Privacy Policy

Last updated: June 4, 2026

1. Information We Collect

We collect information you provide directly: name, email, company name, and payment information. We also collect usage data such as pages visited, features used, and compliance scores generated.

2. How We Use Your Information

We use your information to provide and improve the Service, process payments, send transactional emails, and provide customer support. We do not sell your personal information to third parties.

3. Data Storage and Security

Your data is stored securely using Supabase with row-level security and encryption at rest. Payment data is processed by Stripe and never stored on our servers. We implement industry-standard security measures.

4. Third-Party Services

We use the following third-party services: Stripe (payments), Supabase (database), Resend (email), and Vercel (hosting). Each has their own privacy policy governing their use of your data.

5. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we delete your data within 30 days, except where required by law.

6. Your Rights

You have the right to access, correct, or delete your personal data at any time. To exercise these rights, contact us at privacy@soc2iso.com. We will respond within 30 days.

7. Cookies

We use essential cookies for authentication and session management. We do not use tracking or advertising cookies.

8. Contact

For privacy questions, contact us at privacy@soc2iso.com

Terms of ServiceBack to Signup