TWO KEYS STUDIO
EL Book session

Legal

Privacy Policy

Two Keys Studio Privacy Policy covering collection, use and protection of personal data.

Last updated: [Date]

This Privacy Policy explains how the personal data of visitors to the 2k.studio website is collected, used and protected.

1. Data Controller

The data controller for personal data is:

Marios Nakis Distinctive Title: Two Keys Studio VAT: 130330666 — KEFODE ATTIKIS GEMI: 193992509000 Address: Anonymous 2 0, Pounta, Poros 18020 Email: hello@2keys.studio Phone: 6972177929

2. Data We Collect

Depending on how you use the website, we may collect:

2.1 Data You Provide

When you contact us through a form, email or another available channel, we may collect:

  • full name,
  • business name,
  • email,
  • phone number,
  • website or social media links,
  • message content,
  • information about the project or service you are interested in,
  • files or material you choose to send us.

2.2 Technical Data

When you visit the website, technical data may be collected, such as:

  • IP address,
  • browser and device type,
  • operating system,
  • date and time of visit,
  • pages visited,
  • referrer URL,
  • technical security logs,
  • cookie consent choices.

2.3 Analytics Data

If you have given the relevant consent, statistical analytics data may be collected, such as:

  • pages visited,
  • visit duration,
  • traffic source,
  • basic interactions,
  • device and browser,
  • general geographic area.

Analytics are used to improve the website and not to directly identify you.

3. Purposes of Processing

We use personal data to:

  • respond to questions or collaboration requests,
  • prepare an offer or related communication,
  • provide requested services,
  • improve the website experience,
  • analyze website operation and performance,
  • protect the website from spam, abuse and malicious activity,
  • comply with legal, accounting or tax obligations.

4. Legal Bases for Processing

Personal data is processed, depending on the case, based on:

  • your consent,
  • the need to take pre-contractual steps at your request,
  • performance of a contract or collaboration,
  • our legitimate interest in the security, operation and improvement of the website,
  • a legal obligation.

5. Cookies and Similar Technologies

The website may use cookies or similar storage technologies, such as local storage.

Strictly necessary cookies are used for the basic operation of the website and for storing consent choices.

Optional cookies, such as analytics or marketing cookies, are activated only after your relevant choice through the cookie banner.

More information is provided in the Cookie Policy.

6. Contact Forms

When you send a message through a contact form, we use your details only to manage and respond to your request.

Do not send sensitive personal data or confidential information about third parties unless it is necessary for the communication.

7. Third-Party Providers

For the operation of the website and the provision of services, third-party providers may be used, such as:

  • hosting providers,
  • email providers,
  • analytics providers,
  • security tools,
  • cloud storage providers,
  • scheduling tools,
  • advertising platforms, only if activated,
  • technical partners, only where required.

These providers may process data only to the extent required for the purpose of their service.

The final list of active tools and cookies will be updated after a technical review of the website.

8. International Transfers

Some third-party providers may process data outside the European Economic Area.

Where applicable, transfers are carried out with appropriate protection mechanisms, such as adequacy decisions or data protection contractual clauses.

9. Retention Period

We keep personal data only for as long as necessary.

Indicatively:

  • contact requests: up to 24 months from the last meaningful communication,
  • offer and collaboration details: for as long as required to manage the collaboration and our legal obligations,
  • accounting and tax records: for as long as required by applicable law,
  • technical security logs: for a reasonable period depending on the purpose,
  • analytics data: according to the settings of the relevant tool,
  • cookie choices: for as long as the relevant cookie or storage key is retained.

10. Security

We take reasonable technical and organizational measures to protect data, such as:

  • HTTPS / SSL,
  • access restriction,
  • strong passwords,
  • 2FA where available,
  • software updates,
  • secure storage tools,
  • basic monitoring and backups where applicable.

No method of data transmission or storage can guarantee absolute security.

11. Your Rights

Under applicable law, you may have the right to:

  • access your data,
  • correct inaccurate data,
  • delete data,
  • restrict processing,
  • object,
  • data portability,
  • withdraw consent,
  • submit a complaint to the competent supervisory authority.

To exercise your rights, contact:

hello@2keys.studio

We may need to confirm your identity before responding.

12. Competent Supervisory Authority

For Greece, the competent supervisory authority is:

Hellenic Data Protection Authority

[Add link to the Authority's official website]

13. Links to Third-Party Websites

The website may include links to third-party websites or platforms.

We are not responsible for the content, security or privacy policies of third-party websites.

14. Changes to This Policy

This Policy may be updated when services, tools or legal requirements change.

The latest version is published on the website with an updated date.