Privacy Policy

Last updated: 1 January 2026

This Privacy Policy explains how CHYRKOV studio, operating under the legal name 85CO SRL (“Company,” “we,” “us,” or “our”), collects, uses, discloses, and protects personal data when you visit or interact with our website https://www.chyrkov.studio (the “Website”).

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the ePrivacy Directive, and relevant United States privacy laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) where applicable.

  1. Data Controller Information

Data Controller:
CHYRKOV studio (85CO SRL)
Registered address: Bucharest, Romania
Email (data protection inquiries): hello@chyrkov.studio
Website: https://www.chyrkov.studio

For the purposes of GDPR, 85CO SRL is the data controller responsible for your personal data.

  1. Scope of This Privacy Policy

This Privacy Policy applies to:
• Visitors to our Website
• Individuals who contact us via forms, email, or other communication channels
• Business representatives interacting with us for marketing, consulting, or service purposes

Our Website does not offer user accounts, logins, or public registration, and we do not knowingly collect data from children.

  1. Personal Data We Collect

We collect only business-related personal data that you voluntarily provide or that is collected automatically through the use of the Website.

3.1 Data You Provide Directly
• Full name
• Job title or role
• Company or business name
• Business email address
• Business phone number
• Business location
• Business website URL
• Business industry or sector
• Any information you voluntarily include in messages or inquiries

3.2 Data Collected Automatically

When you visit our Website, we may collect:
• IP address (anonymized where possible)
• Device and browser type
• Operating system
• Pages visited and interactions
• Referring URLs
• Approximate geographic location
• Usage behavior and session data

  1. Purposes of Data Processing

We process personal data for the following purposes:
• Marketing and business development
• Responding to inquiries and communication
• Providing and improving our services
• Website functionality and performance optimization
• Analytics and usage analysis
• Personalizing content and offers
• Internal reporting and business planning
• Legal, security, and compliance purposes

We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.

  1. Legal Bases for Processing (GDPR)

Under GDPR, we rely on one or more of the following legal bases:
• Consent – where you voluntarily submit information or accept cookies
• Legitimate interests – for marketing, analytics, and service improvement, provided such interests are not overridden by your rights
• Contractual necessity – where processing is required to provide requested services
• Legal obligation – where processing is required to comply with applicable laws

  1. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance functionality, analyze usage, and improve our Website.

6.1 Tools We Use
• Google Analytics – website traffic and usage analytics
• HubSpot – CRM, marketing analytics, and communication tracking
• Hotjar – user behavior and experience analysis
• Stripe – payment processing (we do not store payment details)
• Cloudflare – security, performance, and content delivery

6.2 Cookie Control

You can control or disable cookies through your browser settings. Where required by law, cookies are deployed only after obtaining your consent.

  1. Data Sharing and Third Parties

We do not sell personal data.

We share data only with trusted service providers acting as data processors, strictly for the purposes described in this Policy:
• Google (Analytics)
• HubSpot
• Hotjar
• Stripe
• Cloudflare

All third parties are contractually obligated to:
• Process data only on our instructions
• Maintain appropriate security measures
• Comply with applicable data protection laws

  1. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA), including in the United States.

Where personal data is transferred internationally, we ensure appropriate safeguards, such as:
• Standard Contractual Clauses (SCCs)
• Adequacy decisions (where applicable)
• Industry-standard security practices

  1. Data Retention

We retain personal data for up to five (5) years from the date of collection, unless:
• A longer retention period is required by law, or
• You request deletion earlier

After the retention period, data is securely deleted or anonymized.

  1. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:
• Encrypted data transmission (HTTPS)
• Access control and limited authorization
• Secure hosting infrastructure
• Monitoring and security tools

While no system is 100% secure, we take reasonable steps to protect your data from unauthorized access, loss, or misuse.

  1. Your Rights (EU & US)

11.1 GDPR Rights (EU/EEA)

You have the right to:
• Access your personal data
• Rectify inaccurate or incomplete data
• Request erasure (“right to be forgotten”)
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority

11.2 US Privacy Rights (CCPA/CPRA)

Where applicable, you have the right to:
• Know what personal data we collect and how it is used
• Request deletion of personal data
• Opt out of data sharing (where applicable)
• Non-discrimination for exercising your rights

  1. How to Exercise Your Rights

To exercise any privacy rights, contact us at:

hello@chyrkov.studio

We may request verification of your identity before fulfilling your request. Requests are handled within legally required timeframes.

  1. No Financial Data Storage

We do not store:
• Credit card numbers
• Banking details
• Payment authentication data

All payments, if applicable, are processed securely via Stripe, which handles financial data independently.

  1. No User Accounts

Our Website does not offer:
• User registration
• Login systems
• Personal dashboards

All interactions are informational or contact-based only.

  1. Children’s Privacy

Our Website is not directed at children under 16, and we do not knowingly collect personal data from minors. If you believe a child has provided personal data, please contact us immediately.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. The updated version will be posted on this page with a revised “Last updated” date.

  1. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or personal data processing, contact:

CHYRKOV studio (85CO SRL)
hello@chyrkov.studio