DATA PROTECTION POLICY

privind prelucrarea datelor cu caracter personal

Applicable from 01.01.2026

 

1. SCOPE OF APPLICATION

Prezenta Politica privind prelucrarea datelor cu caracter personal se aplica activitatilor de prelucrare a datelor efectuate de European Quality Concept SRL (denumita in continuare „EQC”), in calitate de operator de date, prin intermediul website-ului https://eqconcept.eu, precum si in cadrul relatiilor contractuale sau precontractuale initiate prin intermediul acestui site.

The website https://eqconcept.eu has an informative and contact role, being used for:

• the presentation of services offered by EQC;
• the submission of requests for information or quotations;
• initiating contact for the purpose of a potential contractual relationship.

This Policy does not apply to anonymous information or anonymised data that does not allow the direct or indirect identification of a natural person.

 

2. NAME AND ADDRESS OF THE DATA CONTROLLER

SC EUROPEAN QUALITY CONCEPT SRL
Registered office: Bucharest, B-dul Constantin Brancoveanu no. 11, Bl. B15, Staircase 3, Apt. 68, Sector 4, Bucharest, Romania Trade Register No.: J2019003632404 VAT ID: 40805247 E-mail: office@europeanquality.ro Phone: +40 723 696 887

European Quality Concept acts as a Data Controller when it determines the purposes and means of processing personal data, such as when it collects and manages the contact details of clients, partners, or website visitors, as well as when it issues invoices, manages contracts, and communicates in relation to its own services.

European Quality Concept acts as a Data Processor when it processes personal data on behalf of clients, strictly based on their instructions, such as in the context of EcoVadis assessments, ISO consultancy projects, sustainability documentation, or other contracted services.

 

3. CATEGORIES OF PERSONAL DATA PROCESSED

Through the website https://eqconcept.eu, EQC may process the following categories of data:

• email address;
• phone number;
• information voluntarily provided in emails;
• date continute in documente transmise ulterior prin e-mail, la solicitarea expresa a persoanei vizate.

EQC does not collect sensitive data through the website.

 

4. METHODS OF COLLECTION AND PROCESSING

Data is collected exclusively when the data subject:

• sends an email to EQC contact addresses;
• initiates direct communication for professional purposes.
  
  

Processing formats:

• electronic (email, internal IT systems);
• paper-based (only if subsequently required in a contractual context).

5. PURPOSES AND LEGAL GROUNDS OF PROCESSING

Personal data is processed for the following purposes:

 

a) Responding to requests

Legal basis: Article 6(1)(b) GDPR – pre-contractual steps. Data is used exclusively to respond to requests submitted by the data subject.

 

b) Initiation and management of contractual relationships relatiilor contractuale

Legal basis: Article 6(1)(b) GDPR – performance of a contract.

 

c) Fulfilment of legal obligations

Legal basis: Article 6(1)(c) GDPR.

 

d) Legitimate interest

Legal basis: Article 6(1)(f) GDPR (e.g. fraud prevention, protection of EQC’s legitimate commercial interests).

(ex.: prevenirea fraudelor, protejarea intereselor comerciale legitime ale EQC)

EQC does not use collected data for automated marketing or profiling purposes.

 

6. COOKIES AND SIMILAR TECHNOLOGIES

7. DATA RECIPIENTS

Personal data is not sold and is not transferred to third parties for commercial purposes.

Data may be disclosed only to:

• IT service providers (website hosting and maintenance), based on confidentiality agreements;
• public authorities, where there is a legal obligation.

No data transfers outside the European Union are carried out.

 

8. PROCESSING BY AUTHORISED PROCESSORS

The processing of personal data may also take place through authorised processors, where they provide sufficient guarantees to comply with this Policy, with Union law, or with national law. EQC ensures that, prior to the collection and processing of data by a processor on its behalf, a contract is concluded containing confidentiality clauses.

 

9. DATA RETENTION PERIOD

Personal data is retained:

• for the period necessary to resolve the request;
• for the duration of the contractual relationship, if such a relationship is established;
• thereafter, in accordance with statutory archiving periods (e.g. accounting documents).

Data that is no longer necessary is securely deleted.

 

10. RIGHTS OF DATA SUBJECTS

Data subjects benefit from the following rights:

• the right of access;
• the right to rectification;
• the right to erasure (“the right to be forgotten”);
• the right to restriction of processing;
• the right to data portability;
• the right to object;
• the right to withdraw consent (if applicable);
• the right to lodge a complaint with the ANSPDCP. Complaints to the ANSPDCP (National Supervisory Authority for Personal Data Processing) may be submitted to the headquarters address at 28–30 General Gheorghe Magheru Boulevard, Sector 1, postal code 010336, Bucharest, by email at anspdcp@dataprotection.ro , or filed directly with the registry.

Requests may be sent to: office@europeanquality.ro

 

11. DATA SECURITY

EQC has implemented appropriate technical and organisational measures to:

• prevent unauthorised access;
• ensure the confidentiality and integrity of data;
• prevent loss, destruction, or accidental disclosure.

12. SECURITY INCIDENTS

In the event of a security incident that may generate a risk to the rights and freedoms of data subjects, EQC will notify the competent authority and, where applicable, the data subjects, in accordance with Articles 33–34 GDPR.

 

13. DATA PROTECTION OFFICER

EQC nu este obligata legal sa desemneze un Responsabil cu Protectia Datelor (DPO).
Pentru orice solicitare privind protectia datelor, persoanele vizate pot contacta EQC la: office@europeanquality.ro

 

14. FINAL PROVISIONS

This Policy is periodically reviewed and updated whenever necessary to reflect legislative or operational changes.