Nymphis Technologies
|
Let's Talk
Legal

Privacy Policy

Last updated: April 2026

1. Data Controller

Nymphis Technologies S.R.L., a company registered in Cluj-Napoca, Romania, is the data controller responsible for processing your personal data through this website.

You can reach us at hello@nymphis.ro

2. What Data We Collect

We collect the minimum data necessary to operate this website and respond to your inquiries:

  • Contact form submissions: your name, email address, company name, subject, and message
  • Cookies: strictly necessary cookies for authentication and language preference (see our Cookie Policy)
  • Server logs: IP address, browser type, and access timestamps for security monitoring

3. Purpose & Legal Basis

  • Responding to contact inquiries — legitimate interest (Art. 6(1)(f) GDPR)
  • Website security and abuse prevention — legitimate interest (Art. 6(1)(f) GDPR)
  • Essential cookies for website functionality — legitimate interest (Art. 6(1)(f) GDPR)

4. How Long We Keep Data

Contact form submissions are retained for up to 12 months to allow us to follow up on inquiries, after which they are deleted. Server logs are retained for up to 90 days. Authentication cookies expire automatically (access tokens after 60 minutes, verification tokens after 10 minutes).

5. Who We Share Data With

We do not sell your personal data. We may share data with the following categories of service providers who process data on our behalf:

  • Cloud hosting providers (EU-based infrastructure)
  • Email service provider (Microsoft Office 365) for sending contact form confirmations

We never sell, rent, or trade your personal data to third parties for marketing purposes.

6. Your Rights Under GDPR

As a data subject in the European Union, you have the following rights:

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request deletion of your data ("right to be forgotten")
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to the processing of your data based on legitimate interest

To exercise any of these rights, contact us at hello@nymphis.ro. You also have the right to lodge a complaint with the Romanian Data Protection Authority (ANSPDCP) at www.dataprotection.ro.

7. Cookies

We use only strictly necessary cookies. We do not use analytics, advertising, or tracking cookies. For full details, see our Cookie Policy.

8. International Data Transfers

Your data is processed and stored within the European Economic Area (EEA). In cases where data may be transferred outside the EEA (e.g., via cloud service sub-processors), we ensure adequate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), access controls, secure authentication with two-factor verification, and regular security audits.

10. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.

11. Contact Us

If you have questions about this privacy policy or how we handle your data, contact us at hello@nymphis.ro

This site uses only essential cookies required for it to function. No tracking, no ads. Learn more