Skip to content
Sociable AI Documentation

Compliance

Platform Policy Compliance

Meta/Instagram

  • Platform Audits: We undergo platform audits to ensure our integration adheres to Meta’s platform policies
  • API Usage: We follow Meta’s API usage guidelines and data handling requirements
  • Content Policies: Our automation follows Meta’s content and behavior guidelines

LinkedIn

  • Developer Program: Active member of LinkedIn’s developer program
  • API Policies: We follow LinkedIn’s API usage policies and rate limits

Telegram

  • Bot API Guidelines: We adhere to Telegram’s Bot API guidelines and usage policies

Privacy Principles

GDPR Principles

  • Data Subject Rights: We provide mechanisms for data access, rectification, and erasure upon request
  • Data Minimization: We only collect what’s necessary for our services to function
  • Technical Measures: We implement appropriate security measures for data protection
  • Third-Party Selection: We select providers who maintain their own GDPR compliance

CCPA Principles

  • Consumer Rights: We support the right to access, delete, and control personal information
  • Transparency: We provide clear information about data collection practices
  • Service Provider Management: We have appropriate agreements with service providers

Security Approach

Best Practices

  • Provider Selection: We leverage SOC 2 compliant providers for critical infrastructure
  • Secure Design: Our systems are designed with security and privacy in mind
  • Encryption: We implement encryption for data in transit and at rest

Payment Processing

  • PCI Responsibility: All payment processing is handled by Stripe, a PCI DSS Level 1 certified provider
  • Card Data: We do not store, process, or transmit credit card data directly

Ongoing Efforts

Sociable AI maintains an active security program that includes:

  1. Regular Reviews: Internal review of security practices and controls
  2. Provider Verification: Ongoing monitoring of service provider compliance status
  3. Policy Updates: Regular updates to privacy and security policies
  4. Training: Security awareness training for team members

Documentation Available

Clients with specific questions can request additional information by contacting product@sociable.how. Available documentation includes:

  • Information about our security practices
  • Details about our data handling approach
  • Provider compliance information

Third-Party Certifications

We leverage the following third-party certified providers:

ProviderTheir Certifications/Attestations
Google Cloud PlatformISO 27001, SOC 1/2/3, GDPR, HIPAA
AWSISO 27001, SOC 1/2/3, PCI DSS, GDPR
ClerkSOC 2 Type 2, GDPR, CCPA
SupabaseSOC 2 Type 1, GDPR
StripePCI DSS Level 1, SOC 1/2
VercelSOC 2, GDPR