​​​

Privacy Policy

Last updated: 12 April 2026

​

​

1. Introduction​

Welcome to NYSA Studio (“we,” “us,” “our”).

​

At NYSA Studio, personal data are handled with care, discretion, and a deep respect for individual privacy.

​

This Privacy Policy explains how we collect, use, process, store, and safeguard your personal information when you access our website www.nysa.studio (the “Site”), interact with our services, or complete a booking or purchase.

​

By accessing the Site or using our services, you acknowledge that you have read and understood this Policy and agree to the practices described herein.

​

This Policy is designed to reflect not only legal compliance, but also the values of trust, transparency, and respect that guide the NYSA experience.

​

​

2. Data Controller & Contact Information

• Business name: NYSA Studio

• Email: dimidavid@nysa.studio (mailto:dimidavid@nysa.studio)

• Phone: +30 6958565119

• Address: 21A Rizari St., 11634 Athens, Greece​

​

NYSA Studio acts as the data controller in relation to personal data collected through its website, booking system, and services.

​

For any questions regarding this Policy or to exercise your rights, you may contact us at any time using the details above.

​

​

3. Data We Collect

We collect and process personal data only to the extent necessary for the proper functioning of our services and the safe delivery of treatments.

​

The categories of data may include:

​

Identity & Contact Data
Name, email address, telephone number, and other contact details provided when booking sessions, creating an account, or communicating with NYSA Studio.

​

Booking & Service Data
Appointment details, selected treatments, preferences, history of bookings, and any information necessary to organize and deliver your session.

​

Payment Data
Payment information processed securely via Wix Payments, Stripe Payments Europe Ltd., or Viva Wallet Holdings S.A.
NYSA Studio does not store or retain full credit or debit card details.

​

Health & Wellness Information (where provided)
Information relating to your physical condition, wellbeing, or medical background, shared through intake forms or direct communication.
Such data are processed strictly for assessing suitability, precautions, contraindications, and for ensuring the safe and appropriate delivery of services.

​

Technical Data
IP address, browser type, device information, and interaction data collected automatically when accessing the Site.

​

Marketing & Communication Data
Preferences relating to newsletters, updates, and promotional communications.

​

Cookies & Tracking Data
Information collected through cookies and similar technologies (see Section 6).

​

​

4. How We Collect Data

Personal data may be collected through the following channels:

 

Direct interactions
When you create an account, complete a booking form, fill in an intake form, subscribe to communications, or contact NYSA Studio.

​

Automated technologies
Through cookies, analytics tools, and tracking technologies when you browse or interact with the Site.

 

Service providers and platforms
Through integrated systems such as Wix Bookings, payment processors, analytics tools, and communication services used to operate and support our business.

​

​

5. Purposes & Legal Bases

Personal data are processed only where there is a valid legal basis and always in a manner that is relevant, proportionate, and necessary.

​

Performance of a contract
To manage bookings, provide services, process payments, and ensure the proper delivery of sessions.

 

Legitimate interests
To maintain communication, improve service quality, manage bookings efficiently, ensure system security, and operate the Site effectively.

​

Consent
For marketing communications, newsletters, and any optional data you choose to provide, including certain health-related information where required.

​

Legal obligations
To comply with applicable tax, accounting, and regulatory requirements.

 

Personal data are never processed in a way that is incompatible with the original purposes for which they were collected.

​

​

6. Cookies & Tracking Technologies

NYSA Studio uses cookies and similar technologies to ensure the proper functioning of the Site and to enhance user experience.

​

Some cookies are strictly necessary, while others (analytics and marketing) are activated only with your consent.

​

We may use:

• Google Analytics (for traffic and usage analysis)

• Meta Pixel (for advertising and performance tracking)

• Wix cookies (for essential site and booking functionality)

You may manage, accept, or withdraw your consent at any time through the cookie banner or via your browser settings.

​

Disabling certain cookies may affect the functionality of parts of the Site.

 

 

7. Sharing of Data

NYSA Studio does not sell, rent, or commercially distribute personal data.

​

Data may be shared only where necessary and under strict confidentiality with:

• Service providers / data processors (such as Wix, payment providers, analytics tools, and communication platforms)

• Public authorities, where required by law or legal obligation

• Third parties, only where explicitly requested or authorized by you

​

All service providers are carefully selected and are required to comply with applicable data protection standards.

​

​

8. International Data Transfers

Certain service providers used by NYSA Studio operate internationally and may process data outside the European Economic Area (EEA).

​

Where such transfers occur, appropriate safeguards are implemented, including Standard Contractual Clauses or equivalent mechanisms, to ensure that your personal data remain protected in accordance with EU standards.

​

​

9. Data Retention

Personal data are retained only for as long as necessary in relation to the purposes for which they were collected.

• Booking and transaction records: retained in accordance with Greek tax and accounting obligations

• Client communication data: retained for the duration of the relationship and a reasonable period thereafter

• Newsletter data: retained until consent is withdrawn

• Analytics data: typically anonymised or deleted within 24 months

• Health and intake data: retained only as necessary to ensure continuity, safety, and compliance

When data are no longer required, they are securely deleted or anonymised.

​

​

10. Your Rights under GDPR

In accordance with Regulation (EU) 2016/679 (GDPR), you have the right to:

• Access your personal data

• Request correction of inaccurate or incomplete data

• Request deletion of your data

• Restrict or object to certain processing activities

• Request data portability

• Withdraw consent at any time (where processing is based on consent)

• Lodge a complaint with the Hellenic Data Protection Authority (HDPA)

Where applicable, you may also access, update, or manage your personal data directly through your NYSA Studio account.

​

To exercise your rights, please contact: dimidavid@nysa.studio

​

​

11. Children

NYSA Studio services are primarily intended for adults.

​

Personal data relating to individuals under the age of eighteen (18) are processed only with the consent of a parent or legal guardian.

​

If such data are identified without appropriate consent, they will be promptly removed upon request.

 

​

12. Security

NYSA Studio implements appropriate technical and organisational measures to protect personal data, including secure systems, controlled access, and data minimisation practices.

​

While all reasonable steps are taken to safeguard information, no digital system can guarantee absolute security.

​

​

13. Updates to this Policy

This Privacy Policy may be updated periodically to reflect changes in services, operational practices, or legal requirements.

​

The most recent version will always be indicated by the “Last updated” date at the top of this page.

​

Users are encouraged to review this Policy regularly.

​

​