Privacy Policy

1. Controller and Scope

For the activities described in this Policy, the operator of AlphaAuto acts as the data controller for the platform's own processing operations.

When sellers, buyers or other users process personal data independently outside the platform, they act as separate controllers for their own activities and responsibilities.

• Controller: Dorobanti Network SRL
• Tax ID: RO51010254
• Location: Bucharest, Romania
• Email: contact@alphaauto.ro
• Phone: +40 730 000 064

• For privacy requests or complaints, you can contact us using the email address and phone number shown at the end of this page.

2. Categories of Personal Data We Process

Depending on how you use AlphaAuto, we may process the following categories of data:

• Account and profile data, such as name, email address, username, phone number, avatar and profile preferences.
• Authentication and security data, such as sign-in events, magic-link delivery metadata, WebAuthn or passkey credentials and abuse-prevention records.
• Listing content, such as vehicle details, descriptions, prices, images, publication status, promotion settings and availability information.
• User interaction data, such as favorites, comparisons, offers, contact requests and support messages you send through the platform.
• Technical and usage data, such as IP-based security signals, device and browser information, cookie preferences, local-storage preferences and operational logs.

3. Purposes and Legal Bases

We process personal data only when we have a legal basis under the GDPR. The main purposes are:

• Providing your account, authenticating sign-in, publishing listings, showing saved items and operating the features you request. Legal basis: performance of a contract or steps taken at your request before entering into a contract.
• Responding to contact requests, support issues and operational messages related to your account or listings. Legal basis: contract, pre-contractual steps or legitimate interests in running the service.
• Preventing fraud, spam, account takeover, abuse and technical misuse, and protecting users and the platform. Legal basis: legitimate interests and, where applicable, compliance with legal obligations.
• Complying with accounting, tax, legal-retention, court-order or authority-request obligations. Legal basis: compliance with legal obligations.
• Using optional analytics, convenience storage or similar non-essential technologies only where consent is required. Legal basis: your consent, which you can withdraw at any time.

4. Who We Share Data With

We do not sell personal data. We may share data only with recipients who need it for the purposes described above, including:

• Hosting, database, cloud-storage, email-delivery, authentication and technical-service providers acting on our instructions.
• Other users, but only to the extent necessary for the platform flow you choose, for example the listing information you publish and the contact details needed to handle an offer or sale discussion.
• Professional advisers such as lawyers, accountants and auditors when access is necessary and legally justified.
• Courts, regulators, law-enforcement bodies or other authorities where disclosure is required by law or needed to defend legal claims.

5. International Transfers and Retention

Some service providers may process data outside the European Economic Area. Where that happens, we rely on safeguards recognized by the GDPR, such as adequacy decisions or Standard Contractual Clauses.

• We keep account and listing records for as long as your account remains active and for a reasonable period afterward where needed for security, dispute handling, backups or legal compliance.
• Support messages, contact requests and offer records may be retained for the period needed to resolve issues, prevent abuse and meet legal or evidentiary requirements.
• Where the law requires longer retention, for example for accounting or litigation purposes, we will keep the relevant data for that mandatory period.

6. Your GDPR Rights

Subject to the conditions and limits in the GDPR, you may request:

• Access to the personal data we hold about you.
• Correction of inaccurate or incomplete data.
• Deletion of data when there is no valid legal ground to keep it.
• Restriction of processing in the cases provided by law.
• Objection to processing based on our legitimate interests, including related profiling where applicable.
• Data portability for data processed by automated means on the basis of contract or consent.
• Withdrawal of consent at any time for processing based on consent, without affecting processing that took place before withdrawal.
• The right to lodge a complaint with the Romanian supervisory authority for personal-data protection (ANSPDCP) or with another competent authority or court.

7. Cookies, Local Storage and Security

We use essential technologies needed for authentication, security and core platform functions. Optional analytics or convenience storage runs only where you allow it or where applicable law permits.

For details about the categories of cookies and similar technologies we use, the legal basis for optional tools and how to change your preferences, see our Cookie Policy.

8. Security, Complaints and Contact

We use technical and organizational measures designed to reduce unauthorized access, loss, misuse or disclosure of data. No online system is completely risk-free, so you should also protect your own login methods and devices.

For privacy questions or requests, contact us using the details below. You may also submit a complaint to ANSPDCP if you believe your rights have been infringed.

Competent supervisory authority

If you believe our processing infringes the GDPR, you may lodge a complaint with ANSPDCP or another competent EU supervisory authority.

• National Supervisory Authority for Personal Data Processing
• 28-30 G-ral Gheorghe Magheru Boulevard, District 1, Bucharest 010336, Romania
• anspdcp@dataprotection.ro
• +40 31 805 92 11
• ANSPDCP

Contact Details

Privacy requests, legal notices and complaints can be sent to:

• contact@alphaauto.ro
• +40 730 000 064