Privacy Policy
Last updated: March 14, 2024
This Privacy Policy explains how Kreovative ("we," "our," or "us") collects, uses, and protects your personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.
Your Rights Under GDPR
As a data subject, you have the following rights regarding your personal data:
To exercise these rights, please contact us at info@kreovative.com
1. Data Controller Information
Data Controller: Kreovative
Address: Str. Tudor Vladimirescu Nr. 31, Codlea, BV 505100, Romania
Email: info@kreovative.com
Phone: +40745617588
2. Information We Collect
Personal Information You Provide
| Data Type | Purpose | Legal Basis | Retention Period |
|---|---|---|---|
| Contact Form Data (Name, Email, Message) | Responding to inquiries and providing services | Legitimate Interest (Art. 6(1)(f) GDPR) | 2 years from last contact |
| Website Analytics Data | Website optimization and user experience improvement | Consent (Art. 6(1)(a) GDPR) | 26 months (Google Analytics default) |
| Cookie Data | Website functionality and preferences | Consent (Art. 6(1)(a) GDPR) | Varies by cookie type (max 2 years) |
Automatically Collected Information
- IP address (anonymized after 14 months)
- Browser type and version
- Operating system
- Pages visited and time spent
- Referral sources
- Device information (screen resolution, language settings)
Google Analytics
We use Google Analytics to understand how visitors interact with our website. Google Analytics uses cookies and may transfer data to the United States. We have implemented IP anonymization and have a Data Processing Agreement with Google. You can opt-out of Google Analytics by visiting Google Analytics Opt-out Browser Add-on.
3. How We Use Your Information
Service Provision
- • Responding to your inquiries
- • Providing requested services
- • Customer support
- • Service improvement
Website Optimization
- • Analyzing website usage
- • Improving user experience
- • Technical maintenance
- • Security monitoring
4. Data Sharing and Third Parties
Service Providers
| Provider | Service | Data Transferred | Location | Safeguards |
|---|---|---|---|---|
| Google LLC | Analytics | Usage data, IP (anonymized) | USA | Google Cloud Data Processing Addendum |
| EmailJS | Email delivery | Contact form data | USA | Standard Contractual Clauses |
| Netlify | Website hosting | Website access logs | USA | Privacy Shield successor framework |
5. International Data Transfers
Some of our service providers are located outside the European Economic Area (EEA). When we transfer your personal data to these providers, we ensure adequate protection through:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules
- Certification schemes
6. Data Security
Technical Measures
- • SSL/TLS encryption in transit
- • Secure hosting infrastructure
- • Regular security updates
- • Access controls and authentication
- • Regular security assessments
Organizational Measures
- • Staff training on data protection
- • Data processing agreements
- • Incident response procedures
- • Regular compliance audits
- • Privacy by design principles
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
- • Contact inquiries: 2 years from last contact
- • Website analytics: 26 months (Google Analytics default)
- • Cookie data: Varies by type (maximum 2 years)
- • Legal compliance data: As required by applicable law
8. Your Rights and How to Exercise Them
Under GDPR, you have the following rights regarding your personal data:
Right of Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data in certain circumstances.
Right to Portability
Request your data in a portable format to transfer to another service.
How to Exercise Your Rights
To exercise any of these rights, please contact us at info@kreovative.com or use our Data Subject Rights Portal.
We will respond to your request within 30 days. We may need to verify your identity before processing your request.
9. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your browsing experience. You can manage your cookie preferences through our cookie consent banner or browser settings.
| Cookie Type | Purpose | Duration | Required |
|---|---|---|---|
| Necessary | Essential website functionality | Session/1 year | Yes |
| Analytics | Website usage analysis | 2 years | No |
| Marketing | Personalized advertising | 1 year | No |
10. Data Breach Notification
In the event of a data breach that poses a high risk to your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach, as required by GDPR Article 34.
11. Supervisory Authority
You have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data in accordance with GDPR.
Romanian Data Protection Authority (ANSPDCP)
Address: B-dul Magheru 28-30, Sector 1, Bucharest, Romania
Phone: +40.318.059.211
Email: anspdcp@dataprotection.ro
Website: www.dataprotection.ro
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. For significant changes, we may also notify you by email.
13. Contact Information
Data Protection Contact
Email: info@kreovative.com
Address: Str. Tudor Vladimirescu Nr. 31, Codlea, BV 505100, Romania
Phone: +40745617588