Privacy policy

Who we are

The data controller for this website is Calamansi Digital Studio Limited, registered in England & Wales (№ 16353734), at 3rd Floor, 86–90 Paul Street, London EC2A 4NE.

Calamansi Digital Studio Limited is registered with the Information Commissioner's Office as a data controller. For anything about your data, email hello@calamansi.studio.

What we collect

When you contact us through the site, we collect your name, email address, and anything you choose to include in your message. The enquiry forms are delivered to us by Resend, our email provider.

We use two analytics tools. Cloudflare Web Analytics counts visits and page views without cookies and without collecting anything that identifies you. Microsoft Clarity measures how pages are used and can record anonymised session activity such as clicks and scrolling, with text you type into forms masked. Clarity runs without cookies until you accept analytics cookies; once you do, it can also set cookies to recognise return visits.

How we use it

We use your contact details to reply to your enquiry and discuss your project. We use analytics to understand how the site is used and improve it.

We do not sell your data, and we don't send marketing emails unless you ask us to.

Legal basis

We process enquiry details to take steps at your request before entering a contract. Cloudflare Web Analytics runs on the basis of our legitimate interest in understanding site traffic, as it collects no personal data. Microsoft Clarity runs in a cookieless mode under the same legitimate interest, and sets cookies only after you consent through the cookie banner. You can withdraw that consent at any time.

Where we go on to work together, we process your data to perform our contract and to meet legal and accounting obligations.

Who we share it with

Resend (email delivery), Vercel (hosting and server logs), and Cloudflare (analytics and network) act as our processors under data processing agreements, handling data only on our instructions.

Microsoft Clarity is different. Microsoft acts as an independent data controller for the analytics data Clarity collects, which means it also uses that data for its own purposes under its own privacy terms. We only share that data with Microsoft after you accept analytics cookies.

We don't share your data with anyone else unless the law requires it.

Where your data is processed

Resend, Vercel, Cloudflare, and Microsoft are based in the United States, so some data is processed outside the UK. Where it is, the transfer is covered by an approved safeguard: the UK–US Data Bridge where the provider is certified under it, or otherwise the UK International Data Transfer Agreement or the EU Standard Contractual Clauses with the UK Addendum.

How long we keep it

We keep enquiry messages while we're in contact and for up to 12 months afterwards, then delete them. If we work together, we keep contract and invoice records for 6 years to meet legal and accounting obligations.

Analytics data is retained by Cloudflare and Microsoft according to their own periods (Clarity retains data for up to a year).

How we protect it

The site runs over an encrypted connection, access to enquiry data is limited to the studio, and we use reputable providers who maintain their own security measures. No method of sending data over the internet is completely secure, but we take reasonable steps to protect it.

When we build client websites

When we build or maintain a website for a client, we may process personal data on that client's behalf, such as data about the client's own customers. In those cases the client is the data controller and we act as their processor under a separate written agreement. This policy covers the data we collect as a controller through this website.

Your rights

You can ask to access, correct, or delete the personal data we hold about you. You can also ask us to restrict or stop processing it, object to processing, request a copy in a portable format, and withdraw any consent you've given.

To make a request, email hello@calamansi.studio. We'll respond within one month. If you're unhappy with how we handle your data, you can complain to the Information Commissioner's Office at ico.org.uk.

Changes to this policy

We may update this policy from time to time. The date at the top shows when it last changed.