PRIVACY NOTICE and COOKIE POLICY
VERSION 01. LAST MODIFIED 26 MAY 2026.
Table of Contents
1. Definitions
2. What data we collect; purpose and processing grounds
3. Required Processing
4. How and when we collect your personal data
5. Marketing Communications
6. Purposes of Processing
7. Disclosures of your Personal Data
8. International Transfers
9. Data Security
10. Data Retention
11. Your Legal Rights
12. Age of consent
13. Sensitive Data, Criminal Conviction Data and Automated Processing
14. DNT signals
15. Third Party Links
16. Complaints
17. Privacy Policy Modification
18. What are Cookies?
19. Types of Cookies
20. First and Third Party Cookies
21. Cookie Banner
This privacy notice provides you with details of how we collect and process your personal data through your use of our site www.studiowallander.com and through other interaction with Studio Wallander.
Sara Wallander-Ross trading as Studio Wallander is the data controller and is responsible for your personal data.
Contact: Sara Wallander-Ross trading as Studio Wallander.
Email address: contact[at[studiowallander.com
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at contact[at]studiowallander.com
1. Definitions
1.1 For the purposes of this Privacy Notice and Cookie Policy, the following terms shall have the following meanings:
1.1.1 ‘SW’, ‘we’, ‘us’, ‘our’ shall refer to Sara Wallander-Ross trading as Studio Wallander.
1.1.2 ‘The Site’ shall refer to www.studiowallander.com.
1.1.3 ‘Services’ shall refer to the services rendered by Studio Wallander to the individual user.
1.1.4 ‘Client’, ‘User’, ‘You’ and ‘Yours’ refer to the individual user/client.
1.1.5 ‘Cookie’ means a text file placed on your computer or device by our Site when you visit/use certain parts/features of our Site.
1.1.6 ‘Personal data’ means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to us via our Site or other communication.
1.2 This Privacy Notice applies to our use of all personal data that we collect via our Site or from our Clients and/or prospective Clients.
1.3 Cookies are needed to run this Site. Please see section 18 onwards regarding cookies.
1.4 By providing us with your data, you warrant that you are over 18 years of age. SW does not solicit data from children.
1.5 This Privacy Notice was written in English. If a translated (non-English) version of this Privacy Notice conflicts in any way with its English version, the provisions of the English version shall prevail.
2. What data we collect; purpose and processing grounds
2.1 Personal data means any information capable of identifying an individual. It does not include anonymised data.
2.2 We may process the following categories of personal data about you:
a) Communication Data
This includes any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
b) Customer Data
This includes data relating to any purchases of services, such as your name, title, project/property address, email address, phone number, contact details, purchase details, bank details, client/prospective-client service records, including questionnaires, brief/budget and consultation notes. We process this data to supply the services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
c) User Data
This includes data about how you use our website and any online services together with any data that you post for publication with online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back-ups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.
d) Technical Data
This includes data about your use of our website and online services (if applicable) such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. If collected, the source of this data is from WIX analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business, and to grow our business and to decide our marketing strategy.
e) Marketing Data
This includes data about your preferences in receiving marketing and newsletters from us, your communication preferences, as well as testimonials and reviews provided by you. We process this data to enable you to receive our newsletter and relevant news, to deliver relevant website content and advertisements/offers to you, and measure or understand the effectiveness of this advertising, and to market our services. Our lawful ground for this processing is consent for the newsletter/news sign-up and testimonials/reviews, as well as our legitimate interests, which in this case are to study how customers use our products/services, to develop them, to grow our business and to decide our marketing strategy.
2.3 We may use Customer Data, User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you, if applicable, and to measure or understand the effectiveness of any advertising we serve you. Our lawful ground for this processing is legitimate interests which is to grow our business. We may also use such data to send other marketing communications to you. Our lawful ground for this processing is either consent or legitimate interests (namely to grow our business or for direct marketing).
2.4 We may also use Communications Data, Customer Data, User Data, Technical Data and Marketing Data for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to establish, pursue or defend legal claims.
3. Required Processing
3.1 Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you don’t provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.
3.2 We may process your personal data without your knowledge or consent where this is required or permitted by law.
4. How and when we collect your personal data
4.1 We may collect your data by you providing it directly to us (for example by filling in forms/questionnaires on our website or sending us emails/SMS).
4.2 We may automatically collect certain data from you as you use our website by using cookies and similar technologies. Please see our cookie policy for more details about this.
5. Marketing Communications
5.1 Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business) or our recognised legitimate interests (for direct marketing).
5.2 Under the Privacy and Electronic Communications Regulations (PECR), which govern email, SMS and telemarketing, there exists a concept called the ‘soft opt-in’. The following rules apply:
5.2.1 Contact details are collected during the course of a sale, or negotiations of a sale, of a product or service.
5.2.2 An opportunity to refuse or opt out of the marketing is given at the point of collection, and in every subsequent communication, such as an unsubscribe button at the bottom of every email.
5.2.3 Marketing shall only be sent about similar goods or services.
5.2.4 The ability to opt out is provided in every communication.
5.3 Therefore, we may send you marketing communications if (i) you made a purchase or asked for information from us about our goods or services or (ii) you agreed to receive marketing communications and in each case you have not opted out of receiving such communications since. Under these regulations, if you are a limited company, we may send you marketing emails without your consent. However, you can still opt out of receiving marketing emails from us at any time.
5.4 Before we share your personal data with any third party for their own marketing purposes, we will get your express consent.
5.5 You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by emailing us at contact[at]studiowallander.com. If you opt out of receiving marketing communications, this opt-out does not apply to personal data provided as a result of other transactions, such as purchases, warranty registrations etc.
6. Purposes of Processing
6.1 We will only use your personal data for a purpose for which it was collected or a reasonably compatible purpose, if necessary. In case we need to use your details for an unrelated new purpose, we will let you know and explain the legal grounds for processing.
7. Disclosures of your Personal Data
7.1 We may have to share part or all of your personal data with the parties set out below in order to fulfil any contracts or undertakings agreed between us, to provide any Services agreed or to comply with applicable Law:
7.1.1 Service providers who provide IT and system administration services
7.1.2 Professional advisers, including lawyers, bankers, auditors and insurers
7.1.3 Sub-contractors and suppliers
7.1.4 Affiliates and joint ventures
7.1.5 Government bodies that require us to report processing activities
7.1.6 Delivery companies or payment gateways
7.1.7 Third parties to whom we sell, transfer, or merge parts of our business or our assets
7.2 We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions, to the best of our ability.
7.3 Third-party service providers have separate privacy policies. It is recommended that you read any relevant privacy policies, so you understand the manner in which your personal information will be handled.
7.4 Certain providers may be located in, or possess facilities located in other jurisdiction(s) than yours or ours. If you chose to proceed with a transaction that involves the services of a third-party service provider, your information may become subject to the laws and regulations of the geographical jurisdiction(s) in which the relevant service provider or connected facilities are situated.
7.5 SW will never sell your information to third party organisations.
8. International Transfers
8.1 We are subject to the provisions of the UK General Data Protection Regulations (UK GDPR) that protect your personal data. When we transfer your data to third parties outside of the UK, we will ensure that certain safeguards are in place to ensure a similar degree of security for your personal data.
As such:
8.1.1 We may transfer your personal data to countries that the United Kingdom regulatory authorities have approved as providing an adequate level of protection for personal data: or
8.1.2 if we use US-based providers that are part of the UK-US Data Bridge (the UK extension to the EU-US Data Privacy Framework), we may transfer data to them, as they have equivalent safeguards in place; or
8.1.3 where we use certain service providers who are established outside the UK, we may use specific contracts approved by the ICO (the International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses, or codes of conduct or certification mechanisms approved by the UK government, which give personal data the same protection as it has in the UK.
8.1.4 If none of the above safeguards are available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
9. Data Security
9.1 We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation.
9.2 We allow access to your personal data only to those employees and partners who have a business that needs to know such data. They will only process your personal data on our instructions and they must keep it confidential.
9.3 We have procedures in place to deal with any suspected or verified data breach and will notify you and any applicable regulator of a breach if we are legally required to.
9.4 Our company website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
10. Data Retention
10.1 We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
10.2 When deciding what the correct time is for which to keep the data, we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes and if these can be achieved by other means and legal requirements.
10.3 For tax purposes, the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.
10.4 In some circumstances we may anonymise your personal data for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
11. Your Legal Rights
11.1 Under the Data Protection Legislation, you have the right to:
11.1.1 be informed about our collection and use of personal data;
11.1.2 request access to the personal data we hold about you;
11.1.3 rectify, correct or amend any inaccuracies or incomplete data;
11.1.4 erasure – i.e. the right to ask us to delete any personal data we hold about you;
11.1.5 restrict and/or prevent the processing of your personal data;
11.1.6 data portability;
11.1.7 transfer;
11.1.8 object to processing;
11.1.9 as well as where the lawful ground of processing is consent, to withdraw consent;
11.2 If you wish to exercise any of these rights set out above, please contact us at contact[at]studiowallander.com. Please head any communication ‘Data Processing’. We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you.
11.3 There is no fee for such requests, unless the request concerns a large amount of information, is deemed to take a long time and much effort to process, is clearly unfounded, repetitive or excessive. In such a case, we may charge a reasonable fee or refuse to comply with your request.
11.4 We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
11.5 If you wish to cease to receive marketing emails, please be advised it might take some time for the implementation to take place, and you might receive communications until it has taken effect.
11.6 If you are within the UK, you can see more about these rights at:
12. Age of Consent
12.1 By using this site, you confirm that you are at least 18 years of age. We do not knowingly collect or solicit data from or market to children. If we become aware that personal information from minors has been unwittingly collected, we will take reasonable measures to delete such data from our records.
13. Sensitive Data, Criminal Conviction Data and Automated Processing
13.1 We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
13.2 We do not collect any information about criminal convictions and offences.
13.3 We do not carry out automated decision making or any type of automated profiling.
14. DNT signals
14.1 The processor platform Wix does not change their practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, however, most browsers allow you to control cookies, including whether or not to accept them and how to remove them.
15. Third Party Links
15.1 Our Site may contain links to other websites, plug-ins, or services, including third party applications. We are not responsible for the privacy policies of such websites, services or companies, nor their handling of your data. Any time you click on a link to another site or application, please be aware that you are leaving www.studiowallander.com. Do inform yourself of the privacy practices of all websites and services you peruse before considering providing personal information.
16. How to Complain
16.1 If you have a complaint about how we handle your personal data, we ask that you first contact us so that we can try to resolve it for you. You can submit a data protection complaint to us by emailing us at contact[at]studiowallander.com We will acknowledge your complaint within 30 days of receiving it. We will investigate your complaint without undue delay, keep you informed of our progress, and communicate the outcome to you clearly with sufficient detail for you to understand how we reached our conclusion.
16.2 When you make a complaint, we will collect and process personal data about you in order to investigate and respond. We process this data on the basis of our legal obligation under section 164A of the Data Protection Act 201 and/or our legitimate interests in handling complaints.
16.3 If you are within the UK and are not satisfied with our response, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
17. Privacy Policy Modification
17.1 We may update this Privacy Policy from time to time. Any updates will be posted on this page and the ‘last updated’ date will be amended. Where we make material changes affecting how we use personal data, we will take appropriate steps to bring those changes to the attention of affected individuals before the relevant new processing begins, where required by data protection law.
COOKIE POLICY
18. What are Cookies?
18.1 Cookies are essential to the effective running of most websites. They are used as a means of communication between websites and servers and are created when a user's browser loads a website. A ‘cookie’ contains information which is stored on the computer’s hard drive (if you agree to this), which triggers the browser to create a text file. It records how you move around the site so that, every time you return to that same website, the browser retrieves and sends the text file to the website's server. This way it can present tailored options based on the information stored about your last visit.
18.2 Cookies can also be used to analyse traffic and for advertising and marketing purposes. Cookies are used by almost all websites and do not harm your system. In general, cookies are used to:
18.2.1 Authenticate a user using a secure area of a website, such as a user account
18.2.2 Store information regarding a user’s activities
18.2.3 Store information regarding shopping carts
18.2.4 Facilitate ads
This is not an exhaustive list of the general use of cookies. To read more about cookies, please visit www.allaboutcookies.org
18.3 We are required to obtain your consent for all non-essential cookies used on our website. You can block cookies (including essential cookies) at any time by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block essential cookies you may not be able to access all or parts of our site.
19. Types of Cookies
19.1 Cookies are either:
19.1.1 Session cookies: these are only stored on your computer during your web session and are automatically deleted when you close your browser – they usually store an anonymous session ID allowing you to browse a website without having to log in to each page but they do not collect any personal data from your computer.
19.1.2 Persistent cookies: a persistent cookie is stored as a file on your computer, and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again.
19.2 Cookies can also be categorised as follows:
19.2.1 Essential cookies (Strictly necessary Cookies)
19.2.2 Essential cookies make it possible to navigate the Site and use its features. They cannot be turned off, but you might be able to block them via your browser. However, since these cookies are essential to enable you to use the website effectively, such as when buying a product and/or service, the services available to you on our website cannot be provided without them. These cookies do not gather information about you that could be used for marketing, nor do they remember where you have been on the internet.
19.2.3 Functional cookies
19.2.4 These cookies allow the Site to remember User choices or preferences. They allow a website to remember choices you make and provide enhanced features. They may also be used to provide services you have requested such as viewing a video, commenting on a blog. The information these cookies collect is usually anonymised.
Performance Cookies
These cookies enable monitoring and improving the performance of a website. For example, they count visits, identify traffic sources and see which parts of the site are most popular. These cookies don’t collect personally identifiable information.
19.2.5 Targeting Cookies
19.2.6 These cookies record your visit to a website, the pages you have visited and the links you have followed.
19.2.7 Social Media Cookies
19.2.8 Any active cookies from social media channels will record your interaction with these sections of the Site (if applicable), unless you decline consent to them being used, either in the Cookie Banner or the Cookie Preference Center. Should you decline consent to these cookies, the corresponding sections might not function
19.3 You can find more information about the individual cookies WIX uses on our site at the bottom of the page.
20. First and Third Party Cookies
First party cookies are cookies set by our website. Third party cookies are cookies website that are set by a website other than our website.
21. Cookie Banner
When you enter the Site, you will see a cookie banner pop up. This gives you the option to either accept all cookies, decide which cookies to accept or decline all non-essential cookies. You can always change your cookie settings by going to Cookie Preferences in the Footer.
FURTHER INFORMATION
Wix’s Privacy Policy, including how Wix handles Users-of Users’ data
https://www.wix.com/about/privacy
SECTION 2.2, 4,6, 12 AND 13 (Users of Users’ data).
WIX Terms of Use - https://www.wix.com/about/terms-of-use
WIX table of cookies
https://support.wix.com/en/article/cookies-and-your-wix-site
COOKIE NAME
XSRF-TOKEN
hs
svSession
SSR-caching
consent-policy
bSession
client-session-bind
server-session-bind
PURPOSE
Security Reasons
Security Reasons
Security, stability, site function
Performance and Rendering
Cookie Banner Parameters
System Efficiency Measurement
API Protection
API Protection
DURATION
Session
Session
12 Months
24 Hours
12 Months
30 Minutes
Session
Session
COOKIE TYPE
Essential
Essential
Essential
Essential
Essential
Essential
Essential
Essential