← Home
⚠ Draft — pending legal review. This is a working draft, not final legal advice.

Data Processing Addendum

Last updated 18 June 2026

This DPA applies where Sociloci processes personal data on your behalf — for example, the audience or contact data within your brand workspace. It forms part of our Terms of Service.

1. Roles

For personal data you provide or process through Sociloci, you are the controller and Sociloci is the processor. You determine the purposes; we process on your documented instructions.

2. Scope & subject matter

We process personal data only to provide the service described in our Terms — learning your brand, generating content, scheduling, and publishing — for the duration of your account.

3. Processing instructions

We process personal data only as needed to deliver the service and per your instructions, unless required otherwise by law (in which case we'll inform you where permitted).

4. Confidentiality

Personnel authorized to process personal data are bound by confidentiality obligations.

5. Security

We maintain appropriate technical and organizational measures — encryption in transit, hashed credentials, access controls, and scoped, per-brand data isolation — appropriate to the risk.

6. Sub-processors

You authorize the following sub-processors. We'll give notice before adding new ones, and you may object on reasonable data-protection grounds.

  • Google Cloud / Gemini — AI content generation.
  • Stripe — payment processing.
  • Resend — transactional email delivery.
  • Hostinger — hosting and storage.
  • ScrapeCreators — collection of public social data.

7. Data subject rights

We'll assist you, taking into account the nature of processing, in responding to data-subject requests (access, correction, deletion, portability, objection).

8. Breach notification

We'll notify you without undue delay after becoming aware of a personal-data breach affecting your data, with the information you reasonably need to meet your obligations.

9. Deletion & return

On termination, we'll delete or return personal data within a reasonable period, except where retention is required by law.

10. International transfers

Where personal data is transferred across borders, we rely on appropriate safeguards, such as Standard Contractual Clauses.

11. Audits

On reasonable request, we'll make available information necessary to demonstrate compliance with this DPA.

12. Contact

For data-protection matters, contact privacy@sociloci.com.