Privacy Policy

1. Identity and contact details of the data controllers

The data controllers for the Torcip website are:

PARTNER 1:

Company name: Metachain S.R.L.

Tax Identification Number (CUI): 45781750

Trade Register Number: J40/4655/2022

Registered office: Aleea Poiana Sibiului nr. 2, Bl. MC2, Sc. 1, Et. 1, Ap. 12, Bucharest, 061531, Romania

PARTNER 2:

Company name: Torcip S.R.L.

Tax Identification Number (CUI): 49862521

Trade Register Number: J23/2471/2024

Registered office: Str. Perilor 2, Hala 2, Dragomirești Vale Village, Ilfov County, Postal Code 077095, Romania

The Torcip trademark is operated in partnership by both companies.

Contact email: contact@torcip.ro

Website: https://torcip.ro

For questions regarding data protection or to exercise your rights, please contact us at: contact@torcip.ro.

2. Definitions used in this policy

Personal data means any information relating to an identified or identifiable natural person.

Processing means any operation performed on personal data (collection, recording, storage, modification, deletion, etc.).

Controllers means Metachain S.R.L. and Torcip S.R.L., the entities that jointly determine the purposes and means of processing data.

GDPR means Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data.

3. Categories of data we collect

Depending on your interaction with our website and services, we collect the following categories of data:

• Identification and contact data: name, email address, phone number, company name, job title
• Technical data: IP address, browser type, operating system, device type, pages visited, time spent on site, referral URLs
• Project data: industry, technical specifications for hardware projects, embedded development requirements
• Communications: messages sent through contact form, email, or other communication channels
• Quote request data: technical specifications, quantities, delivery timelines for electronics and IoT projects

4. Purposes and legal bases for processing

We process your data for the following purposes:

4.1. Responding to inquiries and providing information

Legal basis: Pre-contractual measures (Art. 6(1)(b) GDPR) and our legitimate interest in communicating with potential clients.

4.2. Providing hardware development and embedded services

Legal basis: Contract performance (Art. 6(1)(b) GDPR) for clients with active contracts.

4.3. Marketing and commercial communications

Legal basis: Your consent (Art. 6(1)(a) GDPR). You can withdraw consent at any time.

4.4. Improving the website and services

Legal basis: Our legitimate interest (Art. 6(1)(f) GDPR) in understanding how the site is used and improving it.

4.5. Compliance with legal obligations

Legal basis: Legal obligation (Art. 6(1)(c) GDPR) - for example, tax obligations, responses to authority requests.

5. Recipients of personal data

We do not sell your personal data. We may share data with the following categories of recipients:

• Technical service providers: web hosting, email services, analytics (Google Analytics) - all contractually bound to maintain confidentiality
• Production partners: PCB fabrication and assembly facilities, component suppliers - only technical information necessary for production
• Public authorities: when required by law (tax authorities, courts, law enforcement)
• Professional consultants: lawyers, accountants, auditors - as necessary for the services they provide us

6. International data transfers

Some of our service providers may be located outside the European Economic Area (EEA). In these cases, we ensure appropriate safeguards for data protection:

• Standard contractual clauses approved by the European Commission

• European Commission adequacy decisions (for countries ensuring an adequate level of protection)

• Recognized certifications or codes of conduct

7. Data retention period

We retain your personal data only for as long as necessary for the purposes for which it was collected:

• Information requests: 2 years from last interaction

• Contractual data: duration of contract + 5 years (legal archiving obligations)

• Marketing data: until consent withdrawal or 3 years from last interaction

• Technical data (cookies, logs): per cookie policy, generally 12-24 months

• Tax data: 10 years per Romanian tax legislation

8. Your rights under GDPR

Under the GDPR Regulation, you have the following rights:

• Right of access (Art. 15): You can obtain confirmation that we process your data and a copy thereof
• Right to rectification (Art. 16): You can request correction of inaccurate data or completion of incomplete data
• Right to erasure (Art. 17): You can request deletion of data in certain circumstances ('right to be forgotten')
• Right to restriction of processing (Art. 18): You can request limitation of processing in certain situations
• Right to data portability (Art. 20): You can receive data in a structured format and transfer it to another controller
• Right to object (Art. 21): You can object to processing based on legitimate interest or for direct marketing purposes
• Right to withdraw consent: At any time, without affecting the lawfulness of prior processing
• Right to lodge a complaint: With supervisory authority (ANSPDCP in Romania) if you believe your rights have been violated

9. Cookies and similar technologies

Our website uses cookies and similar technologies. Types of cookies used:

Strictly necessary cookies: Essential for website operation, cannot be disabled.

Performance cookies: Help us understand how the site is used (Google Analytics).

Functionality cookies: Allow remembering your preferences.

Marketing cookies: Used to show you relevant ads (if you accept).

You can manage cookie preferences through the banner displayed on first visit or through browser settings.

10. Data security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: All data is transmitted through encrypted HTTPS/TLS connections

• Restricted access: Only authorized personnel have access to data, based on 'need-to-know' principle

• Backup: Regular data backups with secure storage

• Monitoring: Continuous monitoring for suspicious activity detection

• Training: Staff is regularly trained on data protection

In case of a data security breach that may affect you, we will notify you per GDPR requirements.

11. Changes to the privacy policy

We reserve the right to update this privacy policy.

Significant changes will be communicated through:

• Display of a notification on the website

• Email to registered users (for important changes)

The date of last update is displayed at the top of this document.

We recommend periodically checking this page.