OferTix← Back to home

Privacy Policy

Last updated: 1 May 2025

This Privacy Policy explains how Nova Analytica S.R.L. ("we", "us") collects, uses, and protects personal data when you use OferTix. We are committed to compliance with the EU General Data Protection Regulation (GDPR) and Romanian data protection law.

1. Data Controller

Nova Analytica S.R.L.
Romania
Email: info@novanalytica.com

2. Data We Collect

Account & Identity Data

  • Full name and email address (required for registration)
  • Company name, VAT number, address, phone number
  • Password (stored as a one-way bcrypt hash — we cannot recover it)

Usage Data

  • Offers, clients, and team members you create within the platform
  • Timestamps of account and offer creation
  • Support ticket messages

Technical Data

  • IP address and browser information (collected by our hosting provider)
  • Session cookies required for authentication

We do not use tracking pixels, advertising cookies, or third-party analytics scripts.

3. Legal Basis for Processing

  • Contract performance (Art. 6(1)(b) GDPR) — to provide the Service you signed up for.
  • Legitimate interest (Art. 6(1)(f) GDPR) — to maintain security, prevent fraud, and improve the platform.
  • Legal obligation (Art. 6(1)(c) GDPR) — to comply with applicable Romanian and EU law (e.g. invoicing, tax records).
  • Consent (Art. 6(1)(a) GDPR) — for optional marketing communications, if you opt in.

4. How We Use Your Data

  • To create and manage your account and subscription.
  • To send transactional emails (account creation, password changes, subscription receipts).
  • To provide customer support.
  • To maintain the security and integrity of the platform.
  • To comply with legal obligations.

5. Data Processors (Sub-processors)

We share data with the following processors, each bound by GDPR-compliant data processing agreements:

  • Supabase Inc. (EU region) — database hosting.
  • Resend Inc. — transactional email delivery.
  • Stripe Inc. — payment processing (billing information only).
  • Netlify Inc. — application hosting and CDN.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

6. Data Retention

  • Active account data is retained for as long as your account exists.
  • Upon account deletion, your personal data and business data are permanently erased within 30 days.
  • Financial records (invoices) may be retained for up to 10 years as required by Romanian accounting law.
  • Support ticket content is retained for 2 years.

7. Your Rights Under GDPR

You have the right to:

  • Access — request a copy of your personal data.
  • Rectification — correct inaccurate data.
  • Erasure ("right to be forgotten") — request deletion of your account and data.
  • Portability — receive your data in a machine-readable format (CSV/JSON).
  • Restriction — limit how we process your data in certain circumstances.
  • Objection — object to processing based on legitimate interest.
  • Withdraw consent — at any time, where processing is based on consent.

To exercise any of these rights, contact us at info@novanalytica.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Romanian data protection authority: ANSPDCP (dataprotection.ro), or with the supervisory authority in your EU member state.

8. Cookies

OferTix uses only technically necessary cookies: a session authentication cookie (HttpOnly, Secure) and a language preference cookie (NEXT_LOCALE). No tracking or advertising cookies are used.

9. International Transfers

Your data is stored on servers located in the European Union. Where sub-processors operate outside the EU (e.g. Resend), transfers are governed by Standard Contractual Clauses (SCCs) or an adequacy decision, in compliance with GDPR Chapter V.

10. Children

OferTix is not directed at children under 18. We do not knowingly collect data from minors.

11. Changes to This Policy

We may update this Privacy Policy. Material changes will be notified by email or in-app notice at least 14 days before taking effect. The current version is always available at /legal/privacy.

12. Contact

For any privacy-related queries:
info@novanalytica.com