The Toolkit Online

Back to Homepage

Privacy Policy

Last Updated: 27/01/2026

1. General Overview

At thetoolkit.online, operated by S.C. CYREX GROUP S.R.L. ("we", "us", or "our"), we prioritize your privacy by design. We have built our tools to process data primarily on the "Client-Side" (in your browser), meaning most of your input data never reaches our servers.

The entity responsible for processing your personal data is: S.C. CYREX GROUP S.R.L. Registration No: J2023024889406CUI: 49342723 Address: Str. Stefan Octavian Iosif, Bl. 1C, Sc. 1, Ap. 1, 332021, Petroșani, Hunedoara, Romania. Email: contact@cyrexgrp.com

2. Data We Do NOT Collect

To ensure your security:

  • Text Analysis: The text you paste into the Word Counter is processed in your browser's memory and is NOT saved, stored, or transmitted to our database.
  • Password Generator: We do not see, store, or log the passwords you generate.
  • QR Generator: The data you input to create a QR code is processed transiently to generate the image and is not retained after you close the page.

3. Data We Collect, Purpose, and Legal Basis

We collect limited data necessary for the operation, security, and improvement of the Site. Under GDPR Art. 6, we process data based on the following legal grounds:

By submitting data through this form, you agree that:

  1. Feedback Form Data (Message & Name)

    Purpose: We process the text message and any name you voluntarily submit in the "Request a Tool" form to review your suggestions and improve our website features.

    Legal Basis:Legitimate Interest. We have a legitimate interest in improving our services based on the feedback provided by users.

  2. Technical Data (IP Address, Browser Type, OS)

    Purpose: We collect technical logs to ensure the security of our website. This includes protection against DDoS attacks (via Cloudflare), spam prevention (via Cloudflare Turnstile), and server diagnostics.

    Legal Basis:Legitimate Interest. We have a critical legitimate interest in ensuring network security and preventing fraud or malicious attacks.

  3. Analytics Data (Usage Statistics)

    Purpose: We collect anonymized metrics about page visits, session duration, and device type to understand how our tools are used and to optimize the user experience.

    Legal Basis:Consent. We only process this data if you have clicked "Accept" or "Allow" on our Cookie Banner.

  4. Advertising Data (Ad Personalization)

    Purpose: We collect anonymized metrics about page visits, session duration, and device type to understand how our tools are used and to optimize the user experience.

    Legal Basis:Consent. We only process this data if you have clicked "Accept" or "Allow" on our Cookie Banner.

4. Third-Party Service Providers and Data Transfers

We share data with trusted third parties solely for technical functionality. Some of these partners are headquartered in the United States. We ensure that data transfers comply with GDPR through mechanisms such as the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs).

  1. Cloudflare (US and EU): Used for CDN (speed), Security, and Turnstile.
  2. Google Analytics (US): Used for traffic analysis. IP addresses are anonymized where possible.
  3. Google Ads (US): Used for displaying advertisements.

5. Data Retention

Feedback Data is retained only as long as necessary to evaluate the suggested feature (up to 12 months), then deleted.

Analytics/Ad Data is retained according to Google's retention policies (up to 26 months).

6. Security

We implement SSL/TLS encryption (HTTPS) for all connections to our Site. However, remember that no method of transmission over the Internet is 100% secure.

7. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right to Access: You can request a copy of your data.
  • Right to Rectification: You can ask us to fix incorrect data.
  • Right to Erasure ("Right to be Forgotten"): You can ask us to delete your data (e.g., feedback messages).
  • Right to Withdraw Consent: You can withdraw consent for cookies/ads at any time via the footer link.

To exercise these rights, contact us at dpo@cyrexgrp.com.

8. Right to Complain

If you believe that your rights have been violated, you have the right to lodge a complaint with the Romanian Supervisory Authority: Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP), www.dataprotection.ro.