Sol4.o
Your Industry 4.0 Platform

Privacy Policy

Effective: 11 May 2026

Sol4.o ("we", "us", "our") provides an industrial IoT platform for energy management. This Privacy Policy explains what personal data we collect, why we collect it, and the rights you have. It applies to anyone who uses our hosted application, installs our on-premise components, or interacts with our website.

1. Data we collect

We collect only what we need to operate the service:

  • Account data — name, email address, hashed password, role and tenant assignment, and audit-log entries (which actions you performed, when, and from which IP).
  • Operational data — telemetry from your industrial devices (power readings, statuses, alarms). This is your data; we process it only on your behalf as part of running the platform.
  • Technical data — IP address, browser/user-agent, page-view timestamps, and minimal client-side error reports we use to keep the application working. We do not run advertising trackers.
  • Payment data — handled exclusively by Stripe. We store the resulting customer ID and subscription metadata, never the card number itself.

2. Why we process it

  • To authenticate you and authorise access to the data your role allows.
  • To run the platform: ingest telemetry, send commands, surface alarms, generate reports.
  • To bill you, when you are on a paid tier.
  • To investigate incidents (security events, bugs, outages).
  • To send strictly transactional emails (invites, password resets, alerts, invoices).

We do not sell or rent personal data, and we do not use your operational data for any purpose other than serving you.

3. Sub-processors

We rely on the following providers to operate the platform. Each is bound by contractual data-protection obligations. The current list is:

  • Amazon Web Services (Frankfurt / eu-central-1) — hosting, storage, backups.
  • Stripe — payment processing.
  • Resend — transactional email delivery.
  • Google reCAPTCHA v3 — login abuse-protection.
  • Sentry — application error reporting.
  • Cloudflare (if enabled on your edge) — DDoS protection and DNS.

If we change this list materially, we will update this page before the change takes effect.

4. Retention

  • Account data is kept while your tenant is active and for 12 months after closure (so we can answer billing or legal questions).
  • Operational telemetry is kept according to the retention window of your tier; deleted afterwards.
  • Backups are encrypted and rotate out within 12 months.
  • Audit logs are kept for 24 months for security-investigation purposes.

5. Your rights

You can ask us to (a) confirm what personal data we hold about you, (b) export it, (c) correct it, (d) delete it, or (e) restrict its processing. Email privacy@sol4o.comand we'll respond within 30 days. We may need to verify your identity before acting on certain requests.

6. Security

Data is encrypted in transit (TLS 1.2+). Passwords are hashed with bcrypt. Backups are encrypted at rest in S3 and rotate through cold storage. We log every authentication and every privileged action. We do not promise that any service is perfectly secure, but we report material breaches promptly per applicable law.

7. International transfers

Our primary hosting region is the European Union (Frankfurt). If you operate outside the EU, your data is still processed in the EU; some sub-processors (Stripe, Sentry, Resend) may transmit limited data to their home regions. Standard contractual clauses apply where required.

8. Children

Sol4.o is a business platform and is not intended for anyone under 18. We do not knowingly collect data from minors.

9. Changes to this policy

We'll post any change here and update the "Effective" date. If a change is material, we'll also email tenant administrators.

10. Contact

Questions or requests: privacy@sol4o.com.