Privacy Policy

Last updated: 14 december 2025

1. Who I am

Iā€™m Fabian, operating as Studio Fabi.
My website address is: https://studiofabi.com

.
For any questions about privacy or data protection, you can reach me at fabian@studiofabi.com.
Studio Fabi is registered with the KvK under number 97244740.

2. What personal data I collect and why

Comments

When you leave a comment, I collect the data shown in the comment form, your IP address, and your browser user-agent. This helps with spam detection.

An anonymized hash of your email address may be provided to Gravatar to check whether you use their service. Their privacy policy is here: https://automattic.com/privacy/

.

After your comment is approved, your profile image (if any) becomes publicly visible.

Media

If you upload images to the website, avoid uploading files with embedded location data (EXIF GPS). Visitors may download and extract that information.

Contact forms

If you contact me via a form or email, I collect the data you submit so I can respond to your message. I keep this information only as long as necessary to handle your request.

Analytics

I use analytics tools to understand how visitors use the website. These tools collect anonymized or pseudonymized data, such as page views, browser type, and device type.

Hosting logs

My hosting provider, Oracle Cloud, automatically collects technical logs (IP address, browser information, timestamp). This is required to maintain security and troubleshoot issues.

Embedded content

Pages on my site may include embedded content (e.g. YouTube videos, Instagram posts, Vimeo, etc.). These services may collect their own data about you, set cookies, or track interactions.

Cookies

I use essential cookies to make the website work properly. Additional cookies may be used for analytics or embedded content.

  • Comment cookies: optional; stored for convenience for one year.

  • Login cookies: used when you log into the website (if applicable).

  • Editing cookies: set when editing or publishing content; expires after one day.

For non-essential cookies, consent is requested where required.

3. Legal basis for processing

I process personal data under the following legal bases:

  • Consent ā€” for things like comment cookies or analytics (when consent applies).

  • Contractual necessity ā€” when responding to your inquiries.

  • Legitimate interest ā€” for security, hosting logs, spam prevention, and essential functioning of the website.

  • Legal obligation ā€” when required to keep certain administrative records.

4. Who I share your data with

I only share personal data with third parties when necessary:

  • Spam detection services (e.g. Akismet).

  • Hosting provider (server logs, technical processing).

  • Analytics provider (anonymous usage statistics).

  • Gravatar, if you comment and have a linked account.

I never sell your data.

5. How long I keep your data

  • Comments: kept indefinitely to recognize and approve future comments.

  • User accounts (if any): kept as long as the account exists.

  • Contact form messages: kept only as long as needed to respond.

  • Hosting logs: typically retained for a short period for security (e.g., 30ā€“90 days).

6. Your rights

Under GDPR, you have the right to:

  • Access your personal data

  • Request correction

  • Request deletion

  • Request an export of your data

  • Withdraw consent at any time

  • Object to certain types of processing

  • File a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

To exercise these rights, email me at fabian@studiofabi.com.

7. International data transfers

If any of the services I use process data outside the EU (e.g. some analytics tools or CDN providers), I ensure they comply with GDPR through Standard Contractual Clauses or equivalent safeguards.

8. How I protect your data

I use HTTPS encryption, secure hosting, strong passwords, and limited administrator access to protect your data. I keep my CMS, plugins, and server environment up to date.

9. Where your data is sent

Visitor comments may be checked through an automated spam detection service.
Hosting logs are processed on servers managed by Oracle Cloud and TransIP.