Privacy Policy
Last updated: 18 June 2026
Note: This is a courtesy English translation. The Romanian version is the legally binding text per Romanian law.
⚠ CONCEPT / DEMO — Cabinet Stomatologic Smile is a portfolio demonstration piece. The company's legal details (legal name, VAT ID, legal form, registered office) are illustrative.
1. Data controller
This data is processed by:
Cabinet Stomatologic Smile (trade name)
Legal name: ⚠ TODO: to be completed (sole trader / company)
VAT ID: ⚠ TODO: to be completed
Trade register no.: ⚠ TODO: to be completed
Contact person / owner: Dr. Andreea Pop
Email: receptie@cabinet-smile.ro
Phone: +40 264 110 330
Hereinafter "we", "Cabinet Stomatologic Smile".
2. About this policy
This policy explains what personal data we collect about you through the website cabinet-smile-website.pages.dev and the contact form, why we collect it, how long we keep it and what rights you have. It complies with EU Regulation 2016/679 (GDPR) and Romanian Law 190/2018.
Questions? Write to receptie@cabinet-smile.ro or call +40 264 110 330.
3. What data we collect
3.1. Data you provide via the appointment form
When you fill in the appointment form we collect: name (required), phone (required), reason/service (selected from a list), and an optional preferred date. You may also contact us directly by phone at 0264 110 330 or WhatsApp at 0758 220 330. The data is used solely to confirm and arrange your appointment. We do not collect health data via the form — clinical details are discussed at the clinic.
3.2. Data collected automatically
The site is hosted on Cloudflare Pages. Cloudflare processes IP address (pseudonymised, anti-bot), browser/OS type, the page visited and the referrer — for security and performance only. We do not use Google Analytics, Facebook Pixel or marketing tracking. See the Cookie Policy.
3.3. Data we do not collect
- No national ID, bank account or other sensitive data.
- No data about minors. The site is intended for people over 16.
- No automated profiling or decision-making (Art. 22 GDPR).
- We never sell your data or share it with third parties for marketing.
4. Why we collect this data (purpose and legal basis)
| Data | Purpose | Legal basis (GDPR) |
|---|---|---|
| Form / call / WhatsApp data | To respond, estimate a service, arrange a booking | Art. 6(1)(b) — pre-contractual steps at your request |
| Cloudflare data (IP, browser) | Security, anti-bot, performance | Art. 6(1)(f) — legitimate interest |
5. Who we share data with (processors)
| Provider | Purpose | Country | Safeguards |
|---|---|---|---|
| Cloudflare, Inc. | Hosting, CDN, anti-bot security | USA + edge (incl. EU) | Standard Contractual Clauses (SCC). Cloudflare policy |
| Resend, Inc. | Delivery of form emails | USA | Standard Contractual Clauses (SCC). Resend policy |
6. How long we keep data
| Category | Period |
|---|---|
| Messages received via form / WhatsApp | 12 months from last interaction, then deleted. |
| Cloudflare logs | Per Cloudflare policy (typically 30 days). |
| Contractual documents (if you become a client) | 10 years per Romanian tax law. |
7. Your rights
Under GDPR you have the rights of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21) and to withdraw consent (Art. 7). To exercise them, write to receptie@cabinet-smile.ro. We respond within 30 days.
8. Complaints to the supervisory authority
ANSPDCP (Romanian Data Protection Authority), B-dul G-ral Gheorghe Magheru 28-30, Bucharest. Email: anspdcp@dataprotection.ro · www.dataprotection.ro
9. Security
HTTPS/TLS encryption, Cloudflare anti-DDoS/anti-bot, restricted inbox access, 72-hour breach notification to ANSPDCP.
10. International transfers
Some data is processed in the USA (Cloudflare, Resend), based on Standard Contractual Clauses (SCC).
11. Cookies
See the Cookie Policy.
12. Changes
We may update this policy. The current version is dated at the top.
13. Contact
Cabinet Stomatologic Smile · receptie@cabinet-smile.ro · +40 264 110 330