Privacy Policy
Last updated: 3 July 2026
Data controller
Sosta is a publication of Q Division Limited, Suite 4.01 Ormond Building, 31–36 Ormond Quay Upper, Arran Quay, Dublin D07 F6DC, Ireland.
For any question about your data: info@sosta.press.
What we collect, and why
Sosta is an editorial publication. We offer no accounts, sell nothing on this site, and carry no advertising. We process personal data only in the following cases.
Newsletter subscription. When you subscribe, we collect your email address to send you Sosta's publications. Legal basis: your consent, which you can withdraw at any time via the unsubscribe link in every email or by writing to info@sosta.press. Delivery is handled by Buttondown.
Technical browsing data. As with any website, when you visit Sosta our hosting provider records technical data (IP address, browser type, date and time, pages requested) to deliver and secure the site. Legal basis: our legitimate interest in providing and protecting the service. Hosting is provided by Netlify.
Correspondence. If you write to us, we keep your email and its content in order to reply.
We use no profiling cookies and no analytics or tracking tools.
Who we share data with
We do not sell or trade your data. We rely on providers who process data on our behalf, as processors:
- Buttondown — newsletter delivery;
- Netlify — website hosting.
These providers are based in the United States; transfers rely on appropriate safeguards under the GDPR (Standard Contractual Clauses and/or certification under the EU-US Data Privacy Framework).
How long we keep it
Your email stays on our list until you unsubscribe or withdraw consent. Technical browsing data is retained for the technical period set by the hosting provider. Correspondence is kept for as long as needed to handle your request.
Your rights
Under the GDPR you may at any time request: access to your data, rectification, erasure, restriction of processing, objection, portability, and withdrawal of consent. To exercise them, write to info@sosta.press.
You also have the right to lodge a complaint with a supervisory authority. As the controller is established in Ireland, the competent authority is the Data Protection Commission (dataprotection.ie).
Changes
We may update this policy. The version in force is always the one published here, with the last-updated date shown above.