Privacy Policy & Data Protection Statement

Last Updated: [February 2026]

1. Introduction

At OvisMedia, security is not just a service we provide—it is the foundation of our operations. We are committed to protecting your personal data and ensuring transparency about how we collect, use, and store your information.

This Privacy Policy outlines our practices regarding the data we collect from users of our website (https://www.ovismedia.eu) and our clients. By using our services, requesting a vulnerability audit, or applying for a partnership, you agree to the terms outlined below.

2. The Data Controller

For the purposes of the General Data Protection Regulation (GDPR), the Data Controller responsible for your personal information is:

• Legal Name: OVISMEDIA S.R.L.
• Fiscal Code (CUI/VAT): RO49767120
• EUID: ROONRC.J2023001908324
• Trade Registry No: J32/1908/2023
• Registered Address: Calea Poplăcii nr. 73, ap. 13, Sibiu, Romania
• Email for Privacy Concerns: [email protected]

3. Information We Collect

We collect only the data necessary to provide our B2B services, conduct security audits, and maintain communication.

1. Information You Provide Voluntarily

When you fill out our “Start a Conversation” form or request an “Infrastructure Audit,” we collect:

• Identity Data: Full Name.
• Contact Data: Corporate email address.
• Business Data: Website URL (ovismedia.eu) and specific business challenges selected in the form.
• Communication Data: Any additional details provided in the text message field.

1. Technical Data (Automatically Collected)

To ensure the security of our own infrastructure and analyze performance, our servers (powered by LiteSpeed) automatically log:

• IP Address: Used for security filtering and preventing DDoS attacks.
• Browser User Agent: To optimize the display of our site.
• Access Logs: Date and time of your visit.

4. How We Use Your Data

We process your personal data under the following legal bases:

1. To Perform a Contract or Take Steps Prior to Entering One:
   • Vulnerability Audits: We use your provided URL and email to run non-invasive scans of your public DNS records (SPF, DKIM, DMARC) and Core Web Vitals.
   • Joint Ventures: Evaluating potential partnerships based on the criteria submitted.
2. Legitimate Interest:
   • Replying to your B2B inquiries.
   • Ensuring the security of our website (blocking spam/attacks).
3. Legal Obligation:
   • Invoicing and accounting (if you become a paying client).

5. Data Security (The OvisMedia Standard)

We practice what we preach. Your data is not stored on shared, insecure hosting.

• Storage: All data is stored on NVMe Dedicated Servers located in secure data centers within the European Union.
• Encryption: Our website uses strict SSL/TLS encryption (HTTPS).
• Access Control: Access to personal data is strictly limited to authorized personnel (OvisMedia administrators) and is protected by multi-factor authentication (MFA).

6. Sharing Your Data

We do not sell, trade, or rent your personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification regarding visitors and users with our business partners.

However, we use trusted third-party service providers to help us operate our business:

• Cloudflare: For DNS management, CDN, and security firewall (DDoS protection).
• Google Analytics / Search Console: For analyzing website traffic (anonymized data).
• Email Service Provider: To send you the audit reports and replies.

All third-party processors are compliant with GDPR and are prohibited from using your personal data for their own promotional purposes.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

• Inquiries: Kept for 12 months or until the conversation is closed.
• Client Data: Kept for the duration of the contract + 5/10 years for fiscal archiving laws in Romania.

8. Your Rights (GDPR)

Under the European General Data Protection Regulation, you have the following rights:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct incorrect data.
• Right to Erasure (“Right to be Forgotten”): You can ask us to delete your data (unless we need it for legal reasons, like an invoice).
• Right to Restriction: You can ask us to pause processing your data.
• Right to Data Portability: You can ask for your data in a machine-readable format.

To exercise any of these rights, please contact us at: [email protected]. We will respond to all legitimate requests within 30 days.

9. Changes to This Policy

OvisMedia has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the top of this page. We encourage users to frequently check this page for any changes.