Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, in this document – GDPR, Regulation) was adopted by the European Parliament and the Council of the European Union on 27 April 2016, its provisions being directly applicable as of 25 May 2018. This Regulation expressly repeals Directive 95/46/EC, thereby also replacing the provisions of Law no. 677/2001 (currently repealed).
The Regulation is directly applicable in all Member States, protecting the rights of all natural persons located in the territory of the European Union. From a material standpoint, the Regulation applies to all controllers who process personal data. The Regulation does not apply to the processing of personal data concerning legal persons and, in particular, undertakings with legal personality, including the name and legal form of the legal person and its contact details.
Personal data is defined as any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to that natural person’s physical, physiological, genetic, mental, economic, cultural, or social identity.
Processing of personal data means any operation or set of operations performed on personal data or on sets of personal data, with or without the use of automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Considering Article 4 point 7 of the Regulation, which defines the notion of “controller” as the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data, the controller processing personal data through this website is Legal Tech Solutions SRL, with correspondence address: Cluj-Napoca Municipality, Str. Andrei Mureșanu, no. 31, Cluj County, having J12/2735/2020 and VAT no. (CUI) 43008997, contact details: contact@legalaccelerators.com and +40 740 196 786.
The controller of this website collects, stores, and processes the following personal data of / relating to you:
A. Within various types of contact forms:
B. For creating a user account (member of the Legal Accelerators community):
C. For creating a client account in the Shop / placing an online order:
Considering that the Regulation primarily prohibits “the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation” (under Article 9(1)), it then sets out the situations in which the processing of such data is permitted:
For the processing of personal data to be lawful, the GDPR provides that it must be carried out on the basis of a legitimate ground, such as the performance or conclusion of a contract, the fulfillment of a legal obligation, or on the basis of consent validly expressed by the data subject in advance. In the latter case, the controller is obliged to be able to demonstrate that the person in question has given consent for the respective processing. Consent expressed under Directive 95/46/EC remains valid if it meets the conditions laid down by the GDPR.
Giving consent must be done by a statement or by a clear affirmative act constituting a freely given, specific, informed, and unambiguous indication of the data subject’s agreement to the processing of their personal data. Where the data subject’s consent is given in the context of a statement, in electronic or written form, which also refers to other matters, the request for consent must be presented in a form that clearly distinguishes it from the other matters and may be made even by ticking a box.
This website uses cookies. These do not damage your computer and do not contain viruses; they contribute to an easier, more efficient, and safer use of the site. They are small text files that are saved on your computer and stored by the browser used to access the site.
Many of the cookies used are “session cookies,” which are automatically deleted after visiting this site. Others remain in your computer’s memory until you delete them; these make it possible to recognize your browser on a subsequent visit.
You can configure your browser to inform you about the use of cookies, so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions, to always reject them, or to automatically delete cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Cookies that are necessary to enable electronic communications or to provide certain functions you wish to use are stored in accordance with Article 6(1)(f) GDPR, under which processing is lawful only if and to the extent that it is necessary for the purposes of the legitimate interests pursued by the controller or by a third party. Therefore, the operator of this website has a legitimate interest in storing certain cookies to ensure technically error-free optimization. Other cookies used on the site are also stored and are described in this policy.
Cookies are diverse, with different variations, each following a well-defined purpose or coming from a particular source. Thus, cookies can be classified into the following categories:
In general, any application used to access web pages allows cookies to be saved on the device by default. These settings can be changed at any time by the user from the “Settings” menu of each application. Thus, the user can set the web browser to no longer allow the storage of cookies, can allow cookies only from certain sites, can delete already stored cookies, and perform many other such actions. Detailed information about the possibilities and ways to manage cookies can be found in the settings area of the application (web browser).
Because the protection of personal data is a goal that must be met, it is advisable to know the potential issues that cookies can cause, or more precisely, the use thereof. Considering that data is constantly transmitted via cookies in both directions (from the user to the website and vice versa), if an attacker or unauthorized person interferes during the transmission process, the information contained in cookies may be intercepted, altered, or even blocked. Although very rare, this can happen. For example, if the browser connects to the server using an unencrypted network (an unsecured Wi-Fi network), then an attacker may intercept the data transmission.
We reserve the right to make any additions or changes to this document. Please visit this page regularly to inform yourself about these and the new applicable information. We also inform you that each time we modify this section, we will state at the bottom of the page the date on which the last update of this Policy took place.
Your personal data is processed for the period during which the created account is active, as well as for a period of 5 years from the date the account was deactivated. We review the collected data each year, analyzing to what extent their retention is necessary for the mentioned purposes, your legitimate interests, or the fulfillment of the Controller’s legal obligations. Data that is no longer necessary will be deleted.
The Controller communicates personal data (only if required) to entities/public authorities (Emergency Inspectorate, National Agency for Fiscal Administration, Police, Courts of Law, Prosecutor’s Offices, City Hall, Local Council, County Council, Ministries, etc.) and to other institutions that may request access to such information under the law. We do not transfer data to third countries or international organizations, except in situations where the existing cooperation relationship requires it. Thus, based on existing collaboration relationships and to be able to provide the application’s services at the highest standards, we will communicate the data provided to the PlățiOnline payment processor, to our partners, as well as to other online service providers (various tools and plugins), as mentioned in this Policy.
The provider of this platform automatically collects and stores the information your browser automatically transmits to us via log files. These are:
The legal basis for processing such data is Article 6(1)(b) GDPR, which allows data to be processed when necessary for the performance of a contract to which the data subject is party or in order to take steps, at the data subject’s request, prior to entering into a contract.
If you contact us via the contact form, we will collect the data entered in the form, including the contact details you provide, to respond to your inquiries and any subsequent questions. We do not transmit this information without your permission. Therefore, we will process all data you enter in the contact form only with your consent [in accordance with Article 6(1)(a) GDPR]. You can revoke your consent at any time; an informal e-mail will suffice. Data processed before we receive your request may be processed lawfully.
We will retain the data you provide in the contact form until you:
Any mandatory legal provisions, in particular those relating to mandatory data retention periods, are not affected by the above.
If you contact us by e-mail or phone, your request, including all personal data you provide, will be stored and processed by us for the purpose of handling your request, on the basis of your expressed consent.
Accordingly, we will process all data you provide under the following legal provisions of the GDPR, namely:
We will retain the data you provide in this way until you:
You can register as a member of the Legal Accelerators community to access various functions and services, to receive information regarding educational resources, legislative updates, upcoming events. To this end, the data you enter will be used and processed for the purpose of informing you about news of interest to you. The mandatory data requested upon registration must be provided in full; otherwise, the registration operation will be rejected.
To inform you about important changes, such as those concerning the operation of our platform or technical changes, we will use the e-mail address you specified at the time of registration.
The processing of personal data provided during the registration procedure is carried out only with your consent and in compliance with Article 6(1)(a) GDPR. You can withdraw your consent at any time; an informal e-mail will suffice. We will continue to store the data collected during registration as long as you remain registered / a client, however mandatory storage periods remain valid and will be observed.
Some of the data collected through this website is used for:
The processing of personal data is carried out in accordance with the provisions of the General Data Protection Regulation, based both on the data subject’s consent and on reasons relating to the compliant performance of contracts or the realization of the controller’s legitimate interests (except where the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, prevail, in particular where the data subject is a child).
Your rights regarding personal data and the means of exercising them are: Right to be informed, Right of access, Right to rectification, Right to erasure, Right to restriction of processing, Right to data portability, Right to object, Right not to be subject to a decision based solely on automated processing, Right to lodge a complaint and to address the courts of law, Right to withdraw consent.
The personal data recorded on this website is stored on the servers of Hetzner Online GmbH.
The processing of the data provided and stored complies with the following legal provisions:
Regardless of the purpose for which personal data processing takes place, the principles of lawfulness, fairness, and transparency are observed, as well as the principle that the personal data processed are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
For more information regarding the processing of personal data by Hetzner Online GmbH, please visit https://www.hetzner.com/legal/privacy-policy.
We have a contract / agreement / legal instrument (including the possibility of inclusion and agreement of the clauses in the website’s Terms and Conditions) concluded with Hetzner Online GmbH to ensure the processing of personal data in accordance with the legal regulations in the field. We respect the obligations incumbent upon us under Article 28 of the GDPR by choosing an external service provider that offers sufficient guarantees for the implementation of appropriate technical and organizational measures so that the processing meets the requirements laid down in the Regulation and ensures the protection of your rights.
This website uses SSL encryption for security reasons and for the protection of the transmission of confidential information. You can recognize this encryption by the padlock icon that appears in the browser bar and by the change from http:// to https:// in the address of the respective browser.
Once this type of encryption is activated, the transmitted or transferred data cannot be viewed by third parties.
According to the GDPR, where a personal data breach is likely to result in a high risk to your rights and freedoms, the operator of this platform will inform you without undue delay of such breach, unless the complementary provisions of the same Regulation become applicable (Article 34(3)).
As the provisions of Article 37(1) GDPR on the mandatory designation of a Data Protection Officer are not applicable (under which the Controller and the processor shall designate a data protection officer whenever: (1) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity; (2) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, scope, and/or purposes, require regular and systematic monitoring of data subjects on a large scale; or (3) the core activities of the controller or the processor consist of processing on a large scale of special categories of data under Article 9 or personal data relating to criminal convictions and offences referred to in Article 10), for any information or clarification regarding the operation of this platform, please contact us at:
According to the GDPR, the controller or the processor should maintain, for a reasonable period, records of processing activities within their responsibility. Thus, these records will include the following information:
The detailed obligation above does not apply to an enterprise or organization with fewer than 250 employees, unless the processing it carries out is likely to result in a risk to the rights and freedoms of data subjects, the processing is not occasional, or the processing includes special categories of data or personal data relating to criminal convictions and offences.
Considering the state of the art, the context and purposes of processing, as well as the risks to the rights and freedoms of natural persons, the controller implements appropriate technical and organizational measures to ensure that, by default, only personal data necessary for each specific purpose of the processing are processed.
According to Article 33(1) GDPR, in the event of a personal data breach, we will notify the National Supervisory Authority for Personal Data Processing without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons.
Under Article 34 GDPR, where the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, we will inform the data subject without undue delay regarding such breach, except where:
To receive a newsletter, it is necessary to indicate a valid e-mail address, along with specific information by which the holder of this address can be identified. Your consent is also required for the transmission of the newsletter and, therefore, we inform you that any other personal data will be collected and stored only on the basis of your consent. The data thus collected is processed only for the purpose of sending the newsletter and will not be transmitted to third parties.
Accordingly, we will process any data you enter in the contact form only with your consent, in accordance with Article 6(1)(a) GDPR.
You may exercise at any time the right to withdraw consent to the transmission of newsletters by accessing the “unsubscribe” link contained in the newsletter. We will continue to store the data collected before unsubscribing; mandatory storage periods remain valid and will be observed. Data we have stored for other purposes (e.g., e-mail addresses for member registration) are not affected.
This site uses MailerLite for sending newsletters. The provider is MailerLite Limited, an Irish company headquartered at 38 Mount Street Upper, Dublin 2, D02 PR89, Ireland, and for more details their site can be visited at: https://www.mailerlite.com/.
MailerLite provides small businesses and organizations with a variety of products and services and related features and functionalities.
In the course of using the services provided through MailerLite, the following information may be obtained:
For more information, the privacy policy available here can be accessed: https://www.mailerlite.com/gdpr-compliance.
This website uses social plug-ins (“plugins”) managed by the social network facebook.com. The plug-ins can be identified by a Facebook logo (a white “f” on a blue square or a “thumbs up” sign) or are labeled by adding the phrase “Facebook Social Plugin.” The list and appearance of Facebook plug-ins can be seen here: https://developers.facebook.com/docs/plugins/. If you use the Like extension, you will like our site’s Facebook page without having to leave it. If you use the Share extension, you will share our site or certain content from it on your personal Facebook page without having to leave the site.
Through the plugin, Facebook receives the information that you access on our site. If you are also logged into Facebook at the same time, Facebook may assign the actions carried out on the page to your account and, implicitly, to you personally. When you interact with the plug-ins, for example by clicking the Like button or sharing certain content from the site, the corresponding information is transferred directly from your browser to Facebook and stored there. Even if you are not a Facebook member, there is still the possibility that the social network will obtain and store your IP address.
By clicking one of these buttons, you agree to the use of this plugin and, therefore, to the transfer of personal data to Facebook. We do not control the nature and purpose of these data transmitted or their subsequent processing.
If you do not wish Facebook to associate your visit to this site with the information in your Facebook account, you may choose not to authenticate.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the Court of Justice of the European Union ruled that the protection offered by the EU–US Privacy Shield is not adequate.
Therefore, the transfer of personal data to the US and other countries outside the European Economic Area (EEA) is based on the European Commission’s Standard Contractual Clauses (SCC). The Commission has issued two sets of SCC for data transfers from EU controllers to controllers established outside the EU or EEA. It has also issued a set of clauses for data transfers from EU controllers to processors established outside the EU or EEA. For more information regarding these Clauses, we recommend visiting: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.
Facebook uses Standard Contractual Clauses as an adequate safeguard regarding data protection, in line with the level of protection guaranteed by the GDPR. For more details, please visit: https://www.facebook.com/legal/EU_data_transfer_addendum, regarding the purpose and scope of data collection, the processing and further use of the data by Facebook, as well as the permissions and settings for protecting privacy.
This service uses social plug-ins (“plugins”) managed by the social network Instagram, functions provided by Instagram Inc., headquartered at 1601 Willow Road, Menlo Park, CA 94025, USA. The plug-ins can be identified by an Instagram logo or are labeled by adding the phrase “Instagram Social Plugin.”
Through the plugin, Instagram is informed about the actions carried out by you on our page. If you are also logged into your personal account on the social network at the same time, it may assign the actions performed on the page to your Instagram account and, implicitly, to you personally. When you access the plugins, the corresponding information is transferred from your browser to the social network and stored there. Even if you are not a member of Instagram, there is still the possibility that it may obtain and store your IP address.
By clicking one of these buttons, you agree to the use of this plugin and, therefore, to the transfer of personal data to Instagram. We do not control the nature and purpose of these data transmitted or their subsequent processing. Regarding the purpose and scope of data collection, processing, and further use of data by Instagram, as well as permissions and settings for protecting users’ privacy, you can consult Instagram’s privacy policies at: https://help.instagram.com/519522125107875.
If you are a member of Instagram and do not want it to collect your data via the plugin and link it to data already stored on Instagram, you must log out of the social network before visiting this site.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the Court of Justice of the European Union ruled that the protection offered by the EU–US Privacy Shield is not adequate.
Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC). The Commission has issued two sets of SCC for data transfers from EU controllers to controllers established outside the EU or EEA. It has also issued a set of clauses for data transfers from EU controllers to processors established outside the EU or EEA. For more information regarding these Clauses, we recommend visiting: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.
Instagram uses Standard Contractual Clauses as an adequate safeguard regarding data protection, in line with the level of protection guaranteed by the GDPR. For more details, please visit: https://www.facebook.com/legal/EU_data_transfer_addendum.
This service uses social plug-ins (“plugins”) managed by the LinkedIn social network. The provider is LinkedIn Ireland Unlimited Company, headquartered at Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Through the plugin, LinkedIn is informed about your activity on our website, and if you are also logged into the social network at the same time, LinkedIn can assign the actions carried out on the page to your account and, implicitly, to you personally. Even if you are not a member of LinkedIn, there is still the possibility that it may obtain and store your IP address via the plugin. Also, when you interact with the plugins, the corresponding information is transferred directly from your browser to LinkedIn and stored there.
If you are a member of LinkedIn and do not want it to collect your data via the plugin and link it to data already stored on LinkedIn, you must log out of the social network before visiting the site.
By clicking one of the plugin buttons, you may express your agreement regarding their use and, therefore, the transfer of personal data to LinkedIn. We do not control the nature and purpose of the data transmitted or their subsequent processing. Regarding the purpose and scope of data collection, processing, and further use of data by LinkedIn, as well as permissions and settings for protecting users’ privacy, you can consult LinkedIn’s privacy policies at: https://www.linkedin.com/legal/privacy-policy.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the CJEU ruled that the protection offered by the EU–US Privacy Shield is not adequate.
Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC). For more information regarding these Clauses, we recommend visiting: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.
LinkedIn uses Standard Contractual Clauses as an adequate safeguard regarding data protection, in line with the level of protection guaranteed by the GDPR. For more information, visit: https://www.linkedin.com/legal/l/dpa.
This site uses web fonts provided by Google to ensure uniform use of fonts on this site. When you access a page on this website, as a result of establishing a connection to Google’s servers, your browser will load the web fonts necessary for the proper display of text and fonts.
The use of Google Web Fonts is based on Article 6(1)(f) GDPR, there being a legitimate interest in the uniform presentation of fonts on this website. If consent is expressed in this respect (for example, consent to the storage of cookies), the data will be processed solely under Article 6(1)(a) GDPR.
For more information on how Google Web Fonts handles user data, please see the Privacy Policy available at: https://policies.google.com/privacy?hl=en.
This site uses Google Maps, a mapping and location service, via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America.
To guarantee data protection on our site, you will find that Google Maps was deactivated when you first visited our site. A direct connection to Google’s servers will not be established before the autonomous activation of Google Maps, i.e., with your consent under Article 6(1)(a) GDPR. This will prevent data being transferred to Google during the first visit to our site. After you activate the service, Google Maps will store the IP address. As a rule, it is subsequently transferred to a Google server in the United States, where it is stored. The provider of this website has no control over this data transfer once Google Maps has been activated.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the CJEU ruled that the protection offered by the EU–US Privacy Shield is not adequate.
Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC). For more information regarding these Clauses, we recommend visiting: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.
Google Maps uses Standard Contractual Clauses as an adequate safeguard regarding data protection, in line with the level of protection guaranteed by the GDPR. For more information, please consult Google’s Privacy Statement at: https://policies.google.com/privacy.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our site. The provider is Google Inc., headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The purpose of reCAPTCHA is to determine whether data entered on our site (e.g., information entered in a contact form) is provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of site visitors based on a variety of parameters. This analysis is automatically triggered as soon as the site visitor enters the site. For this analysis, reCAPTCHA evaluates various data (e.g., IP address, the time the site visitor spent on the site, or mouse movements initiated by the user). The data tracked during these analyses is sent to Google. reCAPTCHA analyses run entirely in the background. Site visitors are not notified that an analysis is underway. Data is processed on the basis of Article 6(1)(f) GDPR. Website operators have a legitimate interest in protecting the operator’s web content against misuse by automated industrial espionage systems and against SPAM.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the CJEU ruled that the protection offered by the EU–US Privacy Shield is not adequate.
Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC). For more information regarding these Clauses, we recommend visiting: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.
Google reCAPTCHA uses Standard Contractual Clauses as an adequate safeguard regarding data protection, in line with the level of protection guaranteed by the GDPR. For more information, please consult Google’s Privacy Statement available here: https://policies.google.com/privacy and here: https://policies.google.com/terms?hl=en.
This website uses the functions of the Google Analytics analysis service. The provider of this service is Google Inc., headquartered in the United States of America, 1600 Amphitheatre Parkway, Mountain View, CA 94043. Google Analytics uses so-called cookies. Cookies are text files that are stored on your computer and that enable an analysis of the website’s use by users. The information generated by the cookies regarding your use of this platform is usually transferred to a Google server in the United States, where it is stored.
The storage of Google Analytics cookies and the use of this analysis tool are based on Article 6(1)(f) GDPR. The operator of this platform has a legitimate interest in analyzing user patterns in order to optimize both the services offered online and the operator’s advertising activities.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the CJEU ruled that the protection offered by the EU–US Privacy Shield is not adequate. Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC). For more information regarding these Clauses, we recommend visiting: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.
Data transmission to the United States of America is based on the European Commission’s Standard Contractual Clauses (SCC).
We have activated IP anonymization on this website. As a result, the IP address will be abbreviated by Google in the member states of the European Union or in other states that have ratified the European Economic Area Agreement before being transmitted to the United States. The full IP will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this platform, Google will use this information to analyze your use of this platform, to generate reports regarding website activities, and to provide other services to the operator of this platform in connection with website use. The IP address transmitted together with Google Analytics from your browser will not be merged with other data in Google’s possession.
This website uses the “demographics” function provided by Google Analytics, through which reports providing information regarding the age, gender, and interests of website visitors are generated. The sources of this information are interest-based advertising generated by Google and third-party service providers’ visitor data. These data cannot be allocated to a specific individual. You have the option to disable this function at any time by making relevant changes to the advertising settings in your Google account, or you can generally prohibit the recording of your data by Google Analytics.
User-level and event-level data stored by Google associated with cookies, user IDs, or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) will be anonymized or deleted after a maximum of 14 months. For details, click the following link:
https://support.google.com/analytics/?hl=en#topic=3544906.
This website has integrated Google Consent Mode v2, a technology that allows websites to adjust how cookies and other data storage methods are used according to the consent provided by users. The main purpose is to help websites comply with data protection regulations, such as the GDPR and the CCPA, while optimizing site functionality and analytics.
Benefits of integrating Google Consent Mode v2 include:
Google Consent Mode v2 is an essential tool for sites that want to balance the need for useful data for operations and marketing with respecting users’ privacy rights. More information is available here: https://cookie-compliance.co/documentation/google-consent-mode/.
Our site uses the functions of Google Analytics Remarketing in combination with the functions of Google Ads and Google DoubleClick that operate across devices. The provider of these solutions is Google Inc., headquartered in the United States of America, 1600 Amphitheatre Parkway, Mountain View, CA 94043.
This function allows the connection of advertising target groups generated with Google Analytics Remarketing with the functions of Google Ads and Google DoubleClick that operate across devices. This makes it possible to display personalized interest-based advertising messages, according to previous usage and browsing patterns on one device (e.g., mobile phone), in a manner adapted for you and for any of your devices (e.g., tablet or PC).
If you have given us your consent, Google will connect the progress of the web browser and the app to your Google account for this purpose. Therefore, the same personalized advertising messages may be displayed on each device on which you log in with your Google account.
To support this function, Google Analytics records the IDs of users authenticated and temporarily logged into Google Analytics data to define and compile target groups so that ads are displayed across devices.
You have the option to make permanent objections regarding remarketing / targeting across devices by disabling personalized advertising in your Google account. To do this, follow this link: https://www.google.com/settings/ads/onweb/.
The consolidation of the data recorded in your Google account will take place exclusively on the basis of your consent which you can give to Google and also revoke (Article 6(1)(a) GDPR). For data recording processes that are not consolidated in your Google account (e.g., because you do not have a Google account or you have objected to data consolidation), recording is carried out on the basis of Article 6(1)(f) GDPR. The legitimate interest lies in the operator’s interest in the anonymous analysis of site visitors for advertising purposes.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the CJEU ruled that the protection offered by the EU–US Privacy Shield is not adequate. Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC).
For more information and relevant data protection regulations, please consult Google’s data privacy policies at: https://policies.google.com/technologies/ads?hl=en.
This site uses Google Ads. Ads is an online promotional program of Google Inc. – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America (“Google”).
In connection with Google Ads, we use a tool called Conversion Tracking. If you click on an ad published by Google, a cookie will be placed for conversion tracking purposes. Cookies are small text files that the web browser places on the user’s computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this site and the cookie has not yet expired, Google will be able to recognize that the user clicked on an ad and was connected to this page.
A different cookie is assigned to each Google Ads customer. These cookies cannot be tracked via Ads customers’ websites. The information obtained by using conversion cookies is used to generate conversion statistics for Ads customers who have opted to use conversion tracking. Users receive the total number of users who clicked on their ads and were connected to a page equipped with a conversion tracking tag. However, they do not receive any information that would allow them to personally identify these users. If you do not want to be involved, you have the option to object to this use by easily disabling the Google conversion tracking cookie via your web browser in accordance with the user settings. If you do this, you will not be included in the conversion tracking statistics.
The storage of “Conversion” cookies and the use of this tracking tool are based on Article 6(1)(f) GDPR. The site operator has a legitimate interest in analyzing user patterns for the purpose of optimizing the operator’s web offers and advertising.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the CJEU ruled that the protection offered by the EU–US Privacy Shield is not adequate. Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC).
For more detailed information about Google Ads and Google Conversion Tracking, please consult Google’s Privacy Policies at: https://policies.google.com/privacy?hl=en.
You can configure your browser to notify you whenever cookies are placed and you can allow cookies only in certain cases or exclude the acceptance of cookies in certain cases or for all situations, and you can also enable the automatic deletion of cookies after closing the browser. If you disable cookies, the functions of this website may be limited.
To measure conversion rates, our site uses the Facebook visitor activity pixel, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
This tool allows tracking page visitors after they have been connected to the provider’s website after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.
For the operators of this site, the data collected are anonymous. We are not in a position to draw any conclusions regarding users’ identity. However, Facebook stores and processes the information such that a connection to the respective profile is possible, and Facebook is able to use the data for its own promotional purposes, in accordance with Facebook’s Data Use Policy. This allows Facebook to display ads both on Facebook pages and outside Facebook. The operators of this site have no control over the use of these data.
The use of Facebook Pixel is based on Article 6(1)(f) GDPR. The site operator has a legitimate interest in effective advertising campaigns, which also include social media.
Considering the Judgment of 16 July 2020 (in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the CJEU ruled that the protection offered by the EU–US Privacy Shield is not adequate. Therefore, the transfer of personal data to the US and other countries outside the EEA is based on the European Commission’s Standard Contractual Clauses (SCC). In Facebook’s data privacy policies, you will find additional information about privacy protection at: https://www.facebook.com/about/privacy/.
You also have the option to disable the “Custom Audiences” remarketing function in the Ad Settings section at: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must first log in to Facebook.
If you do not have a Facebook account, you can disable user-based advertising by Facebook on the website of the Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/ro/optiunile-mele.
We process personal data to the extent necessary to conclude or modify a contractual relationship with our company, in compliance with Article 6(1)(b) GDPR. Thus, we process (collect, record, structure, store, modify, retrieve, etc.) personal data from the moment you access this website only for the purpose of facilitating access to our products or services and/or to collect their value.
According to the Regulation, “in order to maintain security and prevent processing that infringes this Regulation, the controller or processor should evaluate the risks inherent in the processing and implement measures to mitigate those risks, such as encryption” – Recital 83. Therefore, the availability of strong and effective encryption is a necessity to guarantee the protection, confidentiality, and integrity of personal data.
During the process of purchasing products marketed through this website, your bank data is safe! We use secure encryption methods, with data being transmitted via high-security connections to financial institutions. Thus, the data you provide to make payments is not transmitted to third parties and is not stored in databases (except where the option to save the card in the user account is chosen).
According to the information on the site https://plati.online/gdpr/, for PlățiOnline the protection of personal data is a priority. A complete list of processed data can be found in PlățiOnline’s own Policy, with the processing of personal data being carried out for the final purpose of making the online payments you request or of which you are a beneficiary.
The purposes for which PlățiOnline processes your data are:
Regarding the transfer of personal data by PlățiOnline, it will be carried out only when necessary for the provision of services or for compliance with certain obligations incumbent on PlățiOnline as a provider of online payment services. The legal basis for data processing is primarily Article 6(1)(a) GDPR, but also Article 6(1)(b) or (f) GDPR.
This policy regarding the processing of personal data is drafted in accordance with the provisions of Regulation no. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as other applicable national legal provisions. We reserve the right to make any additions or changes to this Policy. We recommend consulting the Policy regularly for accurate and updated information regarding the processing of personal data.
For more details regarding this GDPR Policy, as well as for exercising any of the rights mentioned above, a written notice may be sent to the contact details indicated above.
Last updated: 12.08.2025
Sign up for our newsletter and take the first step in joining our community! Stay updated with the latest news, events, and educational resources from the hub.
