Home/Privacy Policy

Privacy Policy

How we collect, use, and protect your personal data in compliance with GDPR and Romanian data protection laws.

Last updated: December 2025

Data Controller

Tech Insider SRL, operating as Aviz to Excel, is the data controller for personal data collected through our document processing service at aviz-to-excel.ro.

For privacy-related inquiries

support@digital-docs.ro

Data We Collect

Account Information

When you create an account, we collect:

  • Email address for account authentication
  • Company name (optional)
  • Billing information for paid subscriptions

Technical Data

We automatically collect:

  • IP address and browser information
  • Access timestamps and pages visited
  • Feature usage and processing statistics

Documents you upload are processed for data extraction only. We do not store, read, or use any personal information contained within your waybills for any purpose other than extraction. Uploaded files are automatically deleted within 24 hours.

Legal Basis for Processing

We process your data under the following GDPR legal grounds:

  • Contractual Necessity (Article 6(1)(b)) — Processing is required to provide the service you requested
  • Legal Obligation (Article 6(1)(c)) — We retain billing data to comply with Romanian tax laws
  • Legitimate Interest (Article 6(1)(f)) — We analyze usage patterns to improve our service and ensure security

How We Use Your Data

Your personal data is used to:

  • Process your documents and extract structured data
  • Provide, maintain, and improve our service
  • Manage your account and process payments
  • Send essential service communications
  • Comply with legal obligations
  • Prevent fraud and ensure platform security

We never send marketing emails to addresses found in your documents. We never sell your data to third parties.

Data Retention

Data TypeRetention Period
Uploaded documentsDeleted within 24 hours after processing
Extracted dataDuration of subscription + 30 days
Account informationActive period + 12 months after deletion
Billing records10 years (Romanian tax law)
Usage logs12 months

Data Security

We implement industry-standard security measures:

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Role-based access controls with least-privilege principles
  • Automatic deletion of processed documents within 24 hours
  • Regular security audits and vulnerability assessments

Service Providers

We use trusted third-party providers to deliver our service. All providers maintain GDPR compliance and are bound by Data Processing Agreements.

Document Processing

Microsoft Azure — Azure AI Document Intelligence for optical character recognition. Privacy Policy

Amazon Web Services — Amazon Textract for document analysis. Data Protection · Security

OpenRouter — Claude 3.5 Sonnet (Anthropic) for intelligent data extraction. Privacy Policy

Infrastructure

Supabase — Authentication, database, and file storage (EU servers). Privacy Policy

Firebase — Application hosting on European data centers. Privacy Policy

Stripe — PCI-DSS Level 1 certified payment processing. Privacy Policy

International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). When data is transferred outside the EEA, we ensure protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable

Your GDPR Rights

Under GDPR, you have the right to:

  • Access — Request a copy of your personal data
  • Rectification — Request correction of inaccurate data
  • Erasure — Request deletion of your data (subject to legal retention requirements)
  • Restriction — Request limits on how we process your data
  • Data Portability — Receive your data in a machine-readable format
  • Object — Object to processing based on legitimate interest
  • Withdraw Consent — Withdraw consent at any time where applicable

To exercise any of these rights, contact us at support@digital-docs.ro. We will respond within 30 days.

Automated Processing

Our service uses automated document extraction technology. This processing does not produce legal effects or similarly significant effects on you. You can always review and correct extracted data before export.

Data Breach Notification

In the event of a data breach that poses a risk to your rights, we will:

  • Notify the Romanian Data Protection Authority (ANSPDCP) within 72 hours
  • Inform affected users without undue delay if the breach poses high risk

Cookies

We use strictly necessary cookies for authentication and security. We do not use tracking or advertising cookies. For details, see our GDPR Compliance page.

Policy Updates

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email or website notice at least 30 days before taking effect.

Contact & Complaints

For privacy questions or to exercise your rights, contact us at support@digital-docs.ro

You also have the right to lodge a complaint with the Romanian supervisory authority:

ANSPDCP

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

dataprotection.ro·B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, București

Privacy PolicyTerms of ServiceGDPR Compliance