SoAisy. Privacy Policy
Updated 15 October 2025

Privacy Policy

This Privacy Policy explains how SoAisy (“we”, “us”, “our”) — operated by Lasota Group Ltd — collects, uses, shares and protects your personal data when you visit our website and use our services. It also explains your rights under UK GDPR and the Data Protection Act 2018.

Who we are

Controller: Lasota Group Ltd (trading as SoAisy)

Registered office1a George St, Newcastle-under-Lyme, ST5 1JX, United Kingdom
Websitehttps://www.soaisy.com
Contacthello@lasota.co.uk

Supervisory authority: The UK Information Commissioner’s Office (ICO). You can learn more or lodge a complaint at ico.org.uk.

What data we collect

  • Identity and contact data — name, email, phone, business name, job title.
  • Account data — login identifiers, role, preferences.
  • Usage and technical data — IP address, device, browser type, pages viewed, referral source, time on page, cookies.
  • Content data — images, captions, posts, and assets that you upload for scheduling or brand setup.
  • Communication data — messages sent via forms, email threads, support requests.
  • Payment/transaction data — subscription tier, invoices and receipts (processed via our payment provider; we do not store full card details).

How and why we use your data (legal bases)

  • To provide and operate the service (Contract) — onboarding, content generation and scheduling, analytics, support.
  • To improve and secure our platform (Legitimate interests) — diagnostics, debugging, usage analytics, service optimisation, abuse prevention.
  • To communicate with you (Legitimate interests / Consent) — service updates, onboarding guidance, and, where you opt in, marketing emails.
  • To comply with law (Legal obligation) — tax/audit records, responding to lawful requests.
  • AI-assisted features (Contract / Legitimate interests / Consent, where required) — generating drafts of posts, images or captions based on your inputs and settings.

AI-assisted content

SoAisy uses AI models to suggest content and layouts based on the brand information you provide. Draft outputs are reviewed by our UK-based team (for DFY plans) before publishing. You retain ownership of your uploaded assets and approved outputs (see “Ownership and retention”).

Cookies and analytics

We use necessary cookies for core functionality and optional analytics cookies to understand performance. Where required, we ask for your consent when you first visit.

  • Essential — session management, security, payment flow.
  • Analytics — aggregated usage (e.g. page views, engagement) to improve the product.

You can control cookies in your browser settings and via our cookie banner.

Sharing your data

We do not sell your personal data. We share limited information with:

  • Service providers — hosting, cloud storage, analytics, email, payment processing, customer support tools.
  • Social platforms — when you connect your accounts for publishing (e.g. Facebook, Instagram, LinkedIn, Google Business Profile).
  • Professional advisers — legal, accounting, insurance, as necessary.
  • Authorities — if required by law or to protect our rights, users, or the public.

Where providers are outside the UK/EEA, we rely on appropriate safeguards such as adequacy regulations or standard contractual clauses.

Data retention

We keep personal data only as long as necessary for the purposes above:

  • Account information — for the life of your account and up to six years after closure for record-keeping.
  • Content and assets — while your subscription is active, or until you delete them.
  • Support communications — typically up to two years.
  • Billing records — up to seven years to meet legal obligations.

Your rights

Under UK GDPR you can:

  • Request access to your personal data and a copy of it.
  • Request correction of inaccurate or incomplete data.
  • Request deletion in certain circumstances.
  • Object to or restrict processing, including direct marketing.
  • Data portability — receive data in a structured, commonly used format.
  • Withdraw consent at any time where processing is based on consent.

To exercise your rights, contact hello@lasota.co.uk. You also have the right to complain to the ICO.

Security

We use a combination of technical and organisational measures to protect personal data, including access controls, encryption in transit, and regular monitoring. No online service can be 100% secure, but we work to prevent unauthorised access, disclosure, alteration or destruction.

Children’s data

Our services are not directed to children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us so we can delete it.

International transfers

Your data may be processed outside the UK/EEA by our providers. Where this occurs, we use lawful transfer mechanisms such as adequacy decisions and UK-approved standard contractual clauses.

Changes to this policy

We may update this Privacy Policy from time to time. We will post the latest version on this page and update the “Updated” date above. Significant changes may be notified by email or in-app.

Contact us

If you have questions about this policy or your data, contact:

Lasota Group Ltd (SoAisy)
1a George St, Newcastle-under-Lyme, ST5 1JX, United Kingdom
Email: hello@lasota.co.uk