GDPR Privacy Notice

1. Introduction

This Privacy Notice explains how we collect, use, store, and protect IP addresses in compliance with the General Data Protection Regulation (GDPR).

2. Data Controller

The Data Controller is:

Organization Name: S.C. Marbeto SRL
Address: Str. Mesterul Manole 8/B, 310493 – Arad, Romania
Email: [email protected]
Phone: 0040 257 282480

3. What Personal Data We Collect

We collect and process the following personal data:

IP addresses of visitors to our website.

4. Purpose of Collecting IP Addresses

We process IP addresses for the following purposes:

Security Monitoring: To detect, prevent, and mitigate unauthorized access, hacking attempts, or other security threats.
Website Performance: We use Cloudflare to ensure the speed, reliability, and protection of our website.

5. Legal Basis for Processing

We process IP addresses based on our legitimate interest under Article 6(1)(f) of the GDPR. This is necessary to protect the security of our website and services.

6. Retention of IP Addresses

IP addresses are stored securely for a maximum of 2 months. After this period, they are automatically deleted unless retention is required for legal or security investigations.

7. Third-Party Data Processors

We use Cloudflare to enhance website security and performance. Cloudflare acts as our data processor and complies with GDPR requirements.

8. Your Rights Under GDPR

Regulation E 2016/679 grants data subjects a series of rights that we respect and are committed to addressing promptly upon your request.

The right to access the processed personal data.
The right to withdraw your consent, without affecting the legality of the processing carried out based on the consent before its withdrawal.
The right to rectify inaccurate personal data.
The right to restrict processing.
The right to erasure, or the “right to be forgotten,” under which you can request the deletion of personal data.
The right to data portability, which ensures that you have the right to receive your personal data and transmit it to another data controller.
The right to object, which allows you to object at any time to the processing of your personal data.

To exercise your rights, please contact us in writing at [email protected].

You also have the right to contact the National Authority for the Supervision of Personal Data Processing.

9. Data Security

We take steps to protect the IP addresses we store. Access to this data is restricted and secured through:

Access controls using secure SSH connections
Limited access only to authorized personnel

While we do not perform regular security audits or implement data encryption, we continuously monitor and secure server access to prevent unauthorized use.

10. Contact Information

If you have any questions about this Privacy Notice or wish to exercise your GDPR rights, please contact us:

Email: [email protected]
Phone: 0040 257 282480

11. Updates to This Privacy Notice

We may update this Privacy Notice from time to time. The latest version will always be available on our website.