Infini StudioInfiniStudio
Home
Website DevelopmentModern sites built from scratchCustom Web ApplicationsPortals, tools and internal systemsWebsite RedesignA clean rebuild for outdated sitesSupport & MaintenanceOngoing care long after launch
Get in touch
Legal

Privacy Policy

Last updated: June 2026

I run a small, one-person studio and I collect as little data as possible. I do not use analytics services, advertising, social media widgets or any third-party tracking, and I never sell or share your data. Everything described below is hosted within the European Union.

1. Who is responsible for your data

InfiniStudio ("I", "me", or "the Studio") operates the website infini-studio.com and is the controller of the personal data processed through it.

InfiniStudio - Ulica sv. Leopolda Mandića 18, 10000 Zagreb

For any privacy-related question or request, contact me at marijan@infini-studio.com.

2. What data I collect and why

Contact form

When you use the contact form I process your name, your email address, your message, and optionally your company name. I use this solely to read and reply to your enquiry and, where relevant, to take the first steps toward working together. The legal basis is Article 6(1)(b) GDPR (steps taken at your request prior to a possible contract) and my legitimate interest in responding to enquiries under Article 6(1)(f). Providing this information is voluntary, but without a name, email and message I cannot reply to you.

Server log files and hosting statistics

When you visit the site, my hosting server automatically records standard technical information in log files: your IP address, the date and time of the request, the pages requested, the referring page, and your browser and operating system. My hosting control panel (cPanel) produces aggregated visitor statistics from these logs. I use this only to keep the site secure and reliable, to detect and prevent abuse, and to diagnose technical problems. The legal basis is my legitimate interest in the security and stability of the website under Article 6(1)(f) GDPR. These logs are first-party only, are not combined with your contact form data, and are not used to profile you.

3. Cookies

This website does not use cookies for analytics, advertising, profiling or tracking. Because no non-essential cookies are set, no cookie consent banner is required. If a strictly necessary cookie is ever used to keep the contact form secure during submission (for example, to prevent cross-site request forgery), it is essential to deliver the service you requested and is exempt from consent under the ePrivacy rules.

4. Who has access to your data

  • Hosting provider: the website, backend and email are hosted by Totohost on servers located in Germany. They act as my data processor and may handle the data only on my behalf and strictly to provide hosting.
  • Email: the message generated by the contact form is delivered to a mailbox hosted on the same server. No external email provider (such as Google or Microsoft) is involved.
  • Fonts and assets: all fonts, scripts and images are served directly from my own server. Nothing is loaded from third-party CDNs, so no data is shared with font or script providers.

I do not share your personal data with any other third parties, and no data is transferred outside the European Economic Area (EEA).

5. How long I keep your data

  • Contact enquiries: I keep your message and contact details for as long as needed for our communication and any resulting working relationship, after which they are deleted. If no working relationship develops, I delete the enquiry once it is clearly no longer relevant.
  • Server logs and statistics: retained only for a short period and then automatically rotated and overwritten by the hosting system.

6. Your rights

Under the GDPR you have the right to:

  • access the personal data I hold about you;
  • have inaccurate data corrected;
  • have your data erased;
  • restrict or object to processing;
  • receive your data in a portable format;
  • withdraw consent at any time, where processing is based on consent.

To exercise any of these rights, email marijan@infini-studio.com. You also have the right to lodge a complaint with the Croatian supervisory authority: Agencija za zaštitu osobnih podataka (AZOP), Selska cesta 136, 10000 Zagreb, azop.hr.

7. Data security

The website is served over an encrypted HTTPS connection, and I apply reasonable technical and organisational measures to protect your data. However, no transmission over the internet can be guaranteed to be completely secure.

8. Children

The site and services are intended for businesses and are not directed at children under the age of 16.

9. Changes to this policy

I may update this policy if the website or my practices change. The current version is always published on this page, with the "last updated" date shown at the top.

© InfiniStudio
Privacy Policy Contact