Privacy Policy

Last updated: 08.01.2025

 

This Privacy Policy describes how ARMURO S.R.L. ("ARMURO", "we", "the Operator") collects, uses, stores, and protects the personal data of users of applications within the ARMURO suite ("User", "Client"), in accordance with Regulation (EU) 2016/679 ("GDPR") and applicable Romanian legislation.

This policy applies to all web and mobile applications operated under the ARMURO name.

 

1. Data Controller

 

ARMURO S.R.L.

Registered office: Bucharest, Sector 1, Str. George Enescu no. 11–11A, room 1

VAT No.: RO39489612

Trade Register No.: J2018002571123

E-mail: app@armuro.com

 

ARMURO is a personal data controller within the meaning of the GDPR.

ARMURO is not legally required to appoint a Data Protection Officer (DPO), in accordance with Article 37 of the GDPR. For any data protection-related requests, you may contact us at the address indicated above.

 

2. Categories of personal data processed

 

Depending on how the ARMURO applications are used, the following categories of personal data may be processed:

 

2.1. Identification and contact data

  • first and last name;
  • email address;
  • phone number;
  • professional title;
  • company/entity represented;
  • billing details (where applicable).

 

2.2. Authentication data

  • username;
  • password (stored in encrypted form).

 

2.3. Professional and operational data

  • information entered into the applications by the Client;
  • data regarding the use of functionalities;
  • account configurations, settings, and preferences.

 

2.4. Technical data

  • IP address;
  • device type, operating system, browser;
  • log data, errors, and security logs;
  • date and time of access to the applications.

 

ARMURO does not intentionally process special categories of personal data as defined by Article 9 of the GDPR.

 

3. Purposes and legal bases of processing

 

ARMURO processes personal data for the following purposes and legal grounds:

 

a) Provision of ARMURO services

 

Legal basis: performance of a contract (Article 6(1)(b) GDPR)

 

  • creation and administration of user accounts;
  • access to application functionalities;
  • technical support and operational communication.

 

b) Security, abuse prevention, and service improvement

 

Legal basis: legitimate interest (Article 6(1)(f) GDPR)

 

ARMURO's legitimate interest consists of:

  • ensuring the security of applications and IT infrastructure;
  • preventing unauthorized access, fraud, and abusive use;
  • protecting trade secrets and intellectual property rights;
  • analyzing performance and improving functionalities.

 

c) Verification of user eligibility

 

Legal basis: legitimate interest (Article 6(1)(f) GDPR)

 

In certain situations, ARMURO may process additional data to verify identity, professional capacity, and the purpose of using the platform, including to prevent access by competitors or unauthorized use.

 

d) Legal obligations

 

Legal basis: legal obligation (Article 6(1)(c) GDPR)

 

  • compliance with fiscal, accounting, and archiving obligations;
  • compliance with requests from competent public authorities.

 

e) Commercial communications (where applicable)

 

Legal basis: consent (Article 6(1)(a) GDPR)

 

information regarding new features or updates, where the User has given consent.

 

4. Recipients of the data

 

Personal data may be disclosed, strictly to the extent necessary, to:

  • IT and hosting service providers;
  • payment service providers;
  • technical support service providers;
  • legal, financial, or audit consultants;
  • public authorities, based on a legal obligation.

ARMURO does not sell, rent, or transfer personal data to third parties for commercial purposes.

 

5. International data transfers

 

Where certain services involve transferring data outside the European Union or the European Economic Area, ARMURO will ensure the existence of appropriate safeguards in accordance with the GDPR, such as standard contractual clauses or adequacy decisions issued by the European Commission.

 

6. Data retention period

 

Personal data is stored:

  • for the duration of the user account's existence;
  • thereafter, for the period necessary to comply with applicable legal obligations;
  • or until the right to erasure is exercised, in accordance with the law.

 

7. Rights of the data subject

 

In accordance with the GDPR, the User has the following rights:

  • the right of access to data;
  • the right to rectification of data;
  • the right to erasure of data ("the right to be forgotten");
  • the right to restriction of processing;
  • the right to data portability;
  • the right to object to processing, including processing based on legitimate interest;
  • the right to withdraw consent, where processing is based on consent;
  • the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP).

Requests may be sent to: app@armuro.com.

 

8. Data security

 

ARMURO applies appropriate technical and organizational measures to protect personal data, including:

  • encryption of sensitive data;
  • access control to systems;
  • backup and recovery procedures;
  • security monitoring and auditing.

 

9. Cookies and similar technologies

 

ARMURO applications use cookies that are strictly necessary for the proper and secure functioning of the platform.

Analytics cookies or other similar technologies are used only on the basis of the user's explicit consent, where applicable. Additional information may be provided in a separate Cookie Policy.

 

10. Changes to the privacy policy

 

ARMURO reserves the right to periodically update this Privacy Policy. Significant changes will be communicated to Users in an appropriate manner before entering into force.

 

11. Contact

 

For any questions, requests, or for exercising data protection rights, you may contact us at: app@armuro.com