Privacy Policy
Last updated: March 2025
Socraty is committed to protecting your privacy and ensuring your personal data is handled responsibly. This Privacy Policy explains how we collect, use, store and share your information when you use our platform. By using Socraty, you agree to the practices described in this policy.
1. Information We Collect
We collect the following categories of personal data when you use Socraty:
- Account information: your name, email address and Google account details when you sign up or log in.
- Learning materials: content you upload to the platform, including videos, documents and other resources.
- Usage data: information about how you interact with the platform, such as pages visited, features used, timestamps and device information.
- Payment information: billing details processed securely through our payment provider. We do not store your full card details.
2. How We Use Your Information
We use the information we collect for the following purposes:
- To provide, maintain and operate the Socraty platform.
- To personalise your learning experience and deliver relevant content.
- To improve and develop new features for the platform.
- To communicate with you about your account, updates and support queries.
- To process payments and manage your subscription.
- To ensure the security and integrity of our service.
3. Legal Basis for Processing
Under Article 6 of the UK General Data Protection Regulation (UK GDPR), we process your personal data on the following legal bases:
- Consent: where you have given clear consent for us to process your personal data for a specific purpose.
- Contract performance: where processing is necessary to fulfil our contract with you, for example to provide the Socraty service after you create an account.
- Legitimate interests: where processing is necessary for our legitimate interests, such as improving the platform and ensuring its security, provided these interests do not override your rights.
4. Data Retention
We retain your personal data for as long as your account remains active and as needed to provide you with our services. When you delete your account, we will delete or anonymise your personal data within 30 days, unless we are required to retain certain information for legal or regulatory purposes.
You have the right to request deletion of your data at any time by contacting us at privacy@socraty.ai.
5. Your Rights Under UK GDPR
Under the UK GDPR, you have the following rights in relation to your personal data:
- Right of access: you can request a copy of the personal data we hold about you.
- Right to rectification: you can ask us to correct any inaccurate or incomplete data.
- Right to erasure: you can request that we delete your personal data in certain circumstances.
- Right to data portability: you can request a copy of your data in a structured, commonly used and machine-readable format.
- Right to restrict processing: you can ask us to limit how we use your data in certain circumstances.
- Right to object: you can object to the processing of your personal data where we rely on legitimate interests.
- Right to withdraw consent: where processing is based on consent, you can withdraw that consent at any time.
To exercise any of these rights, please contact us at privacy@socraty.ai. We will respond to your request within one month.
6. Cookies and Tracking
Socraty uses essential session cookies to keep you authenticated and to ensure the platform functions correctly. These cookies are strictly necessary for the operation of the service.
We do not use third-party tracking cookies or share your browsing data with advertisers. We may use basic analytics to understand how learners use the platform, but this data is collected in an anonymised or aggregated form.
7. Third-Party Services
We work with a limited number of trusted third-party service providers to operate the platform:
- Stripe: processes payments securely on our behalf. Stripe handles your payment information in accordance with their own privacy policy.
- Google: provides authentication services so you can sign in with your Google account.
We only share personal data with these processors to the extent necessary to provide our services. Each provider is contractually obligated to protect your data in accordance with applicable data protection laws.
8. Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it. These measures include:
- Encryption of data in transit using TLS/SSL.
- Secure storage of data at rest with encryption.
- Password hashing using industry-standard algorithms.
- Regular security reviews and updates to our infrastructure.
While we strive to protect your personal data, no method of transmission over the internet is completely secure. We encourage you to use strong passwords and keep your account credentials safe.
9. International Data Transfers
Your data may be processed on servers located outside the United Kingdom. Where this occurs, we ensure that appropriate safeguards are in place to protect your personal data, including standard contractual clauses approved by the relevant authorities or other recognised transfer mechanisms under the UK GDPR.
10. Children
Socraty is designed for learners aged 16 and over. We do not knowingly collect personal data from anyone under the age of 16. If we become aware that a person under 16 has provided us with personal data, we will take steps to delete that information promptly. If you believe a child under 16 has submitted data to us, please contact us at privacy@socraty.ai.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory or operational reasons. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
12. Contact Us
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:
Email: privacy@socraty.ai