HEXCLOUD.AI
Legal

Privacy Policy

Last updated: February 21, 2026

1. Introduction

HEXCLOUD CONSULTING SRL ("HEXCLOUD.AI", "we", "us", or "our"), registered in Romania, is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website hexcloud.ai or use our services.

We process personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), Romanian Law No. 190/2018 on the implementation of the GDPR, and other applicable data protection legislation.

2. Data Controller

The data controller responsible for your personal data is:

  • Company: HEXCLOUD CONSULTING SRL
  • Email: contact@hexcloud.ai
  • Website: https://hexcloud.ai

3. Personal Data We Collect

We may collect the following categories of personal data:

3.1 Data You Provide Directly

  • Contact forms: Full name, company name, email address, phone number, job title, project description, budget range, timeline, and referral source.
  • Newsletter subscription: Email address and name.
  • Brochure requests: Full name, company name, email address, phone number, and job title.

3.2 Data Collected Automatically

  • Technical data: IP address, browser type and version, user agent, operating system, device type.
  • Usage data: Pages visited, time spent on pages, referral source, click patterns.
  • Analytics data: Data collected through Google Analytics (see Section 7).

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Consent (Art. 6(1)(a)): When you subscribe to our newsletter or submit a contact form.
  • Legitimate interest (Art. 6(1)(f)): To improve our website, analyze usage patterns, and ensure security.
  • Performance of a contract (Art. 6(1)(b)): When processing data necessary to provide our services.
  • Legal obligation (Art. 6(1)(c)): When required by Romanian or EU law.

5. How We Use Your Data

We use the collected data for the following purposes:

  • To respond to your inquiries and provide personalized offers.
  • To send email notifications about your request status.
  • To send newsletter communications (only with your consent).
  • To improve our website and services through analytics.
  • To ensure the security and integrity of our systems.
  • To comply with legal obligations.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your data with:

  • Service providers: Cloud hosting (Microsoft Azure), email delivery services, and analytics providers that process data on our behalf.
  • Legal authorities: When required by law, court order, or governmental request.

7. Analytics and Tracking

We use Google Analytics and Google Tag Manager to understand how visitors interact with our website. These tools may use cookies and collect anonymized data. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

For more information about cookies, please see our Cookies Policy.

8. Data Storage and Security

Your data is stored on secure servers hosted on Microsoft Azure (West Europe region). We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (TLS/SSL).
  • Access controls and authentication mechanisms.
  • Regular security audits and vulnerability assessments.
  • MongoDB database with encrypted connections.

9. Data Retention

We retain your personal data only for as long as necessary:

  • Contact form submissions: 24 months after the last interaction.
  • Newsletter subscriptions: Until you unsubscribe.
  • Analytics data: 26 months (Google Analytics default).
  • Legal obligations: As required by Romanian fiscal and commercial law.

10. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of access (Art. 15): Request a copy of your personal data.
  • Right to rectification (Art. 16): Request correction of inaccurate data.
  • Right to erasure (Art. 17): Request deletion of your data ("right to be forgotten").
  • Right to restriction (Art. 18): Request limited processing of your data.
  • Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interests.
  • Right to withdraw consent: Withdraw consent at any time without affecting prior processing.

To exercise any of these rights, please contact us at contact@hexcloud.ai.

11. International Data Transfers

Your data is primarily stored within the European Economic Area (EEA). If data is transferred outside the EEA (e.g., to Google LLC for analytics), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

12. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

14. Contact and Complaints

For any questions about this Privacy Policy or to exercise your data protection rights, contact us at:

You also have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP):

We value your privacy

We use cookies to improve your experience and analyze site traffic. Read our Cookies Policy for details.