Privacy Policy

Last update: May 9, 2025

This Policy explains what personal data we collect, how we use it, the legal grounds, storage period, with whom we share it, and what options and rights you have according to Regulation (EU) 2016/679 ("GDPR") and relevant Romanian legislation.

1. Who we are

Billu SRL

7 Cluj Street, Timisoara, Timis County, Romania

J35/1283/27.03.2024 / 49842834

suport@bilyou.ro

+40 731 050 509

A Data Protection Officer has not been appointed. For any GDPR matters, use the contact details above.

2. What data we collect, for what purpose and on what basis

Purpose	Data Categories	Legal Basis (art. 6 GDPR)	Recipients / Processors
Account creation	Name, email	(b) Contract execution	Kinde (EU)
Subscription payment	Name, email, phone, address, Tax ID, card	(b) Contract execution; (c) Legal obligation (billing)	Stripe (EEA)
Invoice issuance	Company name, Tax ID, user ID	(c) Legal obligation	Billu – internal databases
Support and communications	Name, email, message	(b) Contract execution	Billu
Email marketing	Email	(a) Consent	Billu; email service provider
Analytics & UX	IP address, device data, usage events	(a) Consent	Google Tag Manager, Hotjar, OpenReplay
Security	Access logs, IP addresses	(f) Legitimate interest – fraud prevention	Billu

3. Storage periods

Data Type	Duration	Reason
Accounting data, invoices	10 years from the closing of the financial year	Art. 319 Fiscal Code
Account data (Kinde)	Until account deletion + 30 days backup	Service administration
Security logs	12 months	Incident detection
Marketing data	Until consent withdrawal	Consent
Analytics data	26 months (Google Analytics setting)	Site optimization

Upon expiration of the terms, data is anonymized or irreversibly deleted.

4. International transfers

Our providers may store data on servers in the EEA or USA. In case of transfer outside the EEA, we rely on Standard Contractual Clauses approved by the European Commission and additional security measures.

5. Data security

encryption in transit (HTTPS/TLS) and at rest;
least-privilege principles and multi-factor authentication for internal access;
continuous monitoring and regular backups.

6. Your rights

You have the right to access, rectification, erasure, restriction, portability, objection to processing, as well as the right to withdraw consent at any time.

To exercise these rights, contact us at suport@bilyou.ro. You can also file a complaint with ANSPDCP (www.dataprotection.ro).

7. Cookies and similar technologies

7.1 What are cookies

Small text files stored in your browser that retain settings or information.

7.2 Our cookies

Cookie	Type	Provider	Duration	Purpose
resumeToken	Strictly necessary	Bilyou	30 days	Saves registration progress
_ga, _ga_*	Necessary for analysis & attribution	Google Analytics	26 months	Counts visitors and allocates users to campaigns
GTM container	Necessary for analysis & attribution	Google Tag Manager	session	Loads tracking tags
_hjSession_*	Analytics	Hotjar	30 minutes	Heat maps, UX
or_sid	Analytics	OpenReplay	30 days	Anonymized session replay

GA/GTM are considered necessary for measuring the performance of paid campaigns – essential information for the execution of the contract between Billu SRL and the marketing agency.
Analytics cookies are placed only with your consent expressed through the cookie banner.

7.3 How you can control cookies

The browser allows deleting or blocking cookies; disabling essential cookies may affect the operation of the service.

8. Policy changes

Any updates will be published on this page and will take effect from the date of display. We recommend that you periodically check this Policy to stay up to date with any changes.

9. Contact

For questions related to data protection or cookies:

Billu SRL – 7 Cluj Street, Timisoara, Romania – suport@bilyou.ro – +40 731 050 509

By continuing to use Bilyou.ro, you confirm that you have read and understood this Privacy and Cookies Policy.