Privacy Policy
Last updated: 20.11.2025
Studio Rufio (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or contact us directly.
This policy complies with the Swiss Federal Act on Data Protection (FADP) and is aligned with the EU General Data Protection Regulation (GDPR) where applicable.
1. Data Controller
Studio Rufio
Email: hello@robgarrett.me
We are responsible for determining the purposes and means of processing your personal data.
2. Personal Data We Collect
We may collect the following categories of personal data:
2.1 Data You Provide to Us
Contact information (name, email address, phone number)
Project enquiries (details about your business or the services you’re seeking)
Files or documents you choose to upload
Messages sent via forms or direct email
2.2 Automatically Collected Data
When you visit our website, we may automatically collect:
IP address
Browser type and version
Device information
Website usage data (pages visited, time spent, interactions)
Cookies (see Section 7)
We do not use tracking technologies beyond what is necessary for security, analytics, or proper site functioning.
3. How We Use Your Data
We process your personal data for the following purposes:
To respond to enquiries and communications
To provide consulting and creative services
To prepare proposals, quotes, and agreements
To manage and improve our website
To maintain security and prevent misuse
To comply with legal obligations
We only process your data where we have a lawful basis to do so (consent, contract necessity, legitimate interest, or legal requirement).
4. Sharing Your Data
We do not sell your personal data.
We may share data with:
Service providers (hosting, email services, analytics)
Third-party tools used to support business operations
Legal authorities if required by law
All third parties are selected carefully and process data in compliance with Swiss and EU standards.
5. International Transfers
If data is transferred or stored outside Switzerland or the EU, we ensure adequate protection through:
Adequacy decisions, or
Standard contractual clauses (SCCs), or
Equivalent safeguards required under the FADP/GDPR.
6. Data Retention
We retain personal data only as long as necessary to fulfil the purposes described above, or as required by law. Enquiry data is typically retained for 12–24 months, unless a project relationship is established.
7. Cookies & Analytics
We may use essential cookies for site functionality and optional cookies for anonymised analytics.
You can control or disable cookies in your browser settings at any time.
If using third-party analytics (e.g., Google Analytics), users will be informed via the cookie banner.
8. Your Rights
Under Swiss FADP (and GDPR when applicable), you have the following rights:
Right to access your personal data
Right to correction of inaccurate data
Right to deletion (“right to be forgotten”)
Right to restrict processing
Right to data portability
Right to withdraw consent at any time
Right to object to certain processing activities
To exercise any of these rights, contact us at: hello@robgarrett.me
9. Data Security
We use reasonable technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction.
No method of transmission over the internet is fully secure, but we take privacy and security seriously.
10. Third-Party Links
Our website may contain links to external sites. We are not responsible for the privacy practices or content of those third-party websites.
11. Updates to This Policy
We may update this Privacy Policy from time to time. The latest version is always available on this page, with the “Last Updated” date revised accordingly.
12. Contact
For questions about this Privacy Policy or your data rights, please contact:
hello@robgarrett.me