Privacy Policy

Last updated April 7th, 2026

This Privacy Policy applies to the website available at https://www.achromatic.studio and all associated subdomains operated by Achromatic Sp. z o.o. ("Achromatic", "we", "us", "our"), based in Poznań, Poland.

This Policy explains how we collect, use, store, and protect personal data when you visit our website or engage our services. It should be read alongside our Cookie Policy, available at https://www.achromatic.studio/cookie-policy.

As a company established in Poland (European Union), Achromatic is subject to the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Polish Act on Personal Data Protection (UODO) of 10 May 2018.

Data controller

Achromatic Sp. z o.o.
Garbary 56/12, 61-758 Poznań, Poland
Website: https://www.achromatic.studio
Email: hello@achromatic.studio
Business ID: 5993109548

For all data protection enquiries, please contact us at the email address above.

Personal data we collect

Data you provide directly

When you submit a contact form, request a project quote, book a consultation, or communicate with us by email, we may collect:

  • Full name
  • Email address
  • Company name
  • Project description, budget indication, and timeline
  • Any other information you choose to share in your message

Data collected automatically

When you visit our website, certain technical and behavioural data is collected automatically via cookies and similar tracking technologies. For full details, please refer to our Cookie Policy. Automatically collected data may include:

  • IP address and approximate geographic location (country/city level)
  • Browser type, version, and operating system
  • Pages visited, time on page, and navigation paths
  • Referral source (how you arrived at our website)
  • Device type and screen resolution
  • Interactions such as clicks, scrolls, and session recordings (Microsoft Clarity)

Data from client engagements

If you become a client or enter into a service agreement with Achromatic, we may additionally process:

  • Billing information and invoicing data
  • Contract and project documentation
  • Communication records including email threads and project management notes

Legal basis for processing

All processing of personal data by Achromatic is grounded in one of the following lawful bases under GDPR:

Legal basis
Article
When applied
Consent
Art. 6(1)(a)
Analytics & functional cookies; marketing communications (if any)
Performance of a contract
Art. 6(1)(b)
Processing necessary to deliver agreed services to clients
Legal obligation
Art. 6(1)(c)
Tax and invoicing records required under Polish law
Legitimate interests
Art. 6(1)(f)
Strictly necessary cookies; website security; fraud prevention

Cookies & tracking technologies

Our website uses cookies and similar tracking technologies to enable core functionality and to improve your experience. Cookie usage is governed by our dedicated Cookie Policy, available at https://www.achromatic.studio/cookie-policy.

In summary, we use the following categories of cookies:

  • Essentials — necessary for the site to function; always on
  • Analytics — measures usage and improves your experience
  • Marketing — used to targeted advetising
  • Personalization — remembers your preferences and provides enhanced features

Cookie consent is managed via Finsweet Consent Pro, a consent management platform native to Webflow. You may withdraw or update your consent preferences at any time via the Cookie Preferences link in our website footer.

Data sharing & disclosure

Achromatic does not sell, rent, or trade your personal data to third parties. Data may be shared only in the following limited circumstances:

  • With technology and hosting providers necessary to operate our website (Webflow, Cloudflare, Google, Microsoft) — solely to the extent required
  • With freelance collaborators or contractors engaged on a specific client project, under confidentiality obligations
  • With legal, regulatory, or law enforcement authorities where required by applicable law or to protect the rights and safety of Achromatic or others
  • In the event of a business transfer, merger, or acquisition, subject to equivalent data protection obligations

Internal data transfers

Achromatic is based in Poland (European Union). Some of our third-party service providers are headquartered outside the EEA, primarily in the United States. Where your data is transferred internationally, Achromatic relies on the following safeguards:

  • Standard Contractual Clauses (SCCs) approved by the European Commission (Art. 46(2)(c) GDPR)
  • Adequacy decisions issued by the European Commission where applicable

The primary providers involved in international transfers include Google LLC, Microsoft Corporation, Cloudflare Inc., and Webflow Inc. — each maintaining SCCs or equivalent safeguards for EEA data subjects.

Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, and no longer than required by applicable law. The specific retention period depends on the nature of the data and the purpose of processing.

In general:

  • Contact enquiries where no engagement follows are retained for a limited period after initial contact
  • Client project data and communications are retained for the period required under Polish tax law following project completion
  • Invoicing and financial records are retained as required under Polish accounting law
  • Cookie and analytics data is retained as specified in our Cookie Policy
  • Session recording data (Microsoft Clarity) is retained for a short period per Microsoft Clarity default settings

Aggregated and anonymised analytics data may be retained for longer periods for trend analysis, provided it cannot be used to identify individual users.

Data security

Achromatic implements appropriate technical and organisational security measures, including:

  • Website hosted on Webflow's infrastructure with TLS/SSL encryption in transit
  • Cloudflare CDN providing DDoS protection and web application firewall services
  • Access to client data restricted to authorised team members on a need-to-know basis
  • Secure communication channels for client file and credential exchange

Despite these measures, no transmission over the internet is completely secure. You acknowledge and accept this inherent risk when submitting data online.

Your rights under GPDR

As a data subject you have the following rights regarding your personal data:

Right
Decription
Right of Access
Request a copy of the personal data we hold about you (Art. 15 GDPR).
Right to Rectification
Request correction of inaccurate or incomplete personal data (Art. 16 GDPR).
Right to Erasure
Request deletion of your personal data where there is no compelling reason for continued processing (Art. 17 GDPR).
Right to Restriction
Request restriction of processing in certain circumstances (Art. 18 GDPR).
Right to Data Portability
Receive your data in a structured, machine-readable format and have it transmitted to another controller (Art. 20 GDPR).
Right to Object
Object to processing based on legitimate interests or for direct marketing (Art. 21 GDPR).
Right Not to Be Subject to Automated Decision-Making
Object to processing of your data for automated decisions, including profiling, that produce legal or similarly significant effects (Art. 22 GDPR).
Right to Withdraw Consent
Withdraw consent for cookie-based processing at any time without affecting prior lawful processing (Art. 7(3) GDPR).
Right to Lodge a Complaint
File a complaint with the Polish supervisory authority (UODO) or any EEA supervisory authority of your choice.

To exercise any of the above rights, please contact us at hello@achromatic.studio. We will respond to all verified requests within 30 days of receipt. Where a request is complex, we may extend this by a further two months and will notify you accordingly.

Changes to Privacy Policy

Achromatic reserves the right to amend this Privacy Policy at any time to reflect changes in law, data processing activities, or our services. When material changes are made, we will update the 'Last Updated' date above and, where required, provide notification or re-trigger the consent mechanism.

Related documents

This Privacy Policy forms part of Achromatic's data protection framework. Please also refer to our Cookie Policy for detailed information about cookies and tracking technologies used on this website:

Cookie policy: https://www.achromatic.studio/cookie-policy
Let’s talk about
your project
By submitting, you agree to be contacted about your request. Learn more in our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Contact
hello@achromatic.studio
Contact
+48 665 925 005
Socials
LinkedInAwwwardsDribbbleBehanceClutch