Last updated: February 1, 2025
Skyvertex SRL (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website (skyvertex.ro) or use our services. We process personal data in accordance with the General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679 and applicable Romanian data protection laws.
1. Information We Collect
1.1 Personal Information You Provide
We collect information that you voluntarily provide to us when you:
- Fill out our contact form (name, email address, phone number, company name, message)
- Subscribe to our newsletter (email address)
- Request a quote or consultation (name, email, company details, project requirements)
- Enter into a service agreement (business name, billing address, tax identification number, payment information)
- Communicate with us via email or other channels
1.2 Information Collected Automatically
When you visit our website, we automatically collect certain technical information, including:
- Device information: Browser type and version, operating system, device type, screen resolution
- Network information: IP address, internet service provider, approximate geographic location (country/city level)
- Usage data: Pages visited, time spent on each page, referring URL, click patterns, scroll depth
- Cookie data: Information stored via cookies and similar tracking technologies (see our Cookie Policy)
2. Legal Basis for Processing
Under the GDPR, we process your personal data based on the following legal grounds:
- Consent (Art. 6(1)(a)): When you subscribe to our newsletter or accept non-essential cookies. You may withdraw consent at any time.
- Contractual necessity (Art. 6(1)(b)): When processing is necessary to perform a contract with you or to take pre-contractual steps at your request (e.g., responding to a quote request).
- Legitimate interest (Art. 6(1)(f)): For website analytics, security monitoring, fraud prevention, and improving our services, where our interests do not override your fundamental rights.
- Legal obligation (Art. 6(1)(c)): When we are required to process data to comply with applicable laws, such as tax and accounting regulations.
3. How We Use Your Information
We use the personal information we collect to:
- Respond to your inquiries and provide the information or services you request
- Prepare project proposals, estimates, and service agreements
- Deliver, manage, and support our professional services
- Process invoices and payments
- Send you relevant communications about our services, updates, and industry insights (only with your consent)
- Analyze website usage to improve user experience, content, and performance
- Ensure the security of our website and protect against malicious activity
- Comply with legal and regulatory obligations
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
4. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
- Contact form inquiries: Up to 12 months after the last communication, unless the inquiry leads to a business relationship
- Newsletter subscribers: Until you unsubscribe or withdraw consent
- Client project data: For the duration of the business relationship plus 5 years, as required by Romanian commercial and tax law
- Analytics data: Aggregated and anonymized data may be retained indefinitely; identifiable analytics data is retained for up to 26 months
- Invoicing and financial records: 10 years as required by Romanian fiscal regulations
5. Your Rights Under GDPR
As a data subject, you have the following rights under the GDPR. You may exercise any of these rights by contacting us at contact@skyvertex.ro:
- Right of Access (Art. 15): You have the right to request a copy of the personal data we hold about you, along with information about how it is processed.
- Right to Rectification (Art. 16): You have the right to request correction of any inaccurate or incomplete personal data.
- Right to Erasure (Art. 17): You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
- Right to Restriction of Processing (Art. 18): You have the right to request that we limit the processing of your personal data under certain circumstances.
- Right to Data Portability (Art. 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
- Right to Object (Art. 21): You have the right to object to the processing of your personal data based on legitimate interests, including profiling and direct marketing.
- Right to Withdraw Consent (Art. 7(3)): Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
- Right to Lodge a Complaint: You have the right to file a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) at www.dataprotection.ro.
We will respond to all legitimate requests within 30 days. In some cases, we may need to verify your identity before processing the request.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- SSL/TLS encryption for all data transmitted between your browser and our servers
- Encryption at rest for stored personal data
- Regular security assessments and vulnerability testing
- Access controls limiting data access to authorized personnel only
- Secure development practices following OWASP guidelines
While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.
7. Third-Party Services
We use the following third-party services that may process your personal data on our behalf:
All third-party processors are required to handle your data in accordance with GDPR requirements. We have data processing agreements in place with each provider.
8. International Data Transfers
Some of our third-party service providers may process your personal data outside the European Economic Area (EEA). When such transfers occur, we ensure appropriate safeguards are in place, including:
- EU Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions by the European Commission for the recipient country
- The EU-U.S. Data Privacy Framework for transfers to certified U.S. organizations
9. Children's Privacy
Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete that information. If you believe a child has provided us with personal data, please contact us at contact@skyvertex.ro.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page and update the “Last updated” date. For significant changes, we will provide prominent notice on our website or notify you directly via email if you have an active business relationship with us. We encourage you to review this page periodically.
11. Data Protection Officer Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact our Data Protection Officer:
- Email: contact@skyvertex.ro
- Website: skyvertex.ro/contact
- Company: Skyvertex SRL, Bucharest, Romania
You also have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) if you believe your data protection rights have been violated.