Privacy Policy

Last updated: June 11, 2026

Atelier and Stories ("we", "our", or "us") is committed to protecting your privacy and handling your personal data with transparency, integrity, and in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable privacy laws.

This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or communicate with us.

1. Data Controller

The Data Controller responsible for processing your personal data is:

Atelier and Stories

Dubai, United Arab Emirates

Email: hello@atelierandstories.com

If you have any questions regarding this Privacy Policy or your personal data, you may contact us using the information above.

2. Information We Collect

We may collect the following categories of personal information:

Information you provide voluntarily

  • Name

  • Company name

  • Email address

  • Phone number

  • Country

  • Project details

  • Messages sent through our contact forms

  • Information provided during consultations or business discussions

Information collected automatically

When visiting our website, we may collect:

  • IP address

  • Browser type

  • Device information

  • Operating system

  • Pages visited

  • Time spent on pages

  • Referring website

  • Website usage analytics

This information helps us improve our website and services.

3. Legal Basis for Processing

Under GDPR, we process personal data based on one or more of the following legal grounds:

  • Your consent

  • Performance of a contract

  • Legitimate business interests

  • Compliance with legal obligations

  • Protection of legal rights

We only process personal data when there is a lawful basis to do so.

4. How We Use Your Data

Your information may be used to:

  • Respond to enquiries

  • Provide consulting and creative services

  • Prepare proposals and quotations

  • Manage ongoing projects

  • Communicate regarding collaborations

  • Improve our website and user experience

  • Send newsletters or marketing communications where consent has been provided

  • Comply with legal obligations

  • Prevent fraud and maintain website security

We do not sell your personal data.

5. Cookies

Our website may use cookies and similar technologies to:

  • Improve website functionality

  • Analyse website traffic

  • Remember preferences

  • Measure marketing performance

Where required by law, cookies that are not strictly necessary will only be activated after your consent.

You may manage cookie preferences through your browser settings or our cookie banner.

6. Third-Party Services

We may use trusted third-party providers for:

  • Website hosting

  • Analytics

  • Email communication

  • CRM systems

  • Marketing automation

  • Cloud storage

  • Project management

These providers process data only under appropriate contractual safeguards and only as necessary to provide their services.

7. International Data Transfers

As an international creative consultancy working with clients across Europe, the Middle East, the United States, and other regions, your personal data may be transferred outside the European Economic Area.

Where such transfers occur, we implement appropriate safeguards including:

  • Standard Contractual Clauses approved by the European Commission

  • Transfers to countries with adequacy decisions

  • Other legally recognised transfer mechanisms under GDPR

8. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfil contractual obligations

  • Provide requested services

  • Comply with legal obligations

  • Resolve disputes

  • Enforce agreements

When personal data is no longer required, it will be securely deleted or anonymised.

9. Your GDPR Rights

If you are located in the European Economic Area or the United Kingdom, you have the right to:

  • Access your personal data

  • Correct inaccurate information

  • Request deletion of your data

  • Restrict processing

  • Object to processing

  • Withdraw consent at any time

  • Request data portability

  • Lodge a complaint with your local supervisory authority

We will respond to legitimate requests within the timeframes required by applicable law.

10. Data Security

We implement appropriate technical and organisational measures designed to protect personal information against:

  • Unauthorised access

  • Accidental loss

  • Alteration

  • Disclosure

  • Destruction

  • Misuse

While no online transmission can be guaranteed as completely secure, we continuously review our security practices to protect your information.

11. Marketing Communications

If you subscribe to our newsletter or marketing communications, you may withdraw your consent at any time by:

  • Clicking the unsubscribe link included in emails

  • Contacting us directly

We will promptly honour your request.

12. Children's Privacy

Our services are intended for professionals, businesses, and adults.

We do not knowingly collect personal data from children under the age of 16.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or technological changes.

The latest version will always be available on this website together with the effective date shown at the top of this page.

14. Contact

For questions regarding this Privacy Policy or your personal data, please contact:

Atelier and Stories

Dubai, United Arab Emirates

Email:info@atelierandstories.com

GDPR Statement

Atelier and Stories respects the privacy rights of individuals and is committed to processing personal data fairly, lawfully, and transparently. We apply privacy by design principles across our business activities and seek to ensure that all processing of personal data complies with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable international data protection legislation.