Your data, your control.
framixa operates with a simple, unwavering principle: we only collect data that is essential for delivering our web design services, and we treat it with the same precision we apply to every line of code we write.
What We Collect & Why
Every piece of information we request is tied directly to a function. We operate on a minimal data footprint. For clients, this typically includes standard business contact details (name, email, company) to facilitate project communication and invoicing.
When a project enters the build phase, we may require access to existing platforms (such as WordPress, Shopify, or custom APIs) for integration purposes. This access is temporary, governed by strict project-specific credentials, and revoked upon project closure unless a separate maintenance agreement is in place.
For visitors to framixa.world, we collect anonymized, aggregate data via a privacy-focused analytics tool. This helps us understand general site traffic patterns (e.g., which portfolio pieces are most viewed) without tracking individual user journeys or creating personal profiles.
Crucially: framixa does not and will not sell, rent, or trade personal data to third-party advertisers or data brokers. Our business is design and development, not data brokerage.
Your Rights & Data Processing
Access & Portability
You have the right to request a copy of all personal data we hold about you. We will provide it in a structured, commonly used format (like CSV or PDF) within 30 days of your verified request.
Lawful Processing
We process data based on: (1) Contractual necessity for active projects, (2) Legal obligation (e.g., accounting records), and (3) Legitimate interest for security and service improvement.
"It's just an email address"
A frequent oversight in web design is treating contact forms as trivial. At framixa, every submitted form is a direct record of an individual's intent. We ensure every form has a clear privacy notice at the point of submission and stores data on EU-based servers by default.
Storage & Security Architecture
Data security is a foundational layer of our design process, not an afterthought.
Encryption at Rest & In Transit
All client data stored in our project repositories is encrypted using AES-256. Communication via our project management tools is TLS 1.3+ encrypted. We use password managers with zero-knowledge encryption for all service credentials.
Access Controls
Principle of Least Privilege: Team members only access data necessary for their specific role. Administrative access is audited. Multi-factor authentication is enforced across all systems. Client project access is revoked automatically on contract completion.
Retention & Deletion
We retain project-related data for the duration required by Czech accounting law (typically 10 years). Personal contact data for marketing (if consented) is purged after 3 years of inactivity. A full data deletion request is executed within 30 days, with confirmation provided.
Questions About Your Data?
For all privacy-related inquiries, data access requests, or to exercise your rights, please contact our Data Protection Officer.
framixaRevoluční 655/1
110 00 Praha 1
Czechia
Policy Status
This policy is reviewed annually or when significant changes in data processing occur. All previous versions are archived upon updates. Major changes will be communicated via our site's publication channel.