Sosiale AI

Legal

Privacy Policy

Last updated: March 10, 2026

1. Controller

The data controller is:

  • Legal entity: Sosiale AI OÜ
  • Registration number: 17034664 (Estonian Commercial Register)
  • Registered contact address: Harju maakond, Tallinn, Kesklinna linnaosa, Järvevana tee 9, 11314, Estonia
  • Email: info@sosiale.ai

Sosiale AI OÜ has not appointed a Data Protection Officer at this time.

2. Scope

This Privacy Policy applies to personal data processed when you use:

  • https://sosiale.ai, and
  • Sosiale AI products and services linked to this policy.

3. Categories of Personal Data

3.1 Data you provide directly

  • Full name
  • Email address
  • Message or inquiry content
  • Optional metadata you include

3.2 Technical and usage data

  • IP address
  • Browser, operating system, and device metadata
  • Request timestamps and technical logs
  • Referrer and URL parameters where present

3.3 Data from service providers

We may receive technical delivery data from hosting, email, analytics, security, and infrastructure providers.

4. Purposes and Legal Bases (GDPR)

We process personal data for the following purposes:

  • Service delivery and operation (Art. 6(1)(b) GDPR where contractual/pre-contractual)
  • Responding to inquiries and partnership requests (Art. 6(1)(b) and/or 6(1)(f) GDPR)
  • Security, abuse prevention, and reliability (Art. 6(1)(f) GDPR)
  • Legal compliance and recordkeeping (Art. 6(1)(c) GDPR)
  • Consent-based processing where specifically requested (Art. 6(1)(a) GDPR)

Where we rely on legitimate interests (Art. 6(1)(f)), those interests include securing our systems, preventing fraud/abuse, maintaining platform stability, and handling business communications efficiently.

5. Contact Form Processing

When you submit the contact form, we process:

  • full name,
  • email,
  • message,
  • source marker,
  • submission timestamp,
  • minimal technical metadata required for delivery and anti-abuse controls.

If you do not provide required contact-form fields, we cannot process your request.

6. Analytics, Cookies, and Similar Technologies

We use infrastructure-level analytics to understand service performance and usage trends.

Current setup may include Vercel Web Analytics and technical telemetry from hosting/network providers. We configure services to avoid unnecessary collection and do not use contact-form content for advertising profiling.

Where cookies or similar technologies are legally required for service operation, they may be used on the basis of necessity. Any non-essential tracking technology requiring consent under applicable law is used only with appropriate legal basis and notice.

7. Recipients and Processors

We may disclose personal data to processors strictly for service operation, including:

  • Hosting and deployment: Vercel
  • Database: Supabase
  • DNS/networking and edge security: Cloudflare
  • Email infrastructure: Zoho Mail SMTP

Processors act under contractual safeguards and documented instructions.

8. International Transfers

Some providers may process data outside the country where data was collected. Where required, we rely on GDPR-compliant safeguards (for example adequacy decisions, Standard Contractual Clauses, or equivalent mechanisms).

You may request additional information on relevant transfer safeguards via info@sosiale.ai.

9. Retention

We retain data no longer than necessary for stated purposes, legal obligations, and defense of legal claims.

Current baseline retention windows:

  • Contact submissions: up to 24 months after last meaningful correspondence, unless longer retention is required by law or dispute handling.
  • Operational request logs: generally up to 30 days.
  • Security/abuse investigation records: up to 24 months where needed for security, fraud prevention, or legal defense.
  • Legal/compliance records: retained for statutory limitation and accounting/compliance periods as required by law.

10. Your Rights (EU/EEA)

Subject to applicable law, you may request:

  • access,
  • rectification,
  • erasure,
  • restriction,
  • objection,
  • portability,
  • withdrawal of consent (where processing is based on consent).

To exercise rights, contact: info@sosiale.ai.

11. Right to Lodge a Complaint

You may lodge a complaint with a supervisory authority, including your local authority in the EU/EEA.

For Estonia, the supervisory authority is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

12. Automated Decision-Making

We do not currently make decisions producing legal or similarly significant effects based solely on automated processing, including profiling, in connection with this website contact workflow.

13. Children's Data

Our Services are not directed to children where prohibited by law. If you believe a child unlawfully submitted personal data, contact us and we will review and take appropriate action.

14. Security

We implement technical and organizational safeguards appropriate to risk, including access control, transport security, monitoring, and operational controls.

No method of transmission or storage is fully secure; we continuously improve protections.

15. Third-Party Links

Our Services may link to third-party websites/apps. Their privacy practices are governed by their own policies.

16. Changes to this Policy

We may update this policy to reflect legal, technical, or product changes. We will publish the updated text and revise the "Last updated" date.

17. Contact

For privacy questions or rights requests:

  • Email: info@sosiale.ai
  • Postal address: Harju maakond, Tallinn, Kesklinna linnaosa, Järvevana tee 9, 11314, Estonia