Privacy Policy

The purpose of this “Privacy Policy” is to inform you about how we store personal data, what it is and what we do with it. Aurix is committed to protecting and respecting your privacy.

We process personal data only for the fulfillment of legal and contractual obligations and for the realization of the legitimate interest of our activity.

Personal data are processed based on the consent of the data subjects, the legitimate interest, or the legal requirements, in accordance with the provisions:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Regulation on data protection) – GDPR,
• Law no. 190/2018 on measures for the implementation of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing of Directive 95/46 / EC (General Data Protection Regulation).
• Law no. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector
• Law no. 129 of July 11, 2019, for preventing and combating money laundering and terrorist financing, as well as for amending and supplementing some normative acts, with subsequent amendments and completions.

The personal data are stored according to the legal provisions, for a period of 5 years from the date of termination of the business relationship with the client or from the date of the occasional transaction. When it is necessary to extend the period of retention of documents, we are obliged to extend the term by 5 years with the period indicated by the competent authorities, without this extension being able to exceed 5 years.

Upon expiration of the retention period, we delete personal data, except in situations where other legal provisions require the continued retention of data.

We share processed personal data:

• with the associated operators, for the provision of services, based on the contractual relations: the accounting service provider, the cloud provider, the identity verification service provider, etc .;
• with public authorities, by virtue of legal obligations.

All contracts with associated operators contain clauses regarding the protection of personal data and the fulfillment of technical and organizational requirements, in accordance with the provisions of GDPR.

The main rights conferred by the GDPR are:

• Transparency of information, communications and ways of exercising the rights of the data subject (Articles 12, 13 and 14);
• the right of access and the right to data portability (Articles 15 and 20);
• the right to rectification and the right to erasure (Articles 16, 17 and 19);
• the right to object to and to restrict the processing (Articles 18, 19 and 21);

For additional information access: //www.dataprotection.ro/?page=noua%20_pagina_regulamentul_GDPR

Customers’ personal data will not be transferred outside the EU.

The data subject, based on the rights conferred by the Regulation, may request confirmation from the operator whether or not his personal data are processed, may request access to those data, as well as a copy thereof. Also, the data subject may request additional relevant information – the reason for processing, categories of data processed, etc.

If the response provided by the operator to the data subject is unsatisfactory, he may file a complaint with the A.N.S.P.C.D.P. (//www.dataprotection.ro/) or in court.

The data subject may at any time request the withdrawal of consent if the processing is not necessary under legal provisions, the legitimate interest, or the development of the contractual relationship. Also, the person can unsubscribe at any time from the communications sent by e-mail.

For additional information or requests related to the protection of personal data, you can send us an email at [email protected]