SUITEKK GmbH
Last Updated: April 2, 2026
1. Introduction and scope
This Privacy Policy describes the policies and procedures of SUITEKK GmbH, a company domiciled at Splügenstrasse 10, 8002 Zürich, Switzerland ("SUITEKK," "we," "us," or "our"), on the collection, use, and disclosure of personal information on our marketing and educational platform hosted on www.podia.com (the "Platform") and the services, features, content, or applications we offer through the Platform (together with the Platform, the "Services").
This privacy policy applies to all information processed by SUITEKK in connection with the provision of online training programs, educational content, and marketing materials. We receive information about you from various sources, including: (i) if you register for the Services through your user account on the Platform (your "Account"); (ii) your use of the Services generally; and (iii) from various third-party websites and services that integrate with the Platform.
Applicable laws: This privacy policy complies with:
• The Swiss Federal Act on Data Protection (FADP, as revised and effective September 1, 2023)
• The General Data Protection Regulation (GDPR), EU Regulation (EU) No. 2016/679
• All other applicable data protection laws and regulations in jurisdictions where our Services are offered
All defined terms not defined in this Privacy Policy shall have the meaning ascribed to them in our Terms of Service.
2. Definitions
"Personal data" means any information that can be used to individually identify a person, including name, email address, postal address, telephone number, billing information, IP address, device identifiers, cookies, and any other information as defined under the FADP or GDPR.
"Processing" generally covers actions that can be performed in connection with Personal Data, such as collection, use, storage, and disclosure.
"Data subject" means any individual to whom Personal Data relates.
"Controller" means the entity (SUITEKK GmbH) that determines the purposes and means of processing Personal Data.
"Processor" means an entity that processes Personal Data on behalf of the Controller.
3. What does our policy cover?
This privacy policy covers SUITEKK's processing of Personal Data gathered when you are accessing and using the Services. It also covers SUITEKK's treatment of any Personal Data that third parties share with SUITEKK or that SUITEKK shares with business partners.
Important note: This Privacy Policy does not apply to the practices of third parties, including the operators of www.podia.com and other websites, services, or applications that SUITEKK does not own or control ("Third parties"). While we work with reputable service providers, we cannot take responsibility for the content, actions, or privacy policies of Third Parties. We strongly encourage you to carefully review the privacy policies of any Third Parties you access through our Services.
For EU/EEA residents: If you are a resident of the European Union, the United Kingdom, Liechtenstein, Norway, or Iceland, you may have additional rights under the GDPR with respect to your Personal Data, as outlined below.
For Swiss residents: If you are a resident of Switzerland, you have rights under the FADP to access, correct, delete, and exercise other data subject rights as described in this policy.
4. What personal data does SUITEKK collect?
4.1 Information you provide directly
We collect Personal Data when you provide it to us, including:
• Account information: First and last name, email address, telephone number, postal address, company name, job title
• Billing information: Billing name, billing address, billing zip code and country of residence, payment information (processed securely by third-party payment processors)
• Educational profile: Information about your learning goals, course interests, and educational background
• Communication data: Any information you include in messages, inquiries, or feedback you send to us
• Survey responses: Information provided in voluntary surveys or questionnaires
4.2 Information received from third party sources
We may receive Personal Data about you from:
• Authentication services: If you use third-party services (such as LinkedIn, Google, or Facebook) to log into our Services, that third-party service will send us information from your public profile, subject to your account settings and permissions
• Social media services: If you share content from our Services through social media platforms
• Business partners: Information shared by partners who work with us to provide co-marketing or educational offerings
• Analytics and advertising partners: Information about your interactions with our Services and advertisements
4.3 Information automatically collected
We automatically collect certain Personal Data when you use our Services:
• Device information: IP address, browser type, operating system, device identifiers
• Usage data: Pages visited, time spent on pages, links clicked, content viewed, course progress, and search queries
• Cookies and tracking technologies: Information collected through cookies, web beacons, pixel tags, and similar technologies (see Section 5 below for more details)
• Transaction information: Transaction date, time, amount, payment method (last four digits only), and course purchases
• Log data: Access times, hardware and software information, system errors, and activity logs
4.4 Third-party payment processing
To collect payments for our online training programs, we use Stripe as our third-party payment processor. Payment information is collected by Stripe and not stored directly on our Platform. You should review Stripe's terms of service and privacy policy at https://stripe.com/us/legal and https://stripe.com/us/privacy.
4.5 Limited sensitive data
We do not intentionally collect sensitive personal data as defined under the FADP or GDPR, such as:
• Genetic data
• Biometric data for identification purposes
• Religious or philosophical beliefs
• Trade union membership
• Political opinions
• Health data
If you voluntarily provide such sensitive data, you provide explicit consent for us to process it for the purposes stated in your communication.
5. Cookies and tracking technologies
5.1 What are cookies?
Cookies are small files (usually consisting of letters and numbers) placed on your computer, tablet, phone, or similar device when you use that device to visit our Platform. We use cookies and similar technologies such as pixel tags, web beacons, and clear GIFs (collectively, "Cookies") to:
• Enable our servers to recognize your web browser and track your visits to our Platform
• Understand how and when you visit and use our Services
• Analyze trends and learn about our user base
• Operate and improve our Services
• Store your preferences for your next visit
• Measure the effectiveness of marketing efforts
• Track online activity across time and across different websites (for advertising purposes)
5.2 Types of cookies
Session Cookies are temporary cookies stored on your device while you are visiting our Platform. They expire when you close your browser.
Persistent Cookies are stored on your device for a period of time after you leave our Platform. The length of time varies by cookie. We use persistent cookies to:
• Remember your preferences
• Track how often you visit
• Measure the effectiveness of advertising efforts
• Keep a more accurate account of usage patterns over time
5.3 Cookie categories
We use the following types of cookies:
Essential cookies: Required for providing features or services you have requested. These are necessary for you to log into secure areas of our Platform. Disabling these cookies may make certain features unavailable.
Functionality cookies: Used to record your choices and settings, maintain your preferences over time, and recognize you when you return. These help us personalize content, greet you by name, and remember your preferences (such as language or region).
Performance/analytical cookies: Allow us to understand how visitors use our Platform and Services. These collect information about the number of visitors, which pages are viewed, and how long visitors spend on pages. We use analytics services (such as Google Analytics) to measure the performance of our advertising campaigns and improve our Services.
• Google analytics: We use Google Analytics, operated by Google, Inc. ("Google"). Google's use of information collected by Google Analytics is subject to the Google Analytics Terms of Use and Google Privacy Policy. You may opt out of Google's use of cookies at https://www.google.com/privacy_ads.html or use the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.
Retargeting/advertising cookies: Collect data about your online activity to identify your interests so we can provide relevant advertising. These may be set by us or by third-party ad networks and advertising partners.
5.4 Managing cookies
You have choices regarding cookies:
• Browser settings: Most browsers allow you to manage cookies through their preferences or options. You can set your browser to reject all cookies or to alert you when a cookie is placed. However, if you disable cookies, some features of our Platform may not function properly.
• Third-party cookie control:
• Digital advertising alliance (DAA): Learn about and control interest-based advertising at https://www.aboutads.info/choices
• Network advertising initiative (NAI): Visit https://www.networkadvertising.org/choices
• European users: Visit the European Interactive Digital Advertising Alliance at https://www.youronlinechoices.eu/
• Do not track: Some browsers include a "Do Not Track" (DNT) feature. Currently, our Platform does not respond to DNT signals, and we may continue to collect browsing and persistent identifier data.
For more information about cookies, visit https://www.allaboutcookies.org/ or https://ico.org.uk/for-the-public/online/cookies/.
6. How does SUITEKK use your personal data?
6.1 Purposes of processing
We process Personal Data for the following purposes:
Providing services:
• Creating and managing your Account
• Delivering educational content and training programs
• Processing and fulfilling course registrations and purchases
• Providing access to course materials, videos, and resources
• Tracking course progress and generating certificates
• Managing subscriptions to our educational programs
Communication:
• Sending you Service announcements, updates, and administrative notifications
• Responding to your inquiries and customer support requests
• Sending newsletters and educational content (with your consent)
• Notifying you of changes to our policies or Services
Marketing and promotions:
• Personalizing website content and marketing communications based on your preferences
• Sending promotional materials, offers, and announcements (with your consent)
• Discovering others who might be interested in our Services
• Measuring the effectiveness of marketing campaigns and advertising
Business operations:
• Identifying trends and statistical information useful to our business
• Analyzing usage patterns to improve our Services
• Conducting research and development
• Testing and optimizing our Platform and Services
Legal and compliance:
• Complying with legal or contractual obligations
• Complying with laws, regulations, and government requests
• Establishing, exercising, or defending legal claims
• Resolving disputes
• Enforcing our Terms of Service
Security and fraud prevention:
• Protecting against, detecting, and preventing fraudulent, illegal, or harmful actions
• Investigating potential violations of our Terms of Service
• Protecting the security of our Platform and users
• Preventing spam and other unwanted communications
Legitimate interests:
• Managing our business, including accounting, audits, tax preparation, and compliance
• Improving and optimizing our Services and user experience
• Protecting the rights, property, and safety of SUITEKK, our users, and the public
6.2 Legal basis for processing
Under the FADP and GDPR, we process Personal Data only when we have a lawful basis to do so:
Contractual necessity: We process Personal Data necessary to perform our contract with you, such as:
• Your name and email address
• Billing and payment information
• Course enrollment and progress data
• Communication necessary to provide the Services
Failure to provide such data will result in your inability to use the Services or certain features thereof.
Legitimate interest: We process certain Personal Data based on our legitimate interests or those of third parties, including:
• Protecting our business and users from fraud and security threats
• Improving our Services and user experience
• Direct marketing of our products and services
• Providing customer support
• Complying with legal obligations
• Completing corporate transactions
Consent: In some cases, we process Personal Data based on your explicit consent, such as:
• Receiving marketing emails and newsletters
• Allowing third-party services to access your profile data
• Processing sensitive data you voluntarily provide
We will always indicate when we are collecting Personal Data based on your consent at the point of collection.
Legal obligation: We may process Personal Data to comply with applicable laws, regulations, court orders, or government requests.
7. How and with whom does SUITEKK share your data?
7.1 Service providers and vendors
We share Personal Data with vendors, third-party service providers, and agents who work on our behalf to provide services related to the Services, including:
• Payment processors: Stripe and other payment processors to handle transactions
• Platform providers: Podia Labs, Inc. and associated cloud infrastructure providers
• Email service providers: Companies that help us send emails and newsletters
• Analytics providers: Companies that analyze how you interact with our Platform
• Hosting providers: Companies that host and maintain our Platform
• Marketing service providers: Companies that assist with marketing campaigns and analytics
• Customer support providers: Companies that help us provide customer support
• Staff augmentation: Contractors and temporary personnel
All service providers are required to maintain confidentiality and use Personal Data only as necessary to provide services to SUITEKK.
7.2 Transactions and user-authorized sharing
We share personal data when necessary to:
• Complete transactions you initiate or authorize
• Provide products or services you have requested
• Effect transactions with other users of the Services
• Share content with social media services (if you request or authorize this)
• Connect you with third-party business partners whose services you access through our Platform
7.3 Legal requirements and protection
We may share Personal Data when we believe it is necessary to:
• Comply with law: Comply with applicable law, court orders, government requests, or regulatory requirements
• Enforce agreements: Enforce our Terms of Service and other agreements
• Protect rights: Protect the rights, property, and safety of SUITEKK, our users, and the public
• Prevent harm: Prevent, detect, or investigate fraud, security issues, or other illegal activity
• Exchanging information: Exchange information with other companies and organizations for fraud protection and credit risk reduction
7.4 Business transfers
We may share your Personal Data as a business asset in the event of:
• Merger or acquisition of SUITEKK
• Sale of substantially all SUITEKK assets
• Bankruptcy or insolvency proceedings
• Other corporate reorganization
In such cases, we will provide notice to affected users and ensure that successor entities are bound by data protection obligations.
7.5 User consent
We will share your Personal Data with third parties when you give us explicit consent to do so.
7.6 Aggregate and de-identified data
We may share aggregate or de-identified data that cannot be used to identify you personally with third parties for research, marketing, analytics, and other purposes without restriction.
8. How long does SUITEKK retain your personal data?
8.1 Retention principles
We retain Personal Data for as long as necessary to:
• Provide you with the Services under your Account
• Fulfill the purposes for which the data was collected
• Comply with legal obligations, tax requirements, or regulatory mandates
• Resolve disputes or enforce agreements
• Protect our legal interests
8.2 Retention periods
Account information: Retained as long as your Account is active and for a reasonable period afterward (typically 3 years) to address potential disputes or comply with legal obligations.
Transaction and payment information: Retained for a minimum of 10 years to comply with Swiss tax and accounting requirements, or as required by applicable law.
Marketing and communication data: Retained until you unsubscribe or request deletion, but may be retained longer if necessary for legal or legitimate business purposes.
Log data and usage information: Typically retained for 12-24 months, unless longer retention is required for security, legal, or analytical purposes.
Support and correspondence: Retained for the duration of the relationship plus a reasonable period to address follow-up issues (typically 2-3 years).
8.3 Deletion upon termination
Following the termination or expiration of your Account, at your request, we will delete your Personal Data, unless further storage is:
• Required or authorized by applicable law, regulation, or court order
• Necessary to resolve pending disputes or collect fees owed
• Necessary for our legitimate business interests
• Already anonymized or aggregated
If return or deletion is impracticable or prohibited by law, we will block your Personal Data from further processing (except as necessary for legal compliance) and ensure continued protection of the remaining data.
9. What security measures does SUITEKK implement?
9.1 Technical and organizational measures
SUITEKK implements appropriate technical and organizational security measures based on the type of Personal Data and the processing activities involved, including:
Access control:
• User authentication requirements (username and password)
• Role-based access controls limiting employee access to Personal Data
• Controlled interfaces for accessing customer data
• Regular review of access permissions
Data encryption:
• HTTPS/TLS encryption (SSL) for all data in transit
• Encryption of sensitive data at rest
• Industry-standard encryption algorithms and certificates
Infrastructure security:
• Firewalls and intrusion detection systems
• Regular security audits and penetration testing
• Secure hosting infrastructure through Podia and cloud providers
• Business continuity and disaster recovery measures
Monitoring and incident response:
• Continuous monitoring for unauthorized access or suspicious activity
• Prompt response to security incidents
• Regular review of access logs and security events
Vendor management:
• Data protection agreements with all service providers
• Regular vendor security assessments
• Compliance requirements for third parties handling Personal Data
9.2 Limitations
While we implement comprehensive security measures, no system is completely secure. We cannot guarantee absolute security of your Personal Data. You are responsible for:
• Keeping your Account password confidential
• Preventing unauthorized access to your Account
• Notifying us immediately of any suspected security breach or unauthorized access
10. Children's privacy
We do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or submit any Personal Data to us.
If we learn that we have collected Personal Data from a child under 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us immediately at the address provided below.
11. Rights of data subjects
11.1 GDPR rights (EU/EEA/UK residents)
If you are a resident of the European Union, the European Economic Area, the United Kingdom, Liechtenstein, Norway, or Iceland, you have the following rights regarding your Personal Data:
Right of access: You can request access to the Personal Data we hold about you and receive a copy of your Personal Data in a structured, commonly used, and machine-readable format.
Right to rectification: You can request that we correct or supplement any Personal Data we hold about you that is inaccurate or incomplete. You may also be able to correct information directly through your Account settings.
Right to erasure ("Right to be forgotten"): You can request that we erase your Personal Data from our systems, subject to certain legal or business exceptions.
Right to data portability: You can request a copy of your Personal Data in a machine-readable format and request that we transfer your data to another controller where technically feasible.
Right to restrict processing: You can ask us to restrict the processing of your Personal Data while we verify your claims or pending resolution of a dispute.
Right to object: You can object to:
• Processing of your Personal Data for direct marketing purposes
• Processing based on legitimate interests
• Automated decision-making, including profiling
Right to withdraw consent: If we are processing your Personal Data based on your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing prior to withdrawal.
Right to lodge a complaint: You have the right to lodge a complaint with the data protection authority in your country or EU Member State regarding our processing of your Personal Data.
11.2 FADP rights (Swiss residents)
If you are a resident of Switzerland, you have the following rights under the FADP:
Right of access: You can request information about what Personal Data we hold about you and how it is processed.
Right to rectification: You can request correction of inaccurate Personal Data.
Right to deletion: You can request deletion of your Personal Data, subject to legal and contractual obligations.
Right to suppress: You can request suppression of your Personal Data from further processing.
Right to lodge a complaint: You have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) regarding our processing of your Personal Data.
11.3 Exercising your rights
To exercise any of the above rights, please contact us using the contact information provided in Section 16 below. We will respond to your request within the timeframes required by applicable law (typically 30 days for FADP requests and 30 calendar days for GDPR requests).
We may require you to provide additional information to verify your identity before processing your request. We reserve the right to refuse requests that are frivolous, vexatious, or manifestly unfounded, or that would infringe on the rights and freedoms of others.
12. International data transfers
12.1 Data transfer mechanisms
Our Platform is hosted and operated through Podia Labs, Inc., which operates primarily in the United States. This means your Personal Data may be transferred to, stored in, and processed in the United States or other countries outside of Switzerland, the European Union, or the United Kingdom.
For Swiss and EU/EEA residents: By using our Services, you acknowledge and consent to:
• The transfer of your Personal Data outside Switzerland and the EU/EEA
• Processing of your Personal Data in accordance with this Privacy Policy
• The fact that data protection laws in the United States or other countries may differ from Swiss and EU laws
12.2 Transfer safeguards
To protect your Personal Data in international transfers, SUITEKK and Podia Labs, Inc. have implemented the following safeguards:
Data privacy framework: Where applicable, we rely on the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework for transfers of Personal Data.
Standard contractual clauses (SCCs): Where the Data Privacy Framework does not apply, transfers are made pursuant to the Standard Contractual Clauses approved by the European Commission (Commission Decision 2021/914).
Data processing addendum: SUITEKK has entered into a Data Processing Addendum with Podia Labs, Inc. that includes specific provisions for international data transfers and includes commitments regarding data security and privacy protection.
12.3 Your consent
By providing Personal Data to SUITEKK and using the Services, you consent to the transfer, storage, and processing of your Personal Data in the United States and other jurisdictions in accordance with this Privacy Policy.
13. Changes to this privacy policy
SUITEKK may amend or update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:
• Posting the updated Privacy policy on our Platform
• Updating the "Last updated" date at the top of this privacy policy
• Sending you email notification of significant changes
Your continued use of the Services after such changes constitutes your acceptance of the updated privacy policy. We encourage you to review this privacy policy periodically to stay informed about how SUITEKK protects your Personal Data.
14. Contact information
If you have any questions about this Privacy Policy, our data practices, or wish to exercise your data subject rights, please contact us:
SUITEKK GmbH
Address:
Splügenstrasse 10
8002 Zürich
Switzerland
Email and data protection contact:
Response time: We will respond to inquiries and data subject requests within 30 days or as required by applicable law.
15. Swiss federal data protection and information commissioner
For complaints regarding data protection in Switzerland, you may contact:
Federal data protection and information commissioner (FDPIC)
Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter (EDÖB)
Fellerstrasse 28
3003 Bern
Switzerland
Phone: +41 (0)31 325 95 95
Email: contact@edoeb.admin.ch
Website: https://www.edoeb.admin.ch
16. EU supervisory authorities
If you have concerns regarding our processing of Personal Data under the GDPR, you may lodge a complaint with the data protection authority in your country or the EU Member State where you reside.
Effective Date: April 2, 2026