Privacy Policy

1. Introduction

DATARAV ("Company," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

We process personal data in accordance with the EU General Data Protection Regulation (GDPR), Romanian Law 190/2018, and other applicable data protection legislation. By using our services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller Information

DATARAV acts as the data controller for personal data collected through our website and services. For any questions regarding this Privacy Policy or our data practices, you may contact us at:

3. Information We Collect

3.1 Information You Provide

We collect information that you voluntarily provide to us, including:

• Contact Information: Name, email address, phone number, company name, and job title when you contact us or request information.
• Account Information: Login credentials, billing information, and service preferences when you become a customer.
• Communication Data: Content of emails, support tickets, and other communications with our team.
• Payment Information: Billing address, payment method details (processed securely through our payment providers).

3.2 Information Collected Automatically

When you visit our website, we automatically collect certain information:

• Device Information: IP address, browser type, operating system, device identifiers.
• Usage Data: Pages visited, time spent on pages, click patterns, referring URLs.
• Location Data: General geographic location based on IP address.
• Cookies and Tracking: Information collected through cookies and similar technologies (see Section 8).

3.3 Information from Third Parties

We may receive information about you from third parties, including business partners, marketing partners, and publicly available sources, to supplement the information we collect directly.

4. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our data center and hosting services.
• Customer Support: To respond to inquiries, provide technical support, and resolve issues.
• Communication: To send service updates, security alerts, and administrative messages.
• Marketing: To send promotional materials and newsletters (with your consent).
• Analytics: To understand how our website and services are used and to improve user experience.
• Security: To detect, prevent, and address technical issues, fraud, and security threats.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.
• Contract Performance: To fulfill our contractual obligations to customers.

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our service agreements with you.
• Legitimate Interests: Processing for our legitimate business interests, such as improving services and fraud prevention, where these interests are not overridden by your rights.
• Legal Obligation: Processing required to comply with applicable laws and regulations.
• Consent: Processing based on your explicit consent, which you may withdraw at any time.

6. Data Sharing and Disclosure

We may share your personal data with:

• Service Providers: Third-party vendors who assist us in operating our business (e.g., payment processors, cloud infrastructure providers, support tools).
• Business Partners: Partners who provide complementary services with your consent.
• Legal Authorities: When required by law, court order, or to protect our legal rights.
• Corporate Transactions: In connection with mergers, acquisitions, or asset sales, with appropriate confidentiality measures.

We do not sell your personal data to third parties. All third-party service providers are contractually bound to protect your data and use it only for specified purposes.

7. International Data Transfers

Your personal data is primarily stored and processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:

• EU Standard Contractual Clauses
• Adequacy decisions by the European Commission
• Binding Corporate Rules where applicable

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. These include:

• Essential Cookies: Required for website functionality and cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our website.
• Marketing Cookies: Used to deliver relevant advertisements (only with your consent).
• Preference Cookies: Remember your settings and preferences.

You can manage cookie preferences through your browser settings or our cookie consent tool. For more details, please see our Cookie Policy.

9. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Active Customer Data: Retained for the duration of the customer relationship plus 5 years.
• Marketing Data: Retained until you withdraw consent or 3 years from last interaction.
• Financial Records: Retained for 10 years as required by Romanian tax law.
• Website Analytics: Retained for up to 26 months.

10. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data ("right to be forgotten").
• Right to Restrict Processing: Request limitation of how we process your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
• Right to Lodge a Complaint: File a complaint with the Romanian Data Protection Authority (ANSPDCP).

To exercise these rights, please contact us at [email protected]. We will respond within 30 days.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of data in transit and at rest
• Access controls and authentication measures
• Regular security assessments and audits
• Employee training on data protection
• Incident response and breach notification procedures

While we strive to protect your data, no method of transmission or storage is 100% secure. We encourage you to use strong passwords and keep your account credentials confidential.

12. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

15. Supervisory Authority

You have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP):