Skip to content Skip to footer
Artmora
Artmora
Artmora
Close
Introduction

This Privacy Policy explains how ARTMORA S.R.L. processes personal data when you visit our website and contact us about web design and website development services. We are committed to processing personal data lawfully, fairly, and transparently, in accordance with the EU General Data Protection Regulation (GDPR) and applicable Romanian data protection laws.

1. Data Controller (Who is responsible for your data)

Company: ARTMORA S.R.L.
Registered address: Bucureşti Sectorul 1, Şos. Nicolae Titulescu, Nr. 80, Camera 1
CUI: 52682059

2. Scope (What this policy covers)

This policy applies to:

  • Visitors of our website (presentation/portfolio website)

  • Individuals who contact us via forms, email, phone, or other channels displayed on the website

  • Prospective clients requesting offers, details, or discussions about our services

This policy does not apply to websites we build for clients (those will have their own privacy notices and controller arrangements).

3. Personal data we collect

We aim to collect only what is necessary.

A) Data you provide (Contact / inquiry data)

When you fill in a contact form or contact us directly, we may process:

  • Name

  • Email address

  • Phone number (if you provide it)

  • Company / role (optional)

  • Project details (e.g., website type, budget, timeline; optional)

  • Any information included in your message

Important: Please do not include sensitive data (e.g., health data, political opinions) in your messages. We do not request it and do not need it to provide our services.

B) Data collected automatically (basic technical data)

When you access the website, certain technical data may be processed for security and proper functioning:

  • IP address

  • Browser type/version, operating system, device type

  • Referrer URL (where available), pages accessed, date/time of access

  • General diagnostic and security logs (e.g., error logs, suspicious activity indicators)

This information is typically collected through server logs and standard hosting infrastructure.

4. Purposes of processing (Why we use the data)

We process your personal data for the following purposes:

  1. Handling inquiries and communications
    To respond to your message, provide requested information, and continue discussions.

  2. Preparing offers and pre-contractual steps
    To understand your needs, prepare proposals, estimates, or service scopes.

  3. Website security and abuse prevention
    To protect the website, detect malicious activity, prevent fraud, and troubleshoot.

  4. Compliance with legal obligations (where applicable)
    If a collaboration results in a contract or invoice, we may need to process certain data for accounting/tax and legal compliance.

5. Legal bases for processing (GDPR)

We rely on one or more of the following legal bases under GDPR Article 6:

  • Article 6(1)(b) – Contract / pre-contract steps:
    When you request an offer or service information and we need your data to take steps before entering a contract.

  • Article 6(1)(f) – Legitimate interests:
    For responding to general inquiries, maintaining communications, and ensuring website security and integrity. Our legitimate interests are balanced against your rights and expectations.

  • Article 6(1)(c) – Legal obligation (if applicable):
    If we must keep certain records for legal, tax, or accounting reasons once a client relationship exists.

  • Article 6(1)(a) – Consent (where required):
    For non-essential cookies or similar technologies (if used), and any optional communications where consent is required by law.

6. Cookies and similar technologies

Our website may use:

  • Strictly necessary cookies (essential for basic functionality and security)

  • Preference cookies (optional, if implemented)

  • Analytics cookies (optional, if implemented)

Where non-essential cookies are used, we will request consent through a cookie banner/manager and provide options to accept, reject, or customize preferences. You can also manage cookies via your browser settings (note that disabling certain cookies may affect site functionality).

7. Recipients of personal data (Who may see your data)

We do not sell personal data and we do not share it with third parties for their independent marketing.

Your data may be processed by:

  • Hosting / infrastructure providers (to deliver the website and store logs)

  • Email and communication providers (to receive and respond to messages)

  • IT/website maintenance providers (only if needed for support, and under confidentiality)

All such providers act as processors on our instructions (where applicable) and are subject to contractual data protection obligations.

8. International data transfers

We may use service providers whose servers are located in the EU/EEA. If we ever transfer personal data outside the EEA, we will ensure appropriate safeguards are in place (such as Standard Contractual Clauses or other lawful transfer mechanisms), as required by GDPR.

9. Data retention (How long we keep your data)

We retain personal data only for as long as necessary for the purposes described:

  • Contact/inquiry messages: typically kept for the period needed to manage the discussion and follow-up. If no contract is concluded, we may retain correspondence for a limited period to manage future communications and protect against potential claims (e.g., up to 24 months), unless a shorter/longer period is required by law or justified by our legitimate interest (e.g., ongoing discussions).

  • Client-related data (if collaboration starts): retained according to legal and accounting obligations (which may require longer retention under applicable law).

  • Server/security logs: retained for a limited period appropriate for security and diagnostics (often days to months, depending on hosting configuration).

You may request deletion sooner where applicable (see Section 11).

10. Security measures

We apply reasonable technical and organizational measures to protect personal data, such as:

  • Access controls and limited access to communications

  • Secure hosting and updated software where feasible

  • Basic monitoring and logging for security

  • Organizational practices to prevent unauthorized access

No system can guarantee absolute security, but we take data protection seriously and work to reduce risks.

11. Your rights under GDPR

Depending on your circumstances, you have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete data

  • Erase your data (“right to be forgotten”), where applicable

  • Restrict processing, in certain cases

  • Object to processing based on legitimate interests

  • Data portability, where processing is based on a contract/consent and carried out by automated means

  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact us at contact@artmora.ro. We may ask for reasonable information to verify your identity before fulfilling requests.

12. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the competent supervisory authority.

In Romania, the supervisory authority is: ANSPDCP (Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal).

13. Automated decision-making

We do not use your personal data for automated decision-making, including profiling, that produces legal or similarly significant effects.

14. Third-party links

Our website may contain links to third-party websites (e.g., portfolio references, social platforms). We are not responsible for their privacy practices. Please review their policies separately.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be published on this page.