Privacy Policy
Last updated: 28 May 2026
1. Introduction
Soatech ("we", "us", or "our") operates the website soatech.co. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or use our services.
We are committed to protecting your privacy and complying with applicable data protection regulations, including the General Data Protection Regulation (GDPR).
2. Data Controller
The data controller responsible for your personal data is:
- Soatech
- Europe
- Email: hello@soatech.co
3. Data We Collect
We collect the following categories of personal data:
3.1 Inquiry and Booking Data
We do not operate an on-site contact form. To start a scoping conversation, you either email us directly or book a call through an external Google Calendar appointment link. When you contact us or book a call, we may process:
- Full name
- Email address
- Company name (if you provide it)
- Project description / message
This data is processed on the basis of your consent (by contacting us or booking a call) and our legitimate interest in responding to your inquiry. Calendar bookings are handled by Google Calendar in accordance with Google's Privacy Policy.
3.2 Analytics Data
We automatically collect certain technical data through analytics tools, including:
- Pages visited and navigation paths
- Time spent on pages
- Device type, browser, and operating system
- Approximate geographic location (country/region level)
- Referring website or source
- Page load performance metrics
3.3 Prospect Outreach Data
As part of our business development, we conduct direct business-to-business outreach to companies whose profile matches our services (for example, funded startups and software studios). For this purpose we process limited business-contact data obtained from public sources and business data providers, including:
- First and last name
- Business email address
- Company name and website
This data is imported from a structured file (CSV), used to send a relevant introductory email via our email provider (Resend), and logged to our internal records (CRM) to track outreach and honor opt-outs. We process this data on the basis of our legitimate interest (Article 6(1)(f) GDPR) in offering our services to relevant businesses. Every outreach email identifies us and includes a way to opt out. You may object to this processing or request erasure at any time by emailing hello@soatech.co, and we will remove your details from future outreach.
4. How We Use Your Data
We use the data we collect for the following purposes:
- To respond to your inquiries and provide project quotes
- To communicate with you about our services and potential engagements
- To analyze website traffic and improve our website
- To monitor and improve website performance
- To comply with legal obligations
5. Cookies and Tracking Technologies
Our website uses the following analytics and tracking services:
- Google Analytics 4 (GA4) — We use Google Analytics with the measurement ID G-FTQR1F5G3Q to understand how visitors interact with our website. GA4 uses cookies to collect anonymized usage data. Google may process this data on servers located outside the EU/EEA. For more information, see Google's Privacy Policy.
- Vercel Analytics — We use Vercel Analytics to measure website traffic. Vercel Analytics is privacy-friendly and does not use cookies. Data is aggregated and not personally identifiable.
- Vercel Speed Insights — We use Vercel Speed Insights to monitor real-user performance metrics (Core Web Vitals). This tool collects anonymized performance data and does not use cookies.
6. Third-Party Services
We use the following third-party services to process your data:
- Resend — We use Resend as our email delivery service to send reply emails to inquiries and the introductory outreach emails described in Section 3.3. Resend processes the recipient name, email address, and message content solely for the purpose of email delivery.
- Vercel — Our website is hosted on Vercel. Vercel may process server logs containing your IP address and request data in accordance with their privacy policy.
- Google — Google Analytics processes anonymized usage data as described in Section 5.
7. Data Storage and Retention
Inquiry, booking, and prospect-outreach data are retained for as long as necessary to fulfill the purpose for which they were collected, typically for the duration of our business relationship plus a reasonable period thereafter for follow-up and legal compliance purposes. Prospect-outreach records are deleted promptly on request or once outreach is no longer relevant.
Analytics data is retained according to the default retention settings of each analytics provider:
- Google Analytics 4: 14 months
- Vercel Analytics: aggregated data retained per Vercel's policies
8. GDPR Compliance and Your Rights
If you are located in the European Economic Area (EEA), you have the following rights under the GDPR:
- Right of access — Request a copy of the personal data we hold about you
- Right to rectification — Request correction of inaccurate or incomplete data
- Right to erasure — Request deletion of your personal data
- Right to restrict processing — Request that we limit how we use your data
- Right to data portability — Receive your data in a structured, machine-readable format
- Right to object — Object to the processing of your personal data
- Right to withdraw consent — Withdraw consent at any time where processing is based on consent
To exercise any of these rights, please contact us at hello@soatech.co. We will respond to your request within 30 days.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our website is served over HTTPS, and we use secure third-party services that maintain industry-standard security practices.
10. International Data Transfers
Some of our third-party service providers (such as Google and Vercel) may process data outside the European Economic Area. In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.
11. Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at hello@soatech.co.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:
- Email: hello@soatech.co
- Location: Europe