Privacy Policy

Last Updated: April 2026

‍

1. Introduction

Socorro Compliance ("Socorro," "we," "us," or "our") is committed to protecting the privacy and data integrity of our users. This Privacy Policy outlines how we collect, use, and safeguard information when you use our website, our AI Forensic Scanner, and our related services.

‍

2. The "No-Training" Pledge

At Socorro, we prioritize Data Sovereignty. We maintain a strict siloed data policy:

• We do not use any proprietary data, internal documentation, or individual scan results provided by our users to train, fine-tune, or improve our global AI models or third-party Large Language Models (LLMs).
• Your business data remains your own and is used exclusively to generate your specific compliance reports.

‍

3. Information We Collect

• Scan Data: When you utilize the Socorro Scanner, we collect the target URL and your email address to deliver the report.
• Account Information: If you register for a Certification Tier, we collect business registration details and internal policy documents.
• Usage Data: We collect standard telemetry (IP addresses, browser types) to ensure the security and stability of our forensic engine.

‍

4. How We Use Data

• To perform Surface and Deep-Dive forensic audits.
• To communicate regulatory updates via the Socorro Automated Marketing Engine (S.A.M.E.).
• To verify claims made by merchants during the Certification process.

‍

5. Data Security

We utilize enterprise-grade encryption for all data at rest and in transit. As a compliance-first firm, we adhere to the principles of Privacy by Design as outlined in the GDPR and the 2026 EU AI Act.