sokkosai
Sign in Start free
Legal · GDPR · last updated 2026-06-12

Privacy Policy

What we collect, what we never collect, and who else touches your data. We deliberately keep the surface small — passwords, phone numbers, and analytics aren't on this list because we don't collect them.

1. Who we are

SoKKoS AI — eenmanszaak (sole proprietorship in the Netherlands), KvK 42029374, BTW-id NL005441743B74, Beuningen, Gelderland, NL. Contact: hello@sokkosai.com. We're the data controller for everything described below.

2. What we collect

The smallest amount that lets us run an agent for you and send you a receipt.

  • Email address — required for authentication (magic-link or Google OAuth) and billing notifications. Stored in Azure Table Storage (West Europe).
  • Google profile basics (name, picture) — only if you choose “Sign in with Google”. Used to greet you in the dashboard. Disconnect any time and we delete the cached copy.
  • IP address — logged for rate-limiting and fraud prevention. Kept for up to 30 days in raw form, then hashed (one-way) for aggregate stats.
  • Payment metadata — transaction IDs, amount, currency, method (SEPA / iDEAL / card / PayPal). Processed by Mollie B.V. in Amsterdam. We never see your card number or bank credentials — only the receipt.
  • Server logs — request paths, response codes, timing. No request bodies. Retained 30 days for debugging, then rotated.
  • “Report a problem” submissions — only if you use the bug-report button: your description, the page URL, and the most recent browser console logs (with API keys and tokens automatically masked) so we can debug the issue.

2a. Privacy-first measurement

We measure how the site is doing — which pages people open, when a buy button is clicked — with a small, first-party setup that stays entirely on our own infrastructure: no Google Analytics, no Hotjar, no third-party tracking script running by default (see §3 and §5). The one exception is the Meta Pixel, which loads only after you explicitly opt in via the cookie banner — see the third item below.

  • Anonymous funnel events. When you open the “payment opening soon” popup or click a buy / register button, your browser sends us a tiny event — the event name, the package it referred to, and the page path. We store these in our own Azure database. No IP address, no email, no name, no cookie, and no raw browser fingerprint are attached — we keep only a coarse, one-way hash of the browser type so we can tell humans from bots in aggregate.
  • Advertising click-ids. If you reach us from an online ad, the link may carry a Google click identifier (gclid) or a Meta click identifier (fbclid) and campaign tags (utm_*). We keep these in your browser's local storage (first-party, up to 90 days) so that, if you later sign up or send a brief, we can tell which ad worked. We do not share this data with third parties for their own purposes; we only use it ourselves, and — if you convert — may upload the click-id back to the ad platform it came from (Google Ads or Meta) to mark that one conversion (“offline / enhanced conversions”). You can clear it any time by clearing site data in your browser.
  • Meta Pixel — opt-in only. To measure how well our ads on Meta platforms (Facebook / Instagram) perform and to build ad audiences, the site may load the Meta Pixel, a measurement script from Meta Platforms Ireland Ltd. It loads strictly after you click “Accept” in the cookie banner. If you decline — or simply ignore the banner — no pixel code runs and no request to Meta is made. You can withdraw consent at any time via the “Cookie preferences” link in the footer; the pixel then stops loading from your next page view. How Meta handles this data: facebook.com/privacy/policy.

The first-party measurement needs no cookie banner: the funnel events are anonymous and the click-id is stored only when you arrived from an ad you already clicked. The Meta Pixel is exactly why the banner exists — it never runs unless you've agreed. If you prefer not to be measured at all, decline the banner and browse with local storage disabled — the site works exactly the same.

3. What we never collect

  • Passwords. Sign-in is magic-link (email) or Google OAuth only. We have nothing to leak.
  • The content of your AI API keys. Your model-provider keys (Google Gemini, OpenAI, Anthropic, OpenRouter, Groq and others) are encrypted at rest inside your VPS container; the decryption key never leaves the container.
  • Voice recordings beyond live processing. If you use the voice agent, audio is streamed to the model provider in real time and discarded immediately after the response. We do not persist recordings.
  • Tracking / analytics cookies — none without consent. No Google Analytics, no Hotjar, no analytics cookie of our own. The only third-party measurement script we use at all is the Meta Pixel, and it loads strictly after you opt in via the cookie banner (§2a) — decline or ignore the banner and nothing fires. Our baseline measurement is the first-party, cookieless setup described in §2a. See §5.
  • Phone numbers. Support is asynchronous; we have no phone field.

4. Sub-processors

To run the service we rely on a small set of named processors. Each has its own privacy policy you can read.

  • Google LLC — Sign in with Google (OAuth) & Gemini API. policies.google.com/privacy
  • Your chosen model provider(s) — when you connect a BYO API key (e.g. OpenAI, Anthropic, OpenRouter, Groq, NVIDIA, DeepSeek, or a custom OpenAI-compatible endpoint), your agent sends prompts directly to that provider under your own account and the provider's terms. You choose this processor; disconnect its key to stop the flow.
  • Mollie B.V. (Amsterdam, NL) — payment processing. mollie.com/privacy
  • Resend — transactional email (magic-link, billing receipts). resend.com/legal/privacy-policy
  • Microsoft Azure — hosting for the public site and customer database (region: West Europe / Sweden Central).
  • Cloudflare, Inc. — DNS, edge proxy, DDoS mitigation.
  • Hetzner Online GmbH — per-customer VPS hosting (region: Germany or Finland, your choice or auto-selected by proximity).

If we add or change a sub-processor that materially affects what data is processed, we'll update this page and notify active customers by email at least 30 days before the change takes effect (see Terms §10).

5. Cookies

Consent-free, we set two first-party cookies — both functional (Art. 5(3) ePrivacy exemption: strictly necessary, or explicitly requested by you):

  • __Host-session (HttpOnly, Secure, SameSite=None) — keeps you signed in. Lifetime: 90 days, sliding window.
  • lang — remembers the site language you pick in the language switcher. Lifetime: 1 year.

With your consent only: if you click “Accept” in the cookie banner, the Meta Pixel (§2a) may set its own cookies (such as _fbp) for ad measurement. If you decline or ignore the banner, no Meta cookie is ever set. You can withdraw consent at any time via the “Cookie preferences” link in the footer.

No analytics cookies of our own. No advertising cookies without opt-in. The first-party ad click-id from §2a lives in your browser's local storage, not a cookie. The cookie banner exists for exactly one thing — the opt-in Meta Pixel; everything else on this site works without it.

6. Your rights (GDPR Articles 15–22)

If you're in the EU/EEA, you have the right to:

  • Access — ask what data we hold about you.
  • Rectify — correct anything that's wrong.
  • Erase (“right to be forgotten”) — delete your account and associated data.
  • Restrict — pause processing while a question is unresolved.
  • Port — receive a machine-readable copy of your data.
  • Object — object to processing based on legitimate interest.

Most of these are self-service in your dashboard. For anything that isn't, email hello@sokkosai.com and we'll respond within 30 days. See the GDPR rights page for the exact request format and how each right maps to a self-service action.

7. Retention periods

  • Account record — until you delete your account.
  • Session cookie — 90 days, sliding (resets on each visit).
  • Magic-link tokens — 15 minutes, then unconditionally purged.
  • Payment records — 7 years (mandatory under Dutch tax law, Art. 52 AWR).
  • Server logs — 30 days raw, then aggregated.
  • IP addresses — 30 days raw, then hashed.
  • Anonymous funnel events & ad click-ids (§2a) — up to 12 months, then deleted or aggregated. The click-id (gclid / fbclid) in your browser's local storage expires after 90 days.
  • Cookie-consent choice (§5) — kept in your browser's local storage until you change it via “Cookie preferences” or clear site data.
  • VPS container after cancellation — 14 days grace, then destroyed (see Terms §7).

8. International transfers

Your SoKKoS-hosted data — your agent's environment, config, logs, integrations and key management — stays inside the EU/EEA: Azure (West Europe / Sweden Central), Hetzner (Germany / Finland), Mollie (Amsterdam). The AI model you connect is your own choice and is covered separately below.

Two named processors may transfer data outside the EU under Standard Contractual Clauses (SCCs) approved by the European Commission:

  • Google (OAuth login + the Gemini API you choose to use) — the prompts and context needed to generate a response are processed by Google under its terms; some processing may occur in the US.
  • Cloudflare — edge proxy with global PoPs; traffic may transit US infrastructure even though your origin is in the EU.

Both processors have signed SCCs and publish their cross-border safeguards. You can opt out of Google by using magic-link sign-in and bringing an EU-region API key from another provider.

9. Security

  • TLS 1.3 for everything in transit (Cloudflare-terminated, modern cipher suites).
  • HttpOnly + Secure + SameSite=None cookies; not readable by JavaScript.
  • Encryption at rest on Azure Storage (AES-256) and on Hetzner volumes (LUKS).
  • No plaintext passwords stored anywhere — we don't accept them in the first place.
  • Secrets in a KV store, not in code repositories.
  • Least-privilege access — the one admin account uses hardware-key 2FA.

If you find a security issue, please email hello@sokkosai.com with “security” in the subject. We acknowledge within 48h.

10. Children

The service is not directed at people under 16. We don't knowingly collect data from minors. If you believe a minor has signed up, email us and we'll delete the account.

11. Contact & complaints

Data-protection questions — hello@sokkosai.com. We respond within 30 days.

You can also lodge a complaint with the Dutch supervisory authority: Autoriteit Persoonsgegevens.

SoKKoS AI
KvK 42029374 · BTW NL005441743B74
Beuningen, Gelderland, NL
Last updated 2026-06-12

↑ Back to top