Home / Privacy Policy

Privacy Policy

Last updated: 31 May 2026

This notice explains how Claudiu Valentin Borșan, the operator of valentinborsan.art, processes personal data. For privacy requests: contact@valentinborsan.art.

1. Data processed and purposes

  • Account and authentication: email, name, avatar, technical identifiers and profile data to create and manage your account.
  • Contact, orders and newsletter: name, email, message and information needed for your request, to reply, take pre-contractual steps or provide the subscription you requested.
  • Public interactions: comments, likes and contributions voluntarily published on the website.
  • Photo delivery: authorised emails, gallery, access level, temporary tokens, downloaded files, download date, IP and user-agent, for delivery, security and access records.
  • Payments: Stripe session identifiers and payment confirmations to unlock a package. We do not store full card details.
  • Security and operation: session, IP, user-agent, URL and technical logs to prevent abuse, diagnose issues and protect the website.
  • Optional analytics: website usage data only after consent through the cookie banner.

2. Legal bases

Depending on the context, we process data to perform a contract or take pre-contractual steps, comply with legal obligations, pursue legitimate interests in website security and administration and, for the newsletter and optional analytics, based on consent. Consent may be withdrawn without affecting processing carried out before withdrawal.

3. Google authentication

If you choose Google Sign-In, we use basic data supplied during authentication, such as name, email and profile picture, for identification and profile creation. We do not use this data for behavioural advertising.

4. Providers and recipients

We do not sell personal data. We may use providers needed to operate the service: Supabase for authentication, databases and storage, Brevo for email and newsletter delivery, Stripe for payments, Sentry for technical diagnostics and, only after consent, Google Analytics and Microsoft Clarity for analytics. Providers may process data under their applicable policies and agreements.

5. International transfers

Some providers may process data outside the European Economic Area. Where applicable, safeguards provided by relevant law apply, such as adequacy decisions or standard contractual clauses, according to each provider's information.

6. Retention periods

We keep data only as long as necessary: account data until account deletion; newsletter data until unsubscribe; correspondence and order information as needed for the contractual relationship and legal duties; photo links until expiry or revocation; access and security logs for the period needed to protect the service and investigate incidents. The cookie preference is retained for up to 182 days unless updated earlier.

7. Your rights

You may request access, rectification, erasure, restriction, portability, objection and withdrawal of consent, within the limits of the GDPR, by emailing contact@valentinborsan.art. You may lodge a complaint with the competent authority, including the Italian Garante per la protezione dei dati personali.

8. Cookies

For cookie names, purposes, retention periods and preference controls, see the Cookie Policy.

Questions? Contact us