top of page
  • LinkedIn

Privacy Policy

Last Updated: June 10th, 2025
 

Introduction

This Privacy Policy explains how [Company Name] ("we," "us," or "our") collects, uses, and protects your personal information when you visit our website at [website URL]. We are committed to protecting your privacy and being transparent about our data practices.

Company Information:

Information We Collect

Information You Provide Directly

Contact Forms and Demo Requests:

  • Name and email address

  • Company name and job title (if applicable)

  • Phone number (optional)

  • Message content and specific inquiries

  • Preferred contact method and timing

Newsletter Subscription:

  • Email address

  • Communication preferences

  • Subscription date and source

Survey and Feedback:

  • Responses to website surveys

  • Feedback about our content or services

  • User experience feedback
     

Information Collected Automatically

Website Usage Data:

  • Pages visited and time spent on each page

  • Click patterns and navigation behavior

  • Referral sources (how you found our website)

  • Search terms used to find our content

  • Download activity (whitepapers, resources)

Technical Information:

  • IP address (anonymized for EU visitors)

  • Browser type and version

  • Operating system and device type

  • Screen resolution and browser settings

  • Time zone and language preferences

  • Session duration and return visits

Cookies and Tracking Technologies:

  • See our separate Cookie Policy for detailed information

  • Analytics cookies for website performance

  • Marketing cookies for campaign tracking (with consent)

  • Preference cookies for personalization
     

How We Use Your Information

Primary Purposes

Customer Service and Communication:

  • Respond to your inquiries and demo requests

  • Provide information about our mental health app

  • Schedule product demonstrations or consultations

  • Send requested resources and materials

Marketing and Business Development:

  • Send newsletters and product updates (with consent)

  • Inform you about new features or services

  • Invite you to webinars, events, or beta programs

  • Measure and improve our marketing effectiveness

Website Improvement:

  • Analyze website performance and user experience

  • Identify popular content and optimize navigation

  • Fix technical issues and improve loading speeds

  • Develop new content based on user interests

Legal and Business Operations:

  • Comply with legal obligations and requests

  • Protect our rights and prevent fraud

  • Conduct business analysis and planning

  • Maintain records for business purposes
     

Legal Basis for Processing (EU/German Users)

We process your data based on:

  • Consent: For marketing emails and optional cookies

  • Legitimate Interest: For website analytics and business communications

  • Contract Performance: When you request demos or services

  • Legal Obligation: For compliance with applicable laws
     

Information Sharing and Disclosure

Third-Party Service Providers

We may share your information with trusted service providers who help us operate our website:

Website and Analytics:

  • Google Analytics: Website traffic analysis (with IP anonymization)

  • Hotjar or similar: User experience and heatmap analysis

  • CDN providers: Content delivery and website performance

Marketing and Sales:

  • Email platforms (e.g., Mailchimp, HubSpot): Newsletter and campaign management

  • CRM systems (e.g., Salesforce, HubSpot): Lead management and customer relationships

  • Social media platforms: Campaign tracking and advertising (with consent)

Technical Services:

  • Cloud hosting providers: Website hosting and data storage

  • Security services: Fraud prevention and website protection

  • Chat providers: Customer support functionality
     

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.
 

Legal Requirements

We may disclose your information when required by law, court order, or to protect our rights and safety.
 

No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
 

Data Security

We implement appropriate technical and organizational measures to protect your information:

Technical Safeguards:

  • Encryption of data in transit and at rest

  • Secure hosting with reputable cloud providers

  • Regular security assessments and updates

  • Access controls and authentication requirements

Organizational Measures:

  • Privacy training for our team members

  • Data minimization and purpose limitation

  • Regular review of data practices and policies

  • Incident response procedures
     

International Data Transfers

As a Delaware-incorporated company, your information may be transferred to and processed in the United States. For EU and German visitors:

Transfer Safeguards:

  • We use Standard Contractual Clauses approved by the European Commission

  • Our service providers commit to adequate data protection standards

  • We implement additional security measures for international transfers

  • We comply with GDPR requirements for cross-border data processing
     

Data Retention

We retain your information for different periods based on the type of data and purpose:

Contact Information:

  • Active inquiries: Until resolved plus 3 years for business records

  • Newsletter subscribers: Until you unsubscribe plus 1 year

  • Demo requests: 5 years for business development purposes

Website Analytics:

  • Usage data: Up to 26 months for Google Analytics

  • Technical logs: 12 months for security and performance monitoring

Marketing Data:

  • Campaign data: 3 years for marketing effectiveness analysis

  • Lead information: 7 years for business development and compliance
     

Your Privacy Rights

All Users

  • Access: Request information about what data we have about you

  • Correction: Update inaccurate or incomplete information

  • Deletion: Request removal of your data (subject to legal requirements)

  • Opt-out: Unsubscribe from marketing communications

  • Data portability: Receive your data in a machine-readable format
     

Additional Rights for EU/German Users (GDPR)

  • Restrict processing: Limit how we use your data in certain circumstances

  • Object to processing: Opt out of processing based on legitimate interests

  • Withdraw consent: Remove consent for optional processing activities

  • Lodge complaints: Contact your local data protection authority
     

Exercising Your Rights

To exercise these rights:

  • Email: victoria@ciao-stella.com

  • Response time: Within 30 days for most requests

  • Verification: We may need to verify your identity for security
     

Children's Privacy

Our website is not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
 

Third-Party Websites

Our website may contain links to third-party websites. This Privacy Policy does not apply to those sites. We encourage you to review their privacy policies before providing any information.
 

Marketing Communications

Email Marketing

  • We only send marketing emails to those who have consented

  • Every email includes an easy unsubscribe option

  • We respect your communication preferences

  • We track email opens and clicks to improve our content
     

Opting Out

You can opt out of marketing communications by:

  • Clicking "unsubscribe" in any marketing email

  • Emailing us at victoria@ciao-stella.com

  • Updating your preferences in our system

  • Contacting us through our website contact form
     

Changes to This Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in our data practices

  • New features or services

  • Legal or regulatory requirements

  • Feedback from users or authorities

Notification Methods:

  • Prominent notice on our website

  • Email to newsletter subscribers (for material changes)

  • Updated "Last Modified" date at the top of this policy

Continued Use: Your continued use of our website after changes indicates acceptance of the updated policy.
 

Legal Framework

This Privacy Policy is designed to comply with:

  • EU General Data Protection Regulation (GDPR)

  • German Federal Data Protection Act (BDSG)

  • California Consumer Privacy Act (CCPA) [if applicable]

  • Delaware General Corporation Law

  • Federal Trade Commission Act and other US privacy laws
     

Definitions

Personal Information: Any information that identifies or can be used to identify you as an individual.

Processing: Any operation performed on personal data, including collection, storage, use, and deletion.

Third Party: Any individual or organization other than you or us.
 

Questions or Concerns?
If you have any questions about this Privacy Policy or our data practices, please don't hesitate to contact us at victoria@ciao-stella.com. We're committed to addressing your concerns promptly and transparently.

bottom of page