WhatsApp
Contact

Privacy Policy

Last Updated: November 13, 2025

1. Introduction

Your privacy is important to us. This privacy policy explains how Instantech (“we”, “us”, or “our”) collects, stores, uses, and shares your personal data.

This policy applies to personal data processed by us in our capacity as a data controller, in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR“) and applicable Romanian data protection legislation, including Law no. 190/2018.

2. Who We Are (Data Controller)

The data controller responsible for your personal data is:

Instantech
S.C. INSTANTECH ONLINE S.R.L.
RO43186366

If you have any questions about this privacy policy or our data protection practices, please contact us.

3. Data Protection Officer (DPO)

We have appointed a Data Protection Officer (DPO) to oversee compliance with this policy. If you have any questions, you can contact our DPO at:

Email: office@instantech.ro

4. What Personal Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

  • Identity Data: Includes first name, last name, username, or similar identifier.
  • Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
  • Technical Data: Includes Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our services.
  • Usage Data: Includes information about how you use our website, products, and services.
  • Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We do not typically collect any **Special Categories of Personal Data** about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data), unless required by law or with your explicit consent.

5. How We Use Your Data & Our Lawful Basis

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.
  • Where we have your explicit consent.

Here are the main purposes for which we process your data, linked to the lawful basis:

Purpose / ActivityType of DataLawful Basis for Processing
To register you as a new customer.Identity, ContactPerformance of a contract with you.
To process and deliver your order/service.Identity, Contact(a) Performance of a contract; (b) Legitimate interest (to recover debts).
To manage our relationship with you (e.g., sending service updates, asking for reviews).Identity, Contact, Marketing(a) Performance of a contract; (b) Legitimate interest (to keep records updated).
To administer and protect our business and website (including troubleshooting, data analysis, testing).Identity, Contact, Technical(a) Legitimate interest (for running our business, security); (b) Legal obligation.
To send you marketing communications about our services.Identity, Contact, Marketing(a) Consent (where required); (b) Legitimate interest (for existing customers, subject to opt-out).

6. Data Sharing and Third Parties

We may have to share your personal data with the parties set out below for the purposes described in the table above:

  • IT and System Administration Providers: Such as cloud hosting services, email providers, and analytics providers.
  • Professional Advisers: Including lawyers, bankers, auditors, and insurers based in Romania who provide consultancy, banking, legal, insurance, and accounting services.
  • Public Authorities: Such as tax authorities (ANAF) or other regulators in Romania who require reporting of processing activities in certain circumstances.
  • Payment Processors: To securely handle payments.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes.

7. International Transfers

We primarily store and process your data within the European Economic Area (EEA).

If we do transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • The country has been deemed to provide an adequate level of protection by the European Commission (an “Adequacy Decision“).
  • We use specific contracts approved by the European Commission which give personal data the same protection it has in Europe (known as “Standard Contractual Clauses” or SCCs).

8. Data Security

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered, or disclosed. This includes measures such as encryption, access controls, and regular security reviews.

We will notify you and any applicable regulator (including the ANSPDCP) of a data breach where we are legally required to do so.

9. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

For example, by law, we have to keep basic information about our customers (including Contact, Identity, and Transaction Data) for accounting and tax purposes for the period required by Romanian law (e.g., 5 or 10 years).

10. Your Legal Rights

Under the GDPR, you have the following rights in relation to your personal data:

  • Right to access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can request that we correct any inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”): You can ask us to delete your personal data where there is no good reason for us continuing to process it.
  • Right to restrict processing: You can ask us to suspend the processing of your data in certain scenarios.
  • Right to data portability: You can request the transfer of your personal data to you or to a third party in a structured, machine-readable format.
  • Right to object: You can object to us processing your data where we are relying on a legitimate interest (or for direct marketing purposes).
  • Right to withdraw consent: Where we rely on consent to process your data, you can withdraw that consent at any time.

To exercise any of these rights, please contact our DPO at office@instantech.ro. We will respond to all legitimate requests within one month.

11. How to Lodge a Complaint

We hope that we can resolve any query or concern you raise about our use of your information. Please contact our DPO first at office@instantech.ro.

However, you have the right to lodge a complaint at any time with the Romanian data protection supervisory authority:

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP)
Address: B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, cod poștal 010336, București, România
Website: http://www.dataprotection.ro
Email: anspdcp@dataprotection.ro
Phone: +40.318.059.211

12. Cookies

Our website uses cookies. A cookie is a small file of letters and numbers that we put on your computer.

13. Changes to This Privacy Policy

We may update this policy from time to time. Any changes will be posted on this page, and, where appropriate, notified to you by email. Please check back frequently to see any updates.