Abstract
Last updated: 10/11/2025
This Privacy Policy explains how Proiect PosiNega SRL (“Proiect PosiNega”, “we”, “us”, or “our”) collects, uses, and protects personal data when you visit our website projectposinega.com
and when you access related online services — including the customer portal where registered clients can view invoices, projects, and shared documents.
We are committed to protecting your privacy and to processing your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Romanian and European laws.
Data Controller
Proiect PosiNega SRL
Natiunile Unite Square nr. 3-5, Bucharest, Romania
VAT RO48609823 | Reg. No. J40/14722/2023
Email: contact@projectposinega.com
If you have questions or requests concerning this Policy or our processing of personal data, you can contact us using the details above.
Scope and Application
This Privacy Policy applies to all personal data processed by Proiect PosiNega SRL through its website projectposinega.com
and related digital services.
and related digital services.
It covers:
• Visitors who browse our public website or contact us through online forms.
• Clients and partners who register or log in to our customer portal, where they can access invoices, projects, and shared files.
• Communications carried out via email, chat, or support channels connected to our website.
This Policy does not apply to third-party websites or services that may be linked from our pages. We encourage you to review their own privacy statements before providing any personal information.
The use of cookies and similar technologies is described separately in our cookie policy .
What Personal Data We Collect
During your interaction with projectposinega.com and our related services, Proiect PosiNega SRL may collect and process several categories of personal data.
1. Data you provide directly
• Information submitted through contact forms (name, company, email, phone, subject, and message).
• Data exchanged by email or other communication channels (e.g., customer support requests).
• Registration and authentication details for the customer portal.
• Billing and contractual data (company name, fiscal details, contact persons).
2. Data collected automatically
• Technical information such as IP address, browser type, operating system, and device identifiers.
• Navigation data including visited pages, time spent, and referring URLs.
• Cookies and similar technologies used for essential functions, analytics, or preferences (see the Cookie Policy).
3. Customer portal and service-related data
• Data generated or stored as part of our business relationship — such as invoices, contracts, uploaded files, or project-related communications.
• Access logs and audit records necessary for system security and traceability.
We collect only the data that are relevant for the purposes described in this Policy and limit processing to what is strictly necessary for service delivery or legitimate business interests.
Purposes and Legal Bases for Processing
Proiect PosiNega SRL processes personal data only for specific, legitimate purposes and in accordance with the legal bases defined in Article 6 of the GDPR.
1. Service delivery and contractual obligations
• To provide access to our services, customer portal, and project information.
• To issue invoices, manage payments, and fulfill contractual terms.
→ Legal basis: Performance of a contract (Art. 6 (1)(b) GDPR).
2. Communication and support
• To respond to inquiries, technical requests, or commercial messages received through projectposinega.com or by email.
→ Legal basis: Legitimate interest to communicate with clients and potential customers (Art. 6 (1)(f)).
3. Legal and regulatory compliance
• To maintain accounting records and comply with tax or audit obligations.
→ Legal basis: Legal obligation (Art. 6 (1)(c)).
4. Security and fraud prevention
• To protect our systems, prevent unauthorized access, and investigate incidents.
→ Legal basis: Legitimate interest in ensuring network and information security (Art. 6 (1)(f)).
5. Marketing and business development
• To send newsletters, updates, or information about our solutions when you opt in.
• To analyze website traffic and improve user experience.
→ Legal basis: Consent (Art. 6 (1)(a)), which you may withdraw at any time.
We do not use personal data for automated decision-making or profiling without explicit consent.
Cookies and Tracking Technologies
projectposinega.com uses cookies and similar technologies to ensure proper website operation, improve performance, and enhance the user experience.
1. What are cookies and why we use them
Cookies are small text files stored on your device when you visit our site. They allow our systems to recognize your browser and remember certain information between sessions.
Proiect PosiNega SRL uses the following cookie categories:
• Essential cookies – required for website and portal functionality (session management, security, language settings).
• Preference cookies – remember user settings such as language or form preferences.
• Analytics cookies – help us understand how visitors use the site (e.g., via Odoo Website Analytics or Google Analytics).
• Marketing cookies – used only when you consent, to measure campaign effectiveness or personalize content.
2. Odoo standard cookies
The Odoo platform may automatically set technical cookies such as session_id, frontend_lang, tz, and visitor_uuid, which are essential for session continuity and security.
3. Consent and management
Non-essential cookies (analytics and marketing) are stored only with your explicit consent through our cookie banner. You can review or change your preferences at any time by selecting “Cookie Settings” on the Cookie Policy page.
For full details about each cookie name, provider, purpose, and retention period, please refer to our dedicated Cookie Policy.
Data Storage and Retention
Proiect PosiNega SRL retains personal data only for as long as necessary to fulfill the purposes for which they were collected or to comply with legal obligations.
1. Website and communication data
• Contact-form submissions and email correspondence are kept for the time required to process your request, plus up to 12 months for quality assurance and reference.
2. Customer-portal and contractual data
• Account, project, invoice, and document data are retained for the duration of the business relationship and thereafter for the statutory retention period required under Romanian and EU accounting and tax laws (typically 5 to 10 years).
3. Technical and security logs
• System and access logs are retained for up to 12 months, unless a longer period is required to investigate security incidents.
4. Backups
• Encrypted backups of business and portal data are stored securely and automatically deleted once their retention cycle expires.
When data are no longer needed, they are securely deleted or anonymized.
Storage location:
• Our systems and databases are hosted within the European Union. If third-party services are used, they comply with GDPR standards and data-protection agreements.
Data Sharing and Processors
Proiect PosiNega SRL does not sell, rent, or trade personal data. We may share limited information only with trusted third parties that help us operate our systems and deliver our services, always under confidentiality and data-protection agreements compliant with the GDPR.
1. Categories of recipients
We may share data with:
• Hosting and infrastructure providers — for secure operation of our website, portal, and email systems.
• Communication and email platforms — to send notifications, invoices, and service updates.
• Analytics and monitoring tools — to evaluate website performance and security.
• Professional advisers or authorities — when required by law or to protect our legal rights.
2. Data processing agreements (DPAs)
All processors act under written agreements ensuring that personal data are processed only on our documented instructions, with appropriate technical and organizational security measures.
3. International transfers
Whenever data are processed outside the European Economic Area (EEA), Proiect PosiNega SRL ensures that adequate safeguards are applied, such as the EU Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.
4. On-premise processing
Where possible, our core business and customer data are processed on infrastructure fully controlled by Proiect PosiNega SRL within the EU, minimizing external exposure.
Your Rights Under the GDPR
Under the General Data Protection Regulation (GDPR), individuals have specific rights regarding their personal data. Proiect PosiNega SRL ensures that all such rights can be exercised easily, transparently, and without charge.
1. Right of access – You may request confirmation whether we process your personal data and receive a copy of such data.
2. Right to rectification – You may request correction of inaccurate or incomplete personal data.
3. Right to erasure (“right to be forgotten”) – You may request deletion of your personal data when no longer necessary or when consent is withdrawn.
4. Right to restriction of processing – You may request that processing of your data be limited under certain conditions (e.g., during verification of accuracy).
5. Right to data portability – You may request to receive your data in a structured, commonly used, and machine-readable format, and transmit it to another controller.
6. Right to object – You may object to processing based on legitimate interest or for marketing purposes.
7. Right to withdraw consent – Where processing is based on consent, you may withdraw it at any time without affecting prior lawful processing.
To exercise any of these rights, please contact us by email at contact@projectposinega.com. We may need to verify your identity before responding.
If you believe your rights have been violated, you also have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP) – www.dataprotection.ro.
Security of Processing
Proiect PosiNega SRL applies appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
1. Technical safeguards
• All connections to projectposinega.com and to the customer portal use HTTPS encryption (TLS).
• Data are stored on secure servers located within the EU, protected by firewalls and regular security updates.
• Encrypted backups are maintained to ensure business continuity and disaster recovery.
• Access to production systems is restricted to authorized personnel through authentication and logging.
2. Organizational measures
• Employees and collaborators are bound by confidentiality obligations and trained on data-protection practices.
• Internal access follows the principle of “least privilege,” ensuring users can access only what they need for their role.
• Regular audits and monitoring help detect and prevent unauthorized activity.
While no online system can be guaranteed fully secure, Proiect PosiNega SRL continuously reviews and enhances its security controls to safeguard all personal and business data.
Automated Decision-Making and Profiling
Proiect PosiNega SRL does not perform any automated decision-making or profiling that produces legal or similarly significant effects on individuals.
All evaluations and decisions related to our services, customer relationships, or communications involve human review and professional judgment.
Should we ever introduce automated processing in the future, we will update this Privacy Policy accordingly and ensure full compliance with Articles 22 and 13–15 of the GDPR.
Customer Portal and Account Data
The customer portal available on projectposinega.com allows registered clients to access project information, invoices, documents, and communications.
1. Types of data processed
• Identification data (name, email, company, user account credentials).
• Transactional data (invoices, payments, contracts, orders).
• Project and document data (files, comments, attachments shared through the portal).
2. Purpose of processing
• To provide secure access to client accounts and project materials.
• To enable collaboration between clients and the Proiect PosiNega team.
• To maintain records for accounting, support, and traceability purposes.
→ Legal bases: Performance of a contract (Art. 6 (1)(b)), legal obligation (Art. 6 (1)(c)), legitimate interest in ensuring security and continuity (Art. 6 (1)(f)).
3. Access and security controls
• Each client has unique login credentials and secure authentication via HTTPS.
• Access to data is limited to authorized users within Proiect PosiNega SRL based on their role.
• All portal actions are logged for accountability and audit purposes.
4. Retention and deletion
• Portal data are retained for the duration of the business relationship and archived for the statutory period (typically 5–10 years).
• When a contract ends and no further legal requirement exists, data are securely deleted or anonymized.
Clients may request access, correction, or deletion of their portal data at any time by contacting contact@projectposinega.com.
Policy Updates and Contact Information
1. Updates to this Policy
Proiect PosiNega SRL may update this Privacy Policy from time to time to reflect changes in legal requirements, technology, or how we operate our services.
Any new version will be published on projectposinega.com, and the “Last updated” date at the top of the page will indicate when the latest revision took effect.
We encourage you to review this page periodically to stay informed about how we protect your personal data.
2. Contact for data protection inquiries
For any questions, requests, or concerns regarding this Privacy Policy or your personal data, you may contact us at:
Proiect PosiNega SRL
Natiunile Unite Square nr. 3–5, Bucharest, Romania
VAT RO48609823 | Reg. No. J40/14722/2023
Email: contact@projectposinega.com
Website: projectposinega.com
We will respond to all legitimate requests within the timeframe established by the GDPR (usually within one month).