Privacy Policy

Privacy policy applied to users' data and information

Data Privacy
Data Privacy

Table of Contents

I. General Information
II. Categories of Personal Data Requested and Processed
III. Purposes of Processing
IV. Duration for Which We Keep / Process Data
V. Disclosure of Personal Data
VI. Transfer of Personal Data
VII. Rights You Have
VIII. Control, Access and Security
IX. Special Provisions Regarding Minors
X. Social Media
XI. Processor
XII. Validity of the Document

I. General Information

S.C. Awesome Projects S.R.L., hereinafter referred to as Hostico, as a personal data operator, author, owner, and administrator of hostico.ro, respects the right to privacy and the security of personal data processing for every person who visits and/or uses the services offered by this website, and is committed to protecting their personal data and information. This document applies to the website hostico.ro, hereinafter referred to as the "Website".

Hostico is registered as a personal data operator with the National Authority for the Supervision of Personal Data Processing, under registration number 30701.

In accordance with Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR), which has replaced Law 677/2001 on the protection of individuals with regard to the processing of personal data and the free movement of such data, Hostico is obliged to manage safely and only for the purposes and period specified in this document, the personal data that you provide about yourself, a family member, or another person, as well as the personal data visible in the context of using this website.

Personal data refers to any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to a name, an identification number, location data, an online identifier, or by reference to one or more specific elements of their physical, physiological, genetic, mental, economic, cultural, or social identity.

This Policy applies to all electronic devices used for accessing the Website. If you do not agree with the terms and conditions related to their use (set forth in this document regarding the protection of personal data, as well as in the Cookie Policy documents and the Terms and Conditions regarding confidential information), please do not use the website.

II. Categories of personal data requested and processed

The website is structured in a way that allows for its visitation and use without the need to disclose any personal information from its visitors. With each visit/use of the website, the server collects and stores, in the form of electronic logs for short periods of time, basic information that includes the IP address, the browser used, the referring domain (through which the visitor accessed the website), access times, visit duration, and the pages visited. Except for the IP address, none of this traffic data constitutes identifiable information; they are stored solely for statistical/analytical purposes aimed at improving services and, of course, for the prevention of fraud or abuse of the information system. This data is not disclosed to any individual or legal entity outside of Hostico in any form, except in cases of processing carried out by the competent authorities for the purpose of preventing, discovering, investigating, prosecuting, and combating crimes or enforcing penalties. Any other information is provided strictly voluntarily by the visitor/user, with no obligation to provide personal data to Hostico. Although some services offered by Hostico cannot be used without providing certain data, the submission of such data is strictly voluntary.

a) Visitor of the Website

  • the data provided within the sections that involve filling out a form:
    Direct Mode: Name, Email
    Indirect Mode: IP
  • the data provided in interaction with members of the Hostico team through the use of the online support system:
    Direct Mode: Name,Email
    Indirect Mode: IP

b) Client of the Website

  • the data provided when creating a client account or placing an order:
    First Name
    Last Name
    Secondary Contact*
    Email
    Secondary Email*
    Address
    Postal Code
    Phone
    CNP (individuals)**
  • In case of company:
    Company Name
    Contact person details: First and Last Name
    Registration number at the Trade Registry Office
    Tax Identification Number/Unique Registration Code

Indirect: IP
* - optional
** - required for the registration of certain domain extensions

III. Purposes of processing

Our general principles regarding the processing of personal data belonging to visitors of the website (considered as purchasers of any of the services available on the Website) as well as those belonging to the visitors of the Website are presented below:

a) Visitor of the Website

  • to respond to requests sent by filling out the forms available on the Website
  • to respond to requests sent through the online support system
  • for monitoring traffic and improving the experience provided on the Website

b) Client of the Website

Regarding Clients or potential Clients, the data and documents provided by them during the conclusion of the contract or thereafter will be processed exclusively in accordance with the applicable legal provisions, including the General Data Protection Regulation (GDPR).
The data and documents provided by Clients will be used exclusively for the purpose of executing the contract between Hostico and the respective Client and will not be transferred to unauthorized third parties or companies or disclosed in any form, except in cases provided by law or with the express consent of the Client.

We use the personal data and documents provided by Clients for the following purposes:

  • Execution of the contractual relationship between the Client and Hostico, including the processing, validation, invoicing, and activation of the order placed on the website and informing the client about the status of the order.
  • Fulfilling the legal obligations that fall upon Hostico in the context of the services provided through the website, including tax and archiving obligations.
  • Communication of information regarding the network status and any maintenance/outages in service provision.
  • Transmission of commercial communications regarding the services offered by Hostico through remote communication means (e-mail, SMS), in the event that you have given consent in this regard.

Processing of data for the mentioned purposes is based on the contract concluded between the Client and Hostico, as defined in our Terms and Conditions, and is necessary for fulfilling legal obligations. Refusal to provide data may lead to Hostico's inability to comply with legal obligations and, consequently, to the inability to offer you services through the website. Data processing for marketing purposes is carried out based on the consent provided, in the event that you choose to provide it by checking the corresponding box at the time of account creation or later, through your client account.

Providing data for any of the situations mentioned above is voluntary, but necessary for the use of the services mentioned earlier and for concluding a contract between the client and Hostico. Refusal to provide data may result in the inability to carry out the contractual relationship between the client and Hostico.

c) General

The processing of data is based on the legal basis of Hostico's legitimate interest to ensure the proper functioning of the website and to constantly improve the experience of the website's visitors, including by addressing comments, questions, or complaints.

The purposes of data processing include:

  • Administration and improvement of the provided services.
  • Conducting commercial activities for the sale of services, market research/studies, and statistics.
  • Advertising, marketing, and promotional activities for SC Awesome Projects SRL services, including promotional campaigns, tracking and monitoring service sales and consumer behavior.
  • Providing post-sales customer relationship services, including informing users/customers about the evaluation of the services offered (including the evaluation of services on the Website).

IV. The duration for which we retain / process data

As a fundamental principle, Hostico will process personal data only for the strictly necessary period to achieve the aforementioned processing purposes. We respect the principle of data minimization and will not retain data longer than necessary based on the purposes for which they were collected.

If you are a client, we will process the data throughout the duration of the contractual relationship and thereafter, in accordance with the legal obligations that fall on Hostico.

For customer accounts, they will be kept for 5 years from the date of the last financial transaction on the respective account and will be automatically deleted upon the fulfillment of this term, provided that there are no active services on the account.

After the account is deleted, either through automatic deletion in case of no transactions or any activity from the client, or at the express request of the client to exercise the right of withdrawal, the information associated with the account is pseudonymized and stored for an additional period of 5 years in accordance with the security measures provided by the General Data Protection Regulation (GDPR). This data is used strictly to respond to legitimate requests from the competent authorities in Romania or the European Union, for the purpose of complying with the applicable legal obligations of the data controller.

In the case of financial-accounting supporting documents, contracts, and additional acts, according to legal provisions, these will be kept for 10 years from the end of the financial year.

If you wish to no longer be concerned about the processing of personal data or if you want the deletion of data, you can exercise your rights detailed in point VII below.

Deletion of the account is only possible if there are no active services on it. If there is one or more active services on the account, it can only be closed if one of the following conditions is met:

  • The conclusion of the contracted period of the active service/services on the account is expected.
  • The active service/services on the account are terminated through a written request or the active service/services are transferred to other providers/registrars.

If you withdraw your consent for the processing of data for marketing purposes, Hostico will cease the processing of personal data for this purpose, without affecting the processing carried out previously by Hostico based on the expressed consent.

Regarding internal notes, the preparation of statistics, service improvement, and market research/studies, we retain personal data only to the extent necessary to achieve these purposes and in accordance with legal provisions. The retention period for this data is determined based on the specific needs of each purpose and is reviewed periodically to ensure that the data is not kept longer than necessary.

In all cases, the storage of personal data complies with GDPR principles, including purpose limitation, data minimization, and ensuring their accuracy and up-to-dateness. We ensure that personal data is deleted or appropriately anonymized after the retention period expires.

V. Disclosure of personal data

The registered information is intended for the exclusive use of Hostico for the purpose of fulfilling the contractual relationship and providing the requested services. However, in certain situations, personal data may be disclosed to third parties as described below:

  • Hostico's contractual partners: Based on a confidentiality agreement, data may be communicated to Hostico's contractual partners who are involved in providing the requested services. These partners are obligated to keep the data secure and to use it in accordance with the applicable law.
  • Service providers: In order to ensure the efficient operation of services, we may share data with third-party service providers, such as those specialized in marketing, payment/banking services, courier services, or domain registration companies. These providers will act as processors and will handle the data in accordance with our instructions.
  • Public authorities: In the event that it is necessary for the prevention, investigation, and combating of crimes, we may be required to disclose the data provided to the competent public authorities or other authorities entitled to do so, in accordance with applicable law.

VI. Data Transfer of Personal Data

The transfer of personal data outside the respective country or the European Union will only take place in situations where this transfer is necessary to fulfill the contractual obligations undertaken.

An example in this regard is the domain registration service. Depending on the requested domain extension, it is possible that personal data may be transferred outside the respective country or the European Union. In such cases, we will take all necessary measures to ensure that the transfer complies with legal requirements and that the data is adequately protected according to the applicable legislation in the field of personal data protection.

We inform you that, when we transfer personal data outside the European Union, we will use appropriate mechanisms to ensure data protection in accordance with the applicable legislation, such as standard contractual clauses approved by the European Commission or other legal mechanisms provided by the GDPR.

If you have any additional questions or would like more information about the transfer of personal data, please contact us at the email address office@hostico.ro.

VII. Rights You Benefit From

In accordance with the legislation on the protection of personal data, as data subjects, you have the right to enjoy the following rights:

  • The right to information: the right to receive detailed information regarding the processing activities carried out by Hostico, as described in this privacy policy.
  • The right of access: the right to obtain confirmation from Hostico regarding the processing of personal data, as well as to receive information about how this data is processed, the purpose of the processing, the recipients or categories of recipients of the data, etc.
  • The right to rectification: If personal data is inaccurate or incomplete, you have the right to request its correction promptly by Hostico. Any rectification or completion will be communicated to all recipients to whom the data was initially disclosed, unless this is impossible or involves disproportionate efforts.
  • The right to data deletion ("the right to be forgotten"): you have the right to request the deletion of personal data in the following situations:
    • the data are no longer necessary for the purposes for which they were collected or processed;
    • you have withdrawn your consent and there is no other legal basis for processing;
    • you object to the processing and there are no legitimate grounds that override;
    • the data has been processed illegally;
    • the data must be deleted to comply with a legal obligation;
    • personal data was collected in the context of providing services of the information society in accordance with the law of the European Union or the national law under which the operator is subject.

It is possible that, following a data deletion request, Hostico may anonymize this information (removing the personal character) and continue processing it for statistical purposes.

In accordance with the provisions of the GDPR, you are guaranteed the following rights as data subjects:

  • The right to restriction of processing: the right to request the restriction of the processing of personal data in the following situations: the person contests the accuracy of the data, for a period enabling the verification of their correctness; the processing is unlawful and the data subject opposes the deletion of the data, requesting the restriction of their use; the operator no longer needs the personal data for the processing purposes, but the data subject requests it for establishing, exercising, or defending a right in court; the data subject has objected to the processing (except in cases of direct marketing) and it is verified whether the legitimate rights of the operator prevail over the rights of the data subject.
  • The right to data portability: the right to receive personal data in a structured, commonly used, and easily readable format, as well as the right to request the transfer of such data to another data controller, to the extent that the applicable legal conditions are met.
  • The right to object: the right to oppose the processing of personal data, based on Hostico's legitimate interest or for public interest purposes. Except in cases where Hostico can demonstrate the existence of legitimate and compelling reasons that override the interests, rights, and freedoms of the data subject or in the case of establishing, exercising, or defending a right in court, you may request at any time, free of charge and without justification, that the data concerning you not be processed for direct marketing purposes.
  • The right not to be subject to an automated individual decision: You have the right not to be subject to a decision based solely on automated processing activities, including profiling, which produces legal effects or significantly affects you in a similar way.
  • The right to address the National Authority for the Supervision of Personal Data Processing or competent courts: You have the right to address the National Authority for the Supervision of Personal Data Processing or competent courts, if you deem it necessary.
  • The right to access and rectification is provided through the application used to access the client account.

For any additional questions regarding the processing of personal data or to exercise the rights mentioned above, please contact us by email at: office@hostico.ro

VIII. Access Control and Security

Hostico stores and processes customers' personal data in accordance with the General Data Protection Regulation (GDPR), using organizational and technical methods to ensure the protection of this data against destruction through security breaches, alteration, disclosure, or any other form of illegal processing.

For the proper delivery of services, Hostico may provide certain employees with information and personal data provided by clients. These employees have confidentiality agreements in place and receive specific instructions regarding the processing of these data. Hostico assumes responsibility for the recording, storage, and use of this data by its employees.

The personal information of Hostico customers is stored and processed through the WHMCS application (for more information, visit https://www.whmcs.com).

Access to a client's personal information is only permitted to the respective client and Hostico operators, requiring a unique username and password for each client.

In addition, clients can enable two-factor authentication ("Two Factor Authentication") as an additional security measure for accessing their account. This method requires obtaining an authentication code from an external device. Data processing takes place exclusively at the offices of Awesome Projects S.R.L. and at partner data centers.

However, it is important to mention that no information security program is infallible.

The client fully understands and accepts that Hostico does not assume responsibility for the consequences or disturbances that may arise as a result of improper use of the portal by clients. This includes, but is not limited to:

  • The addition by the account administrator of a user whose contact details do not belong to the client (such as email addresses, payment cards, phone numbers, etc.). The client bears full responsibility for the use of these access data in the portal.
  • Accessing the portal and making interventions or adjustments by administrators or users who no longer have the access rights granted by the client.
  • Repeated and abusive access to the functionalities available in the client account.
  • Distributing and copying links containing authentication tokens to other devices, browsers, or third parties.
  • Transmission of information, specifically access data required for accessing, authenticating, and authorizing in the client account to various persons.

The client account represents the central point for managing the services offered by Hostico. This interface grants its owner authority and responsibility over the associated services, and anyone with access to this account can undertake a series of actions without the need to provide additional documents to Hostico.

Losses incurred by the Client due to non-compliance with the security policies agreed upon in the conditions of this policy shall not be considered the fault of Hostico and shall not incur the liability of Hostico.

IX. Special provisions related to minors

Hostico does not knowingly or intentionally collect data about minors. We do not offer services to minors.

X. Social Media

We maintain an online presence on various networks and social platforms to communicate with customers and potential customers, to provide them with information about our services. We use platforms such as Facebook, Twitter, LinkedIn, YouTube, and Google Business. When you access these platforms, the terms and conditions of processing of the respective platform operator apply. We also process the data communicated to us through these platforms and social networks.

Our website may include social media features, such as sharing buttons for Facebook, Twitter, and G+. These features are governed by the privacy policies of the companies that provide them.

We inform you that our website may contain links to other sites. We do not control and are not responsible for the content or practices of these sites. Providing these links does not constitute approval of the activities, content, or owners of those sites. This Privacy Policy does not apply to these websites, as they are subject to their own privacy policies.

XI. Processor

As a processor, Hostico is committed to respecting the following:

  • Processing of information provided by the client only for the precise purposes imposed by them.
  • Application of strict security standards at the equipment and infrastructure level.
  • Reporting any data breach without unjustified delay.
  • Processing of personal data only for the period indicated by the client.
  • Ensuring that the data is and will remain the property of the client.
  • Storing information only on servers located in Romania.

XII. Validity of the document

This privacy document is valid indefinitely.

Hostico reserves the right to make changes to this document, which is why clients are requested to consult it periodically.

If you have any additional questions regarding the Privacy Policy or if you wish to obtain information about the personal data processed by Hostico that concerns you directly, please contact us.

Last updated: 17.12.2024