CRYPTOITDATACRYPTOITDATA

Data Protection

GDPR Policy

Last updated: 1 January 2026

CRYPTOITDATA S.R.L., registered with the Romanian Trade Register under no. J35/5771/2022, VAT 47353025 (hereinafter "CRYPTOITDATA", "we"), respects the confidentiality of your personal data and is committed to processing it in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Romanian legislation.

1. Data Controller

CRYPTOITDATA S.R.L. is the data controller for all personal data collected through the cryptoitdata.eu website.

Contact for data protection matters: hello@cryptoitdata.eu

2. What data we collect

2.1 Data you provide directly

  • Contact form: name, email, phone (optional), company (optional), service of interest (optional), message content.
  • Consultation booking (Cal.com): name, email, selected date/time, any questions you provide.
  • Newsletter (if subscribed): email address.

2.2 Automatically collected data

  • Technical data: IP address (anonymised), browser type, operating system, pages visited, visit duration.
  • We use privacy-friendly analytics (Plausible) which doesn't use cookies and doesn't collect personally identifiable data.

3. Processing purposes and legal basis

  • Response to commercial enquiries — basis: pre-contractual measures at your request (Art. 6.1.b GDPR).
  • Sending offers and technical information — basis: explicit consent (Art. 6.1.a GDPR).
  • Newsletter — basis: consent (Art. 6.1.a GDPR).
  • Legal obligations (invoicing, accounting, audit) — basis: Art. 6.1.c GDPR.
  • System security and fraud prevention — basis: legitimate interest (Art. 6.1.f GDPR).

4. Who we share data with

We use the following providers (processors) to operate the site and commercial relationships:

  • Hostinger (site hosting) — EU.
  • Brevo (transactional email and newsletter) — EU.
  • HubSpot (CRM) — EU/US, under standard contractual clauses.
  • Cal.com (consultation booking) — EU.
  • Plausible Analytics (cookieless analytics) — EU.

All these providers are contractually obligated to process data exclusively per our instructions and to maintain appropriate technical and organisational measures.

5. International transfers

Where our providers process data outside the European Economic Area (e.g., HubSpot in the US), the transfer takes place under standard contractual clauses approved by the European Commission or other safeguards recognised by GDPR.

6. How long we keep data

  • Contact requests without contractual relationship: 12 months.
  • Data from contractual relationships: contract duration + 10 years (tax requirements).
  • Newsletter: until unsubscription.
  • Technical logs: max. 12 months.

7. Your GDPR rights

You have the following rights regarding your data:

  • Access — to know what data we hold about you.
  • Rectification — to correct inaccurate data.
  • Erasure ("right to be forgotten") — to request deletion of your data.
  • Restriction — to limit processing in certain situations.
  • Portability — to receive your data in a structured format.
  • Objection — to processing based on legitimate interest.
  • Consent withdrawal — at any time, without affecting the legality of prior processing.

To exercise any of these rights, write to hello@cryptoitdata.eu. We respond within 30 days.

8. Complaints to the supervisory authority

If you believe the processing of your data violates GDPR, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP), B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest, www.dataprotection.ro.

9. Policy changes

This policy may be updated. The current version will always be available on this page, with the last update date at the top.