top of page

Privacy Policy

GDPR Compliance Statement 

At CubiCreate, we take data protection and privacy seriously. As a creative agency, we are dedicated to complying with the General Data Protection Regulation (GDPR) to ensure that all personal data is handled lawfully, transparently, and securely. This statement outlines our commitment to GDPR compliance, particularly tailored to the design, advertising, and creative sectors

GDPR (General Data Protection Regulation)

1. Data We Collect

We collect and process personal data essential for delivering high-quality creative services. This includes:

  • Client Information: Contact details, project requirements, and business preferences.

  • Marketing Data: Email addresses for newsletters or promotional campaigns (only with explicit consent).

  • Technical Data: Website analytics data to improve user experience, collected through cookies (consent-based).

2. Lawful Basis for Processing

Our data processing activities are grounded in the following lawful bases:

  • Performance of a Contract: To fulfill agreements with our clients and provide requested services.

  • Consent: For marketing and analytics purposes, obtained through clear opt-in mechanisms.

  • Legitimate Interests: To improve our services and address inquiries effectively.

3. Data Subject Rights

As per GDPR, individuals have the right to:

  • Access Their Data: Request a copy of personal data we hold.

  • Rectify Their Data: Correct inaccurate or incomplete information.

  • Erase Their Data: Request data deletion, subject to contractual or legal obligations.

  • Restrict Processing: Limit how their data is used in certain circumstances.

  • Data Portability: Receive their data in a commonly used format.

  • Withdraw Consent: Opt-out of data processing based on prior consent.

To exercise any of these rights, individuals can contact us via:
Email: [Insert Email Address]
Phone: [Insert Phone Number]

4. Data Protection Measures

To safeguard personal data, we implement:

  • Encrypted storage and transmission systems.

  • Limited access protocols to ensure only authorized personnel handle sensitive data.

  • Regular audits and updates to align with GDPR requirements.

5. Data Sharing and Third Parties

We do not sell, share, or rent personal data. However, we may use trusted third-party tools or platforms (e.g., design software, email marketing tools) necessary for service delivery. These third parties comply with GDPR regulations and ensure the security of personal data.

6. Data Retention Policy

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. After this period, data is securely deleted or anonymized.

7. Cookie Policy

Cookies are used on our website to enhance user experience and analyze site performance. Users can manage their cookie preferences through their browser settings or opt out via our cookie consent banner.

8. Commitment to Continuous Improvement

CubiCreate is committed to ongoing compliance with GDPR. We regularly review and update our data protection practices to reflect changes in regulations and technology.

What to include in the Privacy Policy

Generally speaking, a Privacy Policy often addresses these types of issues: the types of information the website is collecting and the manner in which it collects the data; an explanation about why is the website collecting these types of information; what are the website’s practices on sharing the information with third parties; ways in which your visitors and customers can exercise their rights according to the relevant privacy legislation; the specific practices regarding minors’ data collection; and much, much more. 


To learn more about this, check out our article “Creating a Privacy Policy”.

bottom of page