SoSchel

Privacy Policy for SoSchel

Last Updated: October 28, 2024

Thank you for visiting SoSchel ("we," "us," or "our"). This Privacy Policy outlines how we collect, use, and protect your personal and non-personal information when you use our website located at https://www.soschel.app (the "Website").

By accessing or using the Website, you agree to the terms of this Privacy Policy. If you do not agree with the practices described in this policy, please do not use the Website.

1. Information We Collect

1.1 Personal Data

We collect the following personal information from you:

Name: We collect your name to personalize your experience and communicate with you effectively.

Email: We collect your email address to send you important information regarding your orders, updates, and communication.

Payment Information: We collect payment details to process your orders securely. However, we do not store your payment information on our servers. Payments are processed by trusted third-party payment processors.

1.2 Non-Personal Data

We may use web cookies and similar technologies to collect non-personal information such as your IP address, browser type, device information, and browsing patterns. This information helps us to enhance your browsing experience, analyze trends, and improve our services.

2. Purpose of Data Collection

We collect and use your personal data for the sole purpose of order processing. This includes processing your orders, sending order confirmations, providing customer support, and keeping you updated about the status of your orders.

3. Data Sharing

We do not share your personal data with any third parties except as required for order processing (e.g., sharing your information with payment processors). We do not sell, trade, or rent your personal information to others.

4. Children's Privacy

SoSchel is not intended for children under the age of 13. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at the email address provided below.

5. Updates to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any updates will be posted on this page, and we may notify you via email about significant changes.

6. Contact Information

If you have any questions, concerns, or requests related to this Privacy Policy, you can contact us at: [email protected]

For all other inquiries, please visit our Contact Us page on the Website. By using SoSchel, you consent to the terms of this Privacy Policy.

7. Data Protection Mechanisms

7.1 Protection of Sensitive Data

We implement comprehensive security measures to protect sensitive personal data, including:

  • Encryption: All sensitive data is encrypted both in transit and at rest using industry-standard encryption protocols (TLS 1.3 and AES-256)
  • Access Controls: Strict access controls and authentication mechanisms are in place to ensure that only authorized personnel can access sensitive data
  • Regular Security Audits: We conduct regular security assessments and vulnerability testing to maintain the integrity of our security systems
  • Secure Data Storage: All sensitive data is stored in secure, SOC 2 compliant data centers
  • Employee Training: Our staff undergoes regular security awareness training to maintain data protection standards

7.2 Data Breach Protocol

In the event of a data breach, we will: personal data, including:

  • Notify affected users within 72 hours of discovering the breach
  • Provide detailed information about the nature of the breach and potential impacts
  • Cooperate with relevant authorities as required by applicable laws

8. Google User Data

8.1 Collection and Usage

When you sign in using Google, we collect only the necessary data required for authentication and basic profile information. This may include:

  • Your Google email address
  • Basic profile information (name, profile picture)
  • Any additional information you explicitly authorize

8.2 Data Retention and Deletion

For Google user data, we maintain the following retention policies:

  • Active Accounts: We retain Google user data for as long as your account remains active
  • Inactive Accounts: Google user data from inactive accounts is automatically deleted after 24 months of inactivity
  • Backup Data: Backup copies of Google user data are retained for no longer than 90 days

8.3 Data Access and Control

You have the right to:

  • Request a copy of your Google data that we store
  • Request deletion of your Google user data at any time
  • Revoke access to your Google account through our platform
  • Export your data in a machine-readable format

8.4 Google API Services User Data Policy

Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.