Privacy Policy

Introduction

Daria Lupu ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website.

This policy complies with the General Data Protection Regulation (GDPR) and Romanian data protection laws. We are the data controller for the personal information we collect about you.

Information We Collect

Information You Provide Directly

When you use our contact form, we collect: name, email address, subject and message.

• Name: To identify you and personalize our response
• Email address: To respond to your inquiry
• Subject and message: To understand your inquiry and provide appropriate assistance

Information Collected Automatically

We use analytics tools to collect non-personal information about your visit:

• Pages visited and time spent on the site
• Browser type and version
• Device type and operating system
• General location (country/city level only)
• Referral source (how you found our website)
• IP address (anonymized)

How We Use Your Information

We use the information we collect for the following purposes:

• Communication: To respond to your inquiries and provide requested information
• Website improvement: To understand how visitors use our site and improve user experience
• Legal compliance: To comply with applicable laws and regulations

Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on:

• Consent: When you voluntarily submit information through our contact form
• Legitimate interests: For website analytics and improvements, provided this doesn't override your privacy rights
• Legal obligation: When required by law to retain certain information

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except in limited circumstances where required for services, legal obligations, or with your consent.

• Service providers: We may share data with trusted third-party service providers (such as email service providers or analytics tools) who assist in operating our website, subject to strict confidentiality agreements
• Legal requirements: We may disclose information when required by law or to protect our rights, property, or safety
• Business transfers: In the unlikely event of a business sale or transfer, personal information may be transferred as part of that transaction

Third-Party Services

Our website may use third-party services for analytics, hosting, and other functionality. These services have their own privacy policies.

• Google Analytics: We may use services like Google Analytics to understand website usage. These services collect anonymized data and are configured to respect privacy settings.
• Content Delivery: We may use CDN services to improve website performance.
• Email Service Provider: Contact form submissions may be processed through email service providers.

These third-party services have their own privacy policies and we encourage you to review them.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience. You can control cookie settings through your browser preferences.

• Essential cookies: Necessary for basic website functionality
• Analytics cookies: Help us understand how you use our website (with your consent)
• Performance cookies: Allow us to improve website speed and performance

You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect website functionality.

Data Retention

We retain personal information only as long as necessary for the purposes outlined in this policy or as required by law.

• Contact form data: Retained for up to 2 years to maintain communication history and respond to follow-up inquiries
• Analytics data: Retained in anonymized form for up to 26 months for website improvement purposes
• Technical data: Retained only as long as necessary for security and functionality purposes

Your Rights

Depending on your jurisdiction, you may have rights such as access, correction, deletion, and portability of your personal data. Contact us to exercise these rights.

• Access: Request copies of your personal data
• Rectification: Request correction of inaccurate personal data
• Erasure: Request deletion of your personal data
• Restrict processing: Request limitation of how we use your data
• Data portability: Request transfer of your data to another service
• Object to processing: Object to our use of your personal data
• Withdraw consent: Withdraw previously given consent at any time

To exercise any of these rights, please contact us using the information provided at the end of this policy.

Data Security

We implement technical and organizational measures to protect your personal data, but no method of transmission over the internet is 100% secure.

• SSL encryption for data transmission
• Secure hosting with reputable providers
• Regular security updates and monitoring
• Limited access to personal data on a need-to-know basis
• Regular backups with encryption

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

Children's Privacy

Our website is not intended for children under 13. We do not knowingly collect personal information from children.

International Data Transfers

We may transfer personal data to other countries for hosting or processing. When doing so, we ensure an adequate level of protection.

• Standard contractual clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other legally recognized transfer mechanisms

Changes to This Privacy Policy

We may update this policy from time to time. We will post changes on this page and update the last modified date.

• Posting the updated policy on our website
• Updating the "Last updated" date at the top of this policy
• For significant changes, providing additional notice through email or prominent website notice

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Complaints and Supervisory Authority

If you have concerns about how we handle your personal data, please contact us first so we can try to resolve the issue. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

In Romania, you can contact the National Supervisory Authority for Personal Data Processing (ANSPDCP) at www.dataprotection.ro.