top of page

Privacy Policy

Last updated: March 10, 2026

 

This Privacy Policy explains how LOUISBOSS INC., with its registered office at 100 Church Street, New York, NY 10007 (“Company”, “we”, “us”, or “our”) collects, uses, discloses, and protects Personal Data when you access or use our website, platform, products, or services (collectively, the “Services”).

 

We are committed to complying with applicable data protection and privacy laws in jurisdictions where we operate, including but not limited to:

  • the EU General Data Protection Regulation (“GDPR”),

  • the UK GDPR,

  • the Swiss Federal Act on Data Protection (“FADP”),

  • the California Consumer Privacy Act as amended by the CPRA (“CCPA/CPRA”),

  • and relevant APAC privacy laws (including PDPA, PIPL, LGPD, and equivalents).

 

 

1. Scope and Applicability

This Privacy Policy applies to:

  • visitors to our website;

  • registered users of our Services;

  • business partners, suppliers, and representatives;

  • individuals interacting with us in a professional or commercial context.

 

It does not apply to third-party websites or services linked from our platform.

 

The Services are intended exclusively for use by businesses and professionals acting in a commercial or professional capacity. We do not offer services directly to consumers.

 

Where Personal Data relates to individuals acting in a professional or commercial capacity on behalf of a legal entity, processing is primarily conducted in the context of business-to-business relationships and may be subject to specific exemptions or modified obligations under applicable law.

 

 

2. Definitions

  • “Personal Data” means any information relating to an identified or identifiable natural person.

  • “Processing” means any operation performed on Personal Data (e.g., collection, storage, use, disclosure).

  • “Controller” means the entity determining the purposes and means of Processing.

  • “Processor” means an entity Processing Personal Data on behalf of a Controller.

 

 

3. Data Controller

For purposes of applicable data protection laws, the Company acts as the data controller unless expressly stated otherwise.

 

For clarity, references to “LOUISBOSS INC.” include its affiliates involved in operating the Services, where applicable, and acting under the responsibility of the platform operator.

 

Contact details:
Email: privacy@louisboss.com
Postal address: 100 Church Street, New York, NY 10007

Where required by law, we appoint:

  • an EU representative,

  • a UK representative,

  • or a data protection officer (DPO).

 

Details will be provided upon request or published where legally required.

 

Depending on the context, users may act as independent data controllers in relation to Personal Data they process through the Services. In such cases, the Company does not determine the purposes or means of such processing and is not responsible for users’ independent compliance with applicable data protection laws.

 

Users remain independently responsible for compliance with applicable data protection laws with respect to Personal Data they process or disclose through the Services.

 

In limited circumstances where the Company processes Personal Data strictly on documented instructions from users and without determining the purposes or essential means of processing, it may act as a processor within the meaning of applicable data protection laws. In such cases, processing will be governed by appropriate contractual arrangements. Unless expressly agreed in writing, the Company does not act as a joint controller with users within the meaning of applicable data protection laws.

 

 

4. Categories of Personal Data We Collect

We may collect the following categories of Personal Data:

 

4.1 Information You Provide Directly

  • Identification data (name, title, company, country)

  • Contact details (email address, phone number)

  • Account credentials

  • Communications and correspondence

  • Contractual and billing information

 

4.2 Information Collected Automatically

  • IP address

  • Device identifiers

  • Browser type and operating system

  • Usage data, logs, timestamps

  • Cookies and similar technologies

 

4.3 Information from Third Parties

  • Business partners

  • Service providers

  • Publicly available sources

  • Authentication or verification providers

 

We do not knowingly collect data from children and do not target minors.

 

4.4 User-Generated and Shared Content
Information voluntarily submitted, published, or shared by users through the Services, including professional profiles, business descriptions, messages, and transactional communications.

 

The Services are not intended for the collection of purely private or consumer Personal Data.

 

The Services are not intended for the processing of special categories of Personal Data or sensitive personal information, unless expressly agreed and subject to appropriate safeguards.

 

5. Purposes of Processing

We process Personal Data for the following purposes:

  • to provide and operate the Services;

  • to create and manage user accounts;

  • to perform contracts and pre-contractual measures;

  • to communicate with users and partners;

  • to process payments and invoices;

  • to improve, maintain, and secure our Services;

  • to comply with legal and regulatory obligations;

  • to prevent fraud, misuse, and security incidents;

  • to pursue legitimate business interests, including operating, maintaining, and improving a professional platform, provided such interests are not overridden by the rights and freedoms of data subjects;

  • to send service-related or business communications, including updates relevant to the professional use of the Services, subject to applicable law and opt-out rights where required.

 

 

6. Legal Bases for Processing (GDPR / UK GDPR / Swiss FADP)

Personal Data processed through the Services primarily relates to individuals acting on behalf of legal entities in a professional capacity. Such processing is generally based on legitimate interests associated with business communications, platform operation, and contractual relationships.

 

Where required, we rely on one or more of the following legal bases:

  • Performance of a contract

  • Compliance with legal obligations

  • Legitimate interests, provided they are not overridden by fundamental rights

  • Consent, where required

  • Protection of vital interests

  • Public interest, where applicable

 

For jurisdictions requiring consent, such consent may be withdrawn at any time.

 

In a business-to-business context, processing of professional contact data is generally based on legitimate interests, subject to applicable law.

 

We maintain internal records of processing activities in accordance with applicable data protection laws.

 

 

7. Cookies and Similar Technologies

We use cookies and similar technologies for:

  • essential functionality;

  • security;

  • analytics;

  • preferences.

Where required by law, we obtain user consent before placing non-essential cookies. Users may manage cookie preferences via browser settings or consent tools.

 

 

8. Data Sharing and Disclosure

We may share Personal Data with:

  • affiliated entities;

  • service providers and processors acting on our instructions;

  • professional advisers (legal, tax, audit);

  • payment providers;

  • authorities or courts where legally required;

  • third parties in the context of mergers, acquisitions, or asset sales;

  • other users of the Services, where such sharing is initiated or enabled by the user as part of the platform’s functionality.

 

All processors are contractually bound by data protection obligations consistent with this Privacy Policy.

 

The Company does not control and is not responsible for how other users process Personal Data once disclosed through the Services. Users are solely responsible for ensuring that their receipt and use of such data complies with applicable data protection laws.

 

 

9. International Data Transfers

Personal Data may be transferred to and processed in countries outside the user’s jurisdiction.

Where required, we implement appropriate safeguards, including:

  • adequacy decisions,

  • standard contractual clauses (SCCs),

  • binding contractual obligations,

  • or equivalent lawful transfer mechanisms.

 

Transfers may include processing in jurisdictions where our service providers, technical infrastructure, or business partners are located.

 

 

10. Data Retention

We retain Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and compliance obligations.

Retention periods are reviewed regularly.

 

Retention periods vary depending on the nature of the data, the purpose of processing, and legal requirements. For example, account data is retained for the duration of the contractual relationship, while transactional and billing data may be retained longer to comply with statutory obligations.

 

Personal Data will be securely deleted or anonymised once it is no longer required for the purposes described in this Privacy Policy, unless retention is required by law.

 

 

11. Data Security

We implement appropriate technical and organisational measures to protect Personal Data against:

  • unauthorised access,

  • loss,

  • alteration,

  • disclosure,

  • or destruction.

 

However, no system can guarantee absolute security.

 

Users are responsible for maintaining the confidentiality of their account credentials and for all activities conducted through their accounts. [Company Name] is not responsible for unauthorised access resulting from user negligence or compromise of credentials.

 

 

12. Data Subject Rights

Depending on jurisdiction, individuals may have the right to:

  • access their Personal Data;

  • rectification of inaccurate data;

  • erasure (“right to be forgotten”);

  • restriction of processing;

  • data portability;

  • object to processing;

  • withdraw consent;

  • lodge a complaint with a supervisory authority.

 

Requests may be submitted via privacy@louisboss.com
We may verify identity before responding.

 

We reserve the right to refuse or charge a reasonable fee for requests that are manifestly unfounded, excessive, or repetitive, as permitted by law.

 

Certain rights may be limited or subject to proportionality considerations where Personal Data is processed in a professional or commercial context, as permitted under applicable law.

 

 

13. US-Specific Rights (CCPA / CPRA)

For California residents, additional rights may include:

  • the right to know what personal information is collected;

  • the right to delete personal information;

  • the right to opt out of sale or sharing (if applicable);

  • the right to limit use of sensitive personal information;

  • the right to non-discrimination.

 

We do not sell personal information as defined by applicable law unless expressly stated.

 

We do not sell personal information, and we do not share personal information for cross-context behavioural advertising purposes, as defined by applicable law, unless expressly stated otherwise.

 

Certain rights described in this section apply only to individuals acting in a personal or household capacity, as required by applicable law. Business contact information processed in a commercial context may be subject to different treatment under U.S. privacy laws.

 

We do not engage in targeted advertising or cross-context behavioural advertising in connection with the Services.

 

 

14. APAC-Specific Compliance

We comply with applicable APAC privacy frameworks, including requirements related to:

  • lawful collection and use;

  • transparency;

  • purpose limitation;

  • data minimisation;

  • cross-border transfer restrictions;

  • data subject rights.

 

Additional disclosures may apply depending on user location.

 

Where required by applicable APAC laws, additional notices, consents, or localised policies may be provided prior to or at the time of data collection.

 

 

15. Automated Decision-Making

We do not engage in automated decision-making, profiling, or analytics that produce legal or similarly significant effects on individuals, unless expressly disclosed and permitted by law.

 

 

16. Third-Party Services

Our Services may include links or integrations with third-party services. We are not responsible for their privacy practices and encourage users to review their policies independently.

 

 

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be effective upon publication with a revised “Last updated” date.

Material changes will be communicated where legally required.

 

 

18. Data Breach Notification
In the event of a Personal Data breach, we will assess the risk and, where required by applicable law, notify relevant supervisory authorities and affected individuals without undue delay.

 

Where relevant, we will cooperate with users and competent authorities to assess and mitigate the effects of a Personal Data breach.

 

 

19. Governing Law

This Privacy Policy shall be interpreted in accordance with applicable data protection laws and, where relevant, the governing law specified in the Terms of Service.

 

 

20. Contact

For questions, requests, or concerns regarding this Privacy Policy or our data practices, contact:

 

LOUISBOSS INC.
Email: privacy@louisboss.com
Address: 100 Church Street, New York, NY 10007

bottom of page