Privacy Policy

Last Updated: April 23, 2026

This Privacy Policy explains how Soul collects, uses, stores, and protects personal data when you use our website, platform, compiler, generated binaries, contact forms, and related services.

We process personal data in accordance with the General Data Protection Regulation (GDPR), Spanish data protection law, and other applicable European Union privacy regulations.

1. Data Controller

The data controller responsible for the processing of your personal data is Alter Ego DS, a company registered in Spain.

Legal identification details, including registered address and tax identification number, shall be made available on the website in accordance with applicable Spanish law.

For privacy-related inquiries, you may contact us at info@soul-run.com or through our Contact form.

2. Personal Data We Collect

We collect only the data necessary to provide, secure, improve, and legally operate the Services.

Account Data

  • Email address.
  • Username or account identifier.
  • Password credentials, stored securely using appropriate hashing mechanisms.
  • License tier and account status.

Billing and License Data

  • Selected plan or license.
  • Payment status and transaction reference.
  • Invoice or billing details where legally required.
  • Tax-related information when applicable.

Technical and Usage Data

  • IP address.
  • Browser type and device information.
  • Login timestamps.
  • Compiler usage events.
  • Security logs and error logs.
  • Approximate usage metrics needed to prevent abuse and enforce license limits.

Compilation Data

  • Soul source code submitted to the compiler.
  • Compilation parameters and build configuration.
  • Compiler errors, diagnostics, and build logs.
  • Generated binary metadata, such as creation date, target platform, and license association.

Communication Data

  • Messages sent through the contact form.
  • Support requests and related correspondence.
  • Information you voluntarily provide when contacting us.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To create and manage user accounts.
  • To provide access to the Soul compiler and related services.
  • To generate, manage, and associate binaries with the corresponding license holder.
  • To process payments, invoices, licenses, and purchase records.
  • To authenticate users and protect accounts.
  • To detect abuse, prevent unauthorized access, and protect platform security.
  • To respond to support requests, legal inquiries, and contact form submissions.
  • To comply with legal, tax, accounting, and regulatory obligations.
  • To improve reliability, performance, and functionality of the Services.

4. Legal Bases for Processing

We process your personal data under one or more of the following legal bases:

  • Performance of a contract: to provide accounts, compiler access, licenses, generated binaries, support, and related services.
  • Legal obligation: to comply with tax, accounting, consumer protection, and legal record-keeping requirements.
  • Legitimate interest: to secure the platform, prevent abuse, diagnose technical problems, improve the Services, and protect our legal rights.
  • Consent: when required for non-essential cookies, optional communications, or other processing that legally requires consent.

5. Source Code, Build Data, and Generated Binaries

Soul may process the source code, build parameters, compiler logs, and metadata that you submit or generate through the platform in order to provide the compilation service.

Your source code remains your property. We do not claim ownership over the code you write using the Soul language.

We do not use your private source code to train artificial intelligence models, resell it, publish it, or share it with unauthorized third parties.

You are responsible for ensuring that source code submitted to Soul does not contain unnecessary personal data, confidential credentials, secrets, private keys, production passwords, or third-party materials that you are not authorized to process.

6. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required by law.

  • Account data: retained while your account remains active and for a reasonable period after deletion where needed for legal, security, or dispute purposes.
  • Billing and invoice data: retained for the legally required tax and accounting retention periods.
  • Technical and security logs: retained for a limited period necessary to protect the platform, investigate incidents, and prevent abuse.
  • Compilation data: retained only as needed to provide the service, maintain build history, support license verification, troubleshoot errors, or comply with user-selected functionality.
  • Support and contact messages: retained for as long as needed to respond to your request and maintain a record of the communication.

7. Data Sharing and Service Providers

We do not sell your personal data.

We may share limited personal data with trusted service providers only where necessary to operate the Services, including:

  • Hosting and infrastructure providers.
  • Payment processors.
  • Email and communication providers.
  • Analytics or performance monitoring providers, where applicable.
  • Legal, accounting, or compliance advisors where necessary.

These providers may only process data according to our instructions and for the purposes required to provide their services, subject to appropriate contractual safeguards.

8. International Data Transfers

Where possible, we use service providers and infrastructure located within the European Economic Area.

If personal data is transferred outside the European Economic Area, we will ensure that appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses, or other mechanisms recognized under GDPR.

9. Data Security

We apply appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, loss, destruction, or misuse.

These measures may include access controls, encryption in transit, secure password hashing, backups, monitoring, logging, and restricted administrative access.

No online service can guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for avoiding the submission of unnecessary secrets, credentials, or sensitive data inside source code.

10. Cookies and Tracking

We use essential cookies required for the website and platform to function, including session management, authentication, security, and preference storage.

We do not use advertising cookies or third-party tracking cookies without your prior consent where such consent is legally required.

If non-essential analytics cookies are introduced, they will be subject to the applicable consent requirements.

11. Your GDPR Rights

You have the following rights under GDPR, subject to the conditions and limitations established by applicable law:

  • Access: request confirmation and a copy of the personal data we process about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your personal data where legally applicable.
  • Restriction: request limitation of processing in certain circumstances.
  • Objection: object to processing based on legitimate interests.
  • Data portability: receive your data in a structured, commonly used, machine-readable format where applicable.
  • Withdraw consent: withdraw consent at any time where processing is based on consent.

To exercise your rights, contact us at info@soul-run.com. We may need to verify your identity before responding to your request.

12. Right to Lodge a Complaint

If you believe that your data protection rights have been infringed, you have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos — AEPD) or with the supervisory authority of your country of residence.

13. Children

The Services are intended for professional and technically qualified users and are not directed to children under the age of 14. We do not knowingly collect personal data from children.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our Services, legal requirements, or data processing practices.

When changes are material, we will make reasonable efforts to notify registered users or display a notice on the website.

15. Contact

If you have any questions about this Privacy Policy or how we process personal data, please contact us at info@soul-run.com or through our Contact form.