Privacy policy

Privacy Policy of the website

www.grecupartners.ro

➡ WHO WE ARE?

SCA GRECU SI ASOCIATII (hereinafter referred to as Grecu Partners) places great importance on your personal data and consistently takes the necessary measures to ensure that data processing complies with legal requirements in this field. To this end, we have developed this commitment in which we undertake to respect the confidentiality of your personal data and explain what categories of personal data Grecu Partners processes, how they are used, and the purposes for which they are processed.

This Policy applies only to personal data processed through our website www.grecupartners.ro (hereinafter referred to as the “Site” or “Platform”) when you interact with it by filling out forms available on the platform, subscribing to the newsletter, leaving comments on our articles, or simply browsing it. We want to assure you that we have taken all necessary measures to ensure the confidentiality of your data, which is processed only by personnel of the Controller who have been trained in personal data processing, authorized for this purpose, and committed to strict confidentiality.

To introduce ourselves virtually, we provide our identification details.

The Controller processing your personal data when you browse or interact with the online platform www.grecupartners.ro is GRECU SI ASOCIATII – Societate Civila de Avocati, headquartered in Bucharest, 8 Aleksandr Sergheevici Puskin, District 1, PC 011996, Romania.

For any questions or concerns regarding the protection of personal data, you are invited to send a request to the postal address mentioned above or to the email address office@grecupartners.ro. Individuals who submit such requests to Grecu Partners are requested to mention in the email subject/envelope information such as “data protection,” “GDPR,” “personal data,” to ensure that the requests will be given priority.

In this capacity, you will receive a response within a maximum of 30 days from the communication of the document to Grecu Partners, with an extension of this deadline only in exceptional situations. In such cases, you will be duly informed of the extension.

➡ DEFINITIONS

“Personal data” means, in the sense of national and international legislation in force, any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier or to one or more specific factors specific to their physical, physiological, mental, economic, cultural, or social identity.

! In the context of this policy, personal data that will be subject to processing may refer to: name, surname, phone number, email address, data from CVs (in case you apply, through the website, for one of the positions open within our company), etc., as described below.

“Processing of personal data” means any operation or set of operations performed on personal data, whether by automated means or not, such as: collection, recording, organization, storage, adaptation, modification, extraction, consultation, use, disclosure to third parties by transmission, dissemination, or in any other way, association, or combination, blocking, erasure, or destruction.

! In the sense of this policy, data processing refers to those processes carried out when you browse the website www.grecupartners.ro or interact with it by completing forms available on the Platform or subscribing to the newsletter.

“Controller” means the natural or legal person, alone or jointly with others, who determines the purposes and means of processing personal data.

! For clarity, in the context of this Privacy Policy, the Controller of personal data is Grecu Partners.

“Data subject” means the person whose personal data are subject to processing.

! In the context of this Policy, the data subject of data processing is the Internet user who browses the website www.grecupartners.ro or interacts with it.

“Consent” of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they agree, by a statement or by a clear affirmative action, to the processing of personal data concerning them.

! Data processing carried out through the Platform and based on the legal basis of consent has the exclusive purpose of subscribing to the newsletter and, if applicable, accepting cookies other than those necessary (essential), as highlighted in the cookie pop-up.

“Third party” means a natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or processor, are authorized to process personal data.

“Processor” means a natural or legal person who processes personal data on behalf of the controller.

➡ WHAT TYPES OF PERSONAL DATA DO WE PROCESS?

Your browsing on the Site and interaction with it involves the processing of two categories of personal data, namely:

Personal data that you voluntarily disclose to the Controller (e.g., through the contact form, when subscribing to the newsletter, or when commenting on our articles), collected individually;

Data that you provide involuntarily by simply browsing our website.

Grecu Partners collects, based on your voluntary provision, the following personal data:

➡ In the context of filling out the contact form:

Name and surname;

Email address;

Phone number;

Any other information you provide to the Controller by completing the “Subject” and “Your Message” fields.

➡ For subscribing to the newsletter:

Subscribing to the newsletter is conditional on your consent for receiving commercial and marketing messages. In this context, your email address will be processed as personal data.

➡ In the context of leaving a comment on our articles:

Name and surname;

Email address;

Optionally, the URL of your website;

Any other data you provide through the “Your Message” section.

➡ For requesting a financial offer for legal consulting services:

Name and surname;

Email address;

Phone number;

Any other data you provide through the “Your Message” section.

➡ In the context of submitting an application to join the Grecu Partners team:

Name and surname;

Email address;

Phone number;

Previous experience;

Educational background;

The job you are applying for;

Data contained in the CV/cover letter you voluntarily submit;

Any other data you provide through the “Your Message” section.

In the case of providing the personal data of a representative of a legal entity (name, surname, phone number, email address, etc.), they will be considered a data subject under the GDPR provisions, and all protection measures will apply accordingly.

➡ In the context of inbound/outbound phone calls:

Voice;

Phone number;

Other categories of personal data that the data subject provides during phone calls, which may include:

Name and surname;

Email address;

Position;

Other data verbally provided during phone calls.

➡ In the context of participating in Grecu Partners’ online/offline events (if applicable):

Name and surname;

Image;

Voice;

➡ For creating video testimonials about Grecu Partners’ services:

Name and surname;

Image;

Voice;

Position;

Additionally, the Controller processes marketing and communication data only based on the prior consent of users for subscribing to the newsletter and for accepting cookies other than those necessary (essential), as highlighted in the cookie pop-up, as well as technical data and browsing actions through cookie files and similar technologies described in our Cookie Policy.

If you provide personal data that is not necessary for the purposes described, we reserve the right to remove it from our database immediately.

Grecu Partners may inadvertently

process other categories of data through images and voice recordings (video testimonials, online meetings, etc.) or through information voluntarily provided by you, which does not have to be specifically requested through the forms or sections on our website. In this context, Grecu Partners does not assume any liability for the processing of data not subject to specific requests.

If Grecu Partners intends to process personal data for purposes other than those for which it was collected, we will inform you in advance about the new purpose of processing, as well as any other relevant information.

➡ FOR WHAT PURPOSES DO WE PROCESS PERSONAL DATA?

Grecu Partners processes personal data for specific and legitimate purposes, as follows:

1. To respond to your requests and inquiries (e.g., through the contact form).
2. To send you newsletters and other commercial communications, with your prior consent.
3. To moderate comments left by users on our articles.
4. To manage the applications for positions within the Grecu Partners team.
5. For marketing and promotional purposes (e.g., creating video testimonials about Grecu Partners’ services, promoting online and offline events), with your prior consent.
6. For compliance with legal obligations, including tax and accounting obligations.

➡ LEGAL BASIS FOR PROCESSING

The processing of personal data for the purposes described above is based on the following legal grounds:

Your consent, for data processing activities requiring it, such as subscribing to the newsletter, accepting cookies other than those necessary (essential), and for marketing and promotional purposes (e.g., creating video testimonials about Grecu Partners’ services, promoting online and offline events). You can withdraw your consent at any time by contacting us at office@grecupartners.ro or using the unsubscribe option in the newsletters.

The legitimate interest of Grecu Partners to respond to your requests and inquiries, moderate comments, manage job applications, and ensure the security of the website.

Compliance with legal obligations, including tax and accounting obligations.

➡ WITH WHOM DO WE SHARE PERSONAL DATA?

Grecu Partners will not disclose your personal data to third parties without your consent unless such disclosure is required by law or is strictly necessary for the purposes mentioned above. However, we may share your personal data with the following categories of recipients:

Service providers: Grecu Partners may use third-party service providers to help with various aspects of its business operations. These service providers may process personal data on behalf of Grecu Partners and only as instructed by Grecu Partners.

Authorities and regulators: Grecu Partners may disclose personal data when required to do so by law or when necessary to respond to legal process, including law enforcement requests.

Legal advisors: Grecu Partners may share personal data with its legal advisors when necessary to obtain legal advice or to protect its rights and interests.

Business partners: In the event that Grecu Partners enters into a business transaction, such as a merger, acquisition, or sale of assets, personal data may be transferred or disclosed as part of the transaction.

➡ HOW LONG DO WE KEEP PERSONAL DATA?

Grecu Partners will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. The retention period may vary depending on the specific purpose of processing and the nature of the personal data involved. In general, Grecu Partners will keep your personal data for a period of up to 3 years from the date of your last interaction with the website or as required by applicable law.

If you have subscribed to our newsletter, we will retain your email address for as long as you remain subscribed. You can unsubscribe at any time using the unsubscribe option provided in our newsletters.

If you have submitted an application to join the Grecu Partners team, we will retain your personal data for the duration of the recruitment process. If your application is unsuccessful, we may retain your data for a reasonable period for potential future opportunities unless you request its deletion.

➡ YOUR RIGHTS AS A DATA SUBJECT

As a data subject, you have certain rights regarding the processing of your personal data. These rights include:

1. Right to access: You have the right to request access to your personal data that is processed by Grecu Partners. Upon request, Grecu Partners will provide you with information about the processing of your personal data, including the purposes of processing, the categories of personal data involved, and any recipients of your data.
2. Right to rectification: If you believe that the personal data Grecu Partners holds about you is inaccurate or incomplete, you have the right to request the rectification of your data. Grecu Partners will make reasonable efforts to ensure that your data is accurate and up to date.
3. Right to erasure: In certain circumstances, you have the right to request the erasure of your personal data. This right is not absolute and may be subject to legal or contractual obligations that require Grecu Partners to retain your data.
4. Right to restrict processing: You have the right to request the restriction of processing of your personal data in certain situations. If processing is restricted, Grecu Partners will only process your data with your consent or for certain legal purposes.
5. Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit those data to another controller, where technically feasible.

6. Right to object: You have the right to object to the processing of your personal data, including for direct marketing purposes, where applicable.
7. Right to withdraw consent: If Grecu Partners processes your personal data based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
8. Right to lodge a complaint: If you believe that the processing of your personal data infringes applicable data protection laws, you have the right to lodge a complaint with the competent supervisory authority.

To exercise your rights or to make any inquiries regarding the processing of your personal data, please contact Grecu Partners using the contact details provided in this Privacy Policy.

➡ SECURITY OF YOUR PERSONAL DATA

Grecu Partners takes the security of your personal data seriously and has implemented appropriate technical and organizational measures to protect your data against unauthorized access, disclosure, alteration, and destruction. These measures include:

Use of encryption technology to protect data during transmission over the internet.

Access controls and authentication mechanisms to restrict access to personal data.

Regular security assessments and audits to identify and address vulnerabilities.

However, please be aware that no method of transmission over the internet or method of electronic storage is completely secure. While Grecu Partners strives to protect your personal data, we cannot guarantee its absolute security.

➡ COOKIES AND SIMILAR TECHNOLOGIES

Grecu Partners uses cookies and similar technologies to enhance your browsing experience on our website. For detailed information about how we use cookies and your choices regarding cookies, please refer to our Cookie Policy.

➡ CHANGES TO THIS PRIVACY POLICY

Grecu Partners may update this Privacy Policy from time to time to reflect changes in its data processing practices or for other operational, legal, or regulatory reasons. Any changes will be posted on this page, and the “Last Updated” date at the beginning of the Privacy Policy will be revised accordingly. We encourage you to review this Privacy Policy periodically to stay informed about how Grecu Partners processes your personal data.

➡ CONTACT INFORMATION

If you have any questions or concerns about this Privacy Policy or the processing of your personal data by Grecu Partners, please contact us using the following contact details:

Email: office@grecupartners.ro

Address: 8 Aleksandr Sergheevici Puskin, Bucharest, District 1, PC 011996, Romania

Phone: (+4) 031 426 0745

If you wish to exercise your rights as a data subject or make a complaint regarding the processing of your personal data, you can also use the contact information provided above.

➡ DATA CONTROLLER

The data controller responsible for the processing of your personal data as described in this Privacy Policy is:

ANSPDCP – “Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal”

Mun. Bucharest, Sector 1, B-dul G-ral. Gheorghe Magheru nr. 28-30;

Telefon: 0.318.059.211/0.318.059.212;

Fax: 0.318.059.602;

E-mail: anspdcp@dataprotection.ro;

Web page: www.dataprotection.ro.