ıXelero
ENRO
Apply

Legal

Privacy Policy

Last updated: May 20, 2026

This Privacy Policy explains how CSIKI CAPITAL SRL (“iXelero”, “we”) collects, uses and protects personal data when you visit ixelero.com or submit information through it. We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Romanian data protection law.

1. Data controller

CSIKI CAPITAL SRL
Registered office: Sat Florești, comuna Florești, str. Teilor nr. 12A, ap. 6, jud. Cluj, Romania
Registration: J12/5321/2018
Tax ID: RO40257780
Administrator: Csiki Ervin-Győrgy
Contact: contact@ervincsiki.com

2. Data we collect

  • Application data (Step 1): name, work email, phone, company name, and a description of what you're trying to solve.
  • Qualification data (Step 2): company legal name, tax ID (CUI/VAT), founding year, employee count, annual revenue range, gross margin, products/services, acquisition channels, prior efforts, decision-making role, timeline, additional context.
  • Technical data: IP address, browser type, device information, pages visited.
  • Cookies: only strictly necessary cookies by default.

3. Legal basis & purposes

  • Responding to your application — consent and legitimate interest (Art. 6(1)(a)(f) GDPR).
  • Operating the website — legitimate interest (Art. 6(1)(f) GDPR).
  • Legal obligations — tax, accounting, record-keeping (Art. 6(1)(c) GDPR).
  • Consulting engagements — performance of a contract (Art. 6(1)(b) GDPR) when you become a paying client.

4. Who we share data with

We do not sell your data. Processors:

  • Vercel Inc. (United States) — hosting and deployment.
  • HighLevel, Inc. (GoHighLevel, United States) — CRM and workflow automation for handling applications.
  • Mailgun Technologies, Inc. (United States) — transactional email delivery on our lc.ixelero.com subdomain.
  • Authorities — where required by law.

5. International transfers

Some processors are based outside the EEA. Transfers rely on Standard Contractual Clauses or equivalent safeguards.

6. Retention

  • Application + qualification data: up to 24 months after our last interaction.
  • Engagement data (active clients): retained for the duration of the engagement and as required by tax/accounting law.
  • Technical logs: typically 12 months.

7. Your rights

Access, rectification, erasure, restriction, objection, portability, withdrawal of consent, and the right to lodge a complaint with the Romanian DPA (ANSPDCP, dataprotection.ro). Contact contact@ervincsiki.com.

8. Security

We apply reasonable technical and organisational measures. No system is fully secure; we review practices regularly.

9. Children

This site is not directed to children under 16. We do not knowingly collect their data.

10. Changes

We may update this policy. The “Last updated” date reflects the latest version.

Template v2.0. Operational document — review by qualified counsel recommended before formal reliance.