GDPR Compliance - Ixaria

1. Our Approach to Privacy

At Ixaria, we believe privacy is not a checkbox - it's part of building trust.

We design our systems and processes to minimize data collection and avoid unnecessary tracking. Our goal is simple:

Collect only what is needed. Use it responsibly. Protect it rigorously.

2. Legal Framework

Ixaria processes personal data in accordance with:

• General Data Protection Regulation (EU) 2016/679 (GDPR)
• Applicable Romanian data protection legislation (including Law 190/2018)

3. Who We Are (Data Controller)

Ixaria acts as a Data Controller for personal data collected through its website and business interactions.

4. What Data We Process

We may process limited personal data, such as:

• Name
• Email address
• Phone number
• Company details
• Communication content

We do not collect unnecessary or excessive personal data.

5. How We Collect Data

We collect data only when:

• You contact us directly
• You submit a form
• You engage in a business relationship with us

We do not collect data through hidden tracking mechanisms.

6. Purpose of Processing

We process personal data strictly for:

• Responding to inquiries
• Managing business relationships
• Delivering our services
• Improving our offerings

We do not sell or monetize personal data.

7. Legal Basis

Our processing is based on:

• Consent - when you explicitly provide it
• Contractual necessity - to deliver services
• Legitimate interest - to improve our operations
• Legal obligation - where required by law

8. Data Minimization

We follow the principle of data minimization:

• We collect only what is necessary
• We avoid tracking technologies where possible
• We design systems to reduce personal data dependency

9. Data Storage and Retention

We retain personal data only as long as necessary:

• For communication: 48 months
• For contractual purposes: 48 months
• For legal obligations: 48 months

After this, data is securely deleted or anonymized.

10. Data Security

We implement appropriate technical and organizational measures, including:

• Secure infrastructure
• Access control
• Data encryption where applicable

Despite this, no system is 100% secure.

11. Data Sharing

We may share data with:

• Trusted service providers (hosting, infrastructure)
• Legal authorities when required

All partners are required to comply with GDPR standards.

12. International Transfers

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards such as:

• Standard Contractual Clauses (SCCs)
• EU-approved adequacy decisions

13. Your Rights

Under GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion
• Restrict processing
• Object to processing
• Request data portability
• Withdraw consent at any time

To exercise these rights, contact us at:

office@ixaria.ro

14. Supervisory Authority

If you believe your rights have been violated, you can contact:

National Supervisory Authority for Personal Data Processing (ANSPDCP)

Romania

15. No Automated Decision-Making

Ixaria does not use automated decision-making or profiling that produces legal or significant effects on individuals.

16. Privacy by Design

Privacy is integrated into how we build our products:

• Minimal data collection
• Clear data structures
• Transparent data flows
• No unnecessary tracking

17. Changes to This Page

We may update this GDPR page as our practices evolve.

18. Contact

For any GDPR-related questions: