Reincarcareonline is in soft launch - browsing only, no orders yet.

Privacy policy

Privacy policy

Version in force from the publication date.

This policy details how ReincarcareOnline.ro collects, processes and protects personal data, in line with Regulation (EU) 2016/679 (GDPR) and Romanian Law 190/2018. For a summary of your rights and how to exercise them, see GDPR Information.

I. Data controller

Digital Payments SRL, a Romanian legal entity, registered office: Strada Liniștii Nr. 15 C, C2, Paleu, Bihor county, 417166, Romania. VAT (RO)38316257, Trade Register J5/2640/2017. Personal-data contact point: support@reincarcareonline.ro. There is no outsourced Data Protection Officer (DPO); requests are handled by a designated internal representative.

II. Processed data

II.1. Data you provide directly

  • Email address (mandatory – the channel through which we deliver the voucher).
  • Mobile phone number or Focus Sat ID (technically required to apply the recharge).
  • Optional billing data (name, company name, VAT, address) when you want a company invoice.
  • Payment confirmation received from the processor (PayPal, Stripe, BTCPay Server).

II.2. Data collected automatically

  • IP address, used for technical logs and fraud prevention.
  • Browser type and operating system (User-Agent).
  • Interaction timestamps with the site.
  • Essential cookies (session, cart, authentication).

We do not process special categories of data (ethnic origin, political opinions, health, etc., per GDPR Art. 9).

III. Purposes and legal basis

We process your data for clearly defined purposes, each with an explicit legal basis:

  • Order processing and voucher delivery – contract execution (Art. 6.1.b GDPR).
  • Invoicing and fiscal archiving – legal obligation (Art. 6.1.c).
  • Fraud prevention and AML compliance – legitimate interest (Art. 6.1.f) and legal obligation (Romanian Law 129/2019).
  • Promotional communications – exclusively based on explicit consent (Art. 6.1.a), with an unsubscribe option at any time.

IV. Retention period

Data type Duration Legal basis
Transactions and invoices 10 years Romanian Accounting Law 82/1991, Art. 25
Technical logs (IP, UA) up to 12 months Legitimate interest – fraud prevention
KYC data (if collected) 5 years from last transaction Law 129/2019 anti-money-laundering
Newsletter subscription until unsubscribe Consent

V. Recipients of the data

We do not sell personal data. We share it strictly with the following recipient categories, only to fulfil the stated purpose:

  • Payment processors – PayPal, Stripe, BTCPay Server (transaction authorisation).
  • Mobile carriers / Focus Sat – Orange, Vodafone, Telekom, Digi, Focus Sat (recharge application).
  • Technical service providers – hosting, transactional email, backup (Box.com), under GDPR-compliant contracts.
  • Public authorities – ANAF, Police, courts – only on documented legal request.

Any transfers to states outside the EU/EEA are made only via mechanisms approved by the European Commission (adequacy decisions or standard contractual clauses).

VI. Cookies

We use cookies strictly necessary for site operation (session, cart, authentication). We do not use advertising tracking cookies without explicit consent, expressed via the cookie banner shown on first visit.

VII. Data security

We implement technical and organisational measures appropriate to the risk:

  • TLS 1.3 encryption between browser and server for all connections.
  • Sensitive-data encryption (voucher PINs) with Sodium / libsodium – access only via an HMAC-signed link.
  • Encrypted backups in two distinct geographic locations.
  • Administrative access on the “least privilege” principle.
  • Breaches notified to ANSPDCP within 72 hours if user rights are affected (GDPR Art. 33).

VIII. Automated profiling

ReincarcareOnline.ro does not carry out automated profiling or automated decision-making with legal effects on users (GDPR Art. 22).

IX. Your rights

You enjoy the rights under GDPR Arts. 15-22: access, rectification, erasure, restriction, portability, objection, consent withdrawal. The exercise procedure is detailed in GDPR Information. Requests go to support@reincarcareonline.ro and are resolved within 30 days.

X. Complaints

You have the right to address the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)www.dataprotection.ro.

XI. Changes to the policy

This policy may be updated periodically. Significant changes are announced on the homepage or by email. The version in force is the one shown on this page.