Privacy Policy

Last updated: June 2025

1. Who We Are

Digiart Lab is operated as an Enskild Firma based in Södertälje, Sweden. We are committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR).

Data Controller: Vittoria Condorelli, Västra Kanalgatan 23, Södertälje — info@digiartlab.net

2. What Data We Collect & Why

Newsletter Subscriptions. When you subscribe to our newsletter, we collect your email address solely to send you art inspiration, course updates, exhibition news, and exclusive launches. You can unsubscribe at any time via the link in every email or through our dedicated unsubscribe page.
Course Bookings. When you book a course package, we collect your full name, email address, phone number (optional), selected course, and preferred schedule. We use this data to confirm your booking, send your course details (including Zoom links), and communicate any schedule changes.
Commission Briefs. When you submit a commission enquiry, we collect your name, email, social handle (optional), and the description of your project.

3. Payment Processing

All payments are processed securely through Stripe, a PCI-DSS Level 1 certified payment provider. Your credit card number, CVC, and expiry date are entered directly on Stripe's encrypted payment form and are never stored on or accessible to our servers. We only receive a confirmation token and the last four digits of your card for reference purposes. Stripe's privacy policy can be found at stripe.com/privacy.

4. Cookies & Analytics

We use essential session cookies required for the website to function (login authentication, form submissions). With your explicit consent via our cookie banner, we may activate Google Analytics and Meta Pixel to understand how visitors interact with our site. You can change your cookie preferences at any time by clearing your browser data for this site. No personal data is shared with third parties for advertising purposes.

5. Data Retention

  • Booking records: retained for the course duration plus 12 months (accounting compliance).
  • Newsletter subscriptions: active until you unsubscribe.
  • Commission briefs: retained for 12 months after project completion.

6. Your GDPR Rights

Under the GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — correct any inaccurate or incomplete data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Restriction — limit how we process your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interest
  • Withdraw consent — at any time for newsletter and cookie consent

To exercise any of these rights, email us at info@digiartlab.net. We will respond within 30 days.

7. Third-Party Services

We use the following trusted third-party providers who may process your data:

  • Stripe — payment processing (card data never stored on our servers)
  • Zoho Mail — email delivery for transactional notifications and newsletters
  • Google Analytics / Meta Pixel — anonymised site analytics (only with your consent)

8. Contact

For any privacy-related questions or to exercise your rights:
📧 info@digiartlab.net
📍 Västra Kanalgatan 23, Södertälje, Sweden