Is Social Neuron GDPR compliant?
Yes. Social Neuron is built to meet GDPR obligations, and the key data-subject rights are implemented as real features rather than promises.
**Right to erasure (Article 17).** You can delete your account, which cascades through your organisations, projects, content, and stored media, and revokes the OAuth access you granted to connected platforms. When content is deleted it is gone — we do not keep shadow copies.
**Right to data portability (Article 20).** You can export all of your data as structured JSON at any time, so your information is never locked inside Social Neuron.
**Lawful basis and consent.** Authenticated product analytics rely on the contract-performance basis, while anonymous visitor tracking is gated behind explicit cookie consent, and the Global Privacy Control signal is respected. Analytics for EU users is processed in the EU.
**Data Processing Agreement.** A DPA is available for business customers who need one for their own compliance, and is published alongside the privacy policy.
**Retention.** Most data is removed when you delete your account; a narrow set of records (such as anonymised analytics and payment records required for tax law) is retained as legally required — these are intentionally kept, not an oversight.
**No selling of data.** Social Neuron does not sell your personal data, and does not use your content to train AI models. For the technical security controls behind this, see the related answer on data security.