Privacy Policy

Last updated: April 2026

1. Introduction

RIFTER SRL (referred to as "RIFTER", "we", "our", or "the company"), with headquarters in Cluj-Napoca, is the data controller for the rifter.ro website. This privacy policy explains how we collect, use, and protect your personal information in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

For any request related to your personal data, you can reach us at contact@rifter.ro.

2. What data we collect

Data you provide directly:

  • First and last name
  • Email address
  • Phone number (optional)
  • Company name (optional)
  • The message you send us through the contact form

Data collected automatically:

  • IP address (anonymized)
  • Browser and device type
  • Pages visited and time spent on the site
  • Source of the visit (how you arrived on the site)

3. How we use the data

We use the collected data to:

  • Respond to your messages and questions
  • Provide information about our services
  • Improve the site experience
  • Analyze site traffic (aggregated and anonymous)
  • Comply with legal obligations

4. Legal basis for processing

We process your data based on:

  • Consent — when you fill in the contact form
  • Legitimate interest — to improve services and analyze traffic
  • Legal obligations — when the law requires us to retain certain data

5. Who we share data with

We do not sell or rent your personal data. We share it only with:

  • Service providers who help us operate the site (hosting, email, analytics) — under strict confidentiality agreements
  • Authorities — only when required by law

Third-party providers we use:

  • Cloudflare (hosting and security)
  • Cloudflare Web Analytics (cookie-free analytics, GDPR-compliant)
  • Brevo (email delivery)

6. Cookies and tracking

We use Cloudflare Web Analytics, an analytics solution that does not use cookies and does not collect personally identifiable data. We don't need consent for analytics cookies because Cloudflare Web Analytics is completely anonymous.

We do not use marketing or third-party tracking cookies (Facebook Pixel, Google Ads, etc.).

7. Data retention

  • Contact messages: retained for 2 years or until the end of the engagement
  • Analytics data: aggregated and anonymous, retained indefinitely
  • Contractual data: per legal obligations (10 years for fiscal documents)

8. Your rights

Under GDPR, you have the following rights:

  • Right of access — to know what data we hold about you
  • Right to rectification — to correct incorrect data
  • Right to erasure — to request deletion of your data ("right to be forgotten")
  • Right to restriction — to limit how we use the data
  • Right to portability — to receive your data in a standard format
  • Right to object — to object to processing in certain situations

To exercise these rights, contact us at: contact@rifter.ro

9. Data security

We protect your data through:

  • SSL/TLS encryption for all connections
  • Restricted data access, available only to authorized personnel
  • Hosting and service providers with security certifications
  • Regular security monitoring and updates

10. International transfers

Some of our providers may process data outside the European Economic Area. In those cases, we ensure appropriate safeguards are in place (EU Standard Contractual Clauses or adequacy decisions).

11. Policy changes

We may update this policy periodically. We will notify you of significant changes by email or by displaying a notice on the site.

12. Contact

For questions about this policy or about your data:

You have the right to lodge a complaint with the relevant data protection authority in your jurisdiction if you believe your rights have been violated.