PRIVACY
Privacy Policy
Last updated: · Applicable law: EU GDPR (2016/679)
This policy describes how Mainm0e Studio processes personal data in accordance with the EU General Data Protection Regulation (GDPR, Regulation 2016/679) and the ePrivacy Directive.
1. Data Controller
Mainm0e Studio
Business ID: 3608613-3
Country: Finland
Ruununmaankatu 9 B 10, 48200 Kotka, Finland
Email: contact@mainm0e.studio
Phone: +358 41 318 9619
2. Data We Process
Server Logs
IP address, browser and device type, request URL, HTTP status code, referrer URL, and timestamp. Netlify collects these automatically to deliver the site.
Contact Form
Name, email address, and free-text message submitted through our contact form. Submitted via Netlify Forms and stored for the purpose of responding to the inquiry.
3. Purposes & Legal Bases
Legal basis under GDPR Art. 6 is noted in parentheses.
| Purpose | Legal Basis |
|---|---|
| Website delivery and technical maintenance | Legitimate interest (Art. 6(1)(f)) |
| Security, fraud prevention, and troubleshooting | Legitimate interest (Art. 6(1)(f)) |
| Responding to contact form inquiries | Consent (Art. 6(1)(a)) / Contract performance (Art. 6(1)(b)) |
4. Retention Periods
| Data Category | Retention Period |
|---|---|
| Server logs (Netlify) | 30 days (Netlify policy) |
| Contact form submissions | Up to 12 months after matter is resolved |
| Cookie consent preferences | 12 months (or until withdrawn) |
5. Recipients & Transfers
We do not sell or rent personal data to third parties. We use the following sub-processors as technical service providers:
| Provider | Purpose | Location |
|---|---|---|
| Netlify, Inc. | Hosting, forms, CDN | USA (SCCs / DPF) |
| GitHub, Inc. | Source code hosting | USA (SCCs / DPF) |
Where we use providers outside the EEA, transfers are made under EU Standard Contractual Clauses (SCCs, Implementing Decision 2021/914) or another equivalent safeguard mechanism.
6. Your Rights
Under Chapter III of the GDPR you have the following rights. Requests are answered within 30 days.
Right of access
Art. 15Request a copy of personal data we hold about you.
Right to rectification
Art. 16Request correction of inaccurate data.
Right to erasure ("right to be forgotten")
Art. 17Request deletion of your data under certain conditions.
Right to restriction of processing
Art. 18Request restriction of processing under certain conditions.
Right to data portability
Art. 20Receive data in a machine-readable format (consent- or contract-based processing).
Right to object
Art. 21Object to processing based on legitimate interest.
Right to withdraw consent
Art. 7(3)Withdraw consent at any time without affecting prior processing.
Right to lodge a complaint
Art. 77Lodge a complaint with the supervisory authority.
How to exercise your rights
Send a request by email: contact@mainm0e.studio . We will respond within 30 days. We may ask you to verify your identity.
You may also lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi/en).
8. Security
We apply appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. The site is delivered over HTTPS and hosted by Netlify, Inc., whose infrastructure is ISO 27001 certified.
If you suspect a data breach, contact us at: contact@mainm0e.studio . We treat such reports as urgent.
9. Automated Decision-Making
We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects on data subjects (GDPR Art. 22).
10. Changes to This Policy
We may update this policy periodically (e.g., due to legal changes or new services). Material changes will be notified prominently on the site or by email if we hold your contact details. The effective date is always shown at the top of this page.