← Home

Privacy Policy

Last updated 22 April 2026

This page explains what personal data bringes.io collects when you visit the site, why we collect it, and what we do with it. It is provided in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation, "GDPR") and Romanian Law 190/2018.

Data controller

The controller of your personal data is:

  • Bringes Technology SRL
  • 14BIS Crisului, Baicoi, Prahova, Romania, 105200
  • VAT: RO45896025
  • Contact: hello@bringes.io

We have not appointed a Data Protection Officer because our processing does not meet the thresholds of Article 37 GDPR. For any privacy matter write to the address above.

Data we collect

  • Analytics (PostHog). We use PostHog (EU region) to track page visits, clicks on interactive elements, and — when enabled — session recordings with form inputs masked. PostHog drops a first-party cookie / local-storage entry to maintain an anonymous visitor id. Analytics run only after you accept cookies.
  • Contact email. If you write to hello@bringes.io we receive whatever information you choose to include in the message. We only use it to reply to you.
  • Server request logs. Our hosting provider keeps short-lived request logs (IP address, user-agent, URL) for diagnostics and abuse prevention. These are not tied to an identity by us.

Why we collect it and on what legal basis

We process personal data under the following Article 6 GDPR bases:

  • Legitimate interests (Art. 6(1)(f)): keeping the site running and protecting it against abuse. You may object to processing based on legitimate interests (see "Your rights" below).
  • Consent (Art. 6(1)(a)): PostHog analytics cookies. Consent is collected through the cookie banner and can be withdrawn at any time by clearing the cc cookie in your browser, after which analytics stop loading.
  • Legal obligation (Art. 6(1)(c)): responding to valid requests from competent authorities.

Processors and sub-processors

  • Cloudflare — worker + edge delivery and request logs.
  • PostHog (EU region) — analytics.
  • Google Workspace — email inbox for hello@bringes.io.

Each of them receives only the data needed to provide that service.

International transfers

We aim to keep personal data within the European Economic Area. Cloudflare and Google may process limited data (your IP address, request metadata) outside the EEA. When that happens, transfers are covered by the European Commission's Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) and, for Google, the EU-US Data Privacy Framework adequacy decision of 10 July 2023. You can ask us for a copy of the safeguards in place.

Retention

  • Server request logs: up to 30 days, then purged.
  • Contact emails: up to 24 months from last interaction.
  • PostHog events: as per PostHog's default retention (typically 12 months).

Your rights under the GDPR

If we hold personal data about you, you have the right to:

  • Access the data we hold (Art. 15).
  • Rectify data that is inaccurate or incomplete (Art. 16).
  • Erase data ("right to be forgotten", Art. 17).
  • Restrict processing in certain circumstances (Art. 18).
  • Data portability — receive the data you gave us in a machine-readable format (Art. 20).
  • Object to processing based on legitimate interests (Art. 21).
  • Withdraw consent you have given for analytics at any time, without affecting the lawfulness of processing carried out before withdrawal (Art. 7(3)).
  • Lodge a complaint with a supervisory authority. In Romania this is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP), B-dul G-ral Gheorghe Magheru 28-30, Sector 1, București, dataprotection.ro. You may also complain to the authority in your EU country of residence.

To exercise any of these rights email hello@bringes.io. We respond within one month (extendable by two months for complex requests, as allowed by Article 12(3) GDPR).

Automated decisions and profiling

We do not use your personal data to make automated decisions with legal or similarly significant effects on you, and we do not build behavioural profiles for advertising.

Security

Data is transmitted over HTTPS and secrets are kept in the runtime environment rather than in the code. No system can be guaranteed secure, but we use reasonable technical and organisational measures proportionate to the risk, as required by Article 32 GDPR.

Cookies & local storage

We use a small number of cookies and storage entries, split into two categories:

  • Strictly necessary (no consent required): the cc cookie that remembers your cookie-banner choice.
  • Analytics (require your consent): PostHog's cookie / local-storage entry for an anonymous visitor id. These load only after you click Accept in the cookie banner.

We do not use cross-site advertising cookies. You can withdraw analytics consent at any time by clearing the cc cookie or by blocking analytics scripts in your browser.

Changes

We may update this policy. Material changes will be noted at the top of this page with a new "last updated" date.

Contact

Bringes Technology SRL, 14BIS Crisului, Baicoi, Prahova, Romania, 105200 — VAT RO45896025. Questions, takedown requests, or corrections: hello@bringes.io.