This Privacy Policy describes how 
SocialKred Ltd (“SocialKred”, “we”, 
“us”, or “our”) processes personal data.


Our role under data protection laws

SocialKred operates a B2B SaaS 
platform. Depending on the context, we act as either:


i) Data processor for personal 
data processed on behalf of 
our customers through the 
platform (for example, member users participating in campaigns)


ii) Data controller for personal data processed for our own 
business purposes, such as account management, billing, 
support, and marketing


Personal data we may collect

Customer admin users we may collect:


– Name


– Company Name

– Email address
– Telephone number

– Address

– Profile photo

– Account and usage data

Member users (processed 
on behalf of customers)

– Name
– Email address

– Social media handles

– Photos and videos submitted through campaigns

– Engagement and participation statistics

Technical and usage data we may collect:

– IP address
– Device and browser information
– Usage analytics
– Log data

How we use personal data

As a data controller we use personal data to:

– Provide and manage customer accounts
– Provide support
– Maintain platform security
– Improve and develop our services
– Send service or marketing communications where permitted by law

As a data processor we process personal data strictly:

– On behalf of our customers
– In accordance with their instructions
– As described in our Data Processing Agreement (DPA)

Legal bases for processing (GDPR)

Where we act as a controller, we rely on:

– Contractual necessity: to provide our services
– Legal obligations: such as accounting and tax laws
– Legitimate interests: such as service improvement and security
– Consent: where required for marketing or cookies

Payments

Payments for the platform are processed directly by SocialKred.

We may process billing and transaction data necessary to
complete payments and maintain financial records.

Data sharing and sub-processors

We use trusted service providers, including:

– AWS (cloud infrastructure)
– Google Cloud Platform (cloud infrastructure)
– Brevo (email delivery)
– socialplatform.cloud (social media integrations)
– GitLab (code repository)
– Google Workspace (email and productivity)
– Pipedrive (CRM)
– Meta and X APIs (social media data integrations)

These providers process data under contractual data protection obligations.

International data transfers

Where personal data is transferred outside the UK or European Economic Area, we use appropriate safeguards, such as:

– Standard Contractual Clauses (SCCs)
– Transfers to countries with adequacy decisions


Data storage location

Our primary hosting region is in the European Union (Ireland).


Data retention

We retain personal data:

– For as long as necessary to provide the services
– As required for legal, accounting, or reporting obligations
– Until the customer deletes the data or the account is closed

Your data protection rights

Where applicable, individuals have the right to:

– Access their personal data
– Correct inaccurate data
– Request deletion
– Restrict or object to processing
– Data portability
– Withdraw consent where applicable

Requests should be directed to the relevant customer (data controller) or to us at: support@socialkred.com


Children

The platform is not intended for users under 13 years old.

Customers are responsible for ensuring lawful participation of their users.


Security

We implement appropriate technical and organizational measures to protect personal data, including:

– Encrypted connections (HTTPS)
– Access controls
– Secure cloud infrastructure
– Two-factor authentication

Changes to this policy

We may update this Privacy Policy from time to time.

We will post the updated version on our website with a revised “Last updated” date.