Privacy Policy

Last updated: 15th January 2026

Introduction

FutureCrafter Ltd ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website futurecrafter.world or use our services. Please read this privacy policy carefully.

Data Controller Information

The data controller responsible for your personal data is FutureCrafter Ltd, a company registered in Cyprus with registration number HE741258. Our registered office is located at Grivas Digenis Avenue 44, Nicosia 1036, Cyprus.

Data We Collect

We may collect and process the following categories of personal data about you:

• Contact Information: Name, email address, phone number, company name, and postal address when you contact us or request our services
• Website Usage Data: Information about how you use our website, including IP address, browser type, device information, pages visited, and time spent on pages
• Communication Data: Records of correspondence when you contact us via email, phone, or contact forms
• Marketing Data: Your preferences regarding marketing communications and your consent status
• Technical Data: Cookies, tracking technologies, and analytics data to improve our website performance

How We Use Your Information

We process your personal data for the following purposes based on various lawful grounds under GDPR:

• Service Provision: To provide our UX design services, respond to enquiries, and manage client relationships (Legal basis: Contract performance and legitimate interests)
• Communication: To contact you regarding your enquiries, projects, and service updates (Legal basis: Contract performance and legitimate interests)
• Website Improvement: To analyse website usage, improve user experience, and develop new features (Legal basis: Legitimate interests)
• Marketing: To send you marketing communications about our services, with your consent (Legal basis: Consent)
• Legal Compliance: To comply with legal obligations and protect our legitimate business interests (Legal basis: Legal obligation and legitimate interests)

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

• Service Providers: Third-party companies that provide services on our behalf, such as website hosting, analytics, and email services
• Professional Advisors: Lawyers, accountants, and other professional advisors when necessary for business operations
• Legal Authorities: When required by law or to protect our legal rights and interests
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and processed. Generally, we retain contact information and communication records for up to 7 years after our last interaction for legal and business purposes. Website analytics data is typically retained for 26 months. Marketing consent records are kept until you withdraw consent or for 3 years of inactivity.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of processing in specific situations
• Right to Data Portability: Request transfer of your data to another organisation
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing based on consent at any time

International Data Transfers

We may transfer your personal data to countries outside the European Economic Area (EEA) for processing by our service providers. When we do so, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we process your personal data, please contact us:

Supervisory Authority

You have the right to lodge a complaint with the relevant supervisory authority if you believe we have not handled your personal data in accordance with data protection laws. In Cyprus, the supervisory authority is the Office of the Commissioner for Personal Data Protection.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Legal Basis and Compliance

This Privacy Policy is designed to comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union and Cyprus. Our processing activities are based on lawful grounds as specified in Article 6 of the GDPR.