Last Updated: March 20, 2026
This Privacy Policy describes how Susam Creative, Inc. (“susam,” “we,” “our,” or “us”) collects, uses, and protects your personal information when you visit our website at susam.co (the “Site”) or use our services.
1. Information We Collect
We collect the following types of personal information:
Information You Provide Directly
- Contact Information: Name, email address, company name, and phone number when you:
- Fill out contact or consultation request forms
- Register for workshops
- Subscribe to our email list
- Engage with us during project work
- Project Information: Details about your business, branding needs, and strategic objectives shared during consultations and client engagements
- Communication Records: Correspondence through email, video meetings, and other communication channels
Information Collected Automatically
- Analytics Data: We use Google Analytics 4 to understand how visitors use our Site. This includes page views, session duration, traffic sources, and general usage patterns. In regions that require consent, analytics cookies are only set after you grant permission through our cookie banner.
- Advertising Data: We use the Meta (Facebook) Pixel to measure the effectiveness of our advertising. This may set cookies to identify your browser for ad delivery and conversion tracking. In regions that require consent, these cookies are only set after you grant permission.
- Technical Information: IP address, browser type, device information, and pages visited on our Site
2. How We Use Your Information
We use your personal information for the following purposes:
- Service Delivery: To provide branding strategy services, workshops, and consultations
- Communication: To respond to inquiries, send project updates, and deliver workshop materials
- Marketing: To send information about our services, workshops, and educational content (only if you’ve opted in)
- Business Operations: To improve our services, analyze usage patterns, and maintain business records
- Legal Compliance: To comply with legal obligations and maintain tax and financial records
3. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal information based on:
- Contractual Necessity: To fulfill our service agreements with you
- Legitimate Interests: To operate and improve our business, communicate about our services, and maintain business records
- Consent: When you opt in to receive marketing communications
- Legal Obligations: To comply with tax, financial, and legal requirements
4. How We Share Your Information
We do not sell your personal information to third parties.
We may share your information with the following service providers who help us operate our business:
- Analytics: Google (Google Analytics 4) for website usage analysis
- Advertising: Meta (Facebook Pixel) for ad measurement and delivery
- Payment Processors: Stripe processes payments securely on our behalf
- Communication Tools: Google Meet and email systems for client communication
- Business Tools: Internal CRM and project management systems to deliver our services
These service providers are contractually obligated to protect your information and use it only for the purposes we specify.
5. Data Retention
We retain your personal information as follows:
- Client Data: For the duration of our business relationship and for 7 years thereafter for legal, tax, and business record purposes
- Lead and Prospect Data: Until you opt out, unsubscribe, or request deletion
- Email Subscribers: Until you unsubscribe or request deletion
- Legal Records: As required by applicable tax and legal obligations
6. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
All Users
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information (subject to legal retention requirements)
- Opt-Out: Unsubscribe from marketing emails at any time using the unsubscribe link in our emails
GDPR Rights (EEA Users)
- Data Portability: Receive your data in a structured, machine-readable format
- Restriction: Request limitation of processing under certain circumstances
- Objection: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent for processing at any time (where consent is the legal basis)
- Lodge a Complaint: File a complaint with your local data protection authority
CCPA Rights (California Residents)
- Know: Know what personal information we collect and how it’s used
- Delete: Request deletion of your personal information
- Opt-Out: Opt out of the sale of personal information (note: we do not sell personal information)
- Non-Discrimination: Receive equal service regardless of exercising your privacy rights
To exercise any of these rights, please contact us using the information below.
7. Data Security
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes:
- Secure servers located in the United States
- Encrypted data transmission
- Access controls and authentication measures
- Regular security assessments
However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
8. International Data Transfers
Your information may be transferred to and processed in the United States, where our servers are located. If you are located outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States.
For EEA users, we ensure appropriate safeguards are in place for such transfers in accordance with GDPR requirements.
9. Children’s Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.
10. Third-Party Links
Our Site may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on this page with a new “Last Updated” date. We encourage you to review this Privacy Policy periodically.
For material changes, we will provide additional notice through email or a prominent notice on our Site.
12. How to Contact Us
If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:
Email: privacy [at] susam [dot] co
Mailing Address: Upon request via email
Response Time: We will respond to your request within 30 days.
13. Do Not Track
Our Site does not currently respond to Do Not Track (DNT) browser signals. However, visitors in regions that require consent can control which cookies are set through our cookie preference banner.
14. Cookie Policy
We use cookies on our Site for essential functionality, analytics, and advertising. Our cookie consent system works as follows:
Consent-based regions (EEA, UK, Switzerland, Brazil, Canada, and other jurisdictions with opt-in requirements): A cookie banner appears on your first visit. No analytics or marketing cookies are set until you grant permission. You can change your preferences at any time using the floating cookie button on the site.
Other regions: Analytics and marketing cookies are set automatically as permitted by local law.
Cookie Categories
Essential cookies (always active, cannot be turned off):
| Cookie | Purpose | Expiry |
|---|---|---|
| cf_clearance | Cloudflare security verification | 30 minutes |
| pressidium_cookie_consent | Stores your cookie preferences | 180 days |
| susam_consent_vary | Ensures the correct version of the site is served based on your region | Session |
Analytics cookies (require consent in regulated regions):
| Cookie | Purpose | Expiry |
|---|---|---|
| _ga | Google Analytics 4: distinguishes unique visitors | 2 years |
| _ga_* | Google Analytics 4: maintains session state | 2 years |
Marketing cookies (require consent in regulated regions):
| Cookie | Purpose | Expiry |
|---|---|---|
| _fbp | Meta (Facebook) Pixel: identifies browsers for ad delivery | 3 months |
| _fbc | Meta (Facebook) Pixel: stores click identifier from ad clicks | 3 months |
Preference cookies (require consent in regulated regions):
We do not currently set any preference cookies, but this category is available for future use.
Managing Your Preferences
If you are in a consent-required region, you can update your cookie preferences at any time by clicking the cookie settings button displayed on every page. You can also clear cookies through your browser settings.
Susam Creative, Inc.
Turn Customer Understanding Into Revenue Growth.