Privacy Policy

Effective date: 28 January 2026

This Privacy Policy explains how Napta Studio (“we”, “us”, “our”) collects, uses, stores, and protects your personal data when you engage with our services, visit our website, or communicate with us. We are committed to protecting your privacy and handling your data transparently and responsibly in accordance with UK GDPR and applicable data protection laws.

1. Who We Are

Napta Studio is a creative studio providing web design, UX/UI design, branding, and related digital services.

For data protection purposes, Napta Studio is the Data Controller of your personal data.

Contact details:
Email: contact@naptastudio.com

2. Personal Data We Collect

We may collect and process the following types of personal data:

  • Identity data: name, business name, job title

  • Contact data: email address, phone number

  • Business information: project briefs, brand assets, content you provide

  • Technical data: IP address, browser type, device information (via website analytics)

  • Communication data: emails, messages, feedback, and meeting notes

  • Billing data: invoices, payment status (we do not store full payment card details)

We only collect data that is necessary for providing our services.

3. How We Collect Your Data

Your data may be collected when you:

  • Enquire about or book our services

  • Sign a proposal or agreement

  • Communicate with us via email, forms, or calls

  • Use our website

  • Make a payment

4. How We Use Your Data

We use your personal data to:

  • Deliver and manage our services

  • Communicate with you about your project

  • Issue invoices and process payments

  • Improve our services and website

  • Comply with legal and regulatory obligations

We do not sell or rent your personal data to third parties.

5. Lawful Basis for Processing

Under UK GDPR, we process your data based on one or more of the following lawful grounds:

  • Performance of a contract

  • Legitimate business interests

  • Legal obligations

  • Consent (where required)

6. Data Sharing and Third Parties

We may share your data with trusted third parties only where necessary, such as:

  • Website platforms (e.g. Wix, WordPress)

  • Hosting providers

  • Payment processors

  • Analytics providers

These third parties are required to process your data securely and only for the agreed purpose.

7. Data Storage and Security

We store your data securely using appropriate technical and organisational measures, including password protection and access controls.

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy or to meet legal requirements.

8. International Data Transfers

Some third-party services we use may store data outside the UK or EU. Where this occurs, we ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent protections.

9. Your Data Protection Rights

You have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion of your data

  • Object to or restrict processing

  • Request data portability

  • Withdraw consent at any time (where applicable)

To exercise your rights, contact us using the details above.

10. Cookies and Analytics

Our website may use cookies and analytics tools to understand usage and improve performance. You can control cookies through your browser settings. A separate Cookie Policy may apply.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website and will apply from the effective date stated above.

12. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
www.ico.org.uk

13. Acceptance

By using our services or providing your personal data, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

Scroll to Top