Privacy Policy | MOD.ON Service & Consultancy SRL

Thank you for your interest in our company, website, services, and/or products. When you wish to establish a relationship with us and use our company’s services (hereinafter referred to as MOD.ON Service & Consultancy SRL), you entrust us with information about yourself, referred to as personal data, and we thank you for your trust. The protection and confidentiality of personal data is a very important subject for us, and we strive to store it securely and process it carefully. In this regard, we explain in a clear and transparent manner our practices regarding the confidentiality of your data

This information is presented in this document (hereinafter referred to as the “Privacy Policy,” “This Document,” or “The Document”), and we kindly ask you to read it together with the Terms and Conditions section (which you can find here).

Our privacy policy aims to inform you about the processing of your personal data in connection with your visit to our website www.modonservice.com (hereinafter referred to as the “site”) and your use of any additional services provided by MOD.ON Service & Consultancy SRL.

By visiting the site, purchasing our products and/or services, or interacting with us in any way, you declare that you agree with the Privacy Policy. If you do not agree with what is described in This Document, please do not use our services.

We inform you that MOD.ON Service & Consultancy SRL is a personal data operator in the sense of GDPR for the processing of personal data.

Introduction. Definitions.
1. Purpose of the Privacy Policy
  - The purpose of this Privacy Policy is to explain what information we process (collect, use, share), why we process it, how we process it, your rights under the GDPR, and how you can update, manage, export, and delete it. In this regard, we act as the operator and, by law, are obliged to provide you with this information. This Privacy Policy applies wherever you find us online.
2. Who are we?
  Below are our identification details:
  - Name: MOD.ON Service & Consultancy SRL
  - Registered Office: Strada Salcamilor nr. 68, Tarlungeni, Brașov County
  - Trade Register Number: J8/2204/2020
  - Tax Registration Code (CUI): 43223936
  - Email: contact@modonservices.eu
  - In accordance with applicable legislation, our company is a personal data operator, and to ensure that your data is processed securely, we make all reasonable and appropriate technical and organizational efforts to protect your personal data.
3. Who are you?
  According to the legislation, you, as a natural person benefiting from our services/products, a representative or contact person of a company that is our client or potential client, a visitor to the site, or a person in any kind of relationship with us, are a “data subject,” meaning an identified or identifiable natural person. To be fully transparent regarding data processing and to allow you to easily exercise your rights at any time, we have implemented measures to facilitate the exercising of rights.
4. Definitions
  - Personal Data: Any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
  - Processing: Any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
  - GDPR (General Data Protection Regulation): Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC.
  - Operator or We: MOD.ON Service & Consultancy SRL, a Romanian nationality company with its registered office at Strada Salcamilor nr. 68, Tarlungeni, Brașov County, registered in the Trade Register under no. J8/2204/2020, with tax registration code 43223936.
  - Data Subject: Any identified or identifiable natural person whose data is processed by us as the operator, such as clients, potential clients, or website visitors.
  - Consent: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
  - Anonymization: The irreversible removal of the identification of personal data, so that the person can no longer be identified using reasonable time, costs, and technology by either the Operator or any other person.
5. Other Services
  - This Privacy Policy does not cover applications and websites of third parties that you may reach by accessing links from our site. We encourage you to review the Privacy Policy of any site and/or application before providing personal data.
  - We are also not responsible for any links from our commercial partners or those placing advertisements within our podcasts or articles, including those on social media profiles. When you click on those links, third parties may collect or share your data.
6. Complaints
  - For any issues or inquiries regarding the processing of personal data, please note that you can submit a complaint to the personal data supervisory authority. However, we ask you to first send us a request at the address mentioned in this document, and we will make every effort to resolve your request as quickly as possible amicably.
  - For Romania, the contact details are as follows:
    - Name: National Authority for the Supervision of Personal Data Processing
    - Address: B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, zip code 010336, Bucharest, Romania
    - Phone: +40.318.059.211 or +40.318.059.212
    - Email: anspdcp@dataprotection.ro
Personal Data and Data Processing
1. Data We Collect and How We Use It
  - Personal data or personal information refers to all information about an individual that can help identify that person, excluding data where the identity has been removed (anonymized data).
  - When you browse our website or contact us for any purpose using any communication channel, you may provide your personal data. We may need to collect, use, store, or transfer certain personal data, directly from you or from other sources, as explained in the table below:
  - Category Included Data Legal Basis
  - Identification Data Name, surname, company name, trade register number, unique identification code, car number, username or similar identifier, position, date of birth, gender, preferred language, country, etc. Art. 6 (1) a), b), c) GDPR – REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 regarding the protection of individuals with regard to the processing of personal data and the free movement of such data.
  - Contact Data Billing address, delivery address, email address, phone number Art. 6 (1) a), b), c) GDPR
  - Profile and Usage Data Username, password, orders made by you, your interests and preferences, feedback provided, responses to surveys, information on how you use our site, products, and services Art. 6 (1) a), b), c) GDPR
  - Financial and Transaction Data Payment information or bank account details, information about purchases Art. 6 (1) a), b), c) GDPR
  - Marketing & Communication Data Your preferences for receiving marketing materials from us and our third parties and preferred communication methods Art. 6 (1) a), b), c) GDPR
  - Automated/Technical Data IP address, login data, browser type and version, location and time zone settings, browser plugins and their versions, operating system, platform, and other technologies on the devices you use to access this site Art. 6 (1) GDPR
  - Please note that we do not collect any Special Categories of Personal Data about you (this includes data about racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, and processing of genetic data, biometric data for unique identification, health data, or data about sexual life or sexual orientation, or convictions and crimes).
2. What Happens If You Do Not Provide Us With Data
  - When we ask you to complete personal data to provide you access to certain functionalities or services of the site, we will mark some fields as mandatory, as these are the information we need to provide you with the service or to grant you access to the respective functionality.
  - Please note that if you choose not to provide us with this information, you may not be able to complete your registration as a user or take advantage of these services or functionalities.
3. Purpose for Collecting Your Personal Data
  - Personal Data Purpose
  - Identification Data (including audio-video, where applicable) User registration, access to materials and products
  - Contact Data User registration, access to materials and products
  - Financial and Transaction Data Conclusion and execution of the sale or service contract you enter into with us
  - Profile Data Improving services, using analytical data to improve the site, products, services, customer department, and experience
  - Marketing and Communication Data To deliver relevant content and personalized advertising and to measure and understand the effectiveness of the advertisements we offer
  - Please note that we will use your personal data only for the purposes for which we collected it, unless we reasonably believe we need to use it for another reason that is compatible with the original purpose.
  - Please be aware that we may process your personal data without informing you or needing your consent, in accordance with the above rules, where the law allows us to do so.
4. Legal Grounds for Processing Personal Data
  - Our legal grounds for processing your personal data will generally be as follows:
  - Your consent for the processing of personal data;
  - Processing is necessary for the conclusion or execution of a contract between you and us;
  - Processing is necessary for the purposes of our legitimate interests or those of another party.
  - Disclosure of Personal Data and Data Transfers
    We inform you that we may disclose your data, complying with applicable law, to business partners or other third parties. We continually strive to ensure that these third parties have appropriate protection and security measures in place. We have contractual clauses with these third parties to ensure your data is protected. In these situations, we will ensure that any transfer is legitimate under the law.
  - We may also transmit data to other parties with your consent or according to your instructions, such as in situations where you exercise a portability request or to competent state authorities, based on and within the limits of legal provisions and as a result of expressly formulated requests.
  - The transfer of personal data to a third country can only take place if the country to which the transfer is intended provides an adequate level of protection.
  - The transfer of data to a country whose legislation does not provide a level of protection at least equal to that offered by the General Data Protection Regulation is possible only if there are sufficient guarantees regarding the protection of the fundamental rights of the data subjects. These guarantees will be established by us through contracts concluded with the suppliers/service providers to whom your personal data will be transferred.
  - Whenever we transfer your personal data outside the EEA, we will ensure that there is a similar level of protection through one of the following safeguarding mechanisms:
  - We will transfer your personal data to countries that have been demonstrated by the European Commission to provide an adequate level of security for personal data.
  - When we rely on certain service providers, we may use certain model contracts provided and approved by the European Commission that offer personal data the same protection they have in Europe.
  - Data Storage
    Please note that we store your personal data only for the period necessary to fulfill the purposes, but not more than 5 years from the termination of the contract or the last interaction with us.
  - After the expiration period, personal data will be destroyed or deleted from IT systems or transformed into anonymous data to be used for scientific, historical, or statistical research purposes.
  - In certain circumstances, we may anonymize personal data (so that it can no longer be associated with you) for scientific, historical, or statistical research purposes, in which case we may use this information indefinitely without notifying you in advance. Please note that in certain expressly regulated situations, we store data for the period imposed by law.
  - Categories of Personal Data
    - Personal Data Category Storage Period
    - Email Address 5 years from the last interaction with us
    - Billing Data (i.e., address, client name, delegate name) 10 years in accordance with the legislation
    - Other Personal Data 5 years
    - Data Security
      We understand how important the security of personal data is and take necessary measures to protect our clients and other individuals whose data we process from unauthorized access to personal data, as well as from unauthorized alteration, disclosure, or destruction of the data we process in our current activities.
    - We have implemented the following technical and organizational security measures for personal data:
      - Dedicated Policies: We constantly adopt and review internal practices and policies for personal data processing (including physical and electronic security measures) to protect our systems from unauthorized access or other possible threats to their security. These policies are subject to constant checks to ensure that we comply with legal requirements and that systems function properly.
      - Data Minimization: We ensure that the personal data we process is limited to what is necessary, appropriate, and relevant for the purposes stated in this Policy.
      - Restricting Access to Data: We try to limit access to personal data we process to the minimum necessary: employees, collaborators, and other persons who need to access this data to process it and fulfill a service. Our partners and collaborators are subject to strict confidentiality obligations (either by contract or by law).
      - Specific Technical Measures: We use technologies that ensure the security of our clients, always trying to implement the most optimal solutions for data protection. We also perform periodic data backups to recover them in case of an incident and have implemented periodic audit procedures regarding the security of the used equipment. However, no website, application, or internet connection is completely secure and invulnerable.
      - Ensuring the Accuracy of Your Data: Occasionally, we may ask you to confirm the accuracy or timeliness of your data to ensure that it reflects reality.
      - Staff Training: We constantly train and test employees and collaborators regarding legislation and best practices in personal data processing.
      - Data Anonymization: Wherever possible, we try to anonymize/pseudo-anonymize the personal data we process so that we can no longer identify the individuals to whom they refer.
      - However, although we make continuous efforts to ensure the security of the data you entrust to us, it is possible that we may encounter less fortunate events and have security incidents/breaches. In such cases, we will strictly follow the reporting and notification procedure for security incidents and will take all necessary measures to restore the situation to normal as quickly as possible.
    - Direct Marketing
      - To the extent that we have obtained your prior consent or you are already a customer of the company, we may use direct marketing technologies using the information collected about you. We currently send commercial messages via email (email marketing).
      - You can object to direct marketing and/or withdraw your consent at any time by following the unsubscribe instructions in each email or by sending a request in this regard to the email address contact@modonservices.eu.
      - Your Rights – Questions, Requests, and Exercising Rights
        We are not obliged to appoint a personal data protection officer, so any questions regarding the use of your personal data should be addressed to the contact details above.
5. For any questions, concerns, comments, or complaints regarding the processing of your information or if you wish to exercise your legal rights or regarding privacy, you can contact us at the email address contact@offmodonservices.eu .
  - Your rights under the GDPR are as follows:
  - The right to be informed about the processing of your data.
  - The right of access to your data: You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed and, if so, access to the relevant data and the information provided for in Art. 15 (1) of the GDPR.
  - The right to rectify inaccurate or incomplete data: You have the right to obtain from us, without undue delay, the rectification of inaccurate personal data concerning you.
  - The right to deletion (“the right to be forgotten”): In the situations provided for in Art. 17 of the GDPR, you have the right to request and obtain the deletion of personal data.
  - The right to restrict processing: In the cases provided for in Art. 18 of the GDPR, you have the right to request and obtain restriction of processing.
  - The right to transmit data we have about you to another operator (“the right to portability”): The right to transmit data we have about you to another operator (“the right to portability”).
  - The right to object to data processing: In the cases provided for in Art. 21 of the GDPR, you have the right to object to data processing.
  - The right not to be subject to a decision based solely on automated processing, including profiling with legal effects or similar significant effects on you.
  - The right to seek justice to defend your rights and interests.
  - Please note that the rights listed above are not absolute. There are exceptions, so each request received will be assessed to determine whether it is justified or not. To the extent that the request is justified, we will facilitate the exercise of rights, and if the request is unfounded, we will reject it, but we will inform you of the reasons for the refusal and of your rights to lodge a complaint with the Supervisory Authority and to seek justice.
6. We will also try to respond to your request within 30 (thirty) days. However, the deadline may be extended depending on various aspects, such as the complexity of the request, the large number of requests received, or the inability to identify you in a timely manner. If, despite our best efforts, we are unable to identify you, and you do not provide us with additional information to enable us to identify you, we are not obliged to comply with the request.
7. Changes/Amendments/Updates to the Privacy Policy
  We may occasionally update the Privacy Policy and will notify you through the website or via email about the latest version. All updates and changes to this document are valid immediately upon notification, which we will make by displaying it on the site and/or notifying by email. Even if you do not receive a notification, we encourage you to periodically access and read the Privacy Policy to stay informed of the latest versions.

Last updated on 6 June 2025.