Legal

Privacy Policy

Last updated: May 2025

1. Data Controller

Hibyte is a software company headquartered in Timișoara, Romania, and acts as the data controller for the personal data collected through this website. If you have any questions about how your data is handled, or if you wish to exercise any of your rights under applicable law, you can reach us at office@hibyte.ro. We are committed to protecting your privacy and handling your data in an open and transparent manner.

2. Data We Collect

We collect only the information that is necessary to provide our services and operate this website. Specifically, we may process the following categories of personal data:

  • Contact form submissions — your name, email address, and the message you submit when you contact us through this website.
  • Website analytics — anonymized usage data such as pages visited, session duration, and general geographic region. This data does not identify you personally.
  • Cookies — small text files placed on your device to enable website functionality and, where you have consented, to support analytics. See Section 9 for details.

We do not collect sensitive personal data and we do not create profiles for marketing purposes.

3. Purpose & Legal Basis

We process your personal data only where we have a lawful basis to do so under the General Data Protection Regulation (GDPR) and Romanian Law 190/2018. The purposes and corresponding legal bases are:

  • Responding to your inquiries — when you contact us, we process your name and email to reply. The legal basis is our legitimate interest in communicating with potential clients and partners, or the performance of pre-contractual steps at your request.
  • Improving our website — we analyze anonymized usage patterns to understand how visitors interact with our site. The legal basis is our legitimate interest in providing a functional and relevant online presence.
  • Analytics — where analytics involves any form of identifiable tracking, the legal basis is your consent, which you can withdraw at any time through our cookie preferences.

4. Data Recipients

Your personal data is shared only with trusted service providers who help us operate this website and respond to inquiries. These include hosting infrastructure providers and analytics tool providers. All such recipients are bound by data processing agreements and are permitted to process your data only on our instructions.

We do not sell, rent, or trade your personal data to any third party. We will not disclose your data to third parties except as required by law or to protect our legal rights.

5. International Transfers

Some of our service providers may be located or process data outside of the European Union or European Economic Area (EU/EEA). Where such transfers occur, we ensure they are carried out in compliance with GDPR by relying on the European Commission's adequacy decisions or by implementing Standard Contractual Clauses (SCCs) approved by the European Commission. You may request a copy of the applicable safeguards by contacting us at office@hibyte.ro.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Our specific retention periods are:

  • Contact form data — retained for up to 3 years from the date of last contact, after which it is securely deleted.
  • Analytics data — anonymized usage statistics are retained for up to 26 months.
  • Legal obligation data — where we are required by law to retain records (for example, for accounting or tax purposes), we retain that data for the period mandated by applicable legislation.

7. Your Rights

As a data subject under the GDPR, you have the following rights with respect to your personal data:

  • Right of access — you may request a copy of the personal data we hold about you.
  • Right to rectification — you may ask us to correct any inaccurate or incomplete data.
  • Right to erasure — you may request that we delete your personal data where it is no longer necessary for the purposes for which it was collected.
  • Right to restriction — you may request that we restrict the processing of your data in certain circumstances.
  • Right to data portability — where processing is based on consent or contract and carried out by automated means, you may receive your data in a structured, commonly used format.
  • Right to object — you may object to processing based on legitimate interests at any time, on grounds relating to your particular situation.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us at office@hibyte.ro. We will respond within 30 days. We may ask you to verify your identity before fulfilling your request.

8. Supervisory Authority

If you believe that your rights under the GDPR have been violated, you have the right to lodge a complaint with a supervisory authority. In Romania, the competent authority is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP), which can be reached at www.dataprotection.ro. You may also lodge a complaint with the supervisory authority in the EU member state where you reside or work.

9. Cookies

This website uses cookies to ensure basic functionality and, where you have given consent, to collect analytics data. Strictly necessary cookies are placed without consent as they are essential for the website to operate. You can manage your cookie preferences at any time through our cookie preferences interface. For a full list of cookies used and their purposes, please refer to the cookie banner shown on your first visit.

10. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make material changes, we will update the "Last updated" date shown at the top of this page. We encourage you to review this policy periodically. Continued use of the website after changes are posted constitutes your acknowledgment of the updated policy.