Privacy Policy

Last Updated: December 4, 2025

VLAH SOFTWARE HOUSE SRL ("We", "Twist Drops") is committed to protecting the privacy of our users. This policy details how we collect, use, and protect your personal data when you use the Twist Drops platform.

1. Data Controller

Your data is processed by:

  • Company Name: VLAH SOFTWARE HOUSE SRL
  • Tax ID: 44445094
  • Address: Str. Dinicu Golescu 2, Bl. 1, Sc. B, Ap. 2, Șelimbăr, Sibiu, Romania
  • Contact Email: info@twistdrops.com

2. What Data We Collect and Why

A. Data Required for Service Operation (Contract Execution)

When you create an account or place a reservation, we collect:

  • Email Address: For authentication (Magic Link), account validation, and order-related notifications
  • Full Name: For identification by the Artisan
  • Phone Number: For quick order validation and contact in case of pickup issues

B. Technical and Usage Data (Legitimate Interest & Consent)

To improve the platform, we may collect data about how you interact with the site:

  • Online Identifiers: IP address, browser type, device used
  • Navigation Data (Analytics): Pages visited, products viewed, session duration
    • Note: This data is collected through PostHog only if you have given explicit consent through the cookie banner

3. Cookies and Similar Technologies

We use cookies to provide you with a better experience. These are divided into two categories:

1. Essential (Strictly Necessary)

  • Authentication cookies (to keep you logged in)
  • Local Storage for shopping cart (to not lose selected products)
  • These are active automatically and do not require consent, being vital for site operation

2. Analytics (Optional)

  • We use PostHog (hosted in EU) to analyze traffic
  • These cookies are activated only if you press "Accept All" in the preferences banner
  • You can withdraw this consent at any time by deleting cookies from your browser

4. Who We Share Your Data With

We do not sell your data to third parties. We only share it with partners necessary for service delivery (Processors):

  • Artisans (Sellers): Receive name, phone, and order details strictly to prepare and deliver reserved products
  • Infrastructure and Service Providers:
    • Vercel: For hosting the web platform and infrastructure security (including IP address processing for DDoS protection)
    • Supabase: For secure database hosting and authentication process management, including automatic system emails (e.g., email confirmation upon registration)
    • Resend: For sending transactional emails (order confirmations, status notifications)
    • PostHog: For analytics (only pseudonymized data, stored on EU servers)

5. Data Storage and Security

  • Data is stored on secure servers (provided by Supabase and Vercel) that comply with industry security standards
  • We do not store passwords in plain text (we use hashing or passwordless authentication)
  • We keep your data as long as you have an active account. You can request account deletion at any time

6. Your Rights

Under GDPR, you have the right to:

  • Request access to the data we hold about you
  • Request correction of incorrect data
  • Request deletion of data ("right to be forgotten"), except for data required for tax records (invoices)
  • Object to the processing of data for marketing purposes

To exercise any of these rights, please send us an email at the contact address mentioned above.

7. Changes

We reserve the right to update this policy. Any major changes will be notified by email or through an announcement on the site.

If you have questions about this policy, you can contact us at info@twistdrops.com