Your data.
Your rules.
We treat client information the way we treat our own production keys — locked, audited, and shared with absolutely no one.
Data Security
End-to-end encryption for every client asset, in transit and at rest. AES-256, TLS 1.3, hardware-backed keys.
Compliance
Architecture is fully GDPR and CCPA compliant by default. SOC 2 Type II controls applied to every project.
Transparency
Your data is used strictly to deliver the project you hired us for. We never sell, license, or scrape your intel.
Last updated · June 2026
What we collect
Only what we need to deliver your project: contact details you give us, the assets you upload, and standard server logs (IP, user-agent, timestamps) for security monitoring. No third-party trackers, no behavioural ad pixels.
How we store it
Client assets live in encrypted, region-pinned buckets. Source code lives in private repositories with role-based access. Production secrets are managed in a hardware-backed vault and rotated on a defined schedule.
Who can see it
Only the named team members on your engagement, plus a single security officer with read-only audit access. We do not share, sell, or license your data to any third party — full stop.
Your rights (GDPR & CCPA)
You can request a copy, correction, or full deletion of your personal data at any time. We respond within 14 days. Contact privacy@sohnics.com to exercise any of these rights.
Cookies
Our marketing site uses one first-party cookie for theme preference and a single self-hosted analytics tag with IP anonymisation. No cross-site tracking. No advertising cookies. Ever.
Breach response
In the unlikely event of a confirmed data breach, we notify all affected clients within 72 hours along with a written remediation plan, scope of impact and the corrective actions we've already taken.