Privacy policy

Larima Studio is committed to protecting and respecting your privacy. This policy explains how personal data is collected, used and protected in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Larima Studio is the data controller for the purposes of UK data protection law.

1. Information We Collect

We may collect and process the following information:

Information you provide directly

  • Name

  • Email address

  • Business name

  • Website details

  • Project-related information submitted through enquiry forms

Information collected automatically

When you visit this website, we may collect:

  • IP address

  • Browser type and version

  • Time zone setting

  • Pages visited

  • Referral source

This information is collected via cookies and analytics tools.

2. How We Use Your Information

We process personal data for the following purposes:

  • To respond to enquiries

  • To provide requested services

  • To manage client relationships

  • To send service-related communications

  • To comply with legal obligations

We do not use your data for automated decision-making or profiling.

3. Lawful Basis for Processing

Under UK GDPR, we rely on:

  • Contractual necessity – when processing is required to deliver agreed services

  • Legitimate interests – to respond to enquiries and operate the business

  • Legal obligation – to comply with tax and accounting requirements

Where consent is required (for example, optional marketing communication), it will be requested explicitly.

4. Data Retention

Personal data is retained only for as long as necessary:

  • Enquiry data: retained for up to 12 months if no contract is formed

  • Client project data: retained for up to 6 years for accounting and legal purposes

After this period, data is securely deleted or anonymised.

5. Data Sharing

We do not sell or trade personal information.

We may share data with:

  • Professional advisers (e.g., accountant)

  • Secure cloud service providers

  • Website hosting providers

All third-party providers are required to handle data in accordance with UK GDPR.

6. Data Storage and Security

Reasonable technical and organisational measures are in place to protect personal data, including:

  • Secure password-protected systems

  • Encrypted cloud storage where applicable

  • Restricted access to sensitive information

While no online system can guarantee absolute security, appropriate safeguards are maintained.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure (where applicable)

  • Restrict processing

  • Object to processing

  • Request data portability

To exercise these rights, contact: hello@larimastudio.com

If you are dissatisfied with how your data is handled, you may contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.

8. Changes to This Policy

This policy may be updated periodically. The latest version will always be available on this website.

Last updated: February 2026