Last updated: 2026-03-19
The personal data controller is S.C. MUNTEANU DEV TECH S.R.L., registered at Bdul. Siderurgistilor 30, Bl. SD4B, Sc. 1, Et. 1, Ap. 3, 800235 Galați, Romania, Tax ID 47145563, email: contact@spalatorii-auto.ro. We process your data in accordance with Regulation (EU) 2016/679 (GDPR).
We collect the following categories of data: identification data (name, email, phone number), vehicle data (license plate, vehicle type), reservation data (date, time, car wash), technical data (IP address, browser type, cookies). For car wash owners, we additionally collect: business data (name, address, schedule, images).
We process your data for: contract execution — creating your account, making and managing reservations, sending SMS confirmations; our legitimate interest — improving the Platform, preventing abuse, aggregate statistics; your consent — sending marketing communications (only if you explicitly opted in). You can withdraw your consent at any time.
We share your data with: SMS service providers (smsapi.ro) — for sending SMS notifications; email service provider (trimis.ro) — for sending emails; hosting provider (DigitalOcean) — for data storage; logging provider (Better Stack) — for monitoring and debugging; mapping services (Mapbox, Google Maps) — for displaying locations. All providers comply with GDPR and are based in the EU/EEA or provide adequate safeguards.
We keep account data for as long as the account is active. Reservation data is kept for 2 years from the appointment date. Upon account deletion, personal data is removed within 30 days. Technical logs are kept for a maximum of 90 days.
Under GDPR, you have the right to: access — request a copy of your data; rectification — correct inaccurate data; erasure — request deletion of your data; restriction — limit processing; portability — receive your data in a structured format; objection — object to processing based on legitimate interest. To exercise your rights, contact us at: contact@spalatorii-auto.ro. You have the right to file a complaint with ANSPDCP (www.dataprotection.ro).
We implement technical and organizational measures to protect data: HTTPS encryption, password hashing (bcrypt), two-factor authentication (2FA) for owners, rate limiting, regular backups. Access to data is restricted to authorized personnel only.
This policy may be updated periodically. We will notify you by email or through the Platform about significant changes. The date of the last update is displayed at the top of this page.