Privacy Policy
Last updated: April 26, 2026
1. Who we are
This Privacy Policy applies to inniot.com and is issued jointly by:
- Innovati Inc — a Texas corporation headquartered in Magnolia, Texas (Houston metropolitan area), United States. Acts as data controller for global and US operations.
- INNIOT S.A. de C.V. — a Mexican company affiliate, responsible for Latin American operations. Acts as data controller for Mexican and LATAM data subjects.
Both entities operate as one organization globally and act as joint controllers for personal data collected through this website.
2. What information we collect
2.1 Information you provide
When you submit our contact form, we collect: name, email address, company (optional), and the message content you choose to share. We use this only to respond to your inquiry and to determine if there is a fit for a business relationship.
2.2 Cookies and similar technologies
Only one cookie is set on every visit (cf_country, set by Cloudflare for geographic routing). Additional session cookies are set only when you submit our contact form, by our form processor. Full inventory in our Cookie Policy.
2.3 Server and analytics data
Standard web server logs (IP address, browser type, referring page, timestamp, URL accessed) are kept for security purposes. We use Cloudflare Web Analytics, a cookieless and privacy-first tool that aggregates page views, country, device type, and Core Web Vitals — without identifying individuals.
2.4 What we do NOT use
We deliberately do not use Google Analytics, Meta/Facebook Pixel, LinkedIn Insight Tag, advertising retargeting cookies, customer data brokers, or third-party identity-resolution services.
3. How we use your information
- Respond to your contact requests and inquiries
- Send transactional emails directly related to your inquiry
- Provide, secure, and improve the website
- Detect, prevent, and respond to fraud or security incidents
- Comply with legal obligations
4. Legal bases for processing
For visitors in the European Union, United Kingdom, México, or other jurisdictions with comprehensive privacy laws, we rely on:
- Consent — when you voluntarily submit our contact form
- Legitimate interest — to operate, secure, and improve our website
- Legal obligation — when retention is required by law
5. Who we share information with
We share personal data only with the following service providers, each bound by data-processing agreements:
| Provider | Purpose | Location |
|---|---|---|
| Cloudflare, Inc. | Hosting, CDN, security, cookieless analytics | USA |
| Resend | Transactional email delivery (lead notifications) | USA |
| formsubmit.co | Contact form processing | USA |
| Microsoft 365 | Business email infrastructure | USA |
We do not sell personal data. We do not share data with advertisers or data brokers.
6. International data transfers
Our service providers are based primarily in the United States. For visitors located in the European Economic Area, the United Kingdom, or México, transfers are governed by Standard Contractual Clauses (SCCs) or equivalent mechanisms, with appropriate safeguards.
7. How long we keep your data
- Contact form submissions: up to 24 months from last interaction, unless an active commercial relationship continues
- Server logs: 30 days
- Aggregated cookieless analytics: retained indefinitely (no personal data)
8. Your rights
Depending on your jurisdiction, you have the following rights regarding your personal data:
- GDPR (EU/UK): access, rectification, erasure, restriction, portability, objection, withdrawal of consent
- LFPDPPP (México) — ARCO rights: access, rectification, cancellation, opposition
- CCPA / CPRA (California): right to know, delete, correct; right to opt-out of sale (we do not sell)
- TDPSA (Texas): access, deletion, correction, opt-out of targeted advertising
To exercise any of these rights, contact us using the details below. We will respond within 30 days.
9. Children's privacy
This website is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect personal data from children. If you believe a child has provided data, contact us so we can remove it.
10. Security
We protect your data with HTTPS using modern TLS (1.2 minimum), HSTS preload, strict Content Security Policy, and Cloudflare's DDoS protection, web application firewall, and bot mitigation. Despite these measures, no system is impenetrable; we will notify affected users and authorities if a breach materially affects personal data, in accordance with applicable law.
11. Changes to this policy
We will update this page when our practices change. The "Last updated" date above reflects the most recent revision. Material changes will be highlighted at the top of this page for at least 30 days.
12. Contact us
Magnolia, Texas (Houston metropolitan area), USA
Email: [email protected]
For privacy-related requests, please include "Privacy Request" in the subject line and the right you wish to exercise (access, deletion, etc.).