Privacy Policy
1. Introduction
This Privacy Policy describes how Haris Fytoziadis (“I”, “me”, or “the Artist”) collects, uses, and shares your personal data when you visit this website (the “Site”), purchase original artwork, or commission a project.
I am committed to protecting your privacy and complying with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Greek data protection laws. By using this Site, you agree to the collection and use of information in accordance with this policy.
2. Data Controller
For the purposes of the GDPR, the Data Controller responsible for your personal data is:
Haris Fytoziadis Traditional Artist & Designer Located in: Athens, Greece Contact Email: Insert Your Email Address Here
3. Personal Data I Collect
I collect the following types of information to provide my services and operate this Site:
A. Information You Provide Voluntarily
• Communication Data: When you contact me via the contact form or email, I collect your name, email address, and the content of your message.
• Transaction Data: If you purchase original art or request a commission, I collect your billing and shipping address, phone number, and payment confirmation details to fulfill the contract.
B. Information Collected Automatically
This Site is hosted on Squarespace. Squarespace collects personal data when you visit this Site, including:
• Information about your browser, network, and device.
• Web pages you visited prior to coming to this website.
• Your IP address.
4. How and Why I Use Your Data
I process your data based on the following legal grounds (Art. 6 GDPR):
1. Contractual Necessity: To process your orders, ship artwork to you, and manage commissions.
2. Consent: When you voluntarily submit a contact form or agree to non-essential cookies.
3. Legitimate Interests: To operate the website securely, analyze website traffic to improve my portfolio presentation, and prevent fraud.
4. Legal Obligation: To comply with tax laws (e.g., keeping invoices for Greek tax authorities).
5. Third-Party Services
I do not sell your data. However, I share data with third-party service providers (“Processors”) who help me operate the Site. These providers are selected carefully and are bound by data protection agreements.
• Squarespace (Website Host & Analytics): Squarespace hosts this website and analyzes traffic. Squarespace may transfer your data to the United States. They rely on the EU-U.S. Data Privacy Framework (DPF) and Standard Contractual Clauses (SCCs) to ensure your data is protected.
• Google Fonts: This Site uses font files from Google Fonts and Adobe Fonts. To properly display this site to you, servers where the font files are stored may receive personal information about you, including: information about your browser, network, or device; and your IP address.
• Payment Processors (e.g., Stripe/PayPal): If you make a payment, your financial data is processed directly by the payment provider. I do not store your full credit card details.
6. Cookies
This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app.
• Functional and Required Cookies: Squarespace uses these to allow you to navigate and use key features on the Site.
• Analytics and Performance Cookies: I use these strictly to view traffic on the Site (e.g., visitor numbers, popular pages). These cookies serve to improve the user experience and are only activated if you consent via the cookie banner.
You can manage or disable cookies at any time through your browser settings.
7. Data Retention
I retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
• Communication: Emails are kept until the inquiry is resolved.
• Transactions: Invoices and order details are retained for the statutory period required by Greek tax law (usually 5 to 10 years).
8. Your Rights
Under the GDPR, you have the following rights regarding your personal
• Right of Access: You can request a copy of the data I hold about you.
• Right to Rectification: You can ask me to correct strictly inaccurate data.
• Right to Erasure (“Right to be Forgotten”): You can ask me to delete your data, provided there is no legal obligation for me to keep it (e.g., tax records).
• Right to Restriction: You can ask me to limit how I use your data.
• Right to Object: You can object to the processing of your data based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise these rights, please contact me at: Insert Your Email Address Here.
9. International Transfers
Your information, including Personal Data, may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Specifically, as a Squarespace user, data may be processed in the United States. I ensure that such transfers are covered by appropriate safeguards, such as the EU-U.S. Data Privacy Framework or Standard Contractual Clauses.
10. Security
I take the security of your data seriously. This Site is served via HTTPS (encrypted connection). However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure.
Legal Disclaimer: This document is a template generated based on the information provided (“Traditional Artist in Greece using Squarespace”). While it is designed to be compliant with GDPR, the author is an AI assistant, not a licensed attorney in Greece. Data protection laws are complex and subject to change. For absolute legal certainty—especially regarding the omission of a physical address (which may conflict with Greek E-Commerce identification requirements)—it is recommended to consult with a local lawyer specializing in Greek digital law.
Do you need a German version of this policy (“Datenschutzerklärung”) as well, given your background and potential clients in the DACH region?