Privacy policy
Privacy Policy (Groteska Studio)
Last updated: January 27, 2026
This Privacy Policy explains how we collect, use, and protect personal data when you visit groteska.studio.
Data Controller
Groteska Studio
Address: RADE ŽUNIĆA 109, 16000, Leskovac, Serbia
Email: hi@groteska.studio
We may update this Policy from time to time. The newest version will always be available on this page.
What data we collect
1) Data you provide to us
If you contact us (via form or email), we may collect:
- Name
- Email address
- Message content
- Any information you choose to include
2) Data collected automatically
When you browse the site, we may collect:
- IP address (often in shortened or pseudonymized form depending on provider settings)
- Device and browser information
- Pages viewed, approximate location (city/region level), referral source
- Timestamps and basic usage events (for performance and analytics)
How we use your data
We use personal data to:
- Respond to inquiries and communicate with you
- Operate and secure the website
- Understand site usage and improve content and performance
- Prevent abuse, fraud, and technical issues
We do not sell your personal data.
Legal bases (GDPR)
Depending on the situation, we process data based on:
- Legitimate interests (running, securing, and improving the website)
- Consent (where required, e.g., non-essential cookies or marketing)
- Contract steps (when you contact us about services and we respond)
Cookies
We may use cookies or similar technologies for:
- Essential functionality (site stability)
- Analytics (understanding traffic and improving UX)
Where required by law, we show a cookie banner and collect your consent for non-essential cookies. See our Cookie Policy: [LINK OR REMOVE IF YOU DON’T HAVE ONE].
Sharing data with third parties
We use trusted service providers to run the site. These providers may process limited data on our behalf, such as:
- Website hosting and infrastructure
- Analytics
- Email/contact form delivery
We share only what is necessary to provide these services.
International transfers
Some providers may process data outside your country (including outside the EEA). When that happens, we rely on appropriate safeguards (such as Standard Contractual Clauses) where applicable.
Data retention
- Contact messages: kept as long as needed to handle the request and for reasonable business records
- Analytics data: kept for a limited period depending on the analytics provider settings
We delete or anonymize data when it’s no longer needed.
Security
We apply reasonable technical and organizational measures to protect data from loss, misuse, and unauthorized access. No method of transmission or storage is 100% secure, but we aim to use reputable vendors and secure configurations.
Your rights
Depending on your location, you may have rights to:
- Access your personal data
- Correct inaccurate data
- Request deletion
- Restrict or object to processing
- Withdraw consent (where processing is based on consent)
- Lodge a complaint with a data protection authority
To exercise rights, contact us at hi@groteska.studio.
Right to data portability
Where applicable, you may request a copy of the personal data you provided to us in a structured, commonly used, machine-readable format and, where technically feasible, request that we transfer it to another provider.
Right to withdraw consent
Where we rely on your consent to process personal data (for example, non-essential cookies), you can withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before you withdrew consent.
Right to lodge a complaint
If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority. If you are in Serbia, you may contact the Commissioner for Information of Public Importance and Personal Data Protection.
How to exercise your rights
To ask questions or exercise your rights, contact us at: hi@groteska.studio.