Privacy notice

How we handle your data

Last updated 2 June 2026 · Plain English · UK GDPR aligned

Depthia runs a single-page brochure website. We don't have a contact form, a newsletter, a chatbot, analytics, advertising, or any third-party tracking scripts. This page explains what little data we do touch, and what your rights are.

Who we are

This website is operated by Marcin Lewandowski, trading as Depthia, a UK sole trader. We are the data controller for the limited processing described below.

Depthia
66 Paul Street, London EC2A 4NA, United Kingdom
hello@depthia.com

What we collect

Server logs (Vercel)

When you visit this site, our hosting provider Vercel Inc. records standard server logs: IP address, browser type, the page you requested, and the time. These logs exist for security, abuse prevention, and traffic measurement, and are retained for a short period before deletion. We do not access these logs except in response to a security incident.

Email correspondence

If you click the email link on the contact section and send us a message, we will hold your email address and the content of your message in our email provider's systems for as long as we need to reply and keep a record of our conversation.

Fonts

Web fonts on this site are self-hosted. No requests are made to Google Fonts or any other third-party font CDN. Visiting the site does not send your IP address to any font provider.

Cookies and similar technologies

This site sets no cookies. It does not use localStorage, sessionStorage, fingerprinting, or any other client-side tracking. There is no cookie banner because there is nothing to consent to.

Lawful basis for processing

Server logs: legitimate interest in operating a secure website (UK GDPR Article 6(1)(f)).
Email correspondence: steps to enter into a contract / legitimate interest in replying to an enquiry (Article 6(1)(b) or (f)).

Who we share data with

We use a small number of processors. Each acts only on our instructions under a written agreement (DPA).

Vercel Inc. — hosting and server logs. US-based; data transfers are covered by Vercel's UK Addendum to EU Standard Contractual Clauses.
Email provider — handles incoming and outgoing email at hello@depthia.com.

We do not sell personal data, do not use it for advertising, and do not transfer it outside the UK/EU other than via the processor above (with the safeguards just mentioned).

How long we keep things

Server logs: deleted on the hosting provider's standard schedule (around 30 days).
Email correspondence: kept while there's an active conversation, plus a reasonable archive period for records of work discussed.

Your rights

Under UK GDPR you have the right to:

Be informed about how we use your data (this page).
Access a copy of personal data we hold about you.
Have inaccurate data corrected.
Have your data erased ("right to be forgotten") where applicable.
Restrict or object to processing.
Data portability where the conditions apply.
Lodge a complaint with the Information Commissioner's Office at ico.org.uk/make-a-complaint — though we'd appreciate the chance to address concerns first.

To exercise any of these rights, email hello@depthia.com with "Privacy request" in the subject line. We aim to respond within 30 days, which is the maximum allowed by law.

Children

This site is aimed at businesses and adult professionals. We do not knowingly collect data about children under 13.

Security

The site is served over HTTPS. There is no database, no user accounts, no payment system, and no third-party tracking that could be compromised. Email correspondence is protected by our email provider's standard transport encryption.

Changes to this notice

If we add features that change what's processed (a contact form, analytics, a product on the site), we'll update this page and bump the "Last updated" date. Material changes will be highlighted.

← Back to home