Privacy Policy

    Last updated: May 31, 2025

    This Privacy Policy explains how Marea de Povești SRL(LLD) (“we”, “us”, “our”), VAT no. 45311546, based in Avram Iancu Street408F, ap. 52, Florești, Cluj County, Romania, processes personal data when youinteract with our website [www.whynotstudios.eu] (“Website”) and ourservices.

    We are committed to protecting your privacy and complyingwith the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

    1. Who We Are

    Marea de Povești SRL (LLD)
    Headquarters: Avram Iancu 408F, ap. 52, Florești, Cluj County, Romania
    VAT Number: 45311546
    Email: harunsimareadepovesti@gmail.com
    We act as the Data Controller for personal data collected via the Website.

    2. What Data We Collect

    We may collect the following types of personal data:

    • Contact     Information (name, email address, phone number) – when you fill out a     contact form or request a quote.
    • Professional     Details (business name, job title) – when applicable to a project.
    • Technical     Data (IP address, browser type, device info) – collected via cookies.
    • Usage     Data (pages visited, time on site) – for analytics purposes.
    • Marketing     Preferences – if you subscribe to our newsletter.

    We do not collect or process special categories of data(e.g., health or biometric data).

    3. Why We Collect Your Data

    We collect and process data for the following purposes:

    Purpose

    Legal Basis (GDPR Article)

    Responding to contact requests

    Art. 6(1)(b) – Contract performance

    Sending marketing emails

    Art. 6(1)(a) – Consent

    Processing project contracts and invoices

    Art. 6(1)(b), (c) – Contract + Legal obligation

    Website analytics (non-essential cookies)

    Art. 6(1)(a) – Consent

    Security and error detection

    Art. 6(1)(f) – Legitimate interest

    4. Cookies & Tracking Technologies

    We use cookies to improve your experience, collectanonymized analytics (e.g., via Google Analytics), and remember yourpreferences.

    • Essential     Cookies – required for the site to function.
    • Analytics     Cookies – help us understand site performance.
    • Marketing     Cookies – used only with your consent.

    You can control cookie preferences via the pop-up banner oryour browser settings.

    5. Who We Share Your Data With

    We do not sell your data.

    However, we may share data with:

    • Service     providers (e.g., web hosting, CRM, newsletter tools like Mailchimp or     Brevo)
    • Professional     collaborators involved in service delivery (with NDA)
    • Public     authorities if required by law

    All third-party processors are GDPR-compliant and operateunder strict confidentiality agreements.

    6. How Long We Keep Your Data

    We retain data only as long as necessary:

    • Contact     inquiries – up to 12 months
    • Client     records – up to 5 years (for accounting and legal purposes)
    • Newsletter     subscription data – until you unsubscribe
    • Cookies     – as per their expiration time (up to 13 months for analytics)

    7. Your Rights Under GDPR

    You have the following rights regarding your personal data:

    • Access     – Know what data we hold about you.
    • Rectification     – Request corrections to inaccurate data.
    • Erasure     – Ask for your data to be deleted.
    • Restriction     – Limit how we process your data.
    • Portability     – Request a copy of your data in a structured format.
    • Objection     – Oppose processing based on legitimate interest or direct marketing.
    • Withdraw     Consent – At any time, without affecting past lawful processing.

    To exercise your rights, contact us at harunsimareadepovesti@gmail.com.

    8. Data Security

    We take appropriate technical and organizational measures tosecure your data, including HTTPS encryption, access control, and secure datastorage.

    9. Data Transfers Outside the EU

    If we use third-party services (e.g., US-based newslettertools), your data may be transferred outside the EU under appropriatesafeguards (e.g., Standard Contractual Clauses or EU-US Data Privacy Frameworkparticipation).

    10. Complaints

    If you believe your rights have been violated, you can filea complaint with:

    Romanian National Supervisory Authority for Personal DataProcessing (ANSPDCP)
    www.dataprotection.ro
    Phone: +40 318 059 211
    Email: anspdcp@dataprotection.ro

    11. Changes to This Policy

    We may update this Privacy Policy occasionally. Any changeswill be posted on this page, with the revision date at the top.