Privacy Policy

Last updated: September 9, 2025

1. Introduction

Welcome to Fresko (“Fresko”, “we”, “us”, “our”). We respect your privacy and are committed to protecting personal data that we process when you browse our website, contact us, or make a request to purchase products. This Policy explains what we collect, how we use it, legal bases for processing, how long we keep data, how we share and transfer it, your rights, and how to contact us.

2. Data We Collect

• Contact data: name, email address, message content, and subject submitted via forms.
• Transactional intent data: items of interest, prices, and quantities you mention.
• Technical data: IP address (short-lived logs), device type, browser, and pages visited.
• Usage data: referral source, time on page, and interactions (e.g., clicks).
• Cookie data: preferences stored in a consent cookie and optional analytics cookies if you opt in.

3. Purposes & Legal Bases

• Provide the site and respond to inquiries — performance of a contract or steps prior to entering a contract (GDPR Art. 6(1)(b)).
• Security and fraud prevention — our legitimate interests to keep the service secure (Art. 6(1)(f)).
• Record-keeping & compliance — legal obligations (Art. 6(1)(c)).
• Analytics and improvements — your consent (Art. 6(1)(a)). We only set non-essential cookies with your permission.
• Marketing communications (if you opt in) — consent or legitimate interests depending on local law.

4. Cookies & Tracking

We use a strictly necessary cookie (consent_v1) to store your cookie preference. Optional analytics cookies (if enabled in the future) will only run after you click “Accept all.” For details, see our Cookie Policy.

5. Data Retention

• Contact submissions: up to 24 months from last interaction, unless we must keep them longer for compliance.
• Server logs: 30 days for security and troubleshooting.
• Consent records: 24 months or as required by law.

6. Sharing & Transfers

We do not sell personal data. We may share limited data with service providers who help us host the website, process forms, or deliver emails, under contracts that require confidentiality and security. If data is transferred outside your jurisdiction, we implement appropriate safeguards such as Standard Contractual Clauses or an adequacy decision, and we assess the risk of foreign government access where applicable.

7. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict or object to processing, and data portability. Where processing is based on consent, you can withdraw consent at any time without affecting prior lawful processing.

To exercise rights, contact us at privacy@fresko.sbs. We may need to verify your identity. You may also have the right to lodge a complaint with your supervisory authority.

8. Security

We apply defense-in-depth measures: HTTPS (when hosted), access controls, encryption in transit, and regular updates. No method is perfectly secure; please contact us if you suspect an issue.

9. Children

Our website is not directed to children under 13 (or the minimum age required by your jurisdiction). We do not knowingly collect data from children. If you believe a child provided data, contact us to delete it.

10. Changes to This Policy

We may update this Policy to reflect changes in laws or our practices. We will adjust the “Last updated” date and, when material, provide a prominent notice.

11. Contact

Questions about this Policy? Email privacy@fresko.sbs or write to: Fresko, Privacy Team.