Effective Date: December 29, 2025 | Version 2.0
Alsoma Studio ("Company," "we," "our," or "us") operates the digital infrastructure and website located at alsoma.studio (the "Platform"). We are committed to protecting the privacy and security of your personal data. This Privacy Policy outlines the types of information we collect, how we use it, the measures we take to safeguard it, and the rights you have regarding your personal data. We operate under the jurisdiction of India while adhering to international best practices regarding data privacy, including principles aligned with the General Data Protection Regulation (GDPR) for our European visitors. By accessing or using our Platform, you acknowledge that you have read this Policy and consent to the data practices described herein.
To ensure transparency, we define key terms used in this policy: "Personal Data" means any information relating to an identified or identifiable individual (e.g., name, email address). "Usage Data" means data collected automatically, either generated by the use of the Platform or from the Platform infrastructure itself (e.g., page visit duration). "Infrastructure Provider" means a third-party entity used by the Company to facilitate the Platform's operation (e.g., hosting, email delivery).
We adhere to the principle of Data Minimization. We only collect data that is strictly necessary for the operation of our business and the security of our infrastructure. Information You Provide (Voluntary): We collect Personal Data only when you voluntarily submit it through our direct communication channels (e.g., Contact Forms, Email Inquiries, or Project Briefs). This includes Identity Information (first name, last name), Contact Information (business email address, phone number), and Professional Information (company name, job title, and project requirements). Operational System Logs (Automated): When you access the Platform, our hosting infrastructure and firewalls automatically generate standard server logs. This data is collected solely for the purpose of network security, fault tolerance, and load balancing. This includes Technical Identifiers (Internet Protocol/IP address), Device Telemetry (browser type, browser version, operating system, and device type), and Traffic Data (time of visit, pages visited, and referring URL). Clarification on IP Addresses: We do not use IP addresses to identify specific individuals for marketing purposes. IP logs are retained strictly to identify and block malicious traffic (e.g., DDoS attacks, SQL injection attempts) and are routinely purged in accordance with our retention policy.
We process your data based on the following legal grounds: (1) Contractual Necessity—to evaluate your project inquiry, provide fee proposals, and execute professional services agreements. (2) Legitimate Interest (Security)—to maintain the integrity of our digital infrastructure, detect security incidents, and protect against fraudulent or illegal activity. (3) Legal Obligation—to comply with applicable tax, accounting, and legal requirements in India.
We operate a "Stealth" infrastructure stack. We do not sell, rent, or monetize your Personal Data. We only share data with trusted third parties in the following strictly limited scenarios: Infrastructure Partners—we utilize enterprise-grade third-party vendors for hosting, email delivery, and database management. These vendors process data solely on our behalf and are contractually bound by confidentiality agreements and data protection standards. Legal Requirements—we may disclose your data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). Business Transfer—in the event of a merger, acquisition, or asset sale, User data may be transferred as a business asset, subject to the promises made in this pre-existing Privacy Policy.
Alsoma Studio is headquartered in India. If you are accessing the Platform from the European Economic Area (EEA), the United States, or other regions with laws governing data collection, please note that your Personal Data will be transferred to—and processed in—India and other jurisdictions where our Infrastructure Partners operate. By using the Platform, you consent to this transfer, ensuring appropriate safeguards are in place to protect your data.
We accord all users the following rights regarding their Personal Data, regardless of citizenship: Right to Access—you may request a copy of the Personal Data we hold about you. Right to Rectification—you may request that we correct any information you believe is inaccurate or complete information you believe is incomplete. Right to Erasure ("Right to be Forgotten")—you may request that we delete your Personal Data, provided that we are not required to retain it for legal or tax purposes (e.g., keeping records of past invoices). Right to Restriction—you may request that we restrict the processing of your data under certain conditions. To exercise any of these rights, please contact us at privacy@alsoma.studio. We will respond to verified requests within 30 days.
We employ a "Defense in Depth" security strategy to protect your data: Encryption—all data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security) protocols. Access Control—access to Personal Data is strictly restricted to authorized personnel who need the information to perform a specific job (e.g., billing or client service). Vendor Diligence—we vet all Infrastructure Partners to ensure they adhere to high security standards (SOC2 or ISO 27001 compliance). However, no method of transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
We retain Personal Data only for as long as necessary to fulfill the purposes outlined in this Policy: Inquiry Data—retained for 24 months for business continuity, unless a longer period is required for a commercial engagement. System Logs—retained for a limited period (typically 30-90 days) for security auditing, after which they are automatically overwritten or deleted.
Our Platform may contain links to external sites (e.g., partner portfolios, technical documentation). We are not responsible for the privacy practices or content of such third-party sites. We encourage you to read the privacy statements of any external site you visit.
We reserve the right to update or modify this Policy at any time to reflect changes in our practices or legal obligations. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top.
If you have questions about this Privacy Policy or wish to exercise your data privacy rights, please contact our Data Protection Officer at privacy@alsoma.studio