Sota Solutions Privacy Policy
This Privacy Policy applies to all SaaS services and applications operated by Sota Solutions., JSC, including but not limited to ERP, AI Assistant, and related services. This policy is designed to help you understand how we collect, use, protect, or otherwise handle your Personally Identifiable Information (PII) online and in connection with our services.
1. What personal information do we collect?
We do not collect information from visitors of our site unless you subscribe to a newsletter, open a support ticket, or enter information on our site. We may collect personal information such as your name, email address, and contact details to help you with your experience.
2. When do we collect information?
We collect information from you when you:
- Subscribe to a newsletter
- Open a Support Ticket
- Enter information on our site
3. How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use other site features in the following ways:
- To allow us to better serve you in responding to your customer service requests.
- To send periodic emails regarding your order or other products and services.
- To follow up with you after correspondence (live chat, email, or phone inquiries).
4. How do we protect your information?
Our website is regularly scanned for security holes and known vulnerabilities to make your visit as safe as possible. Your personal information is stored behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. All sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when you place an order, enter, submit, or access your information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
5. Do we use ‘cookies’?
We do not use cookies for tracking purposes. You can choose to have your computer warn you each time a cookie is being sent, or choose to turn off all cookies via your browser settings. If you turn cookies off, some features may be disabled, but you will still be able to place orders.
6. Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, as long as those parties agree to keep this information confidential. We may release information to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety. Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
7. Third-party links
We do not include or offer third-party products or services on our website.
8. Google
Google’s advertising requirements can be found at https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website. Google, as a third-party vendor, uses cookies to serve ads on our site. Google's use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.
We have implemented the following:
- Demographics and Interests Reporting
We, along with third-party vendors such as Google, use first-party cookies (such as Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or using the Google Analytics Opt Out Browser add-on.
9. California Online Privacy Protection Act (CalOPPA)
According to CalOPPA, we agree to the following:
- Users can visit our site anonymously.
- Our Privacy Policy link includes the word 'Privacy' and can easily be found on the specified page.
- Users will be notified of any Privacy Policy changes on our Privacy Policy Page.
- Users can change their personal information by emailing us, calling us, logging into their account, or sending a support ticket.
10. Do Not Track signals
We honor Do Not Track signals and do not use advertising or cookies when a Do Not Track (DNT) browser mechanism is in place.
11. Third-party behavioral tracking
We do not allow third-party behavioral tracking.
12. COPPA (Children Online Privacy Protection Act)
We do not specifically market to children under the age of 13 years old.
13. Fair Information Practices
We will notify you via email within 1 business day if a data breach occurs. We also agree to the Individual Redress Principle, which allows individuals to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law.
14. CAN-SPAM Act
We collect your email address to:
- Send information, respond to inquiries, and/or other requests or questions
To comply with CAN-SPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in a reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us or follow the instructions at the bottom of each email, and we will promptly remove you from ALL correspondence.
15. Google User Data & API Access (for OAuth-integrated users)
How We Access and Use Your Google Data
When you connect your Google account with SotaERP AI Assistant, we may access the following data, depending on your consent and the features you use:
- Your Google email address (for authentication and identifying your account).
- Your Google Drive files (read-only, used for document retrieval and workflow automation).
- Your Google Sheets documents (read and write, used for data entry, reporting, and workflow tasks).
- Your Google Contacts (used for CRM features like sending emails or managing leads).
We use this data solely to provide the requested features of SotaERP AI Assistant, such as document workflows, contact management, and email automation. We do not use your Google data for any other purposes.
Data Retention and Deletion
- Retention: We keep your Google data only as long as needed to provide the service or as required by law.
- Disconnection or Deletion: If you disconnect your Google account or request deletion, all associated Google data is permanently deleted from our systems within 30 days.
- Deletion Requests: You can email us at contact@sota-solutions.com to request deletion of your Google data anytime.
No Use for Generalized AI or Machine Learning
We do NOT use any Google user data obtained through Workspace APIs to develop, improve, or train generalized AI and/or machine learning models. Your data is used only to power your specific workflows within SotaERP AI Assistant.
Scope of Google API Access
We request the following Google API scopes:
- https://www.googleapis.com/auth/drive.readonly (to access your Drive files when needed)
- https://www.googleapis.com/auth/spreadsheets (to read/write Sheets for workflow automation)
We have evaluated using the drive.file scope, but because our application needs to access multiple existing files that may not have been created in our service, it is necessary to use a broader scope. You can review this choice in our Scope Minimization Justification section of the OAuth consent screen.
Contacting Us
If there are any questions regarding this privacy policy, you may contact us using the information below:
SOTA SOLUTIONS., JSC
2F, CIC Tower, Lane 219 Trung Kinh Street, Cau Giay
Hanoi 100000
Vietnam
+84 24 6295 4643
Last Edited on June 2025