Bolt Studio

Privacy Policy

Last Updated: December 26, 2025

BOLT STUDIO Ε.Ε. | ΑΦΜ: 803008632

1. Introduction

Welcome to Bolt Studio ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website boltstudio.gr.

BOLT STUDIO Ε.Ε. is a Greek limited partnership (Ε.Ε.) registered with ΑΦΜ: 803008632, based in Larisa, Greece. We specialize in web design, development, branding, and digital marketing services.

For any questions or concerns regarding your privacy, please contact us at info@boltstudio.gr.

2. Data We Collect

We collect minimal personal data, only what is necessary to provide our services and improve your experience:

Contact Form Data

  • Name (required for addressing you)
  • Email address (required for responding to inquiries)
  • Service interest (optional, helps us understand your needs)
  • Message content (your inquiry or feedback)
  • Purpose: To respond to your inquiries and provide requested information
  • Legal basis: Your consent and our legitimate interest in customer communication

Analytics Data (Only if Consented)

  • Page views and navigation patterns
  • Device type and browser information
  • Approximate geographic location (country/city level)
  • Referral source (how you found our website)
  • Purpose: To understand website usage and improve user experience
  • Legal basis: Your explicit consent via cookie banner

Technical Data (Necessary for Functionality)

  • IP address (server logs, temporary)
  • Browser type and version
  • Operating system
  • Purpose: Website security, performance optimization, error debugging
  • Legal basis: Legitimate interest in maintaining secure and functional services

3. How We Use Your Data

We use your personal data only for the following purposes:

• Communication: Responding to your contact form submissions

• Website Improvement: Analyzing usage patterns to enhance user experience (only with consent)

• Security: Protecting against malicious activity and technical issues

• Legal Compliance: Meeting our obligations under Greek and EU law

We do NOT:

• Sell or rent your personal data to third parties

• Use your data for unsolicited marketing

• Share your data with advertisers

• Make automated decisions that significantly affect you

4. Data Storage & Retention

Contact Form Submissions

  • Storage: Messages sent via our contact form are processed through Resend (email service) and forwarded to our Gmail inbox (boltstudiomain@gmail.com)
  • Location: Google servers (GDPR compliant, adequate safeguards in place)
  • Retention: We retain email correspondence for up to 2 years after last contact, or until you request deletion

Analytics Data

  • Service: Vercel Analytics (privacy-friendly, no personal identifiers)
  • Retention: As per Vercel's privacy policy (aggregated, anonymized data)
  • Control: You can opt-out via our Cookie Settings

Cookie Consent Preferences

  • Storage: Your browser's localStorage (client-side only)
  • Retention: 365 days or until you clear browser data
  • Note: This data never leaves your device and is not transmitted to our servers

5. Cookies We Use

We use cookies to enhance your experience. You have full control over cookie preferences via our Cookie Settings banner.

CategoryPurposeDurationCan Disable
Necessary CookiesEssential website functionality, security, contact form operation, performance monitoring (Vercel Speed Insights)Session / PersistentNo
Analytics CookiesUnderstanding visitor behavior, page views, traffic sources (Vercel Analytics)Persistent (up to 365 days)Yes
Marketing CookiesNot currently in use. Reserved for future advertising or remarketing campaignsN/AYes

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR) and Greek Law 4624/2019, you have the following rights:

• Right to Access: Request a copy of your personal data we hold

• Right to Rectification: Correct inaccurate or incomplete data

• Right to Erasure: Request deletion of your data ("right to be forgotten")

• Right to Restrict Processing: Limit how we use your data

• Right to Data Portability: Receive your data in a structured, machine-readable format

• Right to Object: Object to processing based on legitimate interests

• Right to Withdraw Consent: Withdraw cookie consent at any time via Cookie Settings

To exercise any of these rights, email us at info@boltstudio.gr. We will respond within 30 days.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• SSL/TLS Encryption: All data transmitted to/from our website is encrypted (HTTPS)

• Secure Form Submission: Contact forms use secure transmission protocols

• Access Controls: Limited access to personal data, restricted to authorized personnel only

• Regular Updates: We keep our systems and dependencies up-to-date with security patches

• Third-Party Security: We only work with GDPR-compliant service providers

While we strive to protect your data, no internet transmission is 100% secure. We cannot guarantee absolute security.

8. Third-Party Services

We use the following third-party services, all of which are GDPR compliant:

Vercel (Website Hosting & Analytics)

  • Service: Hosting infrastructure and privacy-friendly analytics
  • Data Location: Global CDN, with data processing in EU where applicable
  • Privacy Policy: https://vercel.com/legal/privacy-policy
  • GDPR Compliance: Yes, with Data Processing Agreement in place

Resend (Email Delivery)

  • Service: Transactional email delivery for contact form submissions
  • Data Processed: Name, email, message content
  • Privacy Policy: https://resend.com/legal/privacy-policy
  • GDPR Compliance: Yes, with adequate safeguards

Google (Email Storage)

  • Service: Gmail inbox for receiving contact form messages
  • Data Location: Google servers (GDPR compliant)
  • Privacy Policy: https://policies.google.com/privacy
  • GDPR Compliance: Yes, Google is certified under EU-US Data Privacy Framework

9. International Data Transfers

Your data may be transferred to and processed on servers outside Greece and the European Economic Area (EEA). All such transfers comply with GDPR requirements:

• Adequacy Decisions: We only transfer data to countries with EU adequacy decisions, or

• Standard Contractual Clauses: We use EU-approved Standard Contractual Clauses (SCCs) with third-party processors

• Certification Schemes: We work with providers certified under recognized data protection frameworks

All third-party services we use have appropriate safeguards in place to protect your data.

10. Children's Privacy

Our website and services are not directed at children under 16 years of age. We do not knowingly collect personal data from children.

If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at info@boltstudio.gr, and we will promptly delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. Significant changes will be communicated through:

• Notice on our website homepage

• Email notification (if we have your contact information)

• Updated "Last Updated" date at the top of this policy

Continued use of our website after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

12. Contact & Data Protection Officer

For any questions, concerns, or requests regarding your personal data and this Privacy Policy, please contact:

BOLT STUDIO Ε.Ε.

Email: info@boltstudio.gr

ΑΦΜ: 803008632

Location: Larisa, Greece

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA):

Hellenic Data Protection Authority

Address: Kifisias 1-3, 115 23 Athens, Greece

Phone: +30 210 6475 600

Email: contact@dpa.gr

Website: https://www.dpa.gr