Privacy Policy

Last Updated: January 2026

Protecting your personal data is a matter we take seriously. This privacy policy explains—in plain language—how we handle information when you visit our portfolio website, udivox.com. We have deliberately designed this site to be as privacy‑friendly as possible: no cookies, no trackers, no third‑party advertising, and no complex data collection.

⚡ In a nutshell: We do not collect your name, email address, or any other personally identifiable information. The only data processed is the minimal technical information required to deliver the website to your browser and keep it secure. That's it.

1. Our Philosophy & Approach

Udivox operates as a creative studio and this website functions primarily as a digital portfolio and business card. We have no interest in building profiles of our visitors, tracking their behaviour across the web, or monetising their attention. Consequently, we have chosen to:

Use no cookies whatsoever—neither essential nor non‑essential.
Integrate no third‑party analytics (e.g., Google Analytics, Matomo, Fathom).
Embed no external content that could transfer data to other companies (our video is self‑hosted).
Provide no contact forms that would require you to submit personal data.

This approach significantly reduces the amount of data processing and keeps compliance obligations straightforward.

2. What Data Is Processed Automatically (Server Log Files)

Even with the most minimal website, certain technical information must be exchanged between your browser and our web server for the site to function. This happens automatically and is a fundamental part of how the internet works. Our hosting provider temporarily stores this information in so‑called server log files. The data may include:

The IP address assigned to your device by your internet service provider (this is shortened/anonymised where technically possible).
The date and time of your visit (timestamp).
The specific pages or files you accessed on our site.
The referrer URL—the website you came from, if you clicked a link to get here.
Basic information about your browser type and version, and the operating system you are using.

Why is this data processed? The processing is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in ensuring the technical stability, security, and proper delivery of our website. For example, log files help us identify and defend against malicious attacks, troubleshoot errors, and understand—in a very broad, aggregated sense—which pages are most visited. We do not combine this data with any other information, nor do we use it to identify individual visitors.

How long is it kept? Server logs are automatically rotated and deleted by our hosting provider after a short retention period (typically 14 to 30 days), unless a security incident requires a longer investigation.

3. Our Hosting Provider & Data Processing Agreement

Hostinger's servers are located within the European Economic Area (EEA). No data is transferred to countries outside the EU/EEA that do not offer an adequate level of data protection. For complete transparency, you can review Hostinger's own privacy policy and their GDPR compliance documentation at www.hostinger.com/legal/privacy-policy.

If you have specific questions about how Hostinger processes server log data, you may contact their Data Protection Officer directly at gdpr@hostinger.com.

4. Self‑Hosted Video Content

The showreel video that appears on our homepage is stored on our own server infrastructure (i.e., self‑hosted). It is embedded using a standard HTML5 <video> element. This means that no data is sent to YouTube, Vimeo, Wistia, or any other third‑party video platform. The video file is delivered directly from the same server that hosts the rest of the website. The only data processing that occurs during video playback is already covered by the server log files described in Section 2.

The video is set to autoplay in a muted state by default. You may choose to unmute the video using the provided toggle button. This action does not trigger any additional data collection or tracking.

5. Email & Phone Communication

While our website does not contain a contact form, you may choose to reach out to us directly via the email address or phone number displayed on the site. If you do so, the personal data you voluntarily provide (such as your name, email address, phone number, and the content of your message) will be processed exclusively for the purpose of handling your inquiry and any subsequent correspondence.

The legal basis for this processing is Art. 6 para. 1 lit. b GDPR (performance of a contract or pre‑contractual measures) if your inquiry relates to a potential business relationship, or Art. 6 para. 1 lit. f GDPR (legitimate interest in responding to general inquiries). We will retain this correspondence only for as long as necessary to address your request and, where applicable, to comply with statutory retention obligations under Austrian commercial and tax law (typically up to 7 years). Your data will never be used for marketing purposes without your explicit consent.

6. Security Measures (TOMs)

We implement appropriate technical and organisational measures to protect any personal data that is processed through this website. Given the limited scope of data processing, these measures are proportionate but nevertheless robust. They include:

Encryption: All communication between your browser and our website is encrypted using HTTPS (TLS 1.2/1.3).
Access Control: Access to the server and administrative interfaces is protected by strong, unique passwords and two‑factor authentication where available.
Regular Updates: Server software and content management components are kept up‑to‑date with security patches.
Minimal Data Collection: By design, we collect as little data as possible, reducing the potential impact of any security incident.

While we strive to protect your data, please be aware that no method of transmission over the internet or electronic storage is 100% secure. We continuously review and improve our security practices.

7. Your Rights Under the GDPR

As a data subject within the European Union, you have a comprehensive set of rights regarding your personal data. Although the data we process is minimal and largely anonymised, these rights still apply in principle:

Right of Access (Art. 15 GDPR): You may request confirmation as to whether personal data concerning you is being processed and, if so, obtain a copy of that data.
Right to Rectification (Art. 16 GDPR): You may request the correction of inaccurate or incomplete personal data.
Right to Erasure (Art. 17 GDPR): You may request the deletion of your personal data under certain conditions.
Right to Restriction of Processing (Art. 18 GDPR): You may request that we limit the processing of your data.
Right to Data Portability (Art. 20 GDPR): You may receive the personal data you have provided to us in a structured, commonly used, and machine‑readable format.
Right to Object (Art. 21 GDPR): You may object to processing based on legitimate interests on grounds relating to your particular situation.

To exercise any of these rights, please contact us using the details provided in Section 9. We will respond to your request within one month, as required by law. Please note that because we process very little identifiable data, we may need to request additional information to verify your identity before fulfilling certain requests.

If you believe that our processing of your personal data violates data protection law, you also have the right to lodge a complaint with the competent supervisory authority. In Austria, this is the Österreichische Datenschutzbehörde (Austrian Data Protection Authority):

Barichgasse 40–42, 1030 Wien, Austria
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at
Website: www.dsb.gv.at

8. Changes to This Privacy Policy

We may occasionally update this privacy policy to reflect changes in our data processing practices, legal requirements, or the functionality of our website. Any changes will be posted on this page, and the "Last Updated" date at the top will be revised accordingly. We encourage you to review this policy periodically, especially if you are a returning visitor. If we ever make material changes that affect how we handle your personal data, we will provide a more prominent notice where appropriate.

9. Controller & Contact Information

The data controller responsible for the processing of personal data on this website is:

Udivox
Inhaber: udivox studio
Rötzergasse, 1170 Wien, Austria
Email: studio@udivox.com
Phone: +43 681 811 86 150

10. Legal Basis & Compliance Statement

This privacy policy is designed to comply with the following legal frameworks:

Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR)
Austrian Data Protection Act (Datenschutzgesetz – DSG, BGBl. I Nr. 165/1999 as amended)
Austrian Telecommunications Act 2021 (Telekommunikationsgesetz 2021 – TKG 2021, BGBl. I Nr. 190/2021), in particular § 165 regarding the protection of personal data in electronic communications.

We have made every effort to ensure this policy is accurate, transparent, and easy to understand. If you have any questions, suggestions, or concerns, please do not hesitate to reach out.

This document was last reviewed and updated in January 2026. It remains valid until superseded by a newer version.

← Back to Udivox home