Data Controller
The entity that decides how and why your data is processed. For Vislixo, this is the studio itself, acting under French law.
Privacy & Trust: A Clear Record
Vislixo is a design studio based in Paris. We build thoughtful digital products for a curated list of clients. This page documents exactly how we handle the minimal data required to do our work and maintain this site. We believe transparency is the foundation of trust.
Studio workspace, Vislixo Paris. Photographed by the team.
The Data We Actually Use
Most websites ask for everything. We ask for nothing unless it's strictly necessary. Our privacy philosophy is rooted in the principle of data minimization. We collect information in two primary contexts: when you contact us via email or form, and when you browse our site.
When you contact Vislixo, we require a name and a working email address—this is so we can respond to your inquiry. We may also ask for a phone number if you prefer a call, but this is optional. This data is used solely for communication related to your request and is not retained longer than necessary. We do not subscribe you to newsletters or marketing lists unless you explicitly opt-in during a project discussion.
Technical Metadata
Like most websites, our server logs standard technical information when you visit: IP address, browser type, pages visited, and timestamps. This data is anonymized and aggregated for security monitoring and basic analytics (e.g., identifying traffic spikes or potential bot activity). It cannot be used to identify you personally and is automatically purged after 30 days.
How We Evaluate & Secure Data
Our approach is defined by constraints, not ambition. We are a small studio with a specific technical stack, which informs our security posture and data handling. Below are the practical decisions that shape our privacy implementation.
- 1. Hosting: Our site is hosted with a European provider (OVHcloud) adhering to GDPR standards. Data does not leave the EU.
- 2. Forms: We use a simple, self-hosted email forwarder. There is no external "forms-as-a-service" database.
- 3. Updates: We maintain all software (server, PHP, plugins) for security patches. This is a manual, weekly check.
- 4. Access: Administrative access is limited to the studio director. No subcontractors or developers have backend access.
Realism Anchors
Role: Senior UX Designer / Privacy-Conscious Founder.
Scenario: Explaining a compliance audit to a prospective client who requests our data policy.
Constraint: We lack a dedicated legal or IT security team. Our policy must be simple enough for us to execute without external counsel.
Trade-off: We forgo advanced analytics (like Hotjar session recordings) to eliminate consent complexity and data liability.
Decision Criteria: "Does this tracking improve the core user experience of our portfolio site?" If no, we don't implement it.
Key Terms & Your Rights
We use plain language. Below are the rights afforded to you under GDPR (applicable as we operate in the EU) and our specific commitments.
Right to Access
You can ask us for a copy of any personal data we hold about you. We will provide it in a commonly used, machine-readable format (e.g., PDF).
Right to Erasure
Also known as the 'right to be forgotten'. You may request deletion of your contact data at any time. We will confirm completion within 30 days.
Legitimate Interest
The legal basis for processing some technical logs (security, basic analytics). It is balanced against your privacy rights, which we prioritize.
Data Breach Protocol
In the unlikely event of a breach, we will notify affected individuals and the French data protection authority (CNIL) within 72 hours of discovery.
Third Parties
We do not sell data. We share information only with service providers (hosting, email) who are contractually bound to confidentiality and GDPR compliance.
Exercise Your Rights
To request access, correction, or deletion of your data, please email us directly.
[email protected]Last Updated: October 26, 2026. This privacy policy may be updated to reflect changes in our practices or legal requirements. We will notify users of significant changes by posting a notice on this page.