Introduction
This Privacy Notice ("Notice") is issued by SMART OUTSOURCING SERVICES S.R.L., a company duly registered in Romania under company number J40/7181/2022, with registered address: Bucharest, Sector 4, Str. Verzisori, No. 6, Bl. D, Ap. B118, CP 040301 ("Company", "we", "us", or "our").
This Notice applies to the Company's website and any associated platforms (collectively, the "Website"). Our core activities involve IT services, including software development, consulting, and marketing support.
This document outlines how we collect, use, store, and protect personal data in accordance with the General Data Protection Regulation (EU Regulation 2016/679, "GDPR") and applicable Romanian data protection laws. Continued use of the Website or our services constitutes acceptance of the practices detailed herein.
Should you have any inquiries, please contact us at [email protected].
Data Controller
SMART OUTSOURCING SERVICES S.R.L. acts as the data controller and is responsible for the processing of your personal data. As a data controller, we are committed to ensuring that your personal information is handled lawfully, transparently, and securely, and in accordance with applicable data protection legislation.
Personal Data Collection and Usage
We collect the following categories of personal data:
- Contact Information: email addresses, phone numbers, mailing addresses.
- Identity Verification Data: full names, national ID numbers, passport details, and similar identifiers.
- Technical Data: IP addresses, browser types, device identifiers, and activity logs.
- Professional Data: employment history, position titles, and other job-related information.
- Compliance Information: data required for AML/KYC verification and sanctions checks.
- Recruitment Data: CVs, references, education, and professional background.
- Communication Logs: recordings and transcripts from support and project calls.
- Referral and Relationship Information: data regarding relationships with partners and service providers.
Purposes of Data Processing
Your personal data is processed for the following purposes:
- Service Fulfillment: To enter into and manage client and service provider contracts.
- Communication: To respond to inquiries, provide updates, and send service notifications.
- Legal and Regulatory Compliance: For AML, fraud prevention, and other mandatory checks.
- Employment and Recruitment: For evaluating job applications and engaging talent.
- Marketing: To provide relevant service offers, newsletters, and market updates.
- Internal Operations: To improve business operations, product offerings, and website functionality.
- Dispute Resolution: For managing legal claims and related proceedings.
Legal Bases for Data Processing
We rely on the following legal grounds under GDPR for data processing:
- Contractual Necessity: Processing required for contract performance.
- Legal Obligation: Processing required to fulfill legal responsibilities.
- Legitimate Interest: Processing necessary for our business interests that do not override your rights.
- Consent: Where explicit consent is obtained, particularly for marketing.
Data Sharing and Disclosure
We do not sell or rent personal data. However, we may disclose data:
- To service providers who support us in IT, hosting, support, HR, and compliance.
- To legal authorities when legally mandated or for protecting legal rights.
Data Collection Practices
We collect personal data through:
- Direct interactions: such as forms, applications, or communications.
- Automated tools: like cookies and analytics.
- Third-party sources: including government records, public databases, and business partners.
Data Retention
We retain your data for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws. After the retention period, data is securely deleted or anonymized.
Your Rights
Under GDPR, you have the right to:
- Access your data.
- Rectify inaccuracies.
- Request deletion (right to be forgotten).
- Restrict processing.
- Object to processing.
- Request data portability.
- Withdraw consent at any time.
To exercise your rights, contact us at [email protected].
Data Provision Requirements
Some data is required to fulfill legal and service obligations. Failure to provide necessary data may limit access to our services. Optional data is collected only with your consent.
Dispute Resolution and Complaints
You may contact us with complaints or concerns. If unresolved, you may lodge a complaint with Romania's National Supervisory Authority for Personal Data Processing (ANSPDCP).
International Data Transfers
If data is transferred outside the EU/EEA, we ensure appropriate safeguards (e.g., Standard Contractual Clauses) are in place to protect your data.
Information Security
We implement robust technical and organizational measures to ensure the confidentiality, integrity, and availability of your data, including encryption, access controls, and monitoring.
Children's Privacy
Our services are not directed at children under 18, and we do not knowingly collect data from minors.
Updates to This Notice
This Notice may be updated from time to time. Updates will be posted on the Website with the "Last Updated" date. You are encouraged to review this Notice regularly.
Contact Us
For any questions regarding this Privacy Notice or the processing of your personal data:
Email: [email protected]