Digital Studio
Legal

Privacy policy

What personal data digitalstudio.world processes, why, where it goes and which rights you have. The short version: we keep it minimal.

1. Controller

The controller under the EU General Data Protection Regulation (GDPR) is:

VISION GURU LTD, trading as Digital Studio
71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Email: hello@digitalstudio.world

2. The short version

  • No tracking, no analytics, no advertising and no cookies at all.
  • The only data stored in your browser are two functional localStorage entries: ds-lang (your language choice) and ds-ck (that you dismissed our notice). They never leave your device. As strictly necessary storage that you yourself request, it does not require consent (§25(2) TDDDG).
  • We receive personal data only when you actively send it to us: through the project brief form or by email.

3. Hosting and server logs

This website is served by Netlify (Netlify Inc., San Francisco, USA). When you open a page, Netlify processes technical connection data - your IP address, user agent and timestamps - in server logs. This is required to deliver the site and to keep it secure (defence against attacks, error analysis). Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure, reliable delivery of the site). Transfers to the USA are safeguarded by the EU-US Data Privacy Framework and, where applicable, EU standard contractual clauses.

DNS resolution and email routing for our domain are provided by Cloudflare Inc. (USA, certified under the EU-US Data Privacy Framework).

4. Project brief form

If you send us a project brief, we collect the data you enter: name, email address, selected services, budget range, timeline and your project description. We use it solely to answer your enquiry and to prepare a quote - steps taken prior to entering into a contract. Legal basis: Art. 6(1)(b) GDPR. The submission is stored in Netlify Forms and in our mailbox, and is deleted once it is no longer needed - or earlier, on your request.

5. Email contact

If you write to hello@digitalstudio.world, we process your message and contact details to handle the conversation. Legal basis: Art. 6(1)(b) GDPR where the exchange relates to a contract or pre-contractual steps, otherwise Art. 6(1)(f) GDPR (legitimate interest in answering correspondence). Our mailbox runs on Google Gmail (Google Ireland Ltd). Outbound transactional mail is sent via Brevo (Sendinblue GmbH, Germany).

6. Payments

Payments for fixed-scope services are handled entirely by Stripe (Stripe Payments Europe Ltd, Ireland). Checkout takes place on stripe.com; we never receive your card data. Stripe's own privacy policy applies to the payment process. Legal basis: Art. 6(1)(b) GDPR.

7. No profiling

We use neither profiling nor automated decision-making within the meaning of Art. 22 GDPR.

8. Recipients

Personal data reaches only the following service providers - each under data processing agreements or comparable standard safeguards:

  • Netlify (hosting, forms)
  • Cloudflare (DNS, email routing)
  • Google (mailbox)
  • Brevo (transactional email)
  • Stripe (payments)

9. Retention

We keep personal data only as long as it is needed for the purposes above, or as long as statutory retention duties require. After that it is deleted.

10. Your rights

Under Art. 15 to 21 GDPR you have the right to:

  • access the data we hold about you (Art. 15),
  • have it rectified (Art. 16) or erased (Art. 17),
  • restrict its processing (Art. 18),
  • receive it in a portable format (Art. 20),
  • object to processing (Art. 21) - in particular, you may object at any time to any processing based on Art. 6(1)(f) GDPR.

Where processing is based on consent, you may withdraw it at any time with effect for the future (Art. 7(3) GDPR). You also have the right to lodge a complaint with a data protection supervisory authority, in particular in the member state of your habitual residence or your workplace (Art. 77 GDPR).

11. Security

The site is delivered exclusively over HTTPS/TLS, with hardened security headers and without any third-party scripts.

12. Fonts

All fonts are self-hosted. No requests are made to Google Fonts or any other external font service.

13. External links

This site links to external websites, for example Stripe checkout pages and the portfolio projects we present. The privacy policies of their operators apply there.

14. Changes to this policy

We will update this policy when the site or legal requirements change. The current version is always available at this address.