The controller responsible for the processing of personal data through the FikUP platform is:
SC LOCAL PET HOST SRL Registered office: Romania, BRAȘOV county, BRAȘOV city, BRÂNDUȘELOR Street, No. 3, Building 2, Entrance A, Apartment 11 Registered with the Trade Register under no. J08/1997/2023 Tax ID (CUI): 48487319 Email: lets@fikup.ro Phone: +40733344343
The controller complies with legislation on the protection of personal data, in particular Regulation (EU) 2016/679 ("GDPR").
What Data Do We Collect?
Within the FikUP platform, we collect and process the following categories of personal data:
Identification and contact data: first name, last name, email address, phone number, physical address (for billing);
Authentication data: username, encrypted password, and other data necessary for secure account access;
Usage and technical data: IP address, browser and device type, pages accessed, time spent on the platform, interactions with various functionalities, system logs;
Commercial and payment data: order history, payment preferences, billing data (name, fiscal address, Tax ID/Personal Identification Number for legal entities and natural persons respectively);
Communication data: messages sent through contact forms, feedback provided, technical support requests;
Preferences and settings: language, notification settings, marketing preferences.
We do not directly collect sensitive data (such as health data, political or religious orientation, etc.), however in certain cases, such information could be indirectly inferred from platform usage (e.g., preferences for certain types of food that could suggest dietary restrictions).
How Do We Collect Data?
Personal data is collected through the following methods and channels:
Directly from the user:
By completing registration forms, account creation, authentication, or profile update forms on the FikUP platform;
By sending messages, requests, or questions through contact forms, technical support, or feedback;
By subscribing to the newsletter or opting in to commercial communications;
By completing the data required for billing and invoice issuance.
Automatically, through platform usage:
Through the use of cookies and similar tracking technologies (including online identifiers), to collect data about the device, browser, pages accessed, IP address, usage sessions, and other information relevant to the operation and optimization of the service;
Through logging actions and interactions with the platform (for example: accessing certain features, settings, technical errors, etc.);
Through monitoring interaction with sent emails (e.g., whether they were opened, whether links were accessed).
From third-party sources:
When the user authenticates through external services (e.g., Google, Facebook, or other identity providers, where this is implemented);
Through payment processors, to the extent necessary for validating transactions or payments;
Through contractual partners (e.g., IT service providers, technical support, email marketing, etc.), only to the extent necessary for providing FikUP services.
FikUP does not collect personal data from public sources without the explicit consent of the user.
Purpose of Data Processing
Personal data collected through the FikUP platform is processed for the following purposes:
For providing and administering FikUP services:
Creating and managing user accounts;
Accessing, customizing, and using platform functionalities;
Managing digital menus and information published on the platform;
Providing technical support and resolving user requests.
For communicating with users:
Sending notifications about platform operation, service changes, or changes to the Terms and Conditions;
Providing responses to requests, complaints, questions, or feedback.
For fulfilling legal and contractual obligations:
Issuing invoices and managing payments;
Complying with legal requirements regarding the retention and reporting of certain data.
For marketing and commercial communications (with consent):
Sending newsletters, offers, and service updates;
Marketing analysis and user segmentation for personalized communications.
For improving and developing services:
Analyzing platform usage to optimize functionalities;
Research and development for new functionalities;
Testing, debugging, and improving technical performance.
For security and fraud prevention:
Verifying user identity;
Detecting and preventing unauthorized use of the platform;
Ensuring the security and integrity of data and systems.
Legal Basis for Processing
Personal data processing is carried out based on the following legal grounds, in accordance with the GDPR:
User consent (Art. 6(1)(a) GDPR) - for marketing communications, newsletters, non-essential cookies, and other optional activities;
Performance of a contract (Art. 6(1)(b) GDPR) - for providing FikUP services, account management, billing, and payments;
Compliance with a legal obligation (Art. 6(1)(c) GDPR) - for issuing invoices, tax reporting, and other applicable legal requirements;
Legitimate interest (Art. 6(1)(f) GDPR) - for platform security, fraud prevention, service improvement, and essential service communications.
In cases where processing is based on consent, the user has the right to withdraw their consent at any time, without affecting the lawfulness of processing carried out based on consent before its withdrawal.
How Long Do We Keep Data?
Personal data is retained for the period necessary to fulfill the purposes for which it was collected, in accordance with GDPR principles:
Account and usage data: For the duration of the account and up to 3 years after its closure;
Billing and financial data: 10 years from the issuance of the last invoice, in accordance with applicable tax legislation;
Marketing data: Until consent is withdrawn or up to 2 years from the last contact/interaction;
Logs and technical data: Between 6 months and 2 years, depending on the type of data and its necessity for security;
Support and communication data: 3 years from the last interaction or resolution of the request.
In certain cases, data may be retained for longer periods if required by law or for the defense of FikUP's legitimate rights in litigation.
Upon expiration of retention periods, data is securely and irreversibly deleted or anonymized.
To Whom Do We Transfer Data? (Recipients)
FikUP does not sell, rent, or transfer personal data to third parties for commercial purposes. Data may be transmitted only in the following situations and only to the extent necessary:
Contractual data processors:
IT and hosting service providers (for the maintenance and operation of the platform);
Email marketing and communication services (for sending newsletters with consent);
Analytics and monitoring service providers (for service improvement).
Public authorities and competent bodies:
Tax authorities (for compliance with reporting obligations);
Judicial or law enforcement authorities (in case of legal requests);
The National Authority for the Supervision of Personal Data Processing (A.N.S.P.D.C.P.).
In exceptional cases:
For the defense of FikUP's legitimate rights and interests in litigation;
For protecting the safety of users or the public, in accordance with the law.
All data processors are carefully selected and are contractually obligated to respect the confidentiality and security of data, in accordance with GDPR requirements.
User Rights
In accordance with the GDPR, users have the following rights regarding personal data:
Right of access - to request information about processed data and obtain a copy thereof;
Right to rectification - to request correction of inaccurate or incomplete data;
Right to erasure ("right to be forgotten") - to request deletion of data under certain conditions;
Right to restriction - to request limitation of processing in certain situations;
Right to data portability - to receive data in a structured format and transmit it to another controller;
Right to object - to object to processing based on legitimate interest or for direct marketing;
Right to withdraw consent - at any time, for activities based on consent.
To exercise these rights, users may submit a request to the email address lets@fikup.ro or through the contact forms available on the platform.
FikUP will respond to requests within a maximum of 30 days of receipt, with the possibility of an extension of another 60 days in justified cases.
Users have the right to file a complaint with the National Authority for the Supervision of Personal Data Processing (A.N.S.P.D.C.P.) if they believe their rights have been violated.
Cookies and Similar Technologies
FikUP uses cookies and similar technologies to improve the user experience and ensure optimal platform operation:
Performance cookies: For usage analysis and service improvement (with consent);
Marketing cookies: For personalizing advertising and communications (with explicit consent).
Cookies used by the platform:
ANONCHK (clarity.ms): Used for fraud detection and maintaining session security.
CLID (clarity.ms): Identifies visitors across multiple sessions and devices for analytics.
MR (bing.com): Used for analytics and ad performance measurement.
MUID (clarity.ms, bing.com): Unique identifier for users, used for analytics and advertising.
SM (clarity.ms): Manages the user session for analytics functionalities.
SRM_B (bing.com): Used for session management and analytics.
These cookies may be set by third parties (Microsoft Clarity, Bing) for analytics, advertising, and improving platform security.
Users can manage cookie preferences through browser settings or through the preference panel available on the platform.
For detailed information about cookie usage, please consult the separate Cookie Policy, available on the website.
Data Security
FikUP implements appropriate technical and organizational measures to protect personal data against loss, unauthorized use, modification, or disclosure:
Data encryption in transit and at rest;
Secure authentication and authorization systems;
Monitoring and auditing data access;
Regular backups and recovery plans;
Ongoing staff training on data security;
Regular security assessments and penetration tests.
In the event of a security incident that may affect personal data, FikUP will notify the competent authority and affected users, in accordance with GDPR requirements.
Data Transfer Outside the EU
FikUP endeavors to keep all personal data within the European Economic Area (EEA). If a transfer outside the EEA is necessary, it will only be carried out with adequate safeguards:
To countries with an adequate level of protection recognized by the European Commission;
Through standard contractual clauses approved by the European Commission;
Through approved certifications or codes of conduct;
With the explicit consent of the user for specific transfers.
Users may request information about specific international transfers that affect them by contacting the FikUP team.
Contact Details for Rights and Complaints
To exercise rights regarding personal data, questions about this policy, or complaints, users may contact FikUP through:
Postal address: BRÂNDUȘELOR Street, No. 3, Building 2, Entrance A, Apartment 11, Brașov, Romania
For specific complaints regarding data protection, users may contact the National Authority for the Supervision of Personal Data Processing: www.dataprotection.ro
Date of Last Update
This Privacy Policy was last updated on June 1, 2025.
Users are encouraged to periodically check this page to stay informed about any changes.
Modification of the Privacy Policy
FikUP reserves the right to modify this Privacy Policy to reflect changes in services, legislation, or processing practices.
Any substantial modification will be communicated to users by email, platform notifications, or by displaying a visible notice on the website.
Continued use of FikUP services after the modifications take effect constitutes acceptance of the new policy.
In the case of modifications affecting the legal basis of processing or introducing new processing purposes, FikUP will request the explicit consent of users, where necessary.
Other Provisions
This Privacy Policy applies exclusively to FikUP services. We do not assume responsibility for the privacy policies of third-party websites accessed through links on our platform.
In case of conflicts between this policy and applicable legislation, legal provisions shall prevail.
For additional clarifications or specific situations not foreseen in this policy, users are invited to contact the FikUP team.
FikUP's Commitment to Privacy
FikUP is committed to maintaining the highest standards of personal data protection and implementing industry best practices.
Our team regularly undergoes data protection training and stays up to date with legislative and technological developments in the field.
Transparency, security, and respect for user rights are fundamental principles in all our data processing activities.