which are outside the scope of this Notice.

We will not collect additional categories of Personal Data without informing you. 

Cookies 

A “cookie” is a small file stored on your device that contains information about your device. We may use cookies to provide basic relevant ads, website functionality, authentication (session management), usage analytics (web analytics), to remember your settings, and to generally improve our websites and services. 

We use session and persistent cookies. Session cookies are deleted when you close your browser. Persistent cookies may remain even after you close your browser, but always have an expiration date. Most of the cookies placed on your device through our services are first-party cookies which are placed directly by us. Other parties, such as Google, may also set their own (third-party) cookies through our services. Please refer to the policies of these third parties to learn more about the way in which they collect and process information about you. 

If you would prefer not to accept cookies, you can change the setup of your browser to reject all or some cookies. Note, if you reject certain cookies, you may not be able to use all features of our Services. For more information, please visit https://www.aboutcookies.org/

How We Respond to Opt-Out Signals 

You may also set your browser to send a Do Not Track (DNT) signal or Global Privacy Control (GPC) signals. For more information, please visit https://allaboutdnt.com/ and https://globalprivacycontrol.org/. Please note that our Services do not have the capability to respond to DNT signals and GPC received from web browsers.  

For more information about our use of cookies, please see our cookie notice. 

For What Purposes Do Use Your Personal Data?  

Pinkmatter is a satellite image processing specialist. Our Customers use the Services to upload their satellite images for processing and data management. If you are an employee of a Pinkmatter Customer, your data will generally be used by your employer to facilitate the use of the Services, so you can use it as a tool to help in your role at the company and improve their services and success rate.  

Our Customers are the controllers of this data, which means they are responsible for telling you exactly how and why they are using your data (the “purposes” for which your Personal Data is used). While we know what we intended to provide as a service provider in creating the Services, we do not generally have insight into all the ways our Customers use your data. Please contact their privacy teams and/or read their Privacy Notice for a complete list of how your Personal Data is used in the Services. 

When we act as a controller – if you visit our website or if we interact with you as a prospective or current customers, or when we act as the service provider for our Customers, we may process your Personal Data to: 

  • Enable use of our website and the Services; this may include: (i) customizing them to your preferences or interests, making them more compatible with your technology, or otherwise making them easier to use; (ii) maintaining the security of and otherwise protecting them; (iii) create, maintain and secure your account with us and (iii) and developing new websites, products, and services. 
  • Communicate with you to: provide you with information that you request from us; respond to your requests or questions; communicate with you on status of delivery of the Services or website; share marketing or other information (like customer satisfaction or market research surveys we think you may be interested in). 
  • Ensure the quality of our products, website, services and support. 
  • Manage our customer base, including billing and other financial transactions and negotiations about contracts and service terms. 
  • Maintain the integrity and security of our websites, products, features, databases, services and business and to prevent and to detect any security threats, fraud or other criminal or malicious activity that might compromise your information. When you interact with us, we will also take reasonable steps to verify your identity, before granting access to your Personal Data. 
  • To address legal issues. This may include (i) complying with our obligations to retain certain business records for minimum retention periods; (ii) establishing, exercising, or defending legal claims; and (iii) detecting, preventing, and responding to fraud, intellectual property infringement, violation of our contracts or agreements, violations of law, or other misuse of our services, websites, or products; (iv) protecting our rights or property, or yours or others’ health, safety, welfare, rights, or property; and (v) responding to law enforcement requests and as required by applicable law, court order, or governmental regulations. 

How Long We Keep Your Personal Data 

We retain your Personal Data for as long as needed for the purpose we collected it and any other permitted linked purpose and in accordance with our data retention policies. For example, we will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.  

We retain and use your Personal Data as required to meet legal obligations, resolve disputes, and enforce our agreements and policies. If we use your data for multiple purposes, we keep it until the purpose with the longest retention period expires, discontinuing use for shorter periods. Our retention periods align with our business needs and industry standards. 

In cases where we act as a data processor, we retain Personal Data for as long as instructed by the respective Customer (who typically acts as a data controller). We delete the Personal Data submitted to us by our Customers in accordance with our internal policies, unless applicable laws require otherwise. 

Your Personal Data may need to be retained in our backup systems and will only be deleted or overwritten at a later time in accordance with our internal policies.  This may be the case even when you or a Supervisory Authority has validly asked us to delete your Personal Data or when we no longer have a legal basis for processing such Personal. Please note that our backups are protected, and we have implemented a system to remind us to delete again the data when we restore a backup to production systems. 

International Transfers of Your Personal Data 

We are a global company, and our affiliates, our service providers and other third parties with whom we share Personal Data operate globally.  

International Transfers of Your Personal Data: Europe 

When your Personal Data is safeguarded by the EU or UK General Data Protection Regulation, or Swiss data protection law, before sending it to parties outside the European Economic Area (“EEA”), the UK, or Switzerland, we will do one of two things: 

  • Seek your consent; or 
  • Demand privacy and security: We will ensure the third party maintains the same level of privacy and security for your Personal Data as we do. 

In some cases, the authorities of a country may have determined that the laws of other countries, territories or sectors within a country provide a level of protection equivalent to domestic law. You can see here the list of countries, territories and specified sectors that the European Commission recognized as providing an adequate level of protection for personal data, here the list of the UK, and here the list of Switzerland. 

We are accountable for the protection of your Personal Data when we transfer it to others. We either send it to a country, territory or sector within a country that is recognized as providing the same level of personal data protection as the country of origin, or use safeguards like the Data Privacy Framework, Binding Corporate Rules or the Standard Contractual Clauses (also known as the “SCCs”) approved by the European Commission, with necessary adjustments for transfers from the UK or Switzerland, or use specific transfer instruments like the UK International Data Transfer Agreement.  

Disclosures of Your Personal Data 

We share your Personal Data with our subsidiaries and affiliates, as well as with our service providers, who process your Personal Data on our behalf and who agree to use the Personal Data only to assist us in providing our Services or as required by law. 

We may also disclose your Personal Data to the extent required by law, or if we have a good-faith belief that we need to disclose it in order to comply with official investigations or legal proceedings (whether initiated by governmental/law enforcement officials, or private parties). If we have to disclose your Personal Data to governmental/law enforcement officials, we may not be able to ensure that those officials will maintain the privacy and security of your Personal Data. 

We may also disclose your Personal Data if we sell or transfer all or some of our company’s business interests, assets, or both, or in connection with a corporate restructuring. Finally, we may disclose your Personal Data to our subsidiaries or affiliates, but only if necessary for business purposes, as described in the section above.  

We reserve the right to use, transfer, sell, and share aggregated, anonymous data for any legal purpose. Such data does not include any Personal Data. The purposes may include analyzing usage trends or seeking compatible advertisers, sponsors, and customers. 

What Privacy Rights Do You Have?  

You have specific rights regarding your Personal Data that we collect and process. Please note that you can only exercise these rights with respect to Personal Data that we process about you when we act as a data processor.  

If you believe we collected your data (because you visited our website or we otherwise interacted with you as a prospective or actual Customer), please use the contact information below to exercise your privacy rights.  

Depending on where you are located, and to the extent that the applicable law applies, you may have the right to: 

  • To access your personal data held by us (right to access); 
  • To rectify inaccurate personal data and, taking into account the purpose of processing the personal data, ensure it is complete (right to rectification); 
  • To erase/delete your personal data, to the extent permitted by applicable data protection laws (right to erasure; right to be forgotten); 
  • To restrict our processing of your personal data, to the extent permitted by law (right to restriction of processing); 
  • To transfer your personal data to another controller, to the extent possible (right to data portability); 
  • To object to any processing of your personal data carried out on the basis of our legitimate interests (right to object). Where we process your personal data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection; 
  • Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects; and 
  • To the extent we base the collection, processing and sharing of your personal data on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal. If you have given consent for your details to be shared with a third party, and wish to withdraw this consent, please also contact the relevant third party in order to change your preferences. 

If the EU or UK General Data Protection Regulation applies to our processing of your Personal Data, you have the right to lodge a complaint with a supervisory authority if you are not satisfied with how we process your Personal Data. 

How Can You Exercise Your Privacy Rights? 

To exercise any of the rights described above, please send an email to [email protected]

Verification of Your Identity  

In order to correctly respond to your privacy rights, we need to confirm that YOU made the request. Consequently, we may require additional information to confirm your identity. We will only use the Personal Data you provide us in a request to verify your identity or authority to make the request.  

Verification of Authority 

If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual. When contacting us, please provide us with proof that the individual gave you signed permission to submit this request, a valid power of attorney on behalf of the individual, or proof of parental responsibility or legal guardianship. Alternatively, you may ask the individual to directly contact us by using the contact details above to verify their identity with Pinkmatter and confirm with us that they gave you permission to submit this request. 

Response Timing and Format of Our Responses 

We will confirm the receipt of your request within ten (10) business days and, in that communication, we will also describe our identity verification process (if needed) and when you should expect a response, unless we have already granted or denied the request. 

Please allow us up to a month to reply to your requests from the day we received your request. If we need more time (up to 90 days in total), we will inform you of the reason why and the extension period in writing. If we cannot satisfy a request, we will explain why in our response. For data portability requests, we will choose a format to provide your Personal Data that is readily usable and should allow you to transmit the information from one entity to another entity without difficulty. 

We will not charge a fee for processing or responding to your requests. However, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request. 

Privacy of Children 

The Services are not directed at, or intended for use by, children under the age of 13. 

Data Integrity & Security 

We are strongly committed to keeping your Personal Data safe. We have implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect your Personal Data from unauthorized processing. Unauthorized processing includes unauthorized access, exfiltration, theft, disclosure, alteration, or destruction. Some of those measures include encryption and redaction and we also have dedicated teams to look after information security and privacy.  

Changes to this Notice 

If we make any material change to this Notice, we will post the revised Notice to this web page. We will also update the “Effective” date. By continuing to use our services after we post any of these changes, you accept the modified Notice.  

Contact Us 

You can get in touch with us by sending an email to [email protected].