Privacy Policy

Effective Date: 02.12.2024

BLUMO SOLUTIONS SRL (“we,” “our,” or “us”) is committed to protecting the privacy of users (“you” or “user”). This Privacy Policy explains how we collect, use, store, and share your personal data in accordance with the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

1. Data Controller Information

  • Organization Name: BLUMO SOLUTIONS SRL
  • Type of Organization: Limited Liability Company
  • Address: Calea Dudeşti, Nr. 153, Camera 1, Et. 1, Sector 3, Municipiul Bucureşti, Romania
  • Contact Person: Stefan Oros
  • Email: [email protected]

2. Data Collection

We collect the following types of personal data:

  • Contact Information: Email and name, collected via forms for notifications, account management, and customer support.
  • Usage Data: Automatically collected usage information via PostHog analytics to improve user experience and for troubleshooting.
  • Third-Party Data: Information from Google and Facebook used to facilitate login and personalization.
  • Technical Information: IP address, browser details, and User Agent.

We do not knowingly collect data from minors under the age of 16.

3. Purpose and Legal Basis for Processing

The personal data we collect is used for the following purposes:

  • Email, Name and Physical Address: For sending notifications, managing accounts, billing and providing customer support.
  • Usage Data: For improving user experience, analytics, and troubleshooting.
  • Third-Party Login Data: To facilitate login and personalize the user experience.
  • Technical Information: IP address, browser details, and User Agent for marketing purposes.

Our processing is based on legitimate interest for service improvement, and on user consent where applicable.

4. Data Sharing

We may share your data with trusted third parties to facilitate our services, including:

  • PostHog: For website analytics.
  • Stripe: For payment processing.
  • Meta: For targeted advertising campaigns.

All third-party providers are required to comply with applicable data protection laws.

5. Marketing Communications

We may send you marketing and promotional communications. Users are automatically enrolled without requiring separate consent, and may opt out at any time.

6. Data Storage and Security

Storage Location: We store data in secure cloud-based servers managed by Cloudflare.

Security Measures: We employ access controls and secure data transmission to protect user data.

7. Data Retention

We retain all personal data for the duration of the user’s account. Data will be deleted if the account is terminated or upon user request, in accordance with GDPR requirements.

8. Cookies and Tracking Technologies

We use cookies to support analytics and authentication:

  • Analytics Cookies: PostHog cookies track site usage to improve functionality and user experience.
  • Authentication Cookies: Supabase Auth cookies support secure login and session management.
  • Advertising Cookies: Facilitate targeted advertising via platforms like Meta Ads.

You may manage cookies via browser settings, but note that disabling them may affect certain site functionalities.

9. User Rights under GDPR

You have the following rights regarding your personal data:

  • Right to Access: Request access to your data.
  • Right to Rectification: Request corrections to inaccurate data.
  • Right to Erasure: Request data deletion when no longer necessary for the original purpose.
  • Right to Restrict Processing: Limit data processing in specific circumstances.
  • Right to Data Portability: Request your data in a machine-readable format.
  • Right to Object: Object to data processing based on legitimate interest or for direct marketing purposes.

To exercise these rights, please contact us at [email protected].

10. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA). These rights are intended to provide transparency and control over your personal information.

Rights under CCPA

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, as well as the sources of this information, the purpose for collecting it, and any third parties with whom we share it.
  • Right to Delete: You may request the deletion of personal information we have collected from you, subject to certain exceptions (such as completing transactions or legal obligations).
  • Right to Opt-Out of Sale: We do not sell your personal data. However, if this practice changes, we will update our policy and provide a mechanism for opting out.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you services, charge you different prices, or provide a different quality of service unless permitted by law.

How to Exercise Your Rights

California residents can exercise their rights under CCPA by contacting us at [email protected]. Please include “CCPA Request” in your subject line and provide sufficient information to verify your identity.