logo smart alliance white
contact us

Privacy policy- SmartAlliance

Privacy Policy - Smart Alliance Association

Effective Date: July 2025

1. Introduction

Smart Alliance Association (hereinafter “Smart Alliance” or “we”) is committed to protecting the privacy and personal data of all individuals who interact with us through our website (www.smartalliance.ro), newsletter, events, or any other means of communication. This Privacy Policy outlines how we collect, process, and protect your personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and Law 190/2018.

2. Scope

This Privacy Policy applies to:

  • Cluster members and representatives
  • Business partners and suppliers
  • Website visitors
  • Event attendees and newsletter subscribers
  • Any individual whose data is provided to Smart Alliance through direct or indirect communication

3. Legal Basis and Principles

Smart Alliance processes personal data lawfully, fairly, and transparently. We adhere to the principles of:

  • Purpose limitation
  • Data minimization
  • Accuracy and timely updates
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

4. Categories of Data Collected

We may collect the following personal data:

  • Identification data: name, surname, title, job function
  • Contact data: email, phone number, mailing address
  • Professional data: company name, affiliation, area of expertise
  • Technical data: IP address, browser, OS, cookies
  • Communication data: messages sent via forms, emails, or during events
  • Audio-visual data: photos or recordings from events (with notice)

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from minors. If we become aware that such data has been collected without verifiable parental consent, we will promptly delete it.

5. Sources of Personal Data

We collect data from:

  • Website forms and email correspondence
  • Business cards and networking events
  • Public directories and business listings
  • Online registrations for our events or programs
  • Public sources and social media platforms (with appropriate notices)

6. Purposes of Processing

Your personal data may be processed for:

  • Providing services and responding to inquiries
  • Organizing and promoting events, webinars, and trainings
  • Sending newsletters and updates
  • Statistical analysis and improvement of services
  • Legal and administrative compliance
  • Collaboration with contractual partners

Where processing is based on consent, we ensure that such consent is:

  • Freely given, specific, informed, and unambiguous
  • Demonstrated through a clear affirmative action (e.g., ticking a box, submitting a form)

You may withdraw your consent at any time by contacting us (see Section 13). The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Please note that the provision of personal data may be a requirement for accessing certain services, such as event participation or newsletter subscription. Failure to provide the required data may result in our inability to process your request or offer access to those services.

7. Data Retention

Personal data is retained to fulfill the purposes for which the data was collected in accordance with this data protection policy.

  • Contact data: up to 24 months after last interaction
  • Event participant data: up to 12 months after event
  • Newsletters and marketing: until consent is withdrawn
  • Legal obligations: as required by law.

8. Disclosure of Personal Data

Personal data may be shared with:

  • Internal staff with confidentiality obligations
  • IT and communication service providers
  • Co-organizers and partners for events (with notice)
  • Legal authorities, where required

All third parties are bound by data protection agreements. We may use external service providers, such as newsletter distribution platforms (e.g., Brevo, MailChimp), video conferencing tools (e.g., Zoom), cloud storage providers (e.g., Google Drive), or analytics services (e.g., Google Analytics), under strict data processing agreements. These providers act as data processors and are contractually bound to protect your personal data.

9. International Data Transfers

We do not transfer data outside the European Economic Area. If such transfers become necessary, we will ensure compliance with GDPR requirements (e.g., Standard Contractual Clauses). If personal data is transferred to service providers located outside the EEA (e.g., the United States), such transfers will be made based on adequate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission or other lawful transfer mechanisms under Article 46 GDPR.

10. Your Rights

As a data subject, you have the following rights:

Right of Access (Art. 15 GDPR)

You have the right to obtain confirmation from Smart Alliance as to whether or not personal data concerning you is being processed, and, where that is the case, to access the data and information such as the purposes of the processing, categories of data, and the recipients of your data. Upon request, we may provide a copy of the personal data undergoing processing.

Right to Rectification (Art. 16 GDPR)

You may request that we correct inaccurate personal data concerning you and, considering the purposes of the processing, complete any incomplete data. This website and our services are not intended for individuals under the age of 16. We do not knowingly collect data from minors. If we become aware that such data has been collected without appropriate consent, we will take immediate steps to delete it.

Right to Erasure (“Right to be Forgotten”, Art. 17 GDPR)

You may request the deletion of your personal data where one of the following applies:

  • The data is no longer necessary for the purposes for which it was collected;
  • You withdraw your consent and there is no other legal basis for processing;
  • You object to the processing and there are no overriding legitimate grounds;
  • The data has been unlawfully processed;
  • The data must be erased to comply with a legal obligation.

Right to Restrict Processing (Art. 18 GDPR)

You may request the restriction of processing if:

  • You contest the accuracy of your data (for the period necessary to verify it);
  • The processing is unlawful and you oppose deletion;
  • You need the data for legal claims;
  • You have objected to processing and verification is pending.

Right to Data Portability (Art. 20 GDPR)

If processing is based on your consent or a contract, and carried out by automated means, you may request a copy of your data in a structured, commonly used, machine-readable format, and have it transmitted to another controller where technically feasible.
Right to Object (Art. 21 GDPR)
You may object to the processing of your personal data based on legitimate interests, including profiling. We shall no longer process your data unless we demonstrate compelling legitimate grounds that override your interests or for the establishment, exercise, or defense of legal claims.

Right Not to Be Subject to Automated Decision-Making (Art. 22 GDPR)

You have the right not to be subject to decisions based solely on automated processing, including profiling, which significantly affects you, unless such decision is:

  • Necessary for entering into or performance of a contract;
  • Authorized by law;
  • Based on your explicit consent.

Right to Withdraw Consent (Art. 7(3) GDPR)

Where data is processed based on your consent, you have the right to withdraw that consent at any time. This shall not affect the lawfulness of processing carried out before the withdrawal.

Right to Lodge a Complaint

You have the right to file a complaint with the Romanian Data Protection Authority (ANSPDCP) at www.dataprotection.ro if you consider that your rights under GDPR have been infringed.

11. Security Measures

We implement technical and organizational measures:

  • Access control and encryption
  • Antivirus and firewall protection
  • Secure backups and physical security
  • Staff training and IT security policies

12. Cookies and Tracking

We use cookies to enhance website functionality, personalize content, and analyze traffic. Cookies are classified as:

  • Strictly necessary cookies – required for core site functionality; stored based on legitimate interest (Art. 6(1)(f) GDPR).
  • Analytics and marketing cookies – stored only based on your explicit consent (Art. 6(1)(a) GDPR).

You can manage your cookie preferences at any time using our cookie banner or through your browser settings. For more details, please refer to our Cookie Policy.

13. Data Protection Officer (DPO)

Requests regarding personal data may be sent to:
Email: contact@smartalliance.ro
Postal address: București, Șos Pantelimon nr. 6-8, cu intrare prin strada Ion Heliade Radulescu nr 26, et 1, camera 6, Sector 2
We will respond within 30 days of receiving your request.

14. Updates to this Policy

We may update this Privacy Policy as needed. The latest version will always be available on our website. Last revision: July 21, 2025.

Get Updates And Stay Connected -Subscribe To Our Newsletter

logo smart alliance white

About us

Smart Alliance Cluster is a creator and implementer of innovative end-to-end business solutions for key sectors of Romanian economy and for top fields of world economy.

P.O.C.U.

Contact

  • mail: contact@smartalliance.ro
Facebook Youtube Linkedin

LEGAL

Privacy Policy
Cookie Policy