TacticoSign in

Privacy Policy

Last updated: 28 June 2026

The controller of your personal data is DGT Creations SRL (CUI 50976864, J2024046117001), Oradea, Romania. Contact for privacy matters: contact@dgtcreations.com. This policy explains what we collect and your rights under the GDPR and Romanian Law 190/2018.

1. What we collect

  • Account data — your email and a securely hashed password (we never see your plain password).
  • Subscription data — your plan status, and billing data handled by our payment processor when payments launch (we do not store card numbers).
  • Technical data — IP address and basic logs created by our hosting for security and to run the service.

2. Why we use it, and the legal basis

  • To create your account and sign you in — performance of a contract.
  • To provide and bill the subscription — performance of a contract.
  • To keep the service secure and prevent abuse — legitimate interest.
  • To meet legal and accounting obligations — legal obligation.
  • To measure and improve how the site is used — only with your consent (analytics).

We do not use your data for advertising and do not sell it.

3. Who processes it for us

  • Supabase — database and authentication, hosted in the EU (Frankfurt, eu-central-1).
  • Vercel — website hosting and delivery; some processing may occur outside the EU under the appropriate safeguards (Standard Contractual Clauses).
  • PostHog — product analytics, hosted in the EU, used only after you accept analytics cookies (see the Cookie Policy).
  • A payment processor (e.g. Stripe) — added when paid subscriptions launch, to handle billing.

4. How long we keep it

We keep account data while your account exists. If you delete your account we remove your personal data, except where we must keep certain records (e.g. invoices) for legally required periods.

5. Your rights

Under the GDPR you can request access, rectification, erasure, restriction, portability, and you can object to certain processing or withdraw consent. Email us to exercise any of these. You may also complain to the Romanian supervisory authority, ANSPDCP (dataprotection.ro).

6. Cookies

We use only strictly necessary cookies. See the Cookie Policy.

7. Security and children

We use reputable providers and reasonable measures to protect your data. The service is not intended for anyone under 18.