Privacy Policy

Privacy Policy

Adopted on 01.09.2023

Open Fintech Solutions SRL (hereinafter referred to as „Open Fintech Solutions”, „Controller”, „We”) respects the right to the protection of personal data of each person and took steps to comply with the legal provisions of EU Regulation 679/2016 („GDPR”) and the other regulations in force in the field of personal data protection and has adopted this Privacy Policy in order to inform you, in a transparent manner how it collects, uses and disposes of personal data, as well as the rights you have regarding these activities.

In processing of personal data, OPEN FINTECH SOLUTIONS acts in accordance with the provisions of EU Regulation no. 679/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter “Regulation”), Law no. 190 of 18 July 2018 on measures to implement Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter “Law No 190/2018”), as well as any other applicable provisions in the field of personal data protection.

By reading this Privacy Policy you will be able to find out and understand:

The purpose of the Privacy Policy and scope
The controller
The purpose of the processing, the categories of personal data processed and the grounds on which we process the data
Disclosure / transfer of personal data
Transfers of personal data outside the EEA or outside the EU
Personal data retention period
Security measures
Data subject‘s rights
Please read this document carefully, and in order to have a complete understanding of how OPEN FINTECH SOLUTIONS processes personal data through this website, please also consult the Cookies Policy and the

The purpose of the Privacy Policy and scope
This Privacy Policy describes the processing personal data carried out through the website www.openfintechsolutions.com by OPEN FINTECH SOLUTIONS. Namely, this document indicates how we process your personal data, the conditions under which we may disclose it to others, how we store your personal data, data subject rights are and how you may exercise your rights as a data subject.

The rules defined and described in this document apply to you, if:

You are a visitor of the website www.openfintechsolutions.com ;
You are a customer who has purchased Open Fintech Solutions services and has an account on the OPEN FINTECH SOLUTIONS’s website.
The controller
The entity that carries out the processing of personal data through this website is OPEN FINTECH SOLUTIONS S.R.L., a limited liability company, headquartered in Bucharest, District 1, 33, Aviatorilor Boulevard, sole registration number 48352087, fiscal attribute RO, registered in the Trade Register under no. J40/11280/2023, hereinafter referred to as „OPEN FINTECH SOLUTIONS”, „Operator”, „We”.

Therefore, OPEN FINTECH SOLUTIONS is the entity that determines the means and purposes of the processing of personal data and is therefore the data controller (within the meaning of EU Regulation 679/2016).

The purpose of the processing, the categories of data processed and the grounds on which we process the data
Website visitors
Access
If you are a VISITOR on our website, we will be able to process your personal data (respectively, IP address, date and time of access) in order to monitor traffic and to improve the informative content of our website.

In this case, the legal basis for the processing of your personal data is your consent, expressed when accessing our website. To achieve these purposes, we can use cookies.

Cookies are small text files that are stored on your device. Some of the cookies we use are deleted after the browser logs out, i.e. after the browser closes (so-called session cookies). Other cookies remain on your device and allow us or our affiliate to recognize your browser on the next visit (persistent cookies).

Failure to accept cookies may limit the functionality of our website. You can install additional add-ons in your browser that block unnecessary cookies. By doing so, you will not see any interest-based ads. Personal data processed through cookies is limited information about the device from which you log in, such as IP address, device ID, MAC address, operating system, device type, Apple Advertiser ID (IDFA) or Android Ad ID (AAID).

If the processing takes place with your consent, the legal basis is art. 6 para. 1 (a) GDPR, namely your consent. Otherwise, the processing is based on our legitimate interest pursuant to art. 6 para. 1 (f) GDPR. Our legitimate interest consists in the aforementioned purpose, namely the proper functioning of the website.

You can find our cookie policy with all the cookies we use here.

Customer care communication
If you wish to contact us, we will process the following personal data:

– your name and surname;

– your email;

– other personal data that you reveal to us inside the messages.

Establishing a communication between you and OPEN FINTECH SOLUTIONS’s team is possible by sending a message via the contact form. In the content of this message, you may disclose personal data, such as your telephone number or the place where you contact us from, a description of the situation that led you to contact us, as well as other data that you voluntarily disclose.

We recommend to limit the personal data you send us via the contact form to your name and email address.

Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Consequently, despite our efforts to protect your personal information OPEN FINTECH SOLUTIONS cannot ensure or guarantee the security of the information you transmit to us.

However, when we receive the information you provide, we guarantee that we will make every effort to ensure its security in our systems, in accordance with the security standards required by applicable law.

To this end, we have implemented appropriate technical and organizational measures to maintain the confidentiality and security of your personal data, in accordance with internal procedures regarding the storage, transmission and access of personal data. Personal data may be stored on our technological systems or in hard copy.

Regarding computer security, data processing operations, including their retention, shall be carried out by means of systems that ensure the security of the processing, and the operations shall be carried out by competent persons who have been informed and instructed in the field of data protection.

Clients
If you are a OPEN FINTECH SOLUTIONS’s client, based on the service agreement concluded with our company and you have created an account on our website, we will process the following categories of personal data.

Identification data: name and surname, domicile address, CNP, number and series of the identity card / passport, date and place of birth;
Contact details: telephone number and email address;
Financial data: bank statement, ANAF statements, balance sheet, employee certificate, pension receipt.
The purpose of this processing is the performance of service agreement.

The legal basis for the processing of the above mentioned data, in order to achieve the previously indicated purpose, is art. 6 para. (1) lit. b) of EU Regulation 679/2016 (performance of a contract).

Disclosure / transfer of personal data
Whenever we transfer your personal data to third parties, we take all reasonable steps to ensure that this transfer is made based on one of the legal grounds imposed by art. 6 para. (1) of the GDPR Regulation.

Transfer to public authorities or institutions
Whenever we have a legal obligation to transfer the personal data that we process to an institution or public authority, we will fulfill this obligation and we will transfer the personal data that we process and for which there is a legal provision which requires transfer.

There are also unfortunate situations in which some of our customers and service providers do not behave in good faith (in accordance with the law) and act with intent to harm us. In these situations, we will transfer personal data to criminal prosecution bodies and competent institutions / authorities not only based on our legal obligation, but also based on our interest in preventing damages, in order to enforce our claims and to combat unjustified claims.

Transfer to suppliers
In addition to the authorized persons mentioned above, we also work with third parties, to whom we also transmit your personal data, without these parties complying with our instructions, having their own security and confidentiality measures, regarding data processing. Such third parties are our consultants, lawyers, or tax consultants to whom the data are provided, under a contract and who process that data for legal reasons or to protect our legal interests. We do not sell or rent your personal data to third parties under any circumstances.

Transfers of personal data outside the EEA or outside the EU
OPEN FINTECH SOLUTIONS does not disclose or transfer personal data that it collects from you to third countries outside the European Union or the European Economic Area.

In the event that in the future there are circumstances that require the transfer of your personal data outside the EU or the EEA, OPEN FINTECH SOLUTIONS will inform you of this transfer and will take all protective measures required by the Regulation so as to ensure the security and confidentiality of your personal data.

Personal data retention period
We usually process your personal data for the time necessary to meet the purpose for which it was collected.

Once the purpose of processing has been fulfilled, we will delete your personal data, unless legal provisions require the storage of certain categories of personal data, in which case we will store those personal data for the time required by the provisions applicable law.

Security measures
OPEN FINTECH SOLUTIONS respects your right to data protection, making all reasonable efforts and taking all technical and administrative measures, so that we can ensure the confidentiality of your personal data.

The confidentiality and the protection of the data collected from you are a priority for us.

OPEN FINTECH SOLUTIONS does not disclose the information collected, to third parties without your express and prior consent (except the cases indicated in point 5- Who has access to the information collected from you?). Any traffic statistics on our users, that we will provide to third-party advertising networks or to partner sites, is only provided as a set of data, and does not include any personally identifiable information about any individual user.

In order to establish a direct contact between you and OPEN FINTECH SOLUTIONS’s team, you must insert your email address and to send us a message. In this message, you can reveal personal data such as your phone number, your name, a brief description of the situation your requesting OPEN FINTECH SOLUTIONS’s services for, as well as other data which you voluntarily reveal us.

We kindly recommend you to limit the personal data that you reveal us, in the content of the email or the message, to your name, following that the rest of the personal data, that is necessary for the performance of our services to be disclosed later, on of conclusion of the contract.

Unfortunately, no data transmission via the Internet can be guaranteed to be 100% secure. Therefore, despite our efforts to protect your personal information, OPEN FINTECH SOLUTIONS cannot ensure or guarantee the security of the information you provide to us, to and from our online services or our products.

When we receive the information you send, we assure you that we will make every effort to ensure its security in our systems, according to the security standards imposed by the applicable legislation.

In this respect we have implemented adequate technical and organizational measures to preserve the confidentiality and security of your personal data, according to internal procedures concerning the storage, transmission and access to personal data. Personal data can be stored on our technology systems or in printed format.

Regarding cyber security, data-processing operations, including data storage, shall be achieved by means of systems which ensure the security of processing, and the operations shall be carried out by competent persons who have been informed and instructed on the obligations regarding data protection.

Data subject’s rights
In accordance with the EU Regulation 679/2016 (GDPR), you have the following rights as a data subject:

The right of access– according to this right you can obtain from us a confirmation regarding the processing of personal data, as well as a copy of your personal data processed by us. For any other copy you require, we have the right to charge a reasonable fee, based on our administrative costs.
Right to rectification– according to this right you may obtain a correction of your personal data, which is inaccurate, as well as the right to obtain completion of personal data which is incomplete;
Right to erasure (‘right to be forgotten’). You have the right to obtain the erasure of personal data that concerns you, without undue delay, and we are obliged to delete that data, when:
personal data is no longer necessary for the purposes for which it was collected or processed;
you withdraw the consent, when the processing is based on your previous consent and there are no other legal grounds for processing;
you object to data processing, and there are no other legal grounds for the processing;
the processing was performed against legal provisions;
personal data must be erased for complying with a legal provision, that we have to respect, according to European Union legislation.
Right to restriction of processing– according to this right, provided in art. 18 from GDPR, you have the right to obtain from us the restriction of processing;
Right to data portability– according to this right you can receive your personal data, in a structured format, currently used and which can be read automatically and send this data to another controller under certain conditions;
Right to object– according to this right you can object, on grounds relating to your situation, at any time, to the processing of personal data, including profiling;
Automated individual decision-making, including profiling– you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you;
The Right to complain, according to article 77 from GDPR Regulation to The National Supervisory Authority for Personal Data Processing.
Right to withdraw the consent in any moment, without affecting the legality of data processing, made by us based on your consent before the consent was withdrawn.
If you wish to exercise any of the above rights, please contact us in one of the ways indicated below:

Email: compliance@openfintechsolutions.com
Address: 33, Aviatorilor Boulevard, 4th Floor, District 1, Bucharest, RO
OPEN FINTECH SOLUTIONS’s team works to ensure a faster response to your requests, but the reply term varies depending on the complexity of your request. The deadline for processing applications shall be 30 days.