Privacy Policy

Last updated: April 2026

1. Introduction

Constsoft Systems ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website at constsoftsystems.com and interact with our services. This policy should be read alongside our Cookie Policy, GDPR Policy, and Terms & Conditions.

2. Data controller

Constsoft Systems

Central Business Plaza, Str. Ploiesti Nr. 9

Cluj-Napoca, Romania

Email: hello@constsoftsystems.com

Constsoft Systems acts as the data controller for all personal data collected through this website, in accordance with Regulation (EU) 2016/679 (GDPR) and Romanian Law 190/2018.

3. Information we collect

We collect and process the following types of information:

a) Information you provide voluntarily

When you submit our contact form, you may provide your name, email address, company name (optional), service of interest, and a message describing your project or inquiry. We only collect this information when you actively choose to submit the form.

b) Information stored locally on your device

We use your browser's localStorage to save your theme preference (light/dark mode) and cookie consent status. This data is stored only on your device and is never transmitted to our servers. For full details, see our Cookie Policy.

c) Automatically collected information

Our hosting provider may collect standard server logs including IP addresses, browser type, and timestamps for security and performance purposes. This data is not used by us for tracking or profiling. We do not use analytics, tracking pixels, or third-party cookies.

d) Recruitment data

When you submit an application through our Careers page, you may provide your name, email address, area of interest, and a CV/resume. Your CV may contain additional personal information such as phone number, LinkedIn profile URL, postal address, education history, and work experience. We only collect this information when you actively choose to submit the application form.

4. How we use your information

We process your personal information for the following purposes:

  • To respond to your inquiries submitted through the contact form
  • To discuss potential project collaborations based on your request
  • To remember your website preferences (theme selection)
  • To ensure the security and proper functioning of our website
  • To comply with legal obligations under Romanian and EU law

We do not use your personal data for automated decision-making or profiling.

5. Legal basis for processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Consent (Art. 6(1)(a) GDPR)

When you voluntarily submit the contact form or acknowledge our cookie notice. You may withdraw your consent at any time by contacting us.

Legitimate interest (Art. 6(1)(f) GDPR)

To ensure the security and functionality of our website and to respond to business inquiries. We have assessed that these interests do not override your fundamental rights and freedoms.

Legal obligation (Art. 6(1)(c) GDPR)

Where we are required to process or retain data to comply with applicable laws, including Romanian fiscal and commercial regulations.

6. Data sharing and transfers

We do not sell, trade, or rent your personal information to third parties. Your data may be processed by trusted third-party service providers who act as data processors on our behalf for purposes such as website hosting, content delivery, and secure data storage.

All service providers are contractually obligated to protect your data and process it only according to our instructions, in compliance with GDPR Article 28. Where data may be transferred outside the EEA, appropriate safeguards (such as Standard Contractual Clauses) are in place. You may request a list of our current data processors by contacting us at hello@constsoftsystems.com.

7. Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form submissions— Retained for a maximum of 12 months after your inquiry has been resolved, unless a longer retention period is required for an ongoing business relationship or by law.
  • Recruitment/candidate data— Applications and CV files submitted through the Careers page are retained for a maximum of 12 months from the date of submission, after which they are permanently deleted.
  • Server logs— Retained according to our hosting provider's data retention policy (typically up to 30 days).
  • Browser localStorage data— Persists until you clear it manually from your browser.

8. Your rights

Under GDPR (Articles 15–22) and Romanian Law 190/2018, you have the following rights regarding your personal data:

  • Right of access (Art. 15)— Request a copy of the personal data we hold about you
  • Right to rectification (Art. 16)— Request correction of inaccurate or incomplete data
  • Right to erasure (Art. 17)— Request deletion of your personal data ("right to be forgotten")
  • Right to restriction (Art. 18)— Request that we limit the processing of your data
  • Right to data portability (Art. 20)— Request your data in a structured, commonly used, machine-readable format
  • Right to object (Art. 21)— Object to the processing of your data based on legitimate interests
  • Right to withdraw consent (Art. 7)— Withdraw your consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at hello@constsoftsystems.com. We will respond to your request within 30 days. For full details on how we handle your data rights, see our GDPR Policy.

9. Data security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include encrypted data transmission (HTTPS/TLS), encryption at rest, access controls limiting who can view submitted data, and regular security reviews of our processes.

10. International transfers

Some of our service providers may operate servers outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or adequacy decisions, to guarantee a level of data protection consistent with GDPR requirements.

11. Children's privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

12. Complaints

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP):

ANSPDCP

B-dul G-ral. Gheorghe Magheru 28-30, Sector 1

010336 Bucharest, Romania

www.dataprotection.ro

13. Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically. Continued use of our website after changes constitutes acceptance of the updated policy.

14. Contact us

For any questions or concerns regarding this Privacy Policy or your personal data, please contact us:

Constsoft Systems

Central Business Plaza, Str. Ploiesti Nr. 9

Cluj-Napoca, Romania

hello@constsoftsystems.com

See also our Cookie Policy, GDPR Policy, and Terms & Conditions.