PRIVACY POLICY

Effective date: 20.08.2025
Last updated: 20.08.2025
Controller: InnoLoom Solutions
Email: hello@innoloomsolutions.com

This policy explains how we handle personal data when you use our website, subscribe to content, or work with us on projects.

1. Definitions.

• User/Client: Any professional or capable natural person, or legal entity, who visits or uses https://www.innoloomsolutions.com/ (hereafter “Site”).

• Services: All digital learning solutions and related consulting, design, and integration services provided by Innoloom Solutions (“Innoloom”).

• Content: All text, images, video, and other media published on the Site.

• Personal Data: Any information relating to an identified or identifiable natural person, as defined by the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR).

• Controller: Innoloom Solutions, responsible for determining purposes and means of processing Personal Data.

• Processor: Any third‑party (e.g. hosting provider) that processes Personal Data on behalf of Innoloom.

2. Who We Are.

InnoLoom Solutions is a single-member Swiss studio operated by Irina Char, trading under the brand “InnoLoom Solutions.” For this website and our general business operations, we act as the Data Controller under the Swiss Federal Act on Data Protection (FADP). Where we offer services to, or monitor the behavior of, individuals in the EU/EEA or the United Kingdom, we also act as a controller under the EU GDPR and UK GDPR (Art. 3(2) GDPR/UK GDPR).

Legal owner / responsible person (FADP): Irina Char, sole proprietor

Trading name: InnoLoom Solutions

Privacy contact: hello@innoloomsolutions.com

We may act as a processor only when a corporate client appoints us to handle personal data on their behalf within a project (e.g., content hosted in the client’s LMS). In such cases, roles and responsibilities are set out in the contract/data-processing agreement (DPA).

3. EU/UK Reach & Representation.

We do not have an establishment in the EU/EEA or the UK. When our activities fall within the territorial scope of the GDPR/UK GDPR (e.g., we target services to EU/UK individuals), we comply with applicable requirements.

EU/UK representative: Not appointed at this time. If our processing requires a representative under Art. 27 GDPR/UK GDPR, we will update this notice with the details.

4. Data Protection Officer (DPO).

Given the nature and scale of our processing, appointing a DPO is not required. You can reach our privacy contact at hello@innoloomsolutions.com for any data-protection queries, rights requests, or complaints.

5. What data we collect.

• Contact details (name, email, phone, company, role).

• Project information (briefs, scope, assets you provide, meeting notes).

• Commercial data (quotes, invoices, payment confirmations—payment details handled by payment processor).

• Site usage data (pages viewed, device/browser info; via privacy-friendly analytics or, if enabled, Google Analytics).

• Communication data (emails, messages, call notes).

• Recruitment data (CV/portfolio if you apply or collaborate).

We do not intentionally collect data from children under 16.

6. Why we process data (legal basis).

• To provide the site and respond to enquiries (contract / legitimate interest).

• To deliver projects and customer support (contract).

• To improve the site and services (legitimate interest; analytics are consent-based in the EU/EEA/UK).

• To send updates you opt into (consent; you may unsubscribe at any time).

• To meet legal obligations (tax, accounting, record-keeping).

7. Cookies & similar tech.

See our Cookies Policy for details and your choices.

8. Sharing & Retention.

In terms of retention, we hold analytics data for a maximum of 30 days, while the information you submit via contact forms is kept only as long as needed to fulfill your request or until you withdraw your consent. We never sell your personal data. We may share it with Porkbun (our hosting provider) or other trusted processors who meet Swiss FADP and GDPR‑level confidentiality requirements, and we will not transfer your data to countries without adequate protections without informing you first.

9. Your rights.

You retain full control over your information. Under Swiss FADP and GDPR, you have the right to access, correct, or erase any personal data we hold; to restrict or object to its processing; to request its portability; to withdraw your consent at any time; and to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or an EU supervisory authority. To exercise any of these rights, simply email our Data Protection Officer at hello@innoloomsolutions.com.

10. Security.

We use appropriate technical and organizational measures (access controls, encryption at rest/in transit where feasible, least-privilege, vendor due diligence). No method is 100% secure; please share sensitive data only via agreed secure channels.

11. B2B processing & DPA.

For client projects where we process end-user data on your behalf, we can sign a Data Processing Agreement (DPA). Roles and responsibilities are defined per project.

12. Changes.

We’ll post updates here with a new “Last updated” date.