Privacy Policy

1. Data Controller

Fines Software Consulting SRL ("we", "us", or "our") is the Data Controller for the personal information collected through the Mock66 platform. We are a company registered in Romania (EU) and are committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR).

2. Data Collection & Legal Basis

We collect data to provide the Service. Under GDPR Article 6, we rely on specific legal grounds for processing your data:

3. Payment Information

We partner with Creem.io, an authorized reseller and Merchant of Record, to handle all billing and subscriptions.

When you subscribe to a paid plan, you interact directly with Creem.io. We share only your email address and a unique user ID with them to link the payment to your Mock66 account. Their handling of your financial data is governed by the Creem.io Privacy Policy(opens in a new tab).

4. Service Providers (Sub-processors)

We engage trusted third-party service providers to help us operate Mock66. These providers may process data outside the EU (specifically in the US), protected by Standard Contractual Clauses (SCCs) or the Data Privacy Framework:

5. Security of Data

The security of your data is important to us. We implement industry-standard security measures, including:

• Encryption: All data is encrypted in transit (via SSL/TLS) and at rest within our database.
• Access Control: Access to personal data is restricted to authorized personnel who need it to operate the Service.
• Authentication: We use secure, token-based authentication (Firebase Auth) to protect your account.

However, remember that no method of transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

6. Marketing Communications

We only send marketing emails (newsletters, product updates) if you have explicitly opted in to receive them.

You have the right to withdraw your consent at any time. You can opt-out by clicking the "Unsubscribe" link found at the bottom of any marketing email or by contacting support.

7. Data Retention and Backups

• Active Accounts: We retain your data for as long as your account remains active.
• Deleted Accounts: If you delete your account, your personal data is removed from our live production database immediately.
• Backups: To prevent accidental data loss, we maintain encrypted backups. Data from deleted accounts may persist in these secure archives for up to 30 days before being overwritten.

8. Your Rights (GDPR)

Under the GDPR, you have the right to:

• Access: Request a copy of the data we hold about you.
• Rectification: Correct inaccurate data via your account settings.
• Erasure: Request the deletion of your account and associated data ("Right to be Forgotten").
• Portability: Request your project data in a machine-readable format (JSON).

9. Children's Privacy

Our Service is not directed to anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

10. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. You are advised to review this Privacy Policy periodically for any changes.