Privacy Policy

Effective Date:
September 1, 2025
Service Provider:
coSociale
Document Version:
1.0

Privacy Policy

Table of Contents

1. Introduction

coSociale is a brand operated by Ovongiz AS, a company incorporated in Norway and subject to the General Data Protection Regulation (GDPR Privacy Rights) and other applicable European data protection laws.

This Privacy Policy explains how coSociale ("we", "us", or "our") collects, uses, shares, and protects your Personal Information when you access or use our website at https://cosociale.com, including related subdomains, applications, browser extensions, and services (collectively, the "Services").

In this policy, Personal Information refers to any data that can identify an individual, such as a name, email address, IP address, or other data associated with an identifiable person.

We also describe your rights concerning your Personal Information and how you can access, update, or manage your details. If you have any questions or concerns about how we handle your data, please refer to the Contact Information section at the end of this policy.

Controller vs. Processor

  • When you use coSociale to manage your own account (e.g., creating a profile, subscribing, receiving communications), we act as the Data Controller.
  • When business customers use coSociale to manage and schedule posts, analytics, and data about their own users, we act as the Data Processor, following their instructions. In these cases, the customer is responsible for providing privacy information to their end users.

By using our Services, you agree to this Privacy Policy and to our Terms of Service. Capitalized terms used but not defined in this Privacy Policy have the meanings given in the Terms of Service.

2. Information We Collect

We collect different types of information depending on how you interact with our Services.

2.1. Personal Information You Provide

When you interact directly with us, you may provide:

  • Name, email address, and contact details.
  • Payment and billing information (processed securely by third-party payment providers).
  • Account credentials (username, password).
  • Communications you send us (support requests, feedback, survey responses).
  • Content you create or upload within the Services.

2.2. Information from Connected Social Media Accounts

When you connect your social media accounts (e.g., Twitter, Facebook, LinkedIn, Instagram), we may access and process the following:

  • Profile information (username, display name, profile picture).
  • Content you authorize us to publish, schedule, or manage on your behalf.
  • Analytics data provided by those platforms (e.g., impressions, engagement, reach).

We do not collect or store your social media passwords. Connections are made through the respective platform’s official authorization mechanisms (e.g., OAuth).

2.3. Information Automatically Collected

When you use our Services, we automatically collect certain technical and usage information, such as:

  • Log data (IP address, browser type, operating system, device identifiers).
  • Usage data (features used, pages visited, interactions, timestamps).
  • Cookies and tracking technologies (see Cookies and Tracking Technologies).

This helps us operate securely, troubleshoot issues, and improve your overall experience.

3. How We Use Your Information

We process your information only where we have a valid legal basis to do so (such as consent, contract, legal obligation, or legitimate interest).

3.1. Provide and Operate the Service

We use your data to deliver, maintain, and improve our Services, including account setup, authentication, scheduling posts, and providing analytics.

3.2. Communicate with You

We use your contact information to respond to inquiries, send updates about your account, provide service announcements, and manage support tickets.

3.3. Personalize and Improve the Experience

We analyze usage patterns to tailor features, suggest improvements, and optimize workflows within the platform.

3.4. Analytics and Business Intelligence

We process aggregated and anonymized data to understand how our Services are used, track performance, and guide product development.

3.5. Marketing and Advertising (With Your Consent)

If you opt in, we may send newsletters, promotional emails, or targeted offers. You can withdraw consent at any time by adjusting your communication preferences.

3.6. Legal and Security Purposes

We use your information as necessary to comply with laws, enforce our Terms of Service, detect and prevent fraud or misuse, and protect the rights and safety of our users and the public.

4. How We Share Your Information

We do not sell your personal information. We share it only in limited circumstances to provide the Services, comply with law, or with your consent.

4.1. Service Providers and Partners

We may share your data with trusted third parties who support our operations, such as:

  • Payment processors
  • Analytics and performance monitoring tools
  • Customer support platforms
  • Social media platforms for authorized integrations

All third parties are contractually required to keep your data secure and use it only for the purposes we define.

4.2. Legal Compliance and Law Enforcement

We may disclose personal information if we believe it is reasonably necessary to:

  • Comply with legal obligations, subpoenas, or government requests
  • Enforce our Terms of Service
  • Detect or prevent fraud, abuse, or security incidents
  • Protect the rights, property, or safety of coSociale, users, or the public

4.3. Business Transfers

If coSociale undergoes a merger, acquisition, or sale of assets, user data may be transferred to the new entity.

We will notify users of material changes publicly and provide options if required by law.

4.4. Affiliates

We may share information with subsidiaries or affiliates only as needed to provide and improve the Services.

4.5. Aggregated or Anonymized Data

We may share aggregated or anonymized data that cannot identify you personally with research teams, partners, or for marketing purposes.

5. How We Protect Your Information

We implement technical, administrative, and organizational safeguards to protect your information from unauthorized access, disclosure, alteration, or destruction.

5.1. Security Measures

Security measures include:

  • Encryption – HTTPS and encryption of data at rest and in transit
  • Firewalls and intrusion detection systems
  • Access controls – limiting access to authorized personnel only
  • Regular security audits and vulnerability assessments
  • Two-factor authentication for account security

5.2. Data Storage and Retention

We store your personal information securely in regions with strong privacy protections. Retention periods include:

  • Account data: until account deletion or user request
  • Transaction records: minimum of 5 years (as required by financial regulations)
  • Marketing data: until user opts out

When information is no longer needed, it is securely deleted or anonymized. For more details, see Data Retention Policy.

5.3. Breach Notification

In the event of a data breach affecting your information:

  • We notify you as required by applicable laws
  • Provide details of the incident and mitigation steps
  • Offer guidance to protect yourself

6. Your Rights and Choices

Depending on your location and applicable laws, you may exercise certain rights over your personal data.

6.1. Your Privacy Rights

Subject to applicable laws, your rights include:

  • Access – request a copy of your personal information
  • Correction – update or correct inaccurate information
  • Deletion – request deletion of personal information
  • Restriction – limit processing of your data
  • Objection – object to certain uses such as marketing
  • Data Portability – transfer your data to another service provider
  • Withdraw Consent – revoke consent for processing where applicable

6.2. Communication Preferences

You may manage your communication preferences by:

  • Clicking the unsubscribe link in marketing emails
  • Updating account settings
  • Contacting us at support@cosociale.com

Service-related messages (e.g., account updates, security alerts) will continue even if marketing communications are opted out.

6.3. Filing a Complaint

If you have concerns regarding your data:

  • Contact us directly at support@cosociale.com
  • For EU, UK, or similar jurisdictions, you may file a complaint with your local data protection authority

7. International Data Transfers

As a Norway-based company, coSociale complies with GDPR and other applicable data protection laws. Your data may be transferred, stored, or processed internationally.

7.1. Region-Based Data Storage

We strive to store and process data in the region closest to you:

  • EEA users: data stored and processed within the EEA
  • U.S. users: some data may be processed in the U.S. to deliver services efficiently

All transfers follow security and legal requirements.

7.2. Legal Safeguards for International Transfers

We implement safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by EU or UK authorities
  • Participation in frameworks like the EU-U.S. Data Privacy Framework
  • Contracts and due diligence for third-party processors

7.3. Our Commitment

Regardless of where your data is processed:

  • We apply consistent privacy and security practices
  • Use strong technical and organizational measures
  • Work only with trusted service providers maintaining equivalent protections

8. Children’s Privacy

coSociale’s services are not intended for children under the age of 16, and we do not knowingly collect personal information from anyone under this age.

8.1. No Intentional Collection

We do not knowingly:

  • Collect personal data from children under 16
  • Offer services directed at children under 16

If we become aware that we’ve collected personal information from a child under 16 without verified parental consent, we will promptly delete that information.

8.2. If You Are a Parent or Guardian

If you believe your child under 16 has provided personal information without your consent, please contact us at:

support@cosociale.com

We will review the situation and remove data in accordance with applicable laws.

9. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements.

9.1. How We Notify You

  • We post the new version of this policy on our website with a revised effective date
  • If changes are significant, we may notify you by email or display a notice when you next use the Service

9.2. Your Responsibility to Review

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information.

9.3. Continued Use

Your continued use of coSociale’s Services after changes take effect constitutes acceptance of the updated Privacy Policy.

10. How to Contact Us

For questions, concerns, or requests regarding your data or this Privacy Policy:

By Email: support@cosociale.com

We aim to respond to all inquiries promptly and appropriately.

11. Data Controller and Data Protection Officer (DPO)

If you have questions about how your data is processed or wish to exercise your rights, you may contact our Data Protection Officer (DPO) at:

dpo@cosociale.com

12. Third-Party Links

Our Services may contain links to third-party websites, applications, or services not operated by coSociale.

We are not responsible for their privacy practices or content. We encourage you to read the privacy policies of any third-party services you access through our platform.

13. User-Generated Content

You retain ownership of content you upload, post, or share. By using our Services, you grant coSociale a license to use, display, and distribute your content as necessary to provide the Services.

Please avoid including sensitive personal data within user-generated content.

14. Legal Bases for Processing (For EU/EEA Users)

Where applicable, we process your personal information under GDPR on the following grounds:

  • Consent – You have given clear consent for specific processing activities
  • Contractual Necessity – To perform our agreement with you
  • Legitimate Interests – To improve our Services, maintain security, and prevent fraud, provided your rights are not overridden
  • Legal Obligation – To comply with legal requirements

15. Cookies and Tracking Technologies

For detailed information about cookies and similar technologies used by coSociale, please review our Cookies Policy Policy.

16. Data Retention Periods

We retain personal data only as long as necessary to provide the Services and comply with legal obligations. Examples include:

  • Account information – Retained until account deletion or user request
  • Transaction records – Minimum of 5 years or as required by law
  • Marketing data – Retained until opted out or unsubscribed

We regularly review retention practices to ensure data is not held longer than necessary. See Data Retention Policy for more details.

17. Automated Decision-Making and Profiling

coSociale does not use automated decision-making or profiling that produces legal or similarly significant effects on users.

If this changes, we will update this Privacy Policy and notify affected users accordingly.