Skip to main content

Privacy Policy

Last updated: February 13, 2026.

ARTemida (hereinafter: "we", "our") respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and Croatian data protection legislation.

1. Data Controller

The data controller is ARTemida, a virtual art gallery.

Contact email: artemida@artemisalfa.hr

2. What Data We Collect

2.1 Contact Form

When you contact us through the contact form, we collect:

  • Full name
  • Email address
  • Message subject (optional)
  • Message content
  • Language in which the message was sent

2.2 Visit Analytics

We automatically collect aggregated (anonymized) visit data:

  • Path of the visited page (e.g., /en/galleries)
  • Visibility of homepage sections

This data does not contain personal information, IP addresses, or user identifiers. It is collected solely as aggregated daily counters.

2.3 Technical Data

  • Cookies necessary for website operation (language selection, administrative session)

3. Legal Basis for Processing

  • Contact form: Processing is based on your consent (Article 6(1)(a) GDPR) — by sending a message, you consent to the processing of your data to respond to your inquiry.
  • Analytics: Processing is based on legitimate interest (Article 6(1)(f) GDPR) — aggregated, anonymized data for website improvement.
  • Cookies: Necessary cookies are based on legitimate interest for website functionality.

4. Sharing Data with Third Parties

Your data may be processed through the following services:

  • Resend (sending email notifications for the contact form)
  • Supabase (storing contact messages in a database)
  • Kunstmatrix (displaying virtual 3D exhibitions — we do not collect data through Kunstmatrix)
  • Vercel (website hosting)

We do not sell, rent, or otherwise share your personal data for marketing purposes.

5. Data Retention Periods

  • Contact messages: Retained as long as necessary to process the inquiry, up to a maximum of 12 months.
  • Analytics data: Automatically deleted after 90 days.
  • Cookies: Duration is specified in the Cookie Policy.

6. Your Rights

Under the GDPR, you have the right to:

  • Access — request access to your personal data
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Restriction — request restriction of how we use your data
  • Portability — request a copy of your data in a structured format
  • Objection — object to processing based on legitimate interest

To exercise your rights, contact us at: artemida@artemisalfa.hr

You also have the right to file a complaint with the Croatian Personal Data Protection Agency (AZOP).

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including HTTPS encryption, httpOnly cookies, and password hashing.

8. Policy Changes

We reserve the right to modify this policy. The date of the last update is stated at the top of this document.

9. Contact

For all questions regarding privacy and data protection:

Email: artemida@artemisalfa.hr