Abri Studio
Legal / privacy

Privacy policy & your data.

This page explains what personal data Abri Studio collects, why we use it, and what rights you have under GDPR.

Last updated · May 2026

Overview

Abri Studios s.r.o. ("Abri Studio", "we", "us") operates abristudio.com and related services. We respect your privacy and process personal data only when we have a lawful basis to do so.

This policy applies to visitors of our website, people who contact us, and clients we work with. It does not replace separate agreements we may sign for specific projects.

Data controller

The controller responsible for your personal data is:

  • Abri Studios s.r.o.
  • Company ID (IČO): 23370424
  • Registered in the Czech Republic · Prague
  • Email: hello@abristudio.com
  • Phone: +420 725 952 689
What we collect

Depending on how you interact with us, we may process the following categories of data:

  • Identity & contact details — name, email, phone, company name when you submit our contact form or email us
  • Project information — message content, project type, and other details you choose to share
  • Technical data — IP address, browser type, device information, and approximate location derived from server logs
  • Usage data — pages visited, referral source, and interaction events if you accept analytics cookies
  • Cookie preferences — your choice stored in local storage (essential only vs. accept all)
  • AI chat messages — text you type in our on-site assistant and the assistant's replies, plus basic technical metadata needed to deliver the chat (e.g. session timing, error logs)
Why we use your data

We process personal data for specific purposes and on the following legal bases under the GDPR:

  • Responding to enquiries — to reply to contact form submissions and emails (legitimate interest / pre-contractual steps)
  • Delivering our services — to prepare proposals, contracts, and carry out client work (contract performance)
  • Operating our website — security, uptime, and basic functionality (legitimate interest)
  • Analytics — understanding how the site is used, only if you accept optional cookies (consent)
  • Legal compliance — accounting, tax, and records we are required to keep (legal obligation)
  • AI website assistant — answering questions about our services, pricing guidance, and project fit; we do not use the chat to make automated decisions with legal or similarly significant effects (legitimate interest)
Cookies

We use essential cookies and similar technologies required for the site to function (for example, remembering your cookie consent choice in local storage).

If you click "Accept all" on our cookie banner, we may enable optional analytics tools that help us measure traffic and improve the site. If you choose "Essential only", those optional tools stay off.

You can withdraw consent at any time by clearing site data in your browser or changing your choice after we provide a preference centre. You can also block cookies in your browser settings.

AI chatbot & EU AI Act

Our website includes an AI-powered chat assistant that helps visitors learn about Abri Studio, our services, and typical project scope. The assistant is clearly presented as artificial intelligence — it is not a human team member.

When you use the chat, the messages you send (and the assistant's responses) are transmitted to our servers and processed using a third-party AI provider (currently OpenAI) acting as our processor. We instruct the provider to use your content only to generate replies for your session and not for unrelated purposes. Because the provider may process data outside the European Economic Area, we rely on appropriate safeguards as described under International transfers.

Please do not enter passwords, payment card numbers, health data, or other sensitive information in the chat. The assistant is for general information and sales guidance only; it does not provide legal, tax, or binding commercial advice, and it must not be relied on for GDPR or security assurances.

We keep chat-related server logs only as long as needed for security, troubleshooting, and service improvement — typically up to 90 days unless a longer period is required for an incident investigation. Conversation history in your browser is cleared when you reset the chat or clear site data.

Under Regulation (EU) 2024/1689 (EU AI Act), we treat this assistant as a transparency-obligated AI system that interacts with people on our website. We comply with applicable obligations for deployers of such systems, including: informing you that you are interacting with an AI system; designing the experience so you can reach a human (contact form, email, or call) when you prefer; and not using the chat for prohibited practices or for high-risk uses listed in the AI Act.

The assistant is not used for recruitment, credit scoring, biometric identification, law enforcement, or other high-risk purposes under the AI Act. Outputs may be incomplete or inaccurate — always verify important details with us directly before making decisions.

If you have questions about how we use AI on the site, want human assistance instead of the assistant, or wish to exercise your GDPR rights in relation to chat data, contact us at hello@abristudio.com.

Who we share data with

We do not sell your personal data. We share it only when necessary:

  • Hosting & infrastructure providers that run our website and email
  • Analytics providers — only if you have accepted optional cookies
  • AI service providers that power our website chat assistant (message content is sent only to generate responses)
  • Professional advisers (e.g. accountants or lawyers) when required
  • Public authorities when we are legally obliged to disclose information
International transfers

Some of our suppliers may process data outside the European Economic Area. Where that happens, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions, and we limit transfers to what is necessary for the service.

How long we keep data

We keep personal data only as long as needed for the purposes above:

  • Enquiries — typically up to 24 months after our last contact, unless a project continues
  • Client & project records — for the duration of the engagement and then as required by Czech accounting and tax law (generally up to 10 years for financial records)
  • Server logs — usually up to 90 days unless needed for security investigations
  • AI chat — server-side logs as above; in-browser conversation history until you reset the chat or clear site data
  • Analytics — according to the retention settings of the relevant tool, typically 14–26 months
Your rights

Under the GDPR, you have the right to access, rectify, erase, restrict, or object to certain processing, and to data portability where applicable. Where we rely on consent, you may withdraw it at any time without affecting prior processing.

You also have the right to lodge a complaint with a supervisory authority. In the Czech Republic, this is the Office for Personal Data Protection (Úřad pro ochranu osobních údajů) at uoou.cz.

Security

We apply appropriate technical and organisational measures to protect your data, including HTTPS, access controls, and careful selection of subprocessors. No method of transmission over the internet is 100% secure; we work to reduce risk and respond to incidents promptly.

Children

Our website and services are aimed at businesses and professionals. We do not knowingly collect personal data from children under 16. If you believe we have done so, please contact us and we will delete it.

Changes to this policy

We may update this page from time to time. The "Last updated" date at the top will change when we do. Significant changes may also be highlighted on the site or communicated to active clients where appropriate.

Questions

Data protection enquiries

If you have questions about this policy or want to exercise your rights, email us and we will respond within one working day.

hello@abristudio.com

Prefer a project chat? Go to contact