Privacy Policy

The protection of your data is a responsibility we take seriously. We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and the applicable data protection legislation in Romania.

This policy explains:

  • what data we collect;
  • for what purposes we use it and on what legal basis;
  • how long we keep it;
  • who we share it with;
  • what rights you have and how you can exercise them.

Data Controller

SC Risksoft SRL

  • Rsksoft SRLStr. Ing. Giulini nr. 7060103, Bucharest, Romania
  • Company Reg. No.: J2001004559404· VAT ID: RO13873074
  • Email: support@risksoft.ro
  • Website: www.risksoft.eu

Risksoft is currently not legally required to appoint a Data Protection Officer (DPO). For any personal data inquiries, you can contact us at the email address above.

Scope of This Policy

This policy applies to all users and visitors of the website, as well as to the services provided through it, including contact forms, commercial inquiries, and newsletter subscriptions.

What Data We Collect

Data provided directly:

  • First and last name
  • Email address
  • Phone number
  • Company and position
  • Message submitted through the form


Automatically collected data:

  • IP address, anonymized where possible
  • Browser, operating system, and device type
  • Pages visited and website interactions
  • Cookies and online identifiers
  • We only collect data necessary for the described purposes.

Purposes and Legal Bases

Responding to requests

Legal basis: legitimate interest – Art. 6(1)(f) GDPR

Sending offers and commercial communications

Legal basis: consent – Art. 6(1)(a) GDPR

Newsletter

Legal basis: consent or performance of the requested service – Art. 6(1)(a) / Art. 6(1)(b) GDPR

Website functionality and security

Legal basis: legitimate interest – Art. 6(1)(f) GDPR

Traffic analysis and optimization

Legal basis: consent for analytical cookies – Art. 6(1)(a) GDPR

Cookies and Traffic Analysis

The website uses cookies for functionality, security, and analysis.

Google Analytics:

  • used for aggregated usage statistics;
  • IP addresses are anonymized where possible;
  • active only with your consent.

Cookiebot:

  • manages cookie consent;
  • stores your preferences as proof of GDPR compliance

Recipients and Processors

Data may be processed by contractual providers for:

  • hosting and IT infrastructure;
  • email and communication services;
  • traffic analysis;
  • marketing, where applicable.

All processors are contractually required to ensure the confidentiality and security of personal data.

International Transfers

Some services used, such as Google or Microsoft, may involve data transfers outside the European Economic Area.

These transfers are carried out, where applicable, based on:

  • Standard Contractual Clauses (SCC); and/or
  • the EU–US Data Privacy Framework, where applicable.

Retention Period

Response to requests

12 months

Commercial communications

until consent is withdrawn

Newsletter

until unsubscribe

Cookies

according to the specific duration of each cookie type

Technical logs

up to 6 months

Data required for defending rights

according to statutory limitation periods

Automated Decisions and Profiling

We may use automated processing for:

  • content personalization,
  • usage statistics,
  • marketing, only with your consent.

We do not make automated decisions that produce legal effects or significantly affect users.

Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

access control;

encryption in transit, where applicable;

security monitoring;

internal policies and periodic audits.

Your rights

You have the right to:

access your personal data;

object to processing;

rectify inaccurate data;

data portability;

erase your data;

withdraw consent;

restrict processing;

file a complaint.

Competent authority:

ANSPDCP – www.dataprotection.ro

To exercise your rights:

support@risksoft.ro

Direct Marketing

You may object at any time to the processing of your personal data for direct marketing purposes.

In this case, we will no longer use your data for this purpose.

Updates

We may update this policy periodically to reflect legal, technical, or operational changes. The current version will always be available on the website.