Sousou LogoSousou

Privacy Policy

Last updated: December 2025

1. Introduction

Sousou ("we", "us", "our" or "the Platform") is a digital companion for rotating savings circles. This Privacy Policy explains how we collect, use, store and protect your information when you visit our websites, use the Sousou mobile experience, or access the Sousou Admin dashboard.

We process personal data in line with applicable data protection laws, including the UK GDPR and EU GDPR (where relevant). By using Sousou, you agree to this Policy. If you do not agree, please do not use the Platform.

2. Information We Collect

We may collect information about you in a variety of ways:

Information You Provide Voluntarily:

  • Registration information (name, email, password)
  • Profile information (photo, preferred language, basic bio)
  • Communication through forms and contact pages
  • Support requests and feedback
  • Circle information (circle name, description, contribution amounts, schedules and member roles)

Information Collected Automatically:

  • Device information (browser type, IP address)
  • Usage data (pages visited, features used, time spent, interactions)
  • Cookies and similar tracking technologies
  • Approximate location data (from IP address) and, if you allow it, more precise location on mobile devices

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate and maintain the Sousou mobile experience and admin dashboard
  • Create and manage your account and circles
  • Show contribution schedules, rounds and payouts to appropriate members
  • Send reminders, notifications and important service messages
  • Respond to your comments, questions and support requests
  • Improve and personalize your experience and our features
  • Monitor the security and stability of the Platform
  • Comply with legal obligations (including anti‑money laundering and fraud‑prevention laws where applicable) and enforce our Terms & Conditions

4. Disclosure of Your Information

We do not sell, trade or rent your personal information. We may share your information in the following circumstances:

  • With service providers (e.g. hosting, analytics, email) who help us operate Sousou
  • With payment processors when you purchase a paid plan
  • With circle admins you explicitly join or interact with, as necessary to run the circle
  • When required by law, regulation, court order or to respond to lawful requests by public authorities (including for anti‑money laundering, fraud prevention or law enforcement purposes)
  • In the event of a merger, acquisition, or reorganisation of the business
  • With your explicit consent

5. Cybersecurity & Data Security

We take cybersecurity seriously. Your data security is our top priority. We implement industry-standard security measures to protect your personal information:

  • Encryption: Connections to our services use SSL/TLS. Passwords are stored using industry-standard hashing algorithms.
  • Secure Infrastructure: We use trusted cloud platforms with multi-layer security controls
  • Access Controls: Only authorized personnel have access to personal data, with strict role-based permissions
  • Regular Reviews: We regularly review our systems and third-party providers for security and reliability
  • Data Backups: We maintain secure, redundant backups to prevent data loss
  • Incident Response: We have established procedures to respond to and mitigate data breaches

While we employ robust security measures, no method of transmission over the Internet is 100% secure. We encourage you to use strong passwords and keep your account credentials confidential.

6. Legal Bases & Compliance

Where GDPR or similar laws apply, we rely on different legal bases to process your personal data, including:

  • Performance of a contract (providing the Sousou service to you)
  • Our legitimate interests (for example, improving the Platform and preventing abuse)
  • Your consent (for certain communications or optional features)
  • Compliance with legal obligations (including record‑keeping and responding to lawful requests)

You are responsible for ensuring that your use of Sousou is lawful in your own jurisdiction. Sousou does not provide legal, tax or financial advice.

7. Your Rights

Under applicable data protection laws (including GDPR where it applies), you may have the following rights:

  • Right to Access: You can request access to your personal data
  • Right to Rectification: You can request correction of inaccurate data
  • Right to Erasure: You can request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: You can limit how we process your data
  • Right to Data Portability: You can request your data in a portable format
  • Right to Object: You can object to processing for marketing purposes

8. Cookies

We use cookies and similar technologies to enhance your experience on our Platform. Cookies help us remember your preferences, understand how you use our Platform and personalise content. You can control cookie settings through your browser, though some features may not function properly if cookies are disabled.

9. Third-Party Links

Our Platform may contain links to third-party websites. We are not responsible for the privacy practices of external sites. We encourage you to review their privacy policies before providing any personal information.

10. Children's Privacy

Sousou is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that a child under 13 has provided us with personal data, we will delete it as soon as reasonably possible.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices. We will notify you of any significant changes by updating the "Last updated" date and, where applicable, by obtaining your consent.

12. Contact & Data Protection

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Sousou

Email: privacy@createensemble.com