Sari la conținutul principal

Privacy Policy

Last Updated: 29.05.2026

About this policy

This page describes how vladweb.rohandles personal data — what is collected, why, who it's shared with, and what rights you have. It applies to everyone who visits the site or uses the contact form.

The site is operated as a personal portfolio under EU Regulation 2016/679 (the General Data Protection Regulation, "GDPR"). For specifics on cookies and browser-storage entries, see the cookie policy.

Who I am

  • Data controller: Vlad Parlici
  • Contact: [email protected]
  • Capacity: personal project, not a registered business.

For any privacy-related question or to exercise the rights listed below, email me directly using the address above.

What I collect

Site usage preferences

Stored only in your browser. Never sent to my server.

  • Theme (light / dark)
  • Language preference
  • Your cookie-consent decision

Analytics data

Loaded only if you opt in via the cookie banner. Used to understand which pages get visited.

  • Anonymous page views (Google Analytics 4)
  • Session identifier
  • Basic device & browser info

Anti-abuse data

Loaded only if you opt in via the cookie banner. Used to keep the contact form free of automated spam.

  • Cloudflare Turnstile challenge signals (cookieless) while you submit the contact form

Contact form data

Collected only when you submit the contact form.

  • Your name and email address
  • Your message
  • Optional CV / job-description attachment (PDF, DOC, DOCX, TXT — up to 5 MB)
  • Your IP address (held briefly in process memory for rate limiting; never persisted)
  • Country derived from your IP (used to restrict submissions to Romania)

Server-side technical data

Standard hosting logs generated by my hosting provider.

  • Request timestamps, IP, user-agent, response status

Why I collect it (legal basis)

  • Site usage preferences

    Remembering your theme / language so the site is usable

    Basis: Art. 6(1)(f) — legitimate interest in providing a working site

  • Analytics

    Understanding which pages get visited

    Basis: Art. 6(1)(a) — your explicit consent

  • Anti-abuse

    Preventing automated spam submissions to the contact form

    Basis: Art. 6(1)(a) — your explicit consent

  • Contact form (name, email, message)

    Receiving and responding to your message

    Basis: Art. 6(1)(b) — taking pre-contractual steps at your request

  • Contact form IP + country

    Rate limiting and geographic gating against abuse

    Basis: Art. 6(1)(f) — legitimate interest in keeping the form usable

  • Server logs

    Operating and securing the hosting infrastructure

    Basis: Art. 6(1)(f) — legitimate interest in security

Who I share data with

Data may be processed by the following service providers acting on my behalf. I do not sell personal data to anyone.

Resend

Email delivery for the contact form

Receives: Name, email, message, optional attachment

Google Analytics

Anonymous page-view analytics

Receives: IP, page paths, browser data — only if you consented

Cloudflare (Turnstile)

Privacy-friendly anti-spam challenge on the contact form

Receives: IP and browser signals at challenge time — only if you consented

Cloudinary

Hosting the profile image on the home page

Receives: Standard image-request logs (IP, user-agent)

DigitalOcean

Application hosting

Receives: Standard hosting logs

International transfers

Several of the processors listed above are based in the United States. When data is transferred outside the European Economic Area, it relies on the lawful mechanisms set out in GDPR Articles 44–49 — primarily the EU-US Data Privacy Framework (DPF) adequacy decision and Standard Contractual Clauses where DPF coverage is not available.

How long I keep your data

  • Local storage (theme, language, cookieConsent)

    Until you clear browser storage

  • Google Analytics cookies

    Up to 2 years (set by Google)

  • Turnstile (anti-abuse)

    No cookies — Turnstile is cookieless by design

  • Contact form IP (rate limit)

    60 seconds, in process memory only — never persisted

  • Contact form messages received by email

    Retained in my inbox until you ask for deletion

  • Server hosting logs

    Per DigitalOcean's retention (typically up to 30 days)

Your rights

You have the following rights regarding your personal data:

  • Access (Art. 15)Request a copy of the data I hold about you.
  • Rectification (Art. 16)Request that inaccurate data be corrected.
  • Erasure (Art. 17)Request that data be deleted ("right to be forgotten").
  • Restriction (Art. 18)Limit further processing in specific cases.
  • Portability (Art. 20)Receive your data in a machine-readable format.
  • Objection (Art. 21)Object to processing based on legitimate interest.
  • Withdraw consent (Art. 7)Withdraw consent for analytics or anti-abuse at any time via the cookie banner, or via "Reset cookie preferences" on the cookie policy page.

To exercise any of these rights, email me at [email protected]. I'll respond within one month, as required by GDPR.

Filing a complaint

If you believe my handling of your personal data violates GDPR, you have the right to lodge a complaint with the Romanian supervisory authority — the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP): dataprotection.ro.

Contact

For any question about this policy or about how your personal data is handled, reach me at [email protected].

Updates to this policy

This policy may change as the site evolves. The "Last updated" date at the top reflects the most recent revision. Substantial changes (new processing activities, new processors, new cookie categories) will reset any prior cookie consent so you can re-decide.