← Back to homepage

Privacy Policy

Art. 1 – General provisions

This policy regulates the manner in which the Platform processes the personal data of users, in accordance with Regulation (EU) 2016/679 and Law no. 190/2018.

The Platform acts as a personal data controller, being responsible for ensuring compliance with the principles of legality, fairness, transparency, minimization, integrity and confidentiality.

Art. 2 – Categories of processed data

The Platform may collect and process the following categories of data:

  • Identification data: name, surname, personal identification number, series and number of the identity document, to the extent strictly necessary;
  • Contact data: email address, phone number, postal address;
  • Legal, contractual and commercial data: contracts, fiscal and accounting documents, information necessary for providing the services;
  • Special data: within the limits of the law, when necessary for solving specific legal situations (e.g. health data or biometric data), exclusively on the basis of explicit consent or a legal obligation.

Art. 3 – Purposes of processing

The data are processed for the following purposes:

  • providing legal and operational services through the Platform;
  • preparing, transmitting and archiving documents;
  • fulfilling legal obligations, including fiscal and accounting ones;
  • communication with users;
  • defending the rights and legitimate interests of users before courts or public authorities.

Art. 4 – Processing of the national identification number

The processing of the personal identification number or other national identification numbers is carried out exclusively under the conditions provided by art. 4 of Law no. 190/2018, with the implementation of appropriate safeguards.

  • limiting access to data only to authorized persons;
  • establishing clear storage and deletion periods;
  • implementing technical measures for data security;
  • training persons involved in processing activities.

Art. 5 – Confidentiality and obligations

The Platform respects absolute confidentiality regarding all information and documents obtained.

The obligation to maintain professional secrecy applies throughout the entire duration of the collaboration and after its termination, regardless of the reason.

The data cannot be disclosed to third parties without the consent of the data subjects, except in cases expressly provided by law.

Copying, transmitting or using for personal purposes or in favor of third parties the documents or information obtained through the Platform is prohibited.

Art. 6 – Storage duration

The data are stored for the period necessary to fulfill the purposes for which they were collected and subsequently, in accordance with the applicable legislation regarding archiving and professional or fiscal obligations.

Periodic review and deletion of data are carried out in accordance with Law no. 190/2018.

Art. 7 – Rights of the data subjects

The data subjects benefit from the following rights:

  • the right of access to data;
  • the right to rectification and updating;
  • the right to erasure of data ("the right to be forgotten");
  • the right to restriction of processing;
  • the right to data portability;
  • the right to object;
  • the right to withdraw consent, where applicable.

The exercise of these rights can be carried out by submitting a written request to the Platform.

Art. 8 – Data recipients

The data may be communicated, in accordance with the law, to:

  • courts and public authorities;
  • contractual partners (e.g. accountants, IT providers), limited to strict necessity;
  • collaborators of the Platform, based on contractual confidentiality obligations.

Art. 9 – Data protection officer

The Platform will designate a data protection officer in the situations provided by law, in accordance with art. 37 of the GDPR and Law no. 190/2018.

In the absence of a legal obligation to designate one, the Platform ensures a single contact point for exercising users' rights.

Art. 10 – Security of processing

The Platform implements appropriate technical and organizational measures to protect data against unauthorized access, loss or destruction.

These measures include access control, encryption, periodic backups and training of authorized personnel.

Art. 11 – Liability and sanctions

Violation of the provisions of this policy may result in civil, disciplinary, contraventional or criminal liability.

Sanctions are applied in accordance with Regulation (EU) 2016/679 and Law no. 190/2018.

Art. 12 – Contact

For exercising rights or for additional information, users may submit a written request to the email address indicated by the Platform or to its registered office.