Privacy Policy
Last updated: 18 June 2026
Note: This is a courtesy English translation. The Romanian version is the legally binding text per Romanian law.
⚠ CONCEPT / DEMO — Bistro Verde is a portfolio demonstration piece. The company's legal details (legal name, VAT ID, legal form, registered office) are illustrative.
1. Data controller
This data is processed by:
Bistro Verde (trade name)
Legal name: ⚠ TODO: to be completed (sole trader / company)
VAT ID: ⚠ TODO: to be completed
Trade register no.: ⚠ TODO: to be completed
Contact person / owner: Andrei & Ioana Marcu
Email: salut@bistroverde.ro
Phone: +40 368 100 220
Hereinafter "we", "Bistro Verde".
2. About this policy
This policy explains what personal data we collect about you through the website bistro-verde-website.pages.dev and the contact form, why we collect it, how long we keep it and what rights you have. It complies with EU Regulation 2016/679 (GDPR) and Romanian Law 190/2018.
Questions? Write to salut@bistroverde.ro or call +40 368 100 220.
3. What data we collect
3.1. Data you provide via the contact form
When you fill in the reservation form we collect: name (required), phone (required), number of guests and preferred date & time, and an optional message. You may also contact us directly by phone at 0368 100 220 or WhatsApp at 0742 118 220. The data is used solely to confirm your reservation and hold your table.
3.2. Data collected automatically
The site is hosted on Cloudflare Pages. Cloudflare processes IP address (pseudonymised, anti-bot), browser/OS type, the page visited and the referrer — for security and performance only. We do not use Google Analytics, Facebook Pixel or marketing tracking. See the Cookie Policy.
3.3. Data we do not collect
- No national ID, bank account or other sensitive data.
- No data about minors. The site is intended for people over 16.
- No automated profiling or decision-making (Art. 22 GDPR).
- We never sell your data or share it with third parties for marketing.
4. Why we collect this data (purpose and legal basis)
| Data | Purpose | Legal basis (GDPR) |
|---|---|---|
| Form / call / WhatsApp data | To respond, estimate a service, arrange a booking | Art. 6(1)(b) — pre-contractual steps at your request |
| Cloudflare data (IP, browser) | Security, anti-bot, performance | Art. 6(1)(f) — legitimate interest |
5. Who we share data with (processors)
| Provider | Purpose | Country | Safeguards |
|---|---|---|---|
| Cloudflare, Inc. | Hosting, CDN, anti-bot security | USA + edge (incl. EU) | Standard Contractual Clauses (SCC). Cloudflare policy |
| Resend, Inc. | Delivery of form emails | USA | Standard Contractual Clauses (SCC). Resend policy |
6. How long we keep data
| Category | Period |
|---|---|
| Messages received via form / WhatsApp | 12 months from last interaction, then deleted. |
| Cloudflare logs | Per Cloudflare policy (typically 30 days). |
| Contractual documents (if you become a client) | 10 years per Romanian tax law. |
7. Your rights
Under GDPR you have the rights of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21) and to withdraw consent (Art. 7). To exercise them, write to salut@bistroverde.ro. We respond within 30 days.
8. Complaints to the supervisory authority
ANSPDCP (Romanian Data Protection Authority), B-dul G-ral Gheorghe Magheru 28-30, Bucharest. Email: anspdcp@dataprotection.ro · www.dataprotection.ro
9. Security
HTTPS/TLS encryption, Cloudflare anti-DDoS/anti-bot, restricted inbox access, 72-hour breach notification to ANSPDCP.
10. International transfers
Some data is processed in the USA (Cloudflare, Resend), based on Standard Contractual Clauses (SCC).
11. Cookies
See the Cookie Policy.
12. Changes
We may update this policy. The current version is dated at the top.
13. Contact
Bistro Verde · salut@bistroverde.ro · +40 368 100 220