Legal

Privacy Policy

Solocial (“Solocial”, “we”, “us”) is an AI social-media manager for solo founders, operated from India and available at solocial.app. This policy explains what data we collect, why we collect it, where it lives, and the choices you have. If anything here is unclear, write to us at support@solocial.app.

1. What we collect

  • Account data. Your email address and a password (stored only as a secure hash by our authentication provider), or your name, email and profile picture if you sign in with Google.
  • Brand and content data. Your website address and its public content, your past social posts, and the drafts, edits, approvals and rejections you make in Solocial. We use these to build your brand voice profile and to write drafts that sound like you.
  • Connected social accounts. When you connect LinkedIn, X, Instagram or Facebook, publishing and reading happen through our social-platform processor (Zernio). Access tokens are held by that processor; we store references to your connected profiles, not your platform passwords.
  • Audience interactions. Comments, direct messages and engagement on your connected accounts, so the Engager can triage them into reply drafts and the Analyst can measure what worked. This can include personal data of the people who interact with your accounts.
  • Billing data. Payments are handled by Stripe. We store your subscription status and a Stripe customer reference — we never see or store card numbers.
  • Technical data. Standard server logs (IP address, browser type, timestamps) and error reports, used for security and to keep the service running.

2. How we use your data

  • To provide the service: drafting posts, scheduling, monitoring your niche, triaging your inbox.
  • To personalise the AI to your voice, topics and rules — including learning from your edits.
  • To send service email: signup confirmation, your weekly digest, and important account notices.
  • To bill your subscription and prevent abuse.
  • To debug problems and keep the service secure.

We do not sell your data, and we do not use it for third-party advertising.

3. AI processing

Drafting, critique and triage are performed by sending relevant content (your brand profile, source material, and the post or message being worked on) to our AI provider, Anthropic, via its API. Anthropic does not use API data to train its models by default. Solocial never publishes anything on its own — every post and reply requires your explicit approval before it leaves the approval queue.

4. Who processes data for us

We use a small set of sub-processors, each only for the purpose listed:

ProviderPurpose
SupabaseDatabase, authentication and storage (hosted in Mumbai, India)
VercelWeb application hosting
AnthropicAI drafting, critique and triage
ZernioPublishing to and reading from your connected social platforms
StripeSubscription payments
ResendTransactional and digest email
SentryError monitoring
GoogleOptional “Sign in with Google”

Your core data is stored in India (Supabase, Mumbai region). Some sub-processors process data in the United States or other regions as part of providing their service.

5. Cookies

We use only essential cookies: the session cookies that keep you signed in. There are no advertising or cross-site tracking cookies.

6. Retention and deletion

We keep your data while your account is active. If you delete your account (or ask us to), we delete your workspace data within 30 days, after which it persists only in encrypted backups for up to a further 30 days before being purged. Billing records are retained as long as tax law requires.

7. Your rights

You can ask us to access, export, correct or delete your personal data at any time by emailing support@solocial.app. We honour the rights granted by India’s Digital Personal Data Protection Act, 2023 and, where it applies to you, the GDPR. If you interact with a Solocial customer’s social account (for example by commenting or messaging), we process that data on the account owner’s behalf — you can contact them or us to have it removed.

8. Security

All traffic is encrypted in transit (TLS). Data access is scoped per workspace with row-level security, secrets are kept out of the codebase, and publishing is gated behind your approval plus a kill switch that pauses everything instantly. No system is perfectly secure, but we design so that a single failure does not expose your data.

9. Children

Solocial is for business use and requires you to be at least 18 years old.

10. Changes

If we make material changes to this policy we will notify you by email or in the app before they take effect. The “last updated” date at the top always reflects the current version.

11. Contact

Questions, requests or complaints: support@solocial.app. See also our Terms of Service.