In compliance with EU Regulation 2016/679 (GDPR)

Privacy Policy &
Data Protection

We take the protection of your personal data very seriously. This page explains what data we collect, why, and how we protect it in accordance with GDPR.

// data controller
🏢 Data Controller

GHIOCA EDUARD-GEORGIAN ÎNTREPRINDERE INDIVIDUALĂ
CIF: 44480687 | Nr. Înmatriculare: F29/648/2021
Address: Str. Găgeni Nr. 113, Ploiești, Prahova County, 100120, Romania
Email DPO: dpo@verificaimei.ro | Telefon: 0729 540 777

1. What Data We Collect and Why

1.1 Date colectate automat (Cookie-uri & Tehnici similare)

When you visit the site, we automatically collect the following data via cookies and similar technologies:

Cookie Type Purpose Duration Legal Basis
Essential Security (CSRF token), user session, shopping cart Session / 1 hour Art. 6(1)(f) GDPR – Legitimate Interest
Preferences Saving cookie consent preferences 6 months Art. 6(1)(a) GDPR – Consent
Analytics Google Analytics – anonymous usage statistics 2 years Art. 6(1)(a) GDPR – Consent

1.2 Data Collected When Using the Service

When you perform an IMEI check, we collect:

  • Phone IMEI – required to perform the checks (legal basis: contract performance, Art. 6(1)(b) GDPR)
  • Email address – for sending the report (legal basis: contract performance)
  • Payment data – securely processed by Stripe; we do not store card data (legal basis: contract performance)
  • IP address – for security and fraud prevention (legal basis: legitimate interest, Art. 6(1)(f) GDPR)

2. How We Protect Your Data

🔒 Implemented Security Measures
  • SSL/TLS Encryption – all communications are encrypted (HTTPS)
  • CSRF Tokens – protection against cross-site request forgery
  • Rate Limiting – preventing abusive access
  • Session Security – HttpOnly, Secure, SameSite Strict cookies
  • PCI-DSS – payments processed via Stripe, PCI-DSS Level 1 certified
  • IP Anonymization – last octets of IP are truncated in Analytics

3. Your Rights Under GDPR

Under EU Regulation 2016/679, you have the following rights:

  • Right of Access (Art. 15) – you may request a copy of your personal data we hold
  • Right to Rectification (Art. 16) – you may request correction of inaccurate data
  • Dreptul la ștergere ("dreptul de a fi uitat", Art. 17) - poți solicita ștergerea datelor, cu excepția celor pe care suntem obligați să le păstrăm legal
  • Right to Restriction of Processing (Art. 18) – you may request we limit how we use your data
  • Right to Data Portability (Art. 20) – you may receive your data in a structured, machine-readable format
  • Right to Object (Art. 21) – you may object to processing based on legitimate interest
  • Right Not to Be Subject to Automated Decisions (Art. 22) – we do not use automated profiling with legal effects

To exercise these rights, contact us at dpo@verificaimei.ro. We respond within 30 days.

4. How Long We Retain Data

Data Category Retention Period Justification
Rapoarte IMEI & tranzacții 3 years Accounting and tax obligations (Romanian Law 82/1991)
Session data (CSRF, etc.) 1 hour / session Technical security
Cookie preferences 6 months Honoring user consent
Server logs (anonymized) 30 days Security and debugging

5. International Data Transfers

We use Stripe for payment processing (USA) and Google Analytics (USA). We have implemented:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data anonymization before transfer
  • Verification of international certification compliance

6. Cookies – Managing Consent

You can manage your cookie preferences at any time by clicking the button below or through your browser settings.

7. Contact DPO (Data Protection Officer)

For any questions related to data protection:

8. Policy Updates

Last updated: April 8, 2026. Any material changes will be communicated via email or site notification.

⚖️ Supervisory Authority

If you believe your rights are not being respected, you may contact the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP), or your local EU data protection authority:
Website: www.dataprotection.ro | Email: anspdcp@dataprotection.ro