top of page

Privacy Policy


This Privacy Policy applies to “ITSIMPLE ART LTD” (hereinafter referred to as “itSimple Art”, “itSimple”, “we”, “us” or the “Company”), as the data controller of the personal data collected from the above mentioned websites.

itSimple Art is committed to protecting the personal information collected when you use our website and other services. This Website Privacy Policy pertains to itSimple Art website and sets out itSimple Art commitment in protecting Personal Data and how that commitment is implemented regarding the collection, use, transfer and retention of Personal Data. This Policy is valid only for cases that we define the purposes and means of the processing, therefore acting as data controller.

Personal Data Collection and Use
itSimple Art has designed a standard website contact form to initiate communication with any interested individual. This form is used for any inquiries or requests and it directs them to the appropriate department or staff member. Additionally, we provide itSimple Art phone numbers for a more direct contact if required. Our landline phone calls are recorded for training and monitoring purposes and our recordings are usually held for a period of six months. In order to handle and address your inquiries and requests we might collect and store your full name, email, contact details and any other information you might choose to share with us. That information is strictly used to adequately respond to your inquiries or requests and will not be disclosed to third parties others than those mentioned in this policy or where disclosure is required or permitted by law.

itSimple Art has designed a newsletter service in order to provide you with offers relevant to your interest. For your subscription we only request your email address which will be strictly used for promotion that might interest you. In any case that a user of the service may wish to withdraw consent, we offer the ability through the emails that we send or by contacting our DPO. In such cases we also permanently delete the email address from our database.

Please note you can withdraw your consent to all or any one of the above purposes of processing at any time by contacting our DPO. Also note that all processing of your personal data will cease once you have withdrawn consent but this will not affect any personal data that has already been processed prior to this point.

For processing to be lawful under the General Data Protection Regulation (GDPR), we identify a lawful basis before we can process your personal data. In this case, the legal basis for the data processing effected by us is the granting of your explicit consent to the processing, by submitting the
consent form only in case you agree with this policy.

Transfer of Personal Data
itSimple Art may disclose Persona Data collected to our suppliers or subcontractors insofar as reasonably necessary for dealing with your inquiries or requests. Such transfers will be protected by appropriate safeguards (e.g. appropriate contractual clauses, data processing contracts, intra-group disclosures of personal data, etc.). In addition, we may disclose Personal Data where such disclosure is necessary for compliance with a legal obligation to which we are subject. In any case that we might need to transfer personal data at third parties, itSimple Art is committed to ask for your consent if we will not recognize any other legal basis.

Our website is not intended for children and we do not intentionally solicit or collect personal data from individuals under the age of 18. If we are notified or otherwise discover that a minor’s personal information has been improperly collected, we will take all commercially reasonable steps to delete that information.

In limited instances, we may have a campaign or program targeted towards children. In these instances, details on the information practices will be presented within the terms and conditions of the program or campaign.

Personal Data Retention and Deletion
itSimple Art is committed not to retain personal data for a longer period than it is necessary regarding the reasons that the personal data was

obtained and we will make sure we will delete it securely. For additional information on retention and deletion periods, please contact us at

Rights of Data Subjects
In this section itSimple Art addresses the rights deriving from Regulation (EU) 2016/679 and how these rights can be accessed from the Data Subjects. For any further clarifications please contact us at

Individual’s Right of Access or Rectification
ItSimple Art assumes that Personal Data collected directly from the individual will be accurate and complete. Individuals can access and update their own Personal Data. For exercising your rights, please fill in the Data Subject Request Form and send it to

Individual’s Right to Erasure
The data subject may request that any information held on them is deleted or removed, and any third parties who process or use that data must also comply with the request. An erasure request can only be refused if an exemption applies. The Right to Erasure can be requested using the Data Subject Request Form.

itSimple Art is obligated to erase personal data where one of the following applies:
• Personal data is no longer necessary in relation to the purposes for which they were collected or
otherwise processed;
• The data subject withdraws consent and no other legal basis for processing exists;
• The data subject objects to the processing carried out on the grounds of the Data Controller’s
legitimate interests and there are no other overriding legitimate grounds for the processing;
• The personal data has been unlawfully processed.

If the request to erase Personal Data has been received, identity has been confirmed, the request meets
one of the above requirements and there is no legal contrary reason for processing, itSimple Art must
delete the relevant data in its entirety. The request shall be recorded in the Data Subject Request Log.

If itSimple Art cannot actually delete personal data, will ensure that:
• Is not able, or will not attempt, to use the personal data to inform any decision in respect of any
individual or in a manner that affects the individual in any way;
• Does not give any other organization access to the personal data;
• Protects the personal data with appropriate technical and organizational security; and commits to
permanent deletion of the information if, or when, this becomes possible.

Individual’s Right to Restrict Processing
The data subject has the right to obtain from the controller restriction of processing using the Data Subject Request Form. 

Individual’s Right to Object
Individuals have the right to object at any time to processing of their personal data using the Data Subject Request Form.

Individual’s Right to Data Portability
Upon request and provided that the relevant requirements stipulated in Article 20 of GDPR are met, a data subject should have the right to receive a copy of their Personal Data in a structured format using the Data Subject Request Form.

These requests should be processed within one month, provided there is no undue burden and it does not compromise the privacy of other individuals. A data subject may also request that their data is transferred directly to another system. This must be done for free.


If itSimple Art cannot respond fully to the request within 30 days, the DPO shall nevertheless provide the following information to the Data Subject, or their authorized legal representative within the specified time:


• An acknowledgement of receipt of the request. • Any information located to date. • Details of any requested information or modifications which will not be provided to the Data Subject, the reason(s) for the refusal, and any procedures available for appealing the decision. • An estimated date by which any remaining responses will be provided. • An estimate of any costs to be paid by the Data Subject (e.g. where the request is excessive in nature). • The name and contact information of the contact person.



Should itSimple Art elect to change this Privacy Policy, in order to meet changes in the regulatory environment, business needs, or to satisfy the needs of our customers, properties, strategic marketing partners, and service providers, we will post the changes here. Updated versions will be posted to our web site and date stamped so that you are always aware of when the Privacy Policy was last updated. Where the changes are significant, we may also choose to email concerned users with the new details. Where required by law, will we obtain your consent to make these changes.


Our Details

If you have any concerns, questions or complaints about this policy, then please contact us at


In case you have believe that the processing of your personal data is violating the law, you may file your concerns or complaints at the relevant supervising authority. You may find a list with all supervising authorities of the EU here:


bottom of page