inncode.studio
// legal

Privacy Policy

Last updated: June 2026

1. Data controller

The data controller for the personal data collected through inncode.studio (trading as inncode studio) is Giovanni Innamorato, sole proprietor, VAT number (P.IVA) 08164840723, Codice Fiscale NNMGNN86S01C352Q, based in Bari, Italy. For any privacy-related request, contact hello@inncode.studio.

2. What data we collect

We collect the data you provide through the contact form and brief form (name, company, email, phone, project details), payment information processed by Stripe (we never store full card details), and basic analytics data via Google Analytics 4 (page views, device type, approximate location).

3. Legal basis and purpose

We process your data to respond to your inquiry, deliver the purchased service, issue invoices, and — where you've consented — to send occasional updates. Analytics data is processed on the basis of legitimate interest in understanding site usage, or consent where required.

4. Third-party processors

We share data with the following processors strictly to deliver our service: Stripe (payments), Resend (transactional email), Google Analytics (site analytics), Vercel (hosting), and Calendly (call scheduling). Each processor has its own privacy policy.

5. Data retention

We retain project-related data for as long as needed to deliver the service and comply with accounting/tax obligations, and contact form submissions for up to 24 months unless you ask us to delete them sooner.

6. Your rights

Under GDPR, you have the right to access, correct, delete, or export your personal data, and to object to or restrict its processing. To exercise these rights, email hello@inncode.studio.

7. Cookies

We use essential cookies for site functionality (theme and language preference) and analytics cookies (Google Analytics 4) to understand site usage. You can manage cookie preferences in your browser settings.

8. Data security

We use industry-standard measures (HTTPS, secure third-party processors, access controls) to protect your data against unauthorized access, loss or misuse.

9. International transfers

Some of our processors (e.g. Vercel, Stripe, Google) may process data outside the EU/EEA under appropriate safeguards such as Standard Contractual Clauses.

10. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top of this page reflects the most recent revision.