Skip to content

Privacy Policy

SMART TOUCH TECHNOLOGIES SRL respects each person’s right to protection of personal data and has adopted measures to comply with the legal provisions provided by EU Regulation no. 679/2016 (“GDPR”), as well as the other regulations in force, in the field of personal data protection.
Among the compliance measures adopted is this Privacy Policy. The provisions of this policy apply to you if:

  • You are a visitor of the site www.smartouch.ro and you want to benefit from the presentation of our services and the demo version of the programs developed by STT;
  • You are a visitor of the site www.smartouch.ro and request a financial offer for the use of services and programs provided and developed by STT;
  • You choose to subscribe to our newsletter and to receive commercial communications.

To make our message as accessible as possible, in this policy, we will address you using the term "User".

  • Who are we?

We are SMART TOUCH TECHNOLOGIES SRL, a limited liability company, headquartered in Bucharest, Str. Cristea Mateescu no. 5, Block T6A, Floor 7, Ap 41, Sector 2, having CUI 44692175 and registered at the Trade Register Office under number J40 / 14158/2020 (hereinafter referred to as “STT”, “We”, “Operator”).
As a personal data controller, we determine how we process personal data, for what purposes and by what means.

  • Our contact details

You can always contact us by one of the following methods:

  • In writing, at the registered office in Bucharest, Str. Cristea Mateescu no. 5, Block T6A, Floor 7, Ap 41, Sector 2;
  • By e-mail, to dpo@smartouch.ro

By browsing our site, you agree to the processing rules described in this Privacy Policy.

  • Field of application

This privacy policy provides information on the personal data processing relating to persons visiting the site and requesting the financial offer or demo version of STT services / programs.

  • The right to confidentiality and data protection

As a User, you can choose what information you want to share with us. Of course, certain information will be required to provide our services and the operation of the site in optimal conditions. However, our services do not always require all the data you can provide us.
To disclose as little personal information and data as possible, you can use:

  • Restriction options related to Cookies. This way, you can install additional extensions in your browser to block unnecessary cookies. By doing so, you will not see any interest-based ads.
  • Advertising restriction options. If you do not wish to receive informative communications from us, you may unsubscribe at any time. In this case, we will not be able to send you any of our offers or communications.

 

  • What personal data do we process?

To be able to offer Users the demo version of STT services, we use various tools and systems that are necessary for this functionality.
We also use external and internal tools and systems to process your personal data for personnel management and business operations purposes.
By using tools and systems, we collect, process, and store the following categories of personal data:

  • Contact information:

Name and surname, telephone number, e-mail address, position, name of the employer / company, field of activity.
Reason - if you contact us, we collect this data because we need to know who we are talking to and what we have talked about, so we can help you with the issue you have contacted us about.

  • Contact information:

Name and surname, position held, name of employer / company, field of activity, number of employees.
Reason - after receiving the request to see or use the demo version of the STT services, we will process this data to send you the demo version, as well as to establish the details of a presentation made by a STT representative.

  • Contact information

Name and surname, position, and name of employer / company
Reason - we will process this data if, after using the STT services, you will express your opinion on them in the dedicated section of the site.

  • Device information and access data:

Device ID, device identification, operating system and version, access time, configuration settings, Internet connection (IP) information
Reason - with each access, this information is stored for technical reasons. We also use parts of this information to detect suspicious behaviour at an early stage and to prevent any fraud.

  • Communication data:

Email Address
Reason - If you want to receive a commercial communication, we need your e-mail address to send you the financial offer related to our services, as well as informative communications (newsletter).

 

  • For what purposes do we process personal data?

We only process your personal data in accordance with legal requirements. We pay special attention to the observance of the principles applicable to the processing of personal data.

  • Data processing to conclude a contract

To be able to offer you our services, the processing of personal data is essential. Much of this data is transmitted to us by you directly, and others are collected automatically when you use our platform. You can help us by sharing with us only the data we need to fulfil our contractual obligations.
Categories of personal data: Contact information
Legal basis: Article 6 para. 1 (b) GDPR, execution of the contract

  • Advertising and marketing

Direct Marketing and Newsletter
If you have provided us with your e-mail address, we reserve the right to send you offers of our services by e-mail.
Not only the content of our newsletters differs, but also the technologies and criteria we use to design newsletters and share user groups.
This is a profiling process in which we automatically process your data.
Specific segmentation may have a legal effect on you or may have an impact in other ways if you receive certain newsletters.
If the automatic decision-making affects you negatively and you do not agree with this, you can contact us at the email address contact@smartouch.ro . In this case, we will assess the circumstances of your case individually.

Categories of personal data: Name, surname, e-mail address
Legal basis: The processing of data in this respect takes place only based on the consent given for personalized direct advertising in accordance with art. 6 para. 1 lit. (b) GDPR.

If you initially objected to the use of your email address for this purpose, we will not send you an email for marketing purposes. You have the right to object to the use of the e-mail address for the mentioned advertising purposes, at any time, with effect for the future, notifying us at the email address contact@smartouch.ro. Upon receipt of your objection, we will immediately discontinue using your email address for advertising purposes.

  • Cookies

To make the use of our site as pleasant as possible and to allow the use of certain functions, we use the so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, for example after the browser closes (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies). You can adjust your browser options so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude cookies for certain specific cases or in general. Excluding the use of certain cookies may limit the functionality of our site / application.
Legal basis: In the situation where the data processing is performed with your consent, the legal basis of the processing is represented by art. 6 para. (1) lit. a) GDPR, respectively your consent. Otherwise, the processing is performed based on our legitimate interest, in accordance with the provisions of art. 6 para. (1) lit. f) GDPR. Our legitimate interest is the purpose mentioned above.

You can access our cookie policy with all the cookies we use here.

  • Managing relations with Users

We offer great importance to providing a quality service. Therefore, we want to be available to answer all your questions. To answer these questions and to understand the general problem, we store information about the conversations you have with our representatives when you contact us.
The content of the information we store depends on the information you provide to us in our communications.
Categories of personal data: Contact information, Communications information
Legal basis: Article 6 paragraph (1) letter b) GDPR, execution of the contract.

  • Fraud prevention and security of our platform

To protect our Users and the site from possible attacks, we continuously monitor the activities on our site carried out by all visitors. To this end, we use various technical measures to ensure that all suspicious behaviours is detected from the beginning and prevented in time. To achieve this goal, several monitoring mechanisms run in parallel and prevent potential attackers from accessing the site.
The decision-making process is automated and can have a legal effect on the person concerned or affect them in a similar way. If automatic decision-making has negative consequences for you and you do not agree with it, you can contact us according to the information in the Contact section. In this case, we will analyse the circumstances of your case individually.
Categories of personal data: Device information and access data, Contact information
Legal basis: Article 6 para. (1) lit. a) GDPR, Consent

  • Mergers and acquisitions, change of control

We would also like to inform you that in the event of a merger with or acquisition by another company, we will disclose information about you to that company. Of course, we will ask that company to comply with the legal provisions on the protection of personal data.
Categories of personal data: Contact information, Information regarding the professional activity / function
Legal basis: Article 6 para. (1) lit. f) GDPR, legitimate interest. Our legitimate interest is the purpose described above.

 

  • Who are our collaborators and where do we process your personal data?

We never provide your personal data to unauthorized third parties. However, as part of our business, we use the services of selected service providers and offer them limited and strictly monitored access to some of the data we hold. However, before sending personal data to these partner companies for them to process the data on our behalf, each company is subject to an individual audit. All recipients must comply with the legal provisions on the protection of personal data and demonstrate the level of data protection with adequate evidence.

  • Service providers

We process your personal data through various authorized persons in our daily activity. They process your personal data according to the provisions of art. 28 of the GDPR, only in accordance with our instructions and having no claims or rights over such data. We also perform checks on proxies and ensure that we process data only through proxies that meet our highest standards.
As we process data through different proxies, which we sometimes change, it is not appropriate to identify the specific recipients of personal data. However, if you are interested, we will gladly reveal the name of the proxy / proxies, through which we process data, at the time of the request.

  • Third parties

In addition to the authorized persons mentioned above, we also collaborate with third parties, to whom we also transmit your personal data, but who do not obey our instructions. These are, for example, our consultants, lawyers, or tax consultants to whom we provide your data, by us, on a contract basis and who process that data for legal reasons or to protect our own interests. This operation will never take place without your express consent.

  • Criminal investigation bodies and legal proceedings

Unfortunately, it is possible that a small portion of our Users and Service Providers may not behave in good faith in accordance with the law and intend to harm us. In such cases, we are not obliged to disclose personal data, only by virtue of legal obligations, but also based on our interest in preventing damages, in order to enforce our claims and to combat unjustified claims.

  • Data processing outside the UE

We process your personal data, mainly within the European Union (EU) and the European Economic Area (EEA). However, some of our service providers mentioned above are based outside the EU and in the EEA.
The GDPR imposes high data protection standards on the transfer of personal data to third countries. All our data recipients must ensure that these standards are met. Before transferring your data to a third-country service provider, each service provider is first assessed on its level of data protection. Only if they can demonstrate an adequate level of data protection will they be listed as service providers.
Whether our service providers are in the EU / EEA or in third countries, each service provider must sign a data processing agreement with us. Non-EU / EEA service providers need to meet additional requirements. According to art. 44 f. GDPR personal data may be transferred to service providers who meet at least one of the following requirements:

  1. The Commission has decided that the third country provides an adequate level of protection (eg Israel and Canada).
  2. The standard data protection clauses adopted. These are contractual clauses that cannot be modified by the contracting parties and in which they undertake to ensure an adequate level of data protection.
  3. Approved certification mechanism.
  • For how long do we store your data?

In general, we delete your data after the purpose of the processing has been fulfilled. The data collected is marked with a deletion rule. When the retention period has expired, the stored data will be deleted accordingly.
We will delete your personal data either if you want to do so, let us know and the deletion is possible according to the legal rules, or if your account is no longer paid, according to the payment rules. Before this happens, you will receive a separate notification from us at the email address registered in your User account.
In addition to the deletion rules defined by us, we will keep the data for the period for which we have a legal obligation to keep. For example, tax data must be kept for a period of six to ten years or even longer in some cases. These special retention periods vary according to the legal provisions contained in existing local legislation.
Therefore, despite your request to delete personal data, we may be required to retain some of the data due to legal regulations. In this case, however, we will restrict the data from further processing.

  • Our cookies policy

You can access here our cookie policy with all the cookies we use.

IX. The rights of the data subject
In accordance with the provisions of the Regulation, you have, as a data subject, the following rights:
The right to access data
In accordance with this right, you can obtain from us a confirmation of the processing of personal data concerning you, as well as access to such data. At the same time, you can obtain a copy of the personal data provided to us and which are subject to processing. For any other copies requested by you, we have the right to charge a reasonable fee, based on administrative costs. If you enter the application in electronic format and unless you request another format, the information will be provided to you in a commonly used electronic format.

The right to rectification and updating of data
According to this right you can obtain the rectification of your personal data, if they are wrong or inaccurate, as well as the completion of personal data, in case they are incomplete.

The right to delete data
According to this right, you can request the deletion of personal data concerning you, without undue delay, and we have the obligation to delete such data, when:

  1. personal data are no longer necessary for the purposes for which they were collected or processed.
  2. withdraw your consent based on which the processing takes place and there is no other legal basis for the processing.
  3. you object to the processing and there are no legitimate reasons prevailing in terms of processing.
  4. personal data have been processed illegally.
  5. personal data must be deleted to comply with a legal obligation incumbent on us under European Union law or Romanian law.

 

The right to restrict processing
According to this right, you have the possibility to restrict the processing of your personal data, in certain situations, provided by the Regulation.

The right to data portability
Under this right you may receive your personal data, as provided to us, in a structured, commonly used and automatically readable format and to transmit this data to another operator, under certain conditions.

The right to opposition
You have the right to object, for reasons related to the situation in which you are, at any time, to the processing of your personal data, including the creation of profiles based on those provisions.

Profiling rights and decisions based solely on automatic processing, including profiling
Under this right you can oppose profiling as well as making decisions based solely on automatic processing.

The right to file a complaint
Based on art. 77 of the Regulation, you have the right to file a complaint to the National Authority for the Supervision of Personal Data Processing (ANSPDCP), if you consider that the processing of your personal data is not carried out in accordance with the provisions of the Regulation.
The supervisory authority responsible for us is: The National Authority for the Supervision of Personal Data Processing, based in Bucharest, Bd. General Gheorghe Magheru no. 28-30, Sector 1, email: anspdcp@dataprotection.ro.
To exercise your rights, you can contact us at any time at contact@smartouch.ro

The right to withdraw your consent
If we have processed your personal data on the basis of consent, you may withdraw your consent to the processing at any time, without affecting the lawfulness of the processing of personal data by us, based on consent, before its withdrawal.
If you wish to exercise any of the rights mentioned above, please contact us in one of the ways provided in "Our Contact Details".

  • The right to change

We reserve the right to change this privacy policy in accordance with legal provisions. We will keep you informed of any significant changes, such as changes in purpose or new processing purposes.

  • How can you exercise your rights as data subjects and what are our contact details?

For requests regarding the processing of your personal data, please contact us:
By email: dpo@smartouch.ro
At the address: Bucharest, Str. Cristea Mateescu no. 5, Block T6A, Floor 7, Ap 41, Sector 2