Mint BarcodesBlog

Legal

Privacy Policy

Effective date: April 18, 2026

Around25 SRL, trading as Mint Barcodes ("Mint Barcodes", "we", "us", or "our"), is committed to protecting your personal information. This Privacy Policy explains what data we collect when you use our website at https://mintbarcode.com and the self-service dashboard at https://app.mintbarcode.com (collectively, the "Service"), how we use it, and what rights you have over it.

Data Controller:
Around25 SRL, trading as Mint Barcodes
Registration number (CUI/VAT): RO20227858
Trade register: J2006004448125
Registered address: Str. Carpati 20 Ap. 1, Cod 405200, Dej, Cluj
Romania, European Union
Email: privacy@mintbarcode.com

Around25 SRL processes personal data as a data controller under the General Data Protection Regulation (EU) 2016/679 ("GDPR").

1. Information We Collect

Information you provide directly

  • Account information: email address, name, and password when you register
  • Billing information: billing name, address, and payment card details — collected and stored by our payment processor, Stripe, Inc. We never see or store your raw card number
  • Product data: product names, descriptions, and GTIN assignments you enter in the dashboard
  • Communications: messages you send us via email or support channels
  • Marketing consent: your explicit opt-in preference collected at registration via a dedicated checkbox

Information collected automatically

  • Log data: IP address, browser type, operating system, referring URLs, and pages visited
  • Usage data: features accessed, barcode downloads, timestamps, and session duration
  • Cookies and similar technologies: session cookies required for authentication and preference cookies to remember your settings (see Section 7)

2. How We Use Your Information

We use the information we collect to:

  • Provision and operate your account and the Service
  • Process payments and send billing receipts
  • Issue and manage GTINs on your behalf
  • Send transactional emails (account confirmation, password reset, invoices)
  • Respond to support requests and enquiries
  • Monitor and improve the performance, security, and reliability of the Service
  • Comply with legal obligations and enforce our Terms of Service
  • Send you product updates and promotional communications — only where you have given explicit consent by ticking the opt-in checkbox at registration. You may withdraw consent at any time by clicking the unsubscribe link included in every marketing email, or by contacting us at privacy@mintbarcode.com.

We process your data on the following legal bases:

  • Performance of a contract (Art. 6(1)(b)): providing the Service, processing payments, issuing GTINs
  • Legitimate interests (Art. 6(1)(f)): security, fraud prevention, product improvement
  • Legal obligation (Art. 6(1)(c)): tax and compliance records
  • Consent (Art. 6(1)(a)): marketing communications and non-essential cookies — you may withdraw at any time

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only in the following circumstances:

  • Service providers: We share data with trusted vendors who process data on our behalf under data processing agreements. Each is bound and may not use your data for their own purposes:
    • Stripe, Inc. (USA) — payment processing
    • Cloudflare, Inc. (USA, with EU data centres) — CDN, DDoS protection, Workers
    • DigitalOcean, LLC (USA) — cloud hosting
    • Resend, Inc. (USA) — transactional email
  • Legal requirements: We may disclose information if required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

4. Data Retention

We retain your account and product data for as long as your account is active or as needed to provide the Service. If you close your account, we will delete or anonymise your personal data within 90 days, except where we are required by law to retain it longer (for example, financial records, which we retain for seven years as required by Romanian accounting law).

GTIN assignment records are retained indefinitely to maintain the integrity of the barcode registry, but these records are associated with your account data only while your account is active.

5. Security

We implement industry-standard technical and organisational measures to protect your data, including TLS encryption in transit, AES-256 encryption at rest for sensitive values, and role-based access controls within our infrastructure.

No system is perfectly secure. While we take reasonable precautions, we cannot guarantee that unauthorised access, hacking, or data loss will never occur. You should use a strong, unique password for your account.

6. International Data Transfers

Around25 SRL is based in Romania, European Union. Several of our third-party processors are based in the United States, which means your personal data may be transferred outside the European Economic Area (EEA):

  • Stripe, Inc. — United States (payment processing)
  • DigitalOcean, LLC — United States (cloud infrastructure)
  • Resend, Inc. — United States (transactional email)
  • Cloudflare, Inc. — United States, with processing in EU data centres where configured

For each of these transfers, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission under GDPR Article 46(2)(c) as the legal transfer mechanism, unless an adequacy decision under Article 45 applies.

You may request a copy of the applicable SCCs or other transfer safeguards by contacting us at privacy@mintbarcode.com.

7. Cookies and Consent

When you first visit our website, a cookie consent banner will ask for your permission before any non-essential cookies are set. You may change your preferences at any time via the cookie settings link in the footer. We use the following categories of cookies:

  • Strictly necessary: Session and authentication cookies required to log you in and maintain your session. These do not require consent and cannot be disabled without breaking core functionality.
  • Functional: Preference cookies that remember your dashboard settings (e.g., preferred download format). Enabled only with your consent.
  • Analytics: We currently do not use third-party analytics cookies. If we do in the future, we will update this policy and request your consent before setting them.

You can also configure your browser to refuse all cookies, though some features of the Service may not function correctly if you do.

8. Your Rights under GDPR

As a data controller established in the European Union, we are subject to the GDPR. You have the following rights regarding your personal data:

  • Access (Art. 15): request a copy of the personal data we hold about you
  • Rectification (Art. 16): correct inaccurate or incomplete data
  • Erasure (Art. 17): request deletion of your data ("right to be forgotten"), subject to legal retention obligations
  • Restriction (Art. 18): ask us to limit how we process your data in certain circumstances
  • Portability (Art. 20): receive your data in a machine-readable format and transfer it to another controller
  • Objection (Art. 21): object to processing based on legitimate interests or for direct marketing
  • Withdraw consent (Art. 7): where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, contact us at privacy@mintbarcode.com. We will respond within 30 days (extendable to 60 days for complex requests, with notice).

If you are dissatisfied with our response, you have two avenues of redress:

  • Supervisory authority (Art. 77): lodge a complaint with the Romanian data protection authority, ANSPDCP (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal, www.dataprotection.ro), or the supervisory authority in your EU member state of habitual residence.
  • Judicial remedy (Art. 79): bring proceedings before a court of competent jurisdiction — either in Romania (where we are established) or in your EU member state of habitual residence.

9. Data Protection Officer

Around25 SRL is not required to appoint a Data Protection Officer under GDPR Article 37, as we are not a public authority, do not carry out large-scale systematic monitoring of individuals, and do not process special categories of data on a large scale.

All privacy-related enquiries are handled directly by our privacy contact at privacy@mintbarcode.com.

10. Children's Privacy

The Service is a business-to-business platform intended solely for use by individuals who are at least 18 years of age. We do not knowingly collect personal information from anyone under 18. If we learn that we have inadvertently collected information from a person under 18, we will delete it promptly. If you believe we may have such information, please contact us at privacy@mintbarcode.com.

11. Third-Party Links

The Service may contain links to third-party websites, including GS1 and retailer platforms. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before providing any personal information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the effective date above. We encourage you to review this policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our privacy team:

Around25 SRL (trading as Mint Barcodes)
Email: privacy@mintbarcode.com
For Terms of Service enquiries: legal@mintbarcode.com