Data Controller and Data Protection Responsibility

ADR is the controller of the personal data collected through the Roepas.ro website and is responsible for the protection of such data in accordance with Regulation (EU) 2016/679 on the protection of natural persons and the free movement of data (GDPR).
Users may consult the data protection policy available on the website of the Romanian Authority for Digitalization – GDPR.

What Personal Data Means

Personal data means any information relating to an identified or identifiable natural person (for example: name, email address, IP address, etc.).

Purpose and Legal Basis for Data Processing

Roepas.ro collects and processes personal data for the following purposes:
• providing the website’s services and functionalities;
• responding to users’ requests and communications;
• optimizing the website user experience;
• complying with legal obligations.

Data processing is based on the legal grounds provided for in Article 6 of the GDPR, such as:
• the data subject’s consent, where requested;
• the performance of a contract or a service offer;
• legal obligations; or
• legitimate interests, where these do not override the data subject’s fundamental rights.

Types of Data Collected

Depending on how the website is used, Roepas.ro may collect:
• contact data (e.g. name, personal identification number, address, email address, phone number);
• technical data collected automatically (e.g. IP address, browser type);
• other data voluntarily provided through contact forms or registrations.

Data Retention Period

Data is retained for as long as necessary for the purposes for which it was collected and in accordance with applicable legal obligations. Details regarding specific retention periods may be provided upon request.

Rights of Data Subjects

Under the GDPR, individuals whose data is processed have the following rights:
• the right to access their data;
• the right to rectify inaccurate data;
• the right to erasure (“the right to be forgotten”);
• the right to restrict processing;
• the right to object to processing;
• the right to data portability;
• the right to withdraw consent, where processing is based on consent.

Requests regarding the exercise of these rights may be submitted through the support services made available by the ROePAS platform. The ROePAS platform allows account deletion.
For data transmitted to other authorities or within official procedures, the GDPR policy of the respective institution shall apply.

Information on Data Transfers

Personal data will not be transferred to countries outside the European Economic Area.

Security Measures

Roepas.ro implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, disclosure, or destruction.

Information on Cookies

The website may use cookies to collect technical data regarding usage and performance. Users may choose to accept or refuse cookies in accordance with applicable legislation.

Notification of Personal Data Breaches

In the event of a security breach that may affect personal data, Roepas.ro will notify users and the competent authorities within the time limits provided by the GDPR.

Policy Changes

Roepas.ro reserves the right to update this policy in accordance with legislative changes or internal practices, and the current version will be permanently published on the website.