Privacy Policy

Welcome to Sopos ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI workflow automation platform.

By using our service, you agree to the collection and use of information in accordance with this policy. We will not use or share your information with anyone except as described in this Privacy Policy.

Information We Collect

We collect several types of information from and about users of our service, including information by which you may be personally identified and information that is about you but individually does not identify you.

Personal Information: We collect personal information that you provide directly to us, such as your name, email address, password, company name, job title, billing information, and any other information you choose to provide when creating an account or contacting us for support.

Usage Information: We automatically collect information about your use of our service, including workflow data and automation configurations, usage patterns and feature interactions, performance metrics and error logs, device information, IP addresses, browser type, and operating system information.

How We Use Your Information

We use the information we collect about you for various purposes, including to provide, maintain, and improve our services, process your workflows and automations, authenticate and secure your account, communicate with you about our services, including sending service updates, notifications, and customer support responses.

We may also use your information to send you marketing communications about our services, but only with your explicit consent. You can opt out of these communications at any time by following the unsubscribe instructions in the emails or contacting us directly.

Additionally, we use aggregated and anonymized data to analyze usage patterns, improve our services, and develop new features. This data cannot be used to identify individual users.

Data Security

We implement industry-standard security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security practices include SOC 2 Type II compliance, end-to-end encryption for data in transit and at rest, secure data storage in certified data centers, role-based access controls to limit employee access to personal information, regular security audits and penetration testing, and comprehensive incident response procedures.

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to improve our security measures and respond quickly to any potential threats.

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share your information in the following circumstances: with service providers who assist us in operating our platform and providing services to you, but only to the extent necessary and under strict confidentiality agreements.

We may also disclose your information if required by law, regulation, or legal process, or if we believe disclosure is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, but you will be notified of any such change in ownership or control of your personal information.

Your Privacy Rights

You have certain rights regarding your personal information, depending on your location and applicable laws. These rights may include the right to access your personal data and receive a copy of the information we hold about you, the right to correct or update inaccurate or incomplete personal information, the right to request deletion of your personal data, subject to certain legal limitations.

You also have the right to data portability, allowing you to export your data in a portable format, the right to object to or restrict certain processing of your personal information, and the right to withdraw consent where we rely on consent as the legal basis for processing.

To exercise any of these rights, please contact us using the information provided below. We will respond to your request within the timeframe required by applicable law, typically within 30 days.

Third-Party Services and Links

Our service may contain links to third-party websites or integrate with third-party services that are not owned or controlled by us. We are not responsible for the privacy practices of these external services and encourage you to review their privacy policies before providing any personal information.

When you integrate third-party services with Sopos through our platform, you may be sharing data with those services according to their own privacy policies and terms of service. Please review the privacy practices of any third-party services you choose to integrate with our platform.

Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention period depends on the type of information and the purposes for which it is used.

When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain certain information for legal or regulatory purposes.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. When we transfer your information internationally, we implement appropriate safeguards to protect your personal information.

For transfers from the European Economic Area (EEA) to countries outside the EEA, we rely on adequacy decisions by the European Commission or implement appropriate safeguards such as standard contractual clauses.

Children's Privacy

Our service is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable laws. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this policy.

For significant changes that materially affect your rights or how we use your information, we will provide more prominent notice, including email notification to registered users. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us using the following information:

We are committed to resolving any privacy concerns you may have and will respond to your inquiries as promptly as possible, typically within 48 hours for general inquiries and within the timeframes required by applicable law for formal requests regarding your personal information.