← Back to Home

Privacy Policy

Last updated: 15 December 2025

This Privacy Policy explains how INNOPO LIMITED ("Innopo", "we", "us", or "our") collects, uses, stores, and protects personal data when you access or use Innopo OS (the "Platform").

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Innopo OS is operated by:

INNOPO LIMITED

Company number: 16428407

Registered in England and Wales

Contact email: info@innopo.studio

INNOPO LIMITED provides Innopo OS as a business-to-business platform designed to help organisations document, manage, and evolve their internal systems and platforms.

2. Scope of This Policy

This Privacy Policy applies to:

  • users of the Innopo OS platform,
  • authorised representatives of partner organisations, and
  • visitors to any Innopo OS web interface that links to this Policy.

This Policy does not apply to third-party websites or services that may be linked from the Platform.

3. Personal Data We Collect

We collect only the personal data necessary to operate and improve the Platform.

3.1 Information You Provide

  • Name
  • Email address
  • Organisation name
  • Role and permissions within the Platform
  • Account-related preferences
  • Communications sent to us (for example, support or account enquiries)

3.2 Information Collected Automatically

When you access or use the Platform, we may collect:

  • IP address
  • Device and browser information
  • Log data (such as access times and actions taken)
  • Authentication and session metadata

3.3 Platform Usage Data

We may collect structured data relating to:

  • systems, projects, or platforms you interact with,
  • activity logs (such as version updates or publications),
  • organisational assignments and permissions.

While much of this data is operational rather than personal, it may be associated with an individual user account.

4. How We Use Personal Data

We use personal data to:

  • provide, operate, and maintain the Platform,
  • authenticate users and manage access rights,
  • administer organisations and workspaces,
  • communicate with users regarding updates, changes, or support matters,
  • monitor usage for security and operational purposes, and
  • comply with legal and regulatory obligations.

We do not sell personal data.

5. Lawful Basis for Processing

Under UK GDPR, we process personal data on the following lawful bases:

  • Contractual necessity – where processing is required to provide access to the Platform,
  • Legitimate interests – to operate, secure, and improve the Platform,
  • Legal obligation – where processing is required by law,
  • Consent – where explicitly obtained (for example, optional communications).

6. Data Sharing & Third Parties

We may share personal data with carefully selected third-party service providers where necessary to operate the Platform, including:

  • cloud hosting and infrastructure providers,
  • authentication and database services (such as Supabase),
  • monitoring and operational tooling used to ensure platform reliability.

All third-party providers are required to process personal data in accordance with UK GDPR and appropriate contractual safeguards.

We do not share personal data for advertising or marketing purposes.

7. International Data Transfers

Some service providers may process personal data outside the United Kingdom.

Where this occurs, we ensure appropriate safeguards are in place, including:

  • UK adequacy regulations, or
  • standard contractual clauses or equivalent protections.

8. Data Retention

We retain personal data only for as long as necessary to:

  • provide access to the Platform,
  • meet contractual or operational requirements, and
  • comply with legal or regulatory obligations.

When personal data is no longer required, it is securely deleted or anonymised.

9. Security Measures

INNOPO LIMITED implements appropriate technical and organisational measures to protect personal data, including:

  • role-based access controls,
  • secure authentication mechanisms,
  • encryption in transit and at rest where appropriate.

While we take security seriously, no system can be guaranteed to be completely secure.

10. Your Rights Under UK GDPR

You have the right to:

  • access your personal data,
  • request correction of inaccurate or incomplete data,
  • request erasure of personal data (where applicable),
  • restrict or object to certain processing activities,
  • request data portability, and
  • withdraw consent where processing is based on consent.

Requests may be made by contacting info@innopo.studio

11. Cookies & Similar Technologies

Innopo OS uses only essential cookies and similar technologies required for:

  • authentication and session management,
  • platform security.

We do not use advertising or behavioural tracking cookies.

12. Third-Party Links

The Platform may include links to third-party websites or services. We are not responsible for the privacy practices of those third parties, and you should review their policies separately.

13. Children's Data

Innopo OS is not intended for use by individuals under the age of 18. We do not knowingly collect personal data relating to children.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be made available through the Platform or associated Innopo OS interfaces.

Continued use of the Platform after changes take effect constitutes acceptance of the updated Privacy Policy.

15. Contact & Complaints

If you have any questions about this Privacy Policy or how personal data is handled, please contact:

Email: info@innopo.studio

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO): https://www.ico.org.uk

← Back to Home