Privacy notice
Last updated: 17 May 2026
This notice explains how Arche Digital IKE(“we”, “us”) handles personal data collected through archedigital.io. We process your data lawfully, fairly and transparently under the EU General Data Protection Regulation (GDPR).
Who we are
Arche Digital IKE is a Greek private company (IKE) based in Athens, Greece.
- General: hello@archedigital.io
- Inquiries: inquiries@archedigital.io
- Company registration number (ΓΕΜΗ): [to be added]
We act as the data controller for personal data submitted through this site.
What we collect
Through the contact form on this site we collect:
- First name and last name
- Email address
- Project type and the message you choose to write
- A SHA-256 hash of your IP address — we cannot recover the original IP from the hash; we use it only to spot abuse patterns
- Standard server logs from our hosting provider (Vercel)
We do not use advertising cookies or third-party tracking.
How we use it
- To reply to your inquiry and discuss potential work
- To send you an automatic confirmation email
- To detect and prevent form abuse
- To improve the site through aggregate, cookie-less analytics (see “Cookies and analytics” below)
Legal basis
We rely on the following GDPR Article 6 grounds:
- Pre-contractual measures (Art. 6(1)(b)) — to respond to inquiries about potential services
- Legitimate interests (Art. 6(1)(f)) — to operate and secure the website, prevent abuse, and improve our services
- Consent (Art. 6(1)(a)) — for site analytics, which you control via the consent banner
Who else processes your data
The following processors act on our behalf, bound by contract to handle data only on our instructions:
- Neon — Postgres database hosting for inquiry records (EU region: Frankfurt)
- Google Workspace — email delivery for inquiry notifications and auto-replies
- Vercel — site hosting and consent-gated analytics
Some processors may transfer data outside the EU/EEA. Such transfers are protected by Standard Contractual Clauses (SCCs) or equivalent safeguards as required by GDPR.
How long we keep it
Inquiry records and email correspondence are retained for as long as needed to handle the inquiry and any resulting engagement, then for a reasonable period thereafter for legal and business record purposes. [Specify exact retention period before launch.] You can ask us to delete your data sooner at any time.
Security
- Inquiry records are stored in Neon (PostgreSQL), accessible only via server-side credentials
- IP addresses are hashed using SHA-256 before storage — the original IP is never written to the database
- API credentials are stored as environment variables, never exposed to the browser
- All site traffic is served over HTTPS
Cookies and analytics
We use Vercel Analytics, which is cookie-less and does not track you across sites. Analytics is loaded only after you accept via the consent banner shown on first visit. We do not use advertising, retargeting, or profiling cookies.
Your rights under GDPR
You have the right to:
- Access the personal data we hold about you
- Have inaccurate data corrected
- Have your data deleted (“right to be forgotten”)
- Restrict or object to our processing
- Receive your data in a portable format
- Withdraw consent at any time (for analytics)
- Lodge a complaint with the Hellenic Data Protection Authority — www.dpa.gr
To exercise any of these rights, email hello@archedigital.io. We respond within one calendar month.
Changes
We may update this notice. The “last updated” date at the top reflects the most recent change.
Contact
Questions about this notice → hello@archedigital.io.