Privacy Policy

Performance Indicator SRL ("we", "our", "PI") respects the privacy of your personal data. This policy explains what data we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR — EU Regulation 2016/679) and applicable Romanian law.

The controller of personal data is Performance Indicator SRL, with registered office at Str. József Attila, No. 4, Accounting Office, Timișoara, Timiș County, 300759, Romania. For any data protection questions, you can contact us at traian.bucur@performanceindicator.ro.

We collect only the data needed to respond to you and run the site: name, email, phone (if you provide it), company (optional), message — when you fill in the contact form or write directly. Additionally, through cookies and analytics tools, we collect anonymous technical data (IP, browser, pages visited).

Your data is processed to: (1) respond to your contact request and send information about our services, (2) book an online session, (3) improve the site through anonymized analytics, (4) comply with legal obligations (e.g., invoicing if you become a client).

Processing is based on: (a) your consent (Art. 6(1)(a) GDPR) when you fill the contact form, (b) legitimate interest in operating and improving the site (Art. 6(1)(f) GDPR), (c) contract execution (Art. 6(1)(b) GDPR) if you become a client, (d) legal obligation (Art. 6(1)(c) GDPR) for accounting documents.

Contact data is kept for up to 3 years from last interaction, or until consent withdrawal. Contract data is kept 10 years per fiscal obligations. Cookies have variable durations (session, 30 days, up to 2 years — see Cookie Policy).

You have the right to: (1) access your data, (2) rectification, (3) erasure ("right to be forgotten"), (4) restriction of processing, (5) data portability, (6) objection to processing, (7) withdrawal of consent at any time, (8) lodge a complaint with the Romanian DPA (www.dataprotection.ro). To exercise these rights, write to traian.bucur@performanceindicator.ro.

We do not sell your data. We share it only with essential service providers (web hosting, email, anonymous analytics) who themselves have GDPR obligations. We do not transfer data outside the European Economic Area without adequate protection measures.

We implement appropriate technical and organizational measures to protect your data: HTTPS encryption, restricted access, secure backups, periodic team training. No system is 100% secure, but we do everything reasonable to prevent unauthorized access.