This policy explains how CamSMTP collects, uses and protects your personal data in accordance with GDPR (EU) 2016/679.
1. Data Controller
The data controller is CamSMTP, operated by INCredibleIT, Reșița, România. Contact: contact@camsmtp.ro
2. What Data We Collect
- Account data: full name, email address, phone number, encrypted password.
- Camera configuration data: SMTP username, forwarding email addresses, camera label.
- Email metadata: sender IP address, subject, timestamp, image dimensions, camera ID extracted from email text.
- Payment data: subscription status, billing dates. Payment card details are processed exclusively by our payment provider and are never stored on our servers.
- Technical data: IP address at login, browser type, session data.
3. How We Use Your Data
- To provide the SMTP relay service for your trail cameras.
- To authenticate your camera and forward photos to your chosen email addresses.
- To manage your account, subscriptions and billing.
- To detect abuse, multiple accounts or unauthorized use of the platform.
- To send service-related notifications (delivery errors, subscription renewals).
4. Legal Basis for Processing
- Contract performance — processing is necessary to deliver the service you subscribed to.
- Legitimate interest — fraud prevention and platform security.
- Legal obligation — compliance with Romanian and EU law.
5. Email Content and Images
Photos sent by your trail camera through our SMTP server are processed in transit and forwarded to your designated email addresses. We store email metadata (subject, timestamp, IP, dimensions) for diagnostic and anomaly detection purposes. Full email body including images may be temporarily stored for processing and are not accessed by CamSMTP staff unless required for technical support.
6. Data Retention
- Account data: retained for the duration of your subscription plus 12 months after cancellation.
- Email logs and metadata: retained for 90 days.
- Payment records: retained for 5 years as required by Romanian fiscal law.
7. Data Sharing
We do not sell or share your personal data with third parties for marketing purposes. Data may be shared with:
- Payment processors (MobilPay / EuPlatesc) — solely for billing purposes.
- Hosting infrastructure providers — under data processing agreements.
- Competent authorities — when legally required.
8. Your Rights (GDPR)
You have the right to:
- Access — request a copy of your personal data.
- Rectification — correct inaccurate data.
- Erasure — request deletion of your data ("right to be forgotten").
- Restriction — limit how we process your data.
- Portability — receive your data in a structured format.
- Objection — object to processing based on legitimate interest.
- Withdraw consent — at any time, without affecting prior processing.
To exercise any of these rights, contact us at contact@camsmtp.ro. We will respond within 30 days.
9. Cookies
We use only essential cookies for session management and language preference. No tracking or advertising cookies are used. You can disable cookies in your browser settings, though this may affect site functionality.
10. Security
All data is transmitted over TLS-encrypted connections. Passwords are stored using bcrypt hashing. Access to production systems is restricted and logged.
11. Changes to This Policy
We may update this policy periodically. Significant changes will be notified via email. Continued use of the service after changes constitutes acceptance.
12. Contact & Complaints
For any privacy-related questions: contact@camsmtp.ro
You may also file a complaint with the Romanian supervisory authority: ANSPDCP — www.dataprotection.ro