Personal Data Processing (GDPR)

Information notice under Art. 13 GDPR · Last updated: 27 June 2026

This notice details how YOSRIT S.R.L., as data controller, processes personal data in accordance with Regulation (EU) 2016/679 (GDPR). See also our Privacy Policy.

1. Controller

YOSRIT S.R.L., VAT/CUI RO48298468, Trade Register no. J2023010638403, registered office Strada Doctor Leonte Anastasievici 9, Camera 2, Etaj 1, Ap. 2, Bucharest, Romania, email contact@yosrit.com. Data Protection Officer (DPO): not appointed.

2. Data categories and purposes

  • Identification and contact data (name, email, phone, company) — to respond to enquiries and manage the business relationship. Basis: Art. 6(1)(b).
  • Traffic and technical data (IP address, server logs, essential cookies) — for website operation and security. Basis: Art. 6(1)(f).
  • Billing data — to meet legal and tax obligations. Basis: Art. 6(1)(c).

3. Recipients and processors

Data may be processed by providers acting as processors (hosting, email, accounting) under data-processing agreements. We do not sell or transfer data to third parties for marketing purposes.

4. Transfers outside the EEA

Data is processed within the European Economic Area. Where a provider processes data outside the EEA, transfers occur only with appropriate safeguards (e.g. Standard Contractual Clauses).

5. Retention

We keep data for as long as necessary for the purposes: correspondence up to 24 months, financial data for the periods required by Romanian law (e.g. 10 years for accounting records).

6. Your rights

  • right of access and to obtain a copy of your data;
  • right to rectification and erasure (“right to be forgotten”);
  • right to restriction of and objection to processing;
  • right to data portability;
  • right not to be subject to automated decision-making — we do not carry out automated decisions or profiling;
  • right to withdraw consent, where processing is based on it.

To exercise your rights, email us at contact@yosrit.com. You have the right to lodge a complaint with ANSPDCP (www.dataprotection.ro).