Privacy Policy

1. Who We Are

GraziaCommerce Ltd, registered in the European Union, is the data controller for personal data collected via the website graziacommerce.com and services offered.

Contact us at: [email protected] or +40 700 000 000.

2. Data We Collect

2.1 Data you provide directly

• First and last name
• Email address
• Phone number
• Company name / business type
• Messages sent via the contact form
• Budget and service preferences

2.2 Data collected automatically (with your consent)

• IP address (anonymized)
• Browser type and operating system
• Pages visited and visit duration
• Traffic source (Google, social media, direct)
• Cookie data (see Cookie Policy)

3. Why We Use Your Data (Legal Basis)

• Contract performance / pre-contractual steps (Art. 6(1)(b) GDPR): to respond to quote requests and deliver contracted services.
• Consent (Art. 6(1)(a) GDPR): for newsletter, analytics and marketing cookies — you can withdraw consent at any time.
• Legitimate interest (Art. 6(1)(f) GDPR): for website security and fraud prevention.
• Legal obligation (Art. 6(1)(c) GDPR): for keeping accounting and tax records.

4. How Long We Keep Data

• Contact form data: 3 years from last interaction or until deletion is requested.
• Contractual and tax data: 10 years per applicable tax legislation.
• Analytics data: maximum 26 months (configured in Google Analytics).
• Cookies: as specified in our Cookie Policy.

5. Who We Share Data With

We never sell your data. We share only with:

• Google LLC — Google Analytics 4 and Google Workspace. EU servers where possible.
• Hosting providers — with GDPR data processing agreements in place.
• Accountant / auditor — exclusively for legal obligations, under confidentiality agreements.
• Public authorities — only when legally required.

6. International Transfers

Some tools (Google Analytics) may transfer data to the USA. Google LLC participates in the EU-US Data Privacy Framework and applies Standard Contractual Clauses (SCC) approved by the European Commission.

7. Your Rights

Under GDPR, you have the right to:

• Access: receive a copy of data we hold about you.
• Rectification: correct inaccurate or incomplete data.
• Erasure ("right to be forgotten"): request deletion under certain conditions.
• Restriction: limit processing while we verify a dispute.
• Portability: receive data in a structured, machine-readable format.
• Objection: object to processing based on legitimate interest.
• Withdraw consent: at any time, without affecting prior lawful processing.

Exercise your rights by writing to [email protected]. We respond within 30 calendar days.

8. Data Security

We implement appropriate technical and organizational measures: HTTPS/TLS connections, restricted database access, hashed passwords, regular backups, and periodic team training on data protection.

9. Cookies

We use cookies. For full details, see our Cookie Policy. You can manage preferences at any time from the cookie banner or browser settings.

10. Changes to This Policy

We may update this policy periodically. We will notify you by email (if subscribed) or via a banner on the site at least 14 days before significant changes take effect.

11. Contact

📧 [email protected]
📞 +40 700 000 000
🌐 graziacommerce.com