Privacy Policy

Your privacy rights and how we protect your data

Last Updated: June 14, 2025

This Privacy Policy complies with EU General Data Protection Regulation (GDPR) and Romanian data protection laws.

1. Data Controller

SC CHRONIC QUAL SRL ("In Romania", "we", "us") is the data controller responsible for your personal data.

Contact Information:

Company: SC CHRONIC QUAL SRL
CUI/CIF: RO29400617
Registered Address: Romania
Email: privacy@in-romania.com
Website: https://in-romania.com

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Name, email address, country of origin, password
  • Profile Information: Additional details you choose to provide
  • Communication Data: Messages sent through our platform, support inquiries
  • Service Data: Information related to consultations and services used
  • AI Chat Data: Conversations with our AI assistant for service improvement
  • Payment Information: Billing details (processed securely through third-party providers)

2.2 Automatically Collected Information

  • Technical Data: IP address, browser type, device information
  • Usage Data: Pages visited, time spent, features used
  • Cookies: Essential, functional, and analytics cookies (see Cookie Policy)

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

Contract Performance

Processing necessary to provide our relocation and consultation services.

Legitimate Interest

Platform security, fraud prevention, and service improvement.

Consent

Marketing communications and non-essential cookies.

Legal Obligation

Compliance with Romanian and EU legal requirements.

4. How We Use Your Information

  • Provide relocation and consultation services
  • Process appointments and manage consultant relationships
  • Communicate about your account and services
  • Improve our AI assistant and platform functionality
  • Send marketing communications (with consent)
  • Ensure platform security and prevent fraud
  • Comply with legal obligations
  • Analyze usage patterns to improve services

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

5.1 Service Providers

  • Payment Processors: Stripe, PayPal (for secure payment processing)
  • AI Services: OpenAI (for AI assistant functionality)
  • Hosting Services: Secure cloud infrastructure providers
  • Analytics: Anonymized data for platform improvement

5.2 Legal Requirements

We may disclose information when required by Romanian or EU law, court orders, or to protect our rights and users' safety.

6. International Data Transfers

When we transfer data outside the EU/EEA, we ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Certification schemes and codes of conduct
  • Binding corporate rules

7. Data Retention

Retention Periods:

  • Account Data: Until account deletion + 30 days
  • Communication Records: 3 years for service quality
  • Payment Data: 7 years (legal requirement)
  • AI Chat Data: 1 year for service improvement
  • Marketing Data: Until consent withdrawal + 30 days
  • Legal Claims: Until resolution + applicable limitation periods

8. Your Rights Under GDPR

As an EU resident, you have the following rights:

🔍 Right of Access

Request copies of your personal data

✏️ Right to Rectification

Correct inaccurate or incomplete data

🗑️ Right to Erasure

Request deletion of your data ("right to be forgotten")

⏸️ Right to Restrict Processing

Limit how we use your data

📦 Right to Data Portability

Export your data in a structured format

🚫 Right to Object

Object to processing based on legitimate interests

Exercising Your Rights

To exercise any of these rights, contact us at privacy@in-romania.com. We will respond within 30 days (or 60 days for complex requests).

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and staff training
  • Secure data centers with 24/7 monitoring
  • Regular backups and disaster recovery procedures
  • Incident response and breach notification procedures

10. Cookies and Tracking

We use cookies and similar technologies. See our Cookie Policy for detailed information about:

  • Types of cookies we use
  • How to manage cookie preferences
  • Third-party cookies and analytics
  • Your choices regarding tracking

11. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified through:

  • Email notification to registered users
  • Prominent notice on our website
  • In-app notifications for significant changes

13. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your privacy rights:

Romanian Data Protection Authority (ANSPDCP)

Address: Bd. Schitu Măgureanu nr. 28-30, Sector 5, București
Phone: +40 21 252 50 60
Email: anspdcp@dataprotection.ro
Website: www.dataprotection.ro

14. Contact Information

Data Protection Contact

For any privacy-related questions or to exercise your rights:

Email: privacy@in-romania.com
Subject Line: "Data Protection Request"
Response Time: Within 30 days

Include your name, email address, and specific request details for faster processing.

This Privacy Policy is effective as of June 14, 2025 and applies to all personal data processed by SC CHRONIC QUAL SRL.