Contabil Expert Brașov - Contabilitate și Consultanță Fiscală

Privacy Policy

1. General Information

We act as a data controller under the GDPR and take responsibility for how we collect and process your personal data. This policy explains what types of data we collect, how we use them, and what rights you have regarding them.

For any questions or requests regarding your personal data, you can contact us at contact@cifris.ro.

2. Data We Collect

We collect personal data that you provide directly through contact forms or direct communication, such as: name, surname, email address, phone number, and the content of your messages. We may also collect information about your company (name, legal form, billing address, tax ID) if you request accounting services.

3. Purposes of Data Processing

We use the collected data exclusively for legitimate purposes, such as:

  • Communicating with you and handling incoming requests
  • Concluding and performing service contracts
  • Issuing invoices and fulfilling legal obligations
  • Managing our business relationship with clients

In certain cases, we may use your data to send you information about our services, based on our legitimate interest or with your consent.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Art. 6(1)(b) GDPR – necessary for performing a contract or taking pre-contractual steps
  • Art. 6(1)(c) GDPR – compliance with legal obligations
  • Art. 6(1)(f) GDPR – our legitimate interests (e.g., client relationship management)
  • Art. 6(1)(a) GDPR – your consent (where required)

5. Data Recipients

To deliver our services, we may share your data with contracted partners (e.g., IT services, hosting providers, couriers, external accountants) who are obligated to comply with GDPR. We do not sell or transfer your data for marketing purposes without your consent. We may disclose data to public authorities only if required by law.

6. International Data Transfers

Your data is normally stored and processed within the European Economic Area (EEA). If a transfer outside the EEA is necessary, we ensure appropriate safeguards in accordance with GDPR requirements.

7. Data Retention Period

We will keep your data for as long as necessary to:

  • Perform the contract or manage your request
  • Comply with legal obligations (e.g., tax archiving)
  • Defend our rights in legal proceedings

After these periods, the data will be securely deleted or anonymized.

8. Mandatory or Voluntary Provision of Data

Some data is required to conclude or perform contracts (e.g., billing information). Providing other data is voluntary, but may be necessary for us to fully respond to your request. The lack of certain data may prevent us from delivering the requested service.

9. Your Rights under GDPR

You have the following rights, which you can exercise free of charge by sending a written request to contact@cifris.ro:

  • Right of access to your data
  • Right to rectification of inaccurate data
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to object
  • Right to data portability
  • Right to withdraw consent
  • Right to lodge a complaint with the supervisory authority (www.dataprotection.ro)

10. Data Security

We apply appropriate technical and organizational measures to prevent unauthorized access, loss, or disclosure of your personal data.

11. Cookies and Traffic Analysis

We use cookies to enhance site functionality and for anonymous traffic analysis (e.g., Google Analytics). These do not collect information that directly identifies you. You can manage cookie preferences in your browser settings.

12. Changes to this Privacy Policy

We reserve the right to update this policy to reflect legislative or operational changes. Any changes will be published on this page. We encourage you to review it periodically.

13. Contact

For any questions regarding the processing of your personal data, please email us at contact@cifris.ro.