Privacy Policy
Last updated: 28.12.2025
This Privacy Policy explains how we collect, use, store, and protect personal data when you contact or work with us.
Controller: COSTACHE IONUT GABRIEL – Sole Proprietor (CIGGA Labs), Poiana Ruscăi 7, Apt. 7, Timișoara, Romania. You can contact us at gabi@cigga-labs.com or +40 771 301 657. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Romanian legislation.
1. What data we collect
We may collect the following categories of personal data: identity and contact details (name, email, phone number), company information, project-related details, communication records, and billing or invoicing data. We do not intentionally collect sensitive personal data unless it is necessary and explicitly agreed.
2. How we collect data
We collect data when you contact us by email, phone, or forms, when you request a proposal, sign an agreement, receive services from us, or otherwise interact with our business.
3. Legal basis for processing
We process personal data only where a lawful basis applies: to perform or prepare a contract, to comply with legal obligations (such as accounting and tax), based on our legitimate interests (such as improving our services and communication), or on the basis of your consent where required. You may withdraw consent at any time.
4. How we use personal data
We use personal data to respond to inquiries, provide consulting, automation, marketing, and maintenance services, manage projects, issue invoices, communicate with clients, improve internal processes, and meet legal and regulatory requirements. We do not sell personal data.
5. Sharing personal data
We may share data with trusted third parties such as service providers (hosting, communication and project tools, invoicing software), accountants, legal advisors, or public authorities when legally required. These parties are obliged to keep data confidential and process it only for the specific purposes agreed.
6. Data security
We apply appropriate technical and organizational safeguards to protect personal data against loss, misuse, unauthorized access, disclosure, and alteration. Access is limited to persons who need it for legitimate business purposes.
7. International transfers
If personal data is transferred outside the European Union due to the tools we use, such transfers are protected by GDPR-recognized safeguards such as adequacy decisions or Standard Contractual Clauses. Additional details can be provided upon request.
8. Data retention
We retain personal data only as long as necessary for the purposes described: project records for the duration of the relationship, accounting data for 5–10 years as required by law, and communication history for a reasonable period unless deletion is requested and permitted by law. When no longer needed, data is securely deleted or anonymized.
9. Your GDPR rights
You have the right to access, correct, or delete your personal data, restrict or object to processing, request data portability, withdraw consent, and submit a complaint to the National Supervisory Authority for Personal Data Processing (ANSPDCP) in Romania. To exercise your rights, contact us at gabi@cigga-labs.com.
10. Automated decision-making
We do not use automated decision-making that produces legal or similarly significant effects regarding individuals.
11. Third-party links
Our website or communications may contain links to third-party websites. We are not responsible for their privacy practices and encourage you to review their policies.
12. Changes to this policy
We may update this Privacy Policy periodically. Updates will be posted with the revised “Last updated” date, and continued use of our services constitutes acceptance of the changes.
Contact
For questions about this Privacy Policy or how we process personal data, please contact us at gabi@cigga-labs.com or +40 771 301 657.