Last Updated: May 12, 2026

COCIS ANDREI DORIN PERSOANĂ FIZICĂ AUTORIZATĂ ("DataForge", "we", "us", or "our") respects your privacy and is committed to protecting the personal data of our API users and website visitors in accordance with the General Data Protection Regulation (GDPR).

This Privacy Policy explains how we collect, use, and share information when you use our API platform (https://api.dataforge-api.dev) and our commercial website.

1. Data We Collect

As a B2B service, we collect minimal personal data strictly necessary for the provision of the API:

Account Information: Email address (used as the primary identifier and for API key delivery).

Payment Information: Processed securely by our third-party payment gateway (Stripe). We do not store full credit card numbers on our servers. We store the Stripe Customer ID for billing synchronization.

Technical Data & Logs: When you make requests to our API, we automatically collect server logs, including your IP address, timestamp, requested endpoints, user agent, and the API key used.

2. How We Use Your Data

We process your data for the following legitimate business purposes:

To provision and authenticate your API access.

To process payments and manage your subscription lifecycle.

To monitor API usage (rate limiting, billing metrics, and abuse prevention).

To send technical notices, updates, security alerts, and administrative messages.

3. Data Sharing and Third Parties

We do not sell your personal data. We may share necessary data with authorized service providers who perform services on our behalf:

Stripe: For secure payment processing and subscription management.

Hetzner / Cloudflare: For hosting infrastructure and network security.

4. Data Security

We implement industry-standard security measures, including HTTPS/TLS encryption for all API traffic and secure database architecture, to protect your data from unauthorized access, alteration, or destruction.

5. Your Rights (GDPR)

Under the GDPR, you have the right to:

Access the personal data we hold about you.

Request the correction of inaccurate data.

Request the deletion of your data (Right to be Forgotten), subject to legal retention requirements for financial records.

Object to or restrict the processing of your data.

To exercise any of these rights, please contact us at [email protected].

6. Data Retention

We retain your account and technical data for as long as your subscription is active. Upon cancellation, we may retain certain billing and operational logs as required by Romanian tax laws and for security auditing purposes.