Privacy Policy

Last Updated: June 10, 2025

NodeITStudio ("we," "us," or "our") is committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and Romanian Law No. 506/2004. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website (hosted on Cloudflare).

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide, including:

  • Contact details: Name, email, phone number.
  • Business information: Company name, job title.
  • Payment data: Only for client projects (processed securely via third-party providers like Stripe/PayPal).

1.2 Automated Data (via Cloudflare)

When you visit our website, Cloudflare (our CDN provider) automatically collects:

  • IP address: Used for security and geo-routing.
  • Country/region: Derived from your IP for performance optimization.
  • Browser/device data: User-agent, pages visited, timestamps.
  • Security logs: To mitigate DDoS attacks and malicious traffic.

Note: Cloudflare retains this data for 7 days (by default) as per their Privacy Policy.

1.3 Cookies

We use:

  • Essential cookies: For site functionality (no consent required).
  • Analytics cookies: Google Analytics (anonymized IPs).
  • Cloudflare cookies: Such as __cf_bm for bot protection.

2. Legal Basis for Processing (GDPR)

We process your data based on:

  • Consent: For non-essential cookies and marketing.
  • Contractual necessity: To fulfill client agreements.
  • Legitimate interests: For security and website analytics.

3. How We Use Your Data

  • To provide and improve our services.
  • To secure our website (via Cloudflare’s firewall).
  • To comply with legal obligations (e.g., Romanian tax laws).

4. Data Sharing

We only share data with:

  • Cloudflare: As a data processor (for CDN and security).
  • Payment processors: Stripe/PayPal (for transactions).
  • Authorities: If required by Romanian/EU law.

5. Your Rights (GDPR & Romanian Law)

You have the right to:

  • Access/delete your personal data.
  • Opt out of non-essential cookies.
  • Lodge a complaint with the ANSPDCP (Romanian DPA).

6. Data Retention

  • Cloudflare logs: 7 days (default).
  • Client data: 5 years (for tax compliance under Romanian Law).

7. Security Measures

  • SSL/TLS encryption.
  • Regular security audits.
  • Cloudflare’s DDoS protection.

8. Contact Us

For GDPR requests or questions:

Email: [email protected]
Address: NodeITStudio, Bucharest, Romania
We respond within 30 days (as required by GDPR).