ROEN

Privacy Policy

This policy explains what data we process about you when you use NewsRadars.org, why we use it, how long we keep it, and what rights you have under the General Data Protection Regulation (GDPR).

May 8, 2026

1. Who we are

The data controller is ivi Creative Agency, operating the NewsRadars.org service. For any privacy request, write to contact@newsradars.org.

We only use public press sources (RSS feeds, official communications) and do not aggregate personal data on the people mentioned in collected articles. Any personal data appearing in mentions is already public by virtue of the original publication.

2. What data we collect

About you as a platform user, we collect only what's necessary to deliver the service:

  • Account & subscription: email, optional name, chosen plan, payment history (processed by Stripe).
  • Radar configuration: target names you monitor, keywords you enter, notification preferences.
  • Technical data: IP address, browser type, operating system, access logs — used for security and diagnostics.
  • Communications: messages you send to support or via the website forms.

About the people and topics you monitor we do not collect data beyond what's already public via press publications. We store the title, link, source and publication date — to give you a searchable aggregate.

3. Why we use it

We process your data only for the purposes below, each with a clear legal basis:

  • Service delivery — performance of contract (Art. 6(1)(b) GDPR): account, alerts, dashboard, reports.
  • Security & fraud prevention — legitimate interest (Art. 6(1)(f)): access logs, abuse blocking, integrity monitoring.
  • Transactional communications — necessary for service: account confirmations, alerts you subscribed to, payment notifications.
  • Marketing communications — only with your explicit consent (Art. 6(1)(a)), revocable any time with one click.
  • Legal obligations — invoicing, tax compliance, lawful requests from competent authorities.

4. Who we share with

We work with a small number of vendors (sub-processors) helping us operate. All are contractually bound to respect the same GDPR standards we apply:

  • Supabase (Inc., EU hosting – Frankfurt) — database storage, authentication.
  • Vercel — web app hosting, content delivery.
  • n8n self-hosted (our infrastructure) — workflow orchestration.
  • Resend / transactional email service — alerts and newsletter delivery.
  • Stripe — payment processing (card data does not pass through our servers).

We do not sell or rent your data. We do not share it with ad networks, data brokers or third parties for commercial profiling.

5. International transfers

Your data is stored within the European Economic Area (Frankfurt, Germany for the main database). Some globally operated services (Stripe, Vercel) may process data in the US under EU Standard Contractual Clauses approved by the European Commission and the EU-US Data Privacy Framework.

6. How long we keep data

  • Account data — for the subscription duration plus 12 months after closure, for tax obligations and dispute resolution.
  • Mentions collected from public sources — duration tied to your plan (7 days Free, 90 days Pro, 1 year Pro Shield, 10 years Elite).
  • Access logs — maximum 90 days.
  • Transactional communications — minimum 5 years per fiscal law.

After these terms, data is automatically deleted or anonymized.

7. Your rights

Under GDPR, you have the following rights, exercisable free of charge:

  • Access — receive a copy of the data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — request data removal ("right to be forgotten").
  • Restriction — pause processing in certain situations.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to legitimate-interest processing.
  • Consent withdrawal — for any consent-based processing, any time.
  • Complaint to supervisory authority — in Romania, ANSPDCP (dataprotection.ro).

To exercise any right, write to contact@newsradars.org. We respond within 30 days.

8. People mentioned in articles

If you are a person about whom an article appears in our feed and you believe the processed information affects your rights (e.g. article since deleted by source), you can request mention removal from our database by writing to contact@newsradars.org. We process the request within 72 hours.

Note that NewsRadars aggregates content already publicly published by press institutions, on the basis of society's legitimate interest in transparency (Art. 6(1)(f) and Art. 17(3)(a) GDPR — exercise of freedom of expression and information).

9. Security

We apply reasonable technical and organizational measures: in-transit encryption (HTTPS), at-rest database encryption, role-based access for authorized staff, access logs, daily backups, incident response plans. No card data is kept on our servers.

10. Changes to this policy

This policy may be updated to reflect legal, technical or product changes. Significant changes will be communicated via email at least 30 days before applying. The current version is marked with the last-updated date at the top.