Last updated: 11 May 2026. This Privacy Policy explains how we collect and use personal data when you visit monochroma.hu, contact us, or book a call with us. It is written to meet the requirements of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the Slovak Act No. 18/2018 on the Protection of Personal Data. 1. Who is the data controller The controller of your personal data is NFTeam s.r.o., registered seat: Hradná 168/2, 945 01 Komárno, Slovenská republika; Company ID (IČO): 50 599 500; Tax ID (DIČ): 21 2040 8719, trading as Monochroma. Contact for privacy matters: hello@monochroma.hu. We have not appointed a Data Protection Officer because we are not required to under Article 37 GDPR. 2. What data we collect, why, and on what legal basis Contact form and emails. When you write to us through the contact form or by email, we receive the name, email address, and any company name, phone number or message content you choose to share. We use this information solely to reply to your enquiry and, if it leads to an engagement, to manage the relationship. Legal basis: pre-contractual steps taken at your request (Art. 6(1)(b) GDPR), or our legitimate interest in responding to enquiries directed at our business (Art. 6(1)(f) GDPR). Booking a call (Calendly). When you book a free consultation we receive the booking details you enter into Calendly — typically name, email, time zone, and any notes you add. Legal basis: pre-contractual steps at your request (Art. 6(1)(b) GDPR). Calendly acts as our processor; their own privacy practices are described at calendly.com/privacy. Analytics (Google Analytics 4). If you accept analytics cookies via our cookie banner, Google Analytics sets cookies that let us see aggregated information about how the Site is used — pages viewed, approximate location at city level, device and browser, traffic source, and similar. We have IP-anonymisation enabled and do not use the data to identify individual visitors. Legal basis: your consent (Art. 6(1)(a) GDPR and § 109(8) of the Slovak Electronic Communications Act). You can withdraw consent at any time by clearing your cookies or selecting "Reject" again on a future visit. Security and hosting (Cloudflare, Vercel). Our site is delivered through Cloudflare and hosted on Vercel. Both providers automatically process technical data — IP address, request time, user-agent, error logs — to deliver the page, protect against attacks, and maintain service stability. Legal basis: our legitimate interest in operating and securing the Site (Art. 6(1)(f) GDPR). Business email (Apple iCloud Mail). Inbound and outbound business email is hosted by Apple as part of iCloud Mail. This means Apple processes the content and metadata of messages we exchange with you, on our behalf, as a processor. Legal basis: same as for the underlying communication (Art. 6(1)(b) or (f) GDPR). We do not knowingly collect special categories of personal data (Art. 9 GDPR). Please do not send us such data through the form or by email. 3. Who we share your data with We do not sell your personal data and we do not share it with third parties for their own marketing. We only share data with the following categories of recipients, all of whom act as our processors under written agreements: • Calendly LLC — appointment scheduling. • Google Ireland Ltd. / Google LLC — analytics (only if you consent). • Cloudflare, Inc. — content delivery, DDoS protection. • Vercel Inc. — website hosting. • Apple Distribution International Ltd. / Apple Inc. — business email (iCloud Mail). We may also disclose information where required by law, court order, or to protect our legal rights. 4. International data transfers Some of our processors (notably Google, Cloudflare, Vercel and Apple) are based in or transfer data to the United States or other countries outside the European Economic Area. Where this is the case, transfers are protected by Standard Contractual Clauses adopted by the European Commission and, where applicable, by the EU-U.S. Data Privacy Framework. You may request a copy of the safeguards in place by contacting us. 5. How long we keep your data • Contact form submissions and email correspondence: up to 24 months after our last exchange, unless we have an ongoing project together, in which case for the duration of the engagement plus the limitation period required by Slovak law. • Calendly bookings: as long as the booking record exists in Calendly, and in our records up to 24 months after the meeting. • Analytics data: retained by Google Analytics for a maximum of 14 months. • Server logs (Cloudflare, Vercel): typically up to 30 days for operational and security purposes. 6. Cookies We use two categories of cookies and similar technologies. Strictly necessary. These are required to remember basic preferences such as your cookie choice itself and your selected language or theme. They do not require consent. Analytics. Google Analytics cookies (_ga, _ga_*) only load if you choose "Accept all" in the cookie banner. If you choose "Reject non-essential", no analytics scripts are loaded at all. You can change your choice at any time by clearing this site's cookies in your browser; the banner will reappear on your next visit. 7. Your rights under the GDPR You have the right to: • access the personal data we hold about you (Art. 15); • ask us to correct inaccurate data (Art. 16); • ask us to delete data we no longer need a lawful basis to keep (Art. 17); • restrict our processing in certain cases (Art. 18); • receive a copy of data you provided to us in a machine-readable format and ask us to transmit it to another controller (Art. 20); • object to processing based on our legitimate interests (Art. 21); • withdraw any consent you previously gave, without affecting the lawfulness of processing before withdrawal (Art. 7(3)). To exercise any of these rights, email hello@monochroma.hu. We will respond within one month. You also have the right to lodge a complaint with the Slovak Data Protection Authority — Úrad na ochranu osobných údajov Slovenskej republiky, Hraničná 12, 820 07 Bratislava 27, dataprotection.gov.sk — or with the supervisory authority of your EU country of residence. 8. Automated decision-making We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects on you (Art. 22 GDPR). 9. Children The Site is not directed at children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it. 10. Security We take reasonable technical and organisational measures to protect personal data — including TLS encryption in transit, access controls, and selecting reputable processors. No online service can guarantee absolute security, however, and you share information with us at your own risk. 11. Changes to this policy We may update this policy from time to time. Material changes will be reflected by an updated "Last updated" date at the top. For significant changes that affect how we use your data, we will give you reasonable advance notice where required. 12. Contact Questions, requests or complaints relating to this Privacy Policy can be sent to hello@monochroma.hu, or by post to NFTeam s.r.o., Hradná 168/2, 945 01 Komárno, Slovenská republika.