Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
SOCi is a US AI driven marketing platform for multi location brands. It centralises social posting across Facebook, Instagram, Google Business Profile, LinkedIn and TikTok, runs localised paid campaigns and aggregates reviews and engagement metrics per location. For EU brands, SOCi raises GDPR and ePrivacy obligations on landing page pixels, consent, profiling at scale and the transfer of personal data to the United States.
SOCi is a US AI driven marketing platform built for multi location brands such as restaurant chains, fitness franchises, retail networks and real estate offices. It centralises content scheduling, paid ads, reputation management, listings and reporting across Facebook, Instagram, Google Business Profile, LinkedIn and TikTok, with localised variations per location.
Engagement metrics from connected social accounts, reviewers'' identifiers and contents, ad performance data, hashed audience identifiers used for matching with Meta, Google and TikTok ad platforms, and behavioural data captured by SOCi pixels deployed on customer landing pages (IP, user agent, click events, conversions).
SOCi landing page pixels set advertising cookies and share data with third party ad networks. Article 5(3) ePrivacy requires prior consent. Business pages and ad publishing are typical marketing activities that rely on the brand''s legitimate interest. Reviews and engagement responses involve user generated content that must be moderated under article 14 GDPR transparency rules.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Block SOCi pixels behind a Consent Management Platform. Ensure audience uploads to Meta and Google use only customers with marketing consent. Provide a clear privacy notice that explains how local engagement data is processed.
SOCi runs on US infrastructure. EU consumer data is transferred to the US. Transfers rely on SCCs and the EU US Data Privacy Framework where SOCi is certified, with supplementary measures.
Sign a DPA, document the audience matching flow with Meta, Google and TikTok, gate SOCi pixels behind consent, restrict dashboard access by location, set retention on engagement logs, run a DPIA for cross brand audience profiling and update the privacy notice for review handling.
Websites using SOCi must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended where SOCi processes EU consumer engagement data at scale, profiles audiences for paid social and exposes data via dashboards to many internal users across locations. Document profiling, retention, access controls, US transfer and the consent flow on landing pages.
Sample consent text
We use SOCi to run our local social and paid campaigns. SOCi processes engagement data on US infrastructure under Standard Contractual Clauses. Tracking pixels deployed via SOCi on our landing pages will only fire after your consent.
Third-party domains contacted
meetsoci.comapp.meetsoci.comcdn.meetsoci.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| soci_vid | persistent | 1 year | First party SOCi visitor identifier used on landing pages to attribute campaigns. Requires consent. |
| soci_sid | session | session | Session identifier used by SOCi landing page pixel to group events into a session. Requires consent. |
SOCi places tracking cookies for advertising — comply with GDPR using FlowConsent.
SOCi landing page pixels typically set a first party visitor identifier cookie, a session cookie and may piggyback on Meta and Google pixels for ad attribution. These cookies are advertising related and require prior consent.
Yes for landing page pixels and audience uploads to ad platforms. Article 5(3) ePrivacy requires prior consent for cookies set by SOCi. Audience uploads to Meta or Google must use customers who consented to marketing.
Landing page pixels: consent. Audience matching: consent (collected at the source). Social publishing and ad management: legitimate interest of the brand. Reviewer data and engagement: transparency under article 14 GDPR.
Yes. SOCi runs on US infrastructure. EU consumer engagement and pixel data is transferred to the US. Transfers rely on SCCs, the EU US Data Privacy Framework and supplementary measures.
A DPIA is recommended where SOCi profiles audiences across locations or brands. Document profiling logic, retention, US transfer, the link with Meta and Google audience matching and the role of internal local managers.
Sign the SOCi DPA, gate landing page pixels behind consent, audit audience matching for valid marketing consent, restrict dashboards to authorised local managers, retain only what is needed and document SOCi in the records of processing.
EU friendly alternatives include Hootsuite (with EU controls), Sprout Social (EU available), Sprinklr (global with EU regions), Khoros, Yext (US, EU available), Reachlocal, and EU specific players like Agorapulse (France) and Sembox.
List SOCi pixels and any downstream Meta or Google pixels with vendor, purposes (advertising attribution, audience matching), retention and legal basis (consent). State the US transfer. Update each time SOCi adds sub processors.