Last updated: 06/10/2025

Nagabox (“we”, “our”, “us”, “Nagabox.com”) is committed to protecting the privacy and personal data of all individuals in compliance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), Law no. 190/2018 on the implementation of the GDPR in Romania, and other applicable national laws.

1. Data Controller and Contact Details

  • Data Controller: NagaBox
  • Registered Address: Ale. Corneliu Diaconovici, bl.2, sc.1, ap.8, Bocsa, Caras-Severin, Romania
    Romania
  • Email: [email protected]
  • Phone number: +40756 313 414

2. Types of Data We Collect

We may collect and process the following categories of personal data:

  • Information you provide directly (e.g., name, email address, phone number, billing or delivery address, company information, or any other data you submit through contact forms or correspondence);
  • Automatically collected data (e.g., IP address, browser type, device information, operating system, pages visited, session duration, referring website, cookies, and similar tracking technologies);
  • Information obtained from third parties or public sources (e.g., analytics services, payment providers, hosting providers, social networks, or advertising partners).

3. Purposes and Legal Basis of Processing

We process your personal data for one or more of the following purposes:

  • To operate, maintain, and improve our website and services;
  • To respond to your inquiries or support requests;
  • To send administrative messages or service notifications;
  • To personalize your experience and analyze site usage;
  • To ensure the security of our systems and prevent fraud;
  • To comply with legal obligations (e.g., accounting, taxation, or regulatory reporting).

The legal bases for processing under GDPR are:

  • Your consent, where required;
  • Performance of a contract or steps prior to entering a contract;
  • Compliance with legal obligations;
  • Legitimate interest, provided such interests do not override your rights and freedoms (e.g., ensuring security, preventing fraud, improving services).

4. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of access – to know what data we hold about you;
  • Right to rectification – to request correction of inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data (“right to be forgotten”) under certain conditions;
  • Right to restriction of processing;
  • Right to data portability – to receive your data in a structured, machine-readable format;
  • Right to object – especially to processing based on legitimate interest or for marketing purposes;
  • Right to withdraw consent at any time (this will not affect processing prior to withdrawal);
  • Right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) if you believe your rights have been violated.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law (e.g., accounting or legal recordkeeping obligations).

When the retention period expires, we will securely delete or anonymize the data.

6. Cookies and Similar Technologies

Nagabox uses cookies and similar technologies to:

  • Ensure proper website functionality;
  • Analyze traffic and usage patterns;
  • Personalize content and ads (if applicable).

When visiting our site for the first time, you will see a cookie consent banner allowing you to manage your preferences. You may disable non-essential cookies at any time.

7. Data Transfers Outside the EU/EEA

Your personal data may be transferred or stored outside the European Union (EU) or the European Economic Area (EEA).
In such cases, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission;
  • Adequacy decisions for countries offering equivalent protection;
  • Technical and organizational safeguards (encryption, access control).

8. Data Security

We implement appropriate technical and organizational security measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
These include (but are not limited to):

  • Secure connections (HTTPS, SSL/TLS);
  • Firewalls and anti-intrusion systems;
  • Access controls and authentication policies;
  • Regular data backups and audits.

While we take all reasonable precautions, please note that no online system is completely secure.

9. Data Breach Notification

If a personal data breach occurs, and it is likely to result in a risk to your rights and freedoms, we will notify the ANSPDCP within 72 hours of becoming aware of the incident, and—if necessary—inform affected individuals without undue delay.

10. Legal Framework and Compliance

This Privacy Policy is governed by:

  • Regulation (EU) 2016/679 (GDPR)
  • Romanian Law no. 190/2018 on measures for the application of the GDPR
  • Other applicable Romanian and EU legislation concerning e-commerce and data protection.

11. Changes to This Policy

We may update this Privacy Policy periodically. The revised version will be posted on this page with the updated date. If the changes are significant, we will notify you via email or a website notice.

12. Contact Us

If you have any questions, concerns, or requests about this Privacy Policy or your personal data, please contact us at:

Nagabox
Email: [email protected]
Address: Ale. Corneliu Diaconovici, bl.2, sc.1, ap.8, Bocsa, Caras-Severin, Romania
Romania