Privacy Policy
This website is owned by Pocco, Inc. DBA Sophare, a Delaware corporation. (When we say "Sophare", "We", "Our" or "Us" in this document, we mean Pocco, Inc., DBA Sophare). The words “Information” and “Data” may be used interchangeably.
Sophare believes privacy is a fundamental right, regardless of where you live. When you connect with Sophare, we understand you are trusting us to safeguard your privacy and sensitive data. Our operational model does not involve the resale or sharing of private data. We firmly believe that our success depends on delivering a secure, reliable service while upholding transparency with our valued customers.
For Website Visitors
Data Collection
Following the standard for many websites, we use tracking cookies to identify trends about the visitors on our website. Non-personally identifying information, such as your web browser version, your IP address, and the website you clicked from, may all be stored in our logs and third-party website analytics services such as Google Analytics.
If you fill out a contact form, we will collect and retain the personally identifying information that you have provided to us, such as name, email address, and company name, job level, and functional role together with information such as your web browser and IP address.
Purpose of Data Collection
We use this data to understand our market and assess the success of our marketing and sales efforts. We may use this information to follow up with potential customers, including via email.
Sophare collects and processes data primarily based on legitimate interests and contractual necessity. We rely on your explicit consent for activities like non-essential cookies or marketing communications.
Data Access and Usage
Sophare employees with a business need to see this data, primarily those who support our sales and marketing efforts. They will only use this information to support Sophare customer acquisition efforts and will not share your information with third parties, except trusted vendors needed to directly support our sales and marketing programs, such as our email marketing platform.
Data Retention
Sophare retains personal data for the duration of the business relationship and up to one year following termination, unless otherwise specified by customer agreements or legal obligations. Data is securely deleted or anonymized once it is no longer needed.
Data Protection
Our website uses TLS (Transport Layer Security) to encrypt any communications between our website and your web browser. The data that we store is protected in networks that are encrypted, and we use a variety of security measures, including two-factor authentication, to restrict who has access to this information.
Information Sharing
We do not share or sell identifying information with third parties except that we may store the information with specific vendors, such as our email marketing platform, who per their policies must not email you except on our behalf.
We use trusted third-party providers such as Google Analytics for website usage analytics. These providers have their own privacy policies (see the Google Privacy Policy). All third-party service providers are contractually obligated to process data securely and only according to Sophare’s instructions.
Removing Your Identifiable Information
Please send us an email at team@sophare.ai and we will remove it.
For Service Users (at app.sophare.ai and other sophare.ai URLs)
Data Collection
The main function of the Service is to securely store, process, and retrieve information ("Customer Data") that is provided to us by our Customers. This includes human resources and organizational data, such as current and past employee rosters and management structures. It also includes Personally Identifiable Information ("PII"), such as name, address, birthdate, gender, marital status, tenure, compensation, salary information, tax information, or performance review data.
Customer Data can be entered or updated individually by customers using the Sophare user interface ("UI"). Customer Data can also be bulk-imported via upload in the UI, transferred using Sophare's programmatic interface ("API"), or automatically synced from remote systems. Access to this data is strictly restricted through customer-controlled permissions. Customer Data is not shared between customers or with other systems, unless explicitly requested by the customer.
We may use your browser’s local and session storage features, to identify our Authorized Users, and retain certain user preferences.
We do not currently set “third party” cookies within our service. In the future, we may add some third-party product analytics tools to help us understand usage of our product and improve it.
Restricted Data
Sophare does not permit the use of the Service to store financial account numbers or credit card numbers, medical or health records, or any information about children under the age of 13. If we obtain knowledge that we have personally identifiable information about a child under 13 in retrievable form in our files, we will delete that information from our existing files.
Data Access and Usage
Sophare provides granular sensitivity controls that allow the customer to manage access to each type of data and determine which authorized users can view specific data.
Sophare employees do not have general access to Customer Data beyond what is necessary for their job responsibilities. However, there are a few exceptions including certain Engineers and Security personnel who may have production access, Data Scientists and Analysts who may perform aggregate analysis on anonymized and PII-scrubbed data, and other similar roles that require access for their duties. It is important to note that such access is limited and closely monitored.
Information Sharing
We do not share Customer Data with others, except at the explicit request of that Customer. For example, the Customer may turn on an integration with a third party such that Sophare automatically sends data to that third party. Such integrations are turned on at the Customer’s risk, as Sophare cannot control what happens with the data after it leaves Sophare.
Deleting Your Data
Where processing is based on consent, you may withdraw consent at any time by contacting us at team@sophare.ai.
Following Customer termination, we will delete all of a Customer’s identifiable data after one year, or earlier if you request it at team@sophare.ai.
If you are not an Authorized User, for example, you are a former employee of a Customer, you will need to contact our Customer, who is the Controller of the data and has the ability to retrieve your information from Sophare.
Retention of Information
We retain personally identifiable information that we collect only so long as reasonably necessary to fulfill the purposes for which it was collected and to meet legal requirements. We have an Information Security Policy which provides for the destruction of personally identifiable information after it is no longer needed for the purposes for which it was collected and legal requirements have been met.
Automated Decision-Making and Profiling
Sophare uses automated analytical tools and machine learning techniques to assist customers in assessing pay equity and compensation structures. However, we do not perform automated individual decision-making or profiling that produces legal effects or significantly affects individuals without human review and oversight.
Security Incident Notification
Sophare maintains strict incident response protocols. In the event of a security breach involving personal data, we will notify affected customers promptly and cooperate fully to mitigate impacts and inform affected data subjects as necessary.
GDPR
Although Sophare is a US business, we are committed to complying with the European Union’s General Data Protection Regulation (GDPR) for all individuals, whether EU citizens or not. Under GDPR, Sophare acts as the Data Processor, and our Customers are the Data Controllers, specifically regarding our Customer Data.
Under GDPR, individuals have the right to request access, rectification, erasure, restriction of processing, data portability, and objection to processing of their personal data. Sophare processes data strictly according to our agreements with Customers, who act as Controllers. Sophare relies on appropriate transfer mechanisms (e.g., Standard Contractual Clauses) for any international data transfers outside the EU/EEA.
Sophare has appointed a Data Protection Officer (DPO) responsible for overseeing data protection strategy and GDPR compliance. Contact our DPO at privacy@sophare.ai for privacy-related inquiries or GDPR requests. Our organization is Pocco, Inc. DBA Sophare, a Delaware corporation.
As required by GDPR, Sophare enters into a Data Processing Agreement (DPA) with each Customer clearly outlining the responsibilities of both parties, our obligations as a Data Processor, and security measures. Customers may request a copy of our DPA by contacting us directly at team@sophare.ai.
Changes in this Privacy Policy
We reserve the right to change this policy at any time without prior notice to users of this site. This Privacy Policy was last updated on July 23, 2025. Please check here regularly to learn of any changes to this policy. If we make any material changes we will notify you by email or by means of a notice on this site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. If you have questions or feedback on our privacy policy, contact us at team@sophare.ai.
This website is owned by Pocco, Inc., a Delaware corporation. (When we say “We”, “Our” or “Us'' in this document, we mean Pocco, Inc.). The words “Information” and “Data” may be used interchangeably.
Sophare believes privacy is a fundamental right, regardless of where you live. When you connect with Sophare, we understand you are trusting us to safeguard your privacy and sensitive data. Our operational model does not involve the resale or sharing of private data. We firmly believe that our success depends on delivering a secure, reliable service while upholding transparency with our valued customers.