CarInfo.ro — verificare istoric auto după VIN

Privacy Policy

Last updated: 4 iulie 2026

This policy explains what personal data we process through carinfo.ro, for what purposes and on what legal basis, and the rights you have under the GDPR (EU Regulation 2016/679).

1. Data controller

The controller is SND TEAM S.R.L., registered office at Str. Mihai Viteazu nr. 260, Sat Șelimbăr, Comuna Șelimbăr, jud. Sibiu, cod poștal 557260, România, Trade Register no. J2018000311325, tax ID 38963245. For any request regarding your data, contact us at [email protected].

2. Data we collect

  • Identification and billing data: name, e-mail, phone (optional), address; for company invoices: company name, tax ID, address.
  • Order data: chosen plan, checked VIN, generated reports, order history.
  • Payment data: processed solely by our payment processor (Stripe). We do not store your card details.
  • Technical data: IP address, device/browser, cookies and access logs, for security and operation.

3. Purposes and legal bases

  • Providing the service and generating the report — performance of the contract (art. 6(1)(b)).
  • Issuing invoices and meeting tax/accounting obligations — legal obligation (art. 6(1)(c)).
  • Order-related communications — performance of the contract.
  • Marketing communications — only with your consent (art. 6(1)(a)), which you can withdraw anytime.
  • Fraud prevention, security and service improvement — our legitimate interest (art. 6(1)(f)).

4. Who we share data with

  • the payment processor (Stripe);
  • the invoicing provider (SmartBill);
  • our vehicle-history data provider, to generate the report from the VIN;
  • e-mail and hosting/infrastructure providers;
  • web analytics and marketing providers (with consent);
  • public authorities, where required by law.

5. International transfers

Some of our providers (e.g. the payment processor and analytics/marketing tools) may process data in the United States or other countries outside the European Economic Area.

For such transfers we rely, as applicable, on the EU–US Data Privacy Framework adequacy decision (Implementing Decision (EU) 2023/1795), where the provider is certified at the time of transfer, and on the Standard Contractual Clauses adopted by Commission Decision (EU) 2021/914 as an additional safeguard. A copy of these safeguards is available on request at the e-mail above.

6. Third-party data that may appear in reports

A report generated from a VIN may, in some cases, contain information relating to persons other than you (e.g. historical data associated with the vehicle). Such data comes from third-party sources and databases, not directly from the data subject, and we process it on the basis of our legitimate interest in providing a vehicle-history checking service (art. 6(1)(f) GDPR).

In line with art. 14 GDPR, if you are a person whose data appears in such a report, you have the same rights described below (access, rectification, erasure, objection, etc.) and may contact us at the e-mail indicated. We use reports solely to check the vehicle and do not build profiles of former owners.

7. Retention

  • Invoices and accounting documents: per tax law (typically 10 years).
  • Account and order data: while the account is active and as required by law.
  • Generated reports: accessible online for 30 days.
  • Marketing data: until you withdraw consent.

8. Your rights

You have the rights of access, rectification, erasure, restriction, data portability, objection, and to withdraw consent at any time. Exercise them by writing to the e-mail above.

9. Automated decisions and profiling

We do not make decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you (art. 22 GDPR). The analytics and marketing tools we use, only with your consent, may involve a form of advertising profiling; you can withdraw your consent at any time from the cookie settings.

10. Security

We use appropriate technical and organisational measures: encrypted connections (HTTPS/SSL), restricted access and security-compliant providers.

11. Complaints

You may lodge a complaint with the Romanian Data Protection Authority (ANSPDCP), www.dataprotection.ro.

10% welcome discount

Subscribe and get 10% off your first report

A one-time discount code + car-check tips. No spam — unsubscribe anytime.

By subscribing you agree to receive emails from CarInfo.ro.