Your business data, treated like it's ours.
Soclo connects to your social accounts, your customers' messages, and sometimes your sales data. That's a lot of trust. Here's exactly how we protect it — and what we won't claim until it's true.
Encrypted in transit & at rest
Everything moves over TLS, and your data is encrypted at rest on the servers that store it. Connected-account tokens are encrypted separately.
Hosted in the EU
Our infrastructure runs on reputable cloud providers in the EU, under UK and EU data-protection law.
You own your data
Your content and your audience are yours. Export or permanently delete everything at any time — no hostage-taking, no dark patterns.
You control connections
You connect each social account with a secure OAuth click, and you can revoke access at any time — from inside Soclo or from the platform itself.
Least-privilege access
We request only the permissions a feature actually needs, and only the people who need access to run the service have it.
We never sell your data
We don't sell or rent your personal data, your content, or your customers' information. Ever. It's not our business model.
GDPR-compliant from day one.
Under UK GDPR you can access, correct, delete, restrict, or object to how your data is processed, and request a copy to take elsewhere. You can exercise any of these from inside the app, or by emailing privacy@soclo.app.
The full detail of what we collect and why is in our Privacy Policy, and you can wipe your account any time via the delete-account guide.
Responsible disclosure.
If you believe you've found a security issue, please email privacy@soclo.app with the details and steps to reproduce. We'll acknowledge you, investigate quickly, and keep you updated. Please give us a reasonable chance to fix it before going public — we're grateful for researchers who do.
We won't claim what isn't true yet.
You won't see SOC 2 or ISO badges on this page, because we haven't completed those audits yet. When we do, we'll say so here — with the report to back it up. Until then, this page describes exactly how we build: encrypted, EU-hosted, least-privilege, and yours to delete.