← Inapoi la site ← Back to site

Politica de Confidentialitate Privacy Policy

Ultima actualizare: 7 februarie 2026 Last updated: February 7, 2026

1. Cine suntem 1. Who We Are

Operatorul de date cu caracter personal este RetroPlay ("noi", "nostru"), platforma online de giveaway-uri pentru gameri, accesibila la adresa retroplay.ro.

Aceasta politica descrie cum colectam, folosim, stocam si protejam datele tale personale, in conformitate cu Regulamentul General privind Protectia Datelor (GDPR - Regulamentul (UE) 2016/679).

The data controller is RetroPlay ("we", "our"), an online giveaway platform for gamers, accessible at retroplay.ro.

This policy describes how we collect, use, store, and protect your personal data, in compliance with the General Data Protection Regulation (GDPR - Regulation (EU) 2016/679).

2. Ce date personale colectam 2. What Personal Data We Collect

In functie de modul in care interactionezi cu platforma, colectam urmatoarele categorii de date:

Categorie Date colectate Temei legal
Cont utilizator Adresa de email, nume afisat (display name), nume utilizator, parola (hash-uita) Contract
Profil Avatar (imagine), bio, tara Consimtamant
Integrari externe Steam ID, Steam avatar URL, Discord ID, Discord username Consimtamant
Securitate Adresa IP, user agent (browser), token-uri de sesiune Interes legitim
Activitate Participari la giveaway-uri, task-uri completate, puncte, XP, nivel Contract
Referral Cod referral, sursa invitatiei Contract
Preferinte Limba, tema vizuala, setari efecte (prin cookie-uri) Consimtamant

Depending on how you interact with the platform, we collect the following categories of data:

Category Data Collected Legal Basis
User account Email address, display name, username, password (hashed) Contract
Profile Avatar (image), bio, country Consent
External integrations Steam ID, Steam avatar URL, Discord ID, Discord username Consent
Security IP address, user agent (browser), session tokens Legitimate interest
Activity Giveaway entries, completed tasks, points, XP, level Contract
Referral Referral code, invitation source Contract
Preferences Language, visual theme, effect settings (via cookies) Consent

3. Cum folosim datele tale 3. How We Use Your Data

Datele personale sunt utilizate exclusiv in urmatoarele scopuri:

  • Furnizarea serviciului: Crearea si gestionarea contului, participarea la giveaway-uri, trimiterea premiilor.
  • Securitate: Protectia impotriva accesului neautorizat, CSRF, rate limiting, autentificarea in doi pasi (2FA).
  • Comunicare: Notificari despre giveaway-uri castigate, verificari email, resetari de parola.
  • Imbunatatire: Analiza anonima a utilizarii platformei pentru optimizare.
  • Clasamente: Afisarea numelor de utilizator si punctajelor in leaderboard-ul public.
  • Prevenirea fraudei: Detectarea conturilor multiple sau a comportamentului abuziv.

Personal data is used exclusively for the following purposes:

  • Service delivery: Account creation and management, giveaway participation, prize delivery.
  • Security: Protection against unauthorized access, CSRF, rate limiting, two-factor authentication (2FA).
  • Communication: Notifications about won giveaways, email verification, password resets.
  • Improvement: Anonymous usage analysis for platform optimization.
  • Leaderboards: Displaying usernames and scores in the public leaderboard.
  • Fraud prevention: Detection of multiple accounts or abusive behavior.

4. Cu cine partajam datele 4. Who We Share Data With

RetroPlay nu vinde datele tale personale catre terti. Datele pot fi partajate doar in urmatoarele situatii:

  • Servicii externe de autentificare: Steam (Valve) si Discord, doar cand alegi sa le conectezi la cont. Acestea primesc doar informatiile necesare autentificarii.
  • Hosting: Furnizorul nostru de hosting (cPanel) stocheaza datele pe servere securizate.
  • Obligatii legale: In cazul in care suntem obligati prin lege sa divulgam anumite informatii autoritatilor competente.

Nu folosim servicii de publicitate sau tracking de la terti (Google Analytics, Facebook Pixel etc.).

RetroPlay does not sell your personal data to third parties. Data may only be shared in the following situations:

  • External authentication services: Steam (Valve) and Discord, only when you choose to connect them to your account. They only receive information necessary for authentication.
  • Hosting: Our hosting provider (cPanel) stores data on secure servers.
  • Legal obligations: When we are required by law to disclose certain information to competent authorities.

We do not use third-party advertising or tracking services (Google Analytics, Facebook Pixel, etc.).

5. Cat timp pastram datele 5. How Long We Retain Data

Tip de date Durata stocarii
Date cont (email, username)Pe durata existentei contului + 30 zile dupa stergere
Sesiuni de autentificare30 zile (expirare automata) sau pana la deconectare
Adrese IP (loguri securitate)90 zile
Jurnal activitati (audit log)1 an
Istoric giveaway-uriPe durata existentei contului
Cookie-uri functionale1 an (vezi Politica de Cookie-uri)
Data Type Retention Period
Account data (email, username)Duration of account + 30 days after deletion
Authentication sessions30 days (auto-expiry) or until logout
IP addresses (security logs)90 days
Activity log (audit log)1 year
Giveaway historyDuration of account
Functional cookies1 year (see Cookie Policy)

6. Drepturile tale conform GDPR 6. Your Rights Under GDPR

Ai urmatoarele drepturi in legatura cu datele tale personale:

Dreptul de acces

Poti solicita o copie a tuturor datelor personale pe care le detinem despre tine.

Dreptul la rectificare

Poti actualiza sau corecta datele inexacte direct din profilul tau sau prin cerere.

Dreptul la stergere

Poti solicita stergerea completa a contului si a datelor asociate ("dreptul de a fi uitat").

Dreptul la portabilitate

Poti primi datele tale intr-un format structurat, utilizat in mod curent si citibil automat.

Dreptul la opozitie

Te poti opune prelucrarii datelor in scopuri de marketing sau pe baza interesului legitim.

Dreptul la restrictionare

Poti solicita limitarea prelucrarii datelor in anumite circumstante (ex: contestarea corectitudinii).

You have the following rights regarding your personal data:

Right of access

You can request a copy of all personal data we hold about you.

Right to rectification

You can update or correct inaccurate data directly from your profile or by request.

Right to erasure

You can request complete deletion of your account and associated data ("right to be forgotten").

Right to portability

You can receive your data in a structured, commonly used, and machine-readable format.

Right to object

You can object to data processing for marketing purposes or based on legitimate interest.

Right to restriction

You can request restriction of data processing in certain circumstances (e.g., contesting accuracy).

7. Cum iti exerciti drepturile 7. How to Exercise Your Rights

Poti exercita oricare dintre drepturile de mai sus prin urmatoarele modalitati:

  • Email: [email protected] - trimite o cerere cu subiectul "Cerere GDPR"
  • Discord: discord.gg/retroplay - deschide un ticket in canalul de suport
  • Din cont: Multe actiuni (editare profil, stergere avatar, deconectare sesiuni) le poti face direct din setarile contului

Vom raspunde cererii tale in maximum 30 de zile de la primire. Este posibil sa iti cerem sa iti verifici identitatea inainte de a procesa cererea.

You can exercise any of the above rights through the following methods:

  • Email: [email protected] - send a request with the subject "GDPR Request"
  • Discord: discord.gg/retroplay - open a ticket in the support channel
  • From your account: Many actions (edit profile, delete avatar, disconnect sessions) can be done directly from account settings

We will respond to your request within 30 days of receipt. We may ask you to verify your identity before processing your request.

8. Securitatea datelor 8. Data Security

Implementam masuri tehnice si organizatorice adecvate pentru protectia datelor tale:

  • Criptare: Parolele sunt stocate cu hash bcrypt. Conexiunile sunt protejate prin HTTPS/TLS.
  • Cookie-uri HttpOnly: Token-urile de autentificare nu sunt accesibile prin JavaScript.
  • Protectie CSRF: Toate formularele sunt protejate impotriva atacurilor cross-site request forgery.
  • Rate Limiting: Limitam numarul de cereri pentru a preveni atacurile de tip brute-force.
  • Autentificare 2FA: Verificare suplimentara prin email la autentificare.
  • Sesiuni securizate: Gestionare avansata a sesiunilor cu posibilitatea de revocare.
  • Security Headers: Headere HTTP de securitate (CSP, X-Frame-Options, HSTS etc.).

We implement appropriate technical and organizational measures to protect your data:

  • Encryption: Passwords are stored with bcrypt hashing. Connections are protected via HTTPS/TLS.
  • HttpOnly cookies: Authentication tokens are not accessible via JavaScript.
  • CSRF protection: All forms are protected against cross-site request forgery attacks.
  • Rate limiting: We limit the number of requests to prevent brute-force attacks.
  • 2FA authentication: Additional email verification during authentication.
  • Secure sessions: Advanced session management with revocation capability.
  • Security headers: HTTP security headers (CSP, X-Frame-Options, HSTS, etc.).

9. Protectia minorilor 9. Protection of Minors

RetroPlay nu este destinat persoanelor cu varsta sub 16 ani. Nu colectam in mod intentionat date de la minori. Daca aflam ca am colectat date ale unui minor, le vom sterge imediat. Daca esti parinte/tutore si crezi ca copilul tau ne-a furnizat date personale, contacteaza-ne la adresa de mai sus.

RetroPlay is not intended for persons under 16 years of age. We do not intentionally collect data from minors. If we discover that we have collected data from a minor, we will delete it immediately. If you are a parent/guardian and believe your child has provided us with personal data, please contact us at the address above.

10. Modificari ale acestei politici 10. Changes to This Policy

Ne rezervam dreptul de a actualiza aceasta politica de confidentialitate. In cazul unor modificari semnificative:

  • Vom afisa o notificare pe site
  • Vom actualiza data "Ultima actualizare" din partea de sus
  • Pentru modificari majore, vom trimite o notificare prin email

Continuarea utilizarii platformei dupa publicarea modificarilor constituie acceptarea noii politici.

We reserve the right to update this privacy policy. In case of significant changes:

  • We will display a notification on the site
  • We will update the "Last updated" date at the top
  • For major changes, we will send a notification by email

Continued use of the platform after publication of changes constitutes acceptance of the new policy.

11. Plangeri 11. Complaints

Daca consideri ca datele tale personale nu sunt prelucrate in conformitate cu GDPR, ai dreptul sa depui o plangere la:

  • Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal (ANSPDCP)
  • Website: www.dataprotection.ro

Te incurajam totusi sa ne contactezi mai intai pentru a incerca sa rezolvam problema impreuna.

If you believe your personal data is not being processed in accordance with GDPR, you have the right to file a complaint with:

  • The National Supervisory Authority for Personal Data Processing (ANSPDCP)
  • Website: www.dataprotection.ro

However, we encourage you to contact us first to try to resolve the issue together.

12. Contact 12. Contact

Pentru orice intrebari legate de protectia datelor personale, ne poti contacta la:

For any questions about personal data protection, you can contact us at:

© 2026 RetroPlay. Toate drepturile rezervate. All rights reserved.

Politica de Cookie-uri Cookie Policy Termeni si Conditii Terms of Service Inapoi la site Back to site