Privacy Policy

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

2.1 Contact Form

When you use our contact form, we collect the following data: first name, last name, company (optional), email address, phone number (optional), project description, and your desired project budget.

Processing is based on Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in processing inquiries). Data is used exclusively to handle your request and deleted afterwards unless a contractual relationship is established.

2.2 Booking Form

When booking a maintenance package, we collect the same contact data as in the contact form, plus your chosen package. The legal basis is Art. 6(1)(b) GDPR (performance of a contract).

2.3 Server Logs

When you visit the website, technical data is automatically collected (IP address, browser, operating system, date/time, pages visited). This data is not merged with other data sources and is used solely for technical provision of the website (Art. 6(1)(f) GDPR).

3.1 Google Firebase / Firestore

Form submissions (contact requests and bookings) are stored in Google Firebase Firestore, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google processes this data as a data processor under Art. 28 GDPR. Data transfers to the USA are based on EU Standard Contractual Clauses (Art. 46(2)(c) GDPR).

Firebase Privacy Policy: firebase.google.com/support/privacy

3.2 Google Fonts

This website uses Google Fonts, a service of Google LLC. When loading the page, a connection is made to Google's servers, transmitting your IP address. The legal basis is Art. 6(1)(f) GDPR.

Google Privacy Policy: policies.google.com/privacy

3.3 Google Analytics

This website uses Google Analytics, a web analytics service of Google LLC. Google Analytics uses cookies to analyze website usage. The information generated (including your IP address) is transmitted to and stored on Google servers in the USA. We have enabled IP anonymization so your IP address is truncated within the EU/EEA prior to transmission.

The legal basis is your consent under Art. 6(1)(a) GDPR. You can revoke your consent at any time. To fully opt out of Google Analytics, use the browser plug-in: tools.google.com/dlpage/gaoptout

Google Analytics Terms: marketingplatform.google.com/about/analytics/terms
Privacy overview: support.google.com/analytics/answer/6004245

3.4 Meta Pixel (Facebook Pixel)

This website uses the Meta Pixel, an analytics tool of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The Meta Pixel allows us to track visitor behavior after clicking a Meta ad and measure the effectiveness of our advertising.

Personal data (including IP address, browser information, page views) may be transferred to Meta servers in the USA. The legal basis is your consent under Art. 6(1)(a) GDPR.

Meta Privacy Policy: facebook.com/privacy/policy
Manage ad preferences: facebook.com/ads/settings

3.5 Pinterest Tag

This website uses the Pinterest Tag, a conversion tracking tool of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. The Pinterest Tag enables us to measure conversions and build audiences for Pinterest ads.

The legal basis is your consent under Art. 6(1)(a) GDPR. You can opt out of Pinterest data collection at: help.pinterest.com/en/article/personalization-and-data
Pinterest Privacy Policy: policy.pinterest.com/en/privacy-policy

3.6 CallMeBot (Internal Notifications)

Incoming contact requests are forwarded internally via CallMeBot over WhatsApp. The sender's name and email are transmitted solely for internal processing — not for storage by third parties. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in efficient communication).

This website uses technically necessary cookies required for its operation. Cookies for Google Analytics, Meta Pixel, and the Pinterest Tag are only set after your explicit consent (Art. 6(1)(a) GDPR).

You can disable or delete cookies in your browser settings at any time. Please note that this may limit the functionality of the website.

Under the GDPR, you have the following rights:

• Art. 15 GDPRRight of access — you may request information about the data stored about you.
• Art. 16 GDPRRight to rectification — you may request correction of inaccurate data.
• Art. 17 GDPRRight to erasure — you may request deletion of your data unless retention obligations apply.
• Art. 18 GDPRRight to restriction of processing.
• Art. 20 GDPRRight to data portability.
• Art. 21 GDPRRight to object to processing based on legitimate interests.
• Art. 7(3) GDPRRight to withdraw consent at any time with future effect.

To exercise your rights, please contact: fi.studio.auralis@gmail.com

You have the right to lodge a complaint with a data protection supervisory authority. As Studio Auralis is based in Finland, the competent authority is:

You may also contact the data protection authority of your country of residence. A list of all EU supervisory authorities can be found at: edpb.europa.eu

This website is served over HTTPS. All data transfers between your browser and our servers are protected by TLS encryption. Data stored in Firebase Firestore is secured by Google Cloud's security measures.

This privacy policy is current as of June 2026. We reserve the right to update it should the legal framework or the services we use change.