Privacy Policy

1. Data Controller

The data controller responsible for your personal data is:

• Yapa Agency
• Owner: Juan Torres
• Based in: Milan, Italy
• Email: hello@yapa.agency
• VAT: IT13288320966

For any questions regarding this policy or your personal data, please contact us at hello@yapa.agency.

2. What Data We Collect

Contact form

When you submit the contact form on our website, we collect:

• Your name
• Your email address
• The message you write to us

Providing this data is voluntary. Without it, we cannot respond to your inquiry.

Navigation data

When you visit our website, your browser may automatically transmit certain technical data to our hosting provider (Netlify), including your IP address, browser type, operating system, and pages visited. This data is processed by Netlify for security and performance purposes and is not used by Yapa Agency for tracking or profiling.

Third-party services

Our website uses Google Fonts to load typefaces. When your browser loads this page, it makes a request to Google's servers which may process your IP address. For details, see Google's Privacy Policy.

3. Purpose and Legal Basis

We process your personal data for the following purposes:

• Responding to inquiries — Legal basis: your consent (Article 6(1)(a) GDPR), given when you submit the form.
• Website security and infrastructure — Legal basis: legitimate interest (Article 6(1)(f) GDPR) in maintaining a functional, secure website.

We do not use your data for automated decision-making or profiling.

4. How Long We Keep Your Data

Contact form submissions are retained for as long as necessary to respond to and follow up on your inquiry, and no longer than 24 months from the date of submission.

Technical navigation data is retained by Netlify in accordance with their own retention policies. We do not retain this data independently.

5. Who We Share Your Data With

We do not sell, rent, or trade your personal data. We share data only with the following third-party service providers, strictly to operate this website:

• Netlify, Inc. — website hosting and form submissions. Netlify processes data in accordance with the EU–US Data Privacy Framework. See Netlify's Privacy Policy.
• Google LLC — Google Fonts CDN. See Google's Privacy Policy.

We may also disclose your data if required by law or to protect the rights and safety of Yapa Agency.

6. Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right of access — You may request a copy of the personal data we hold about you.
• Right to rectification — You may ask us to correct inaccurate or incomplete data.
• Right to erasure — You may ask us to delete your data, where no legal obligation requires us to retain it.
• Right to restriction — You may ask us to restrict how we process your data in certain circumstances.
• Right to data portability — Where processing is based on consent, you may request your data in a portable format.
• Right to object — You may object to processing based on legitimate interests.
• Right to withdraw consent — Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at hello@yapa.agency. We will respond within 30 days.

You also have the right to lodge a complaint with your national data protection authority. In Italy, this is the Garante per la Protezione dei Dati Personali.

7. Cookie Policy

This website uses only one cookie-equivalent: a browser localStorage entry (yapa-cookies-ok) that records whether you have accepted this notice. It contains no personal data and is never sent to our servers.

We do not currently use analytics cookies, advertising cookies, or any third-party tracking cookies. If this changes, this policy will be updated and a new consent request will be shown.

How to manage cookies

You can clear the localStorage entry at any time by clearing your browser's site data. You can also configure your browser to block or delete cookies and local storage. Please note that doing so may affect how the website functions.

8. Security

We take appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. Our website is served over HTTPS. Form submissions are handled by Netlify's encrypted infrastructure.

However, no method of transmission over the internet is completely secure. If you have reason to believe your interaction with us is no longer secure, please notify us immediately at hello@yapa.agency.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we do, we will update the "Last updated" date at the top of this page. If the changes are significant, we will display a notice on the website.

We encourage you to review this page periodically.

10. Contact

For any questions, requests, or concerns about this Privacy Policy or the handling of your personal data, please contact us:

• Email: hello@yapa.agency
• Yapa Agency — Milan, Italy