Privacy Policy

Website: https://cristianarmeanu.com/
Operator / Data Controller: Cristian Armeanu (individual)
Postal address: Oakland Avenue, Haslington, Crewe, United Kingdom
Contact email: [email protected]

Last updated: 24 August 2025

1. Who we are

This website is operated by Cristian Armeanu. We are committed to protecting your privacy and processing your personal data fairly, lawfully and transparently in accordance with the UK GDPR and the Data Protection Act 2018.

If you have any questions about this notice or how we handle your data, please contact us at [email protected].

2. What data we collect

2.1 Data you provide to us

  • Contact form / project enquiries: your name, email address, organisation (optional) and the content of your message. You may also provide other details relevant to your enquiry.

Purpose: to respond to your request, provide estimates, and communicate about potential or ongoing projects.
Lawful basis: contract / pre‑contractual steps (UK GDPR Art. 6(1)(b)) and legitimate interests in running our business (Art. 6(1)(f)).

2.2 Data collected automatically

  • Server logs & security data: IP address, device/user‑agent, referring URL, pages visited, date and time, error codes.
    Purpose: site functionality, troubleshooting, and security (e.g., preventing abuse or spam).
    Lawful basis: legitimate interests (Art. 6(1)(f)).
  • Cookies and similar technologies: used for essential site functions, statistics/analytics (only with consent), and to display embedded third‑party content. See the Cookie Policy for details.

2.3 Analytics (only with consent)

We use Google Analytics 4 (via Site Kit and Consent Mode v2) to understand how visitors use the website.

  • Data processed: pseudonymous online identifiers, pages viewed, clicks, approximate location (country/city), device and browser information.
  • IP anonymisation: enabled by design for GA4.
  • Lawful basis: consent (Art. 6(1)(a)). Analytics will only run after you accept non‑essential cookies via the banner.

2.4 Third‑party services and embedded content (only with consent)

Some pages may include content or services from third parties, which can set cookies and collect data when you interact with them. These are only loaded after consent via our banner.

Examples include:

  • YouTube/Vimeo (video embeds)
  • Google Maps (interactive maps)
  • Google reCAPTCHA (spam protection for forms)
  • ShareThis (social share buttons)
  • Google Fonts (web font delivery, or fonts may be hosted locally)

Lawful basis: consent (Art. 6(1)(a)) for non‑essential features; legitimate interests (Art. 6(1)(f)) for basic presentation and security.

3. Lawful bases we rely on

  • Contract / pre‑contract – communicating with you about your enquiry and providing quotes or services.
  • Consent – analytics, marketing and non‑essential third‑party embeds. You can withdraw consent at any time via the cookie settings.
  • Legitimate interests – operating and securing our website, preventing fraud and abuse, maintaining records.
  • Legal obligation – when we are required to retain or disclose information to comply with law or requests from authorities.

4. How long we keep your data

  • Contact messages: up to 24 months after the last interaction (or earlier upon request), unless required longer for legal reasons.
  • Server logs/security: typically 90 days.
  • Google Analytics: event‑level data is retained for up to 14 months (GA4 setting). Aggregated, non‑personal statistics may be kept longer.

5. Who we share data with (recipients)

We use trusted providers to help run this website. These recipients process data on our behalf or as independent controllers:

  • Google LLC / Google Ireland Limited – Analytics, reCAPTCHA, YouTube, Google Maps, Google Fonts.
  • Hosting provider / Content Delivery Network (CDN) – to serve the website and keep it secure.
  • ShareThis, Inc. – social sharing tools (if present).

We do not sell your personal data.

6. International transfers

Where our providers are located outside the UK/EEA (e.g., the United States), personal data may be transferred internationally. These transfers rely on appropriate safeguards such as the UK Addendum to the EU Standard Contractual Clauses or other lawful mechanisms. For more information, contact us.

7. Your rights (UK GDPR)

You have the right to:

  • Access your personal data and receive a copy;
  • Rectify inaccurate or incomplete data;
  • Erase your data where applicable (“right to be forgotten”);
  • Restrict or object to certain processing;
  • Data portability for information you provided to us;
  • Withdraw consent at any time for processing based on consent (e.g., analytics and embeds); this does not affect processing before withdrawal.

To exercise your rights, contact [email protected]. We may need to verify your identity before responding.

You also have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO)https://ico.org.uk/

8. Cookies and consent management

We use a consent management platform (CMP) to present a cookie banner and record your preferences. You can review or change your choices at any time by using the Cookie Settings link shown on the site. For details on the cookies used, purposes and retention, see the separate Cookie Policy.

9. Security

We take appropriate technical and organisational measures to protect your data (HTTPS encryption, access controls, regular updates and backups). However, no method of transmission or storage is completely secure.

10. Children

This website is not directed at children under 16 and we do not knowingly collect their data. If you believe a child has provided us with personal information, please contact us and we will delete it.

11. Changes to this policy

We may update this notice from time to time to reflect changes to our processes or legal requirements. The latest version will always be available on this page and will show the last updated date above.

12. Contact

For any privacy‑related queries or requests, please email [email protected]