Skip to main content

Privacy Policy

Last updated: March 2026

1. Introduction

Global Software Development SRL ("we", "us", "our") is committed to protecting your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Romanian data protection legislation.

This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website, contact us, or engage our services.

Data Controller:
Global Software Development SRL
Romania, EU
Email: office@global-soft.ro

2. Data We Collect

2.1 Data You Provide

  • Contact information: name, email address, phone number (when you contact us or request a quote)
  • Project details: information about your project requirements shared via contact forms or email
  • Business information: company name, role, billing details (when engaging our services)

2.2 Data Collected Automatically

  • Technical data: IP address, browser type, operating system, referring URL
  • Usage data: pages visited, time spent, navigation patterns
  • Cookies: see Section 7 below

2.3 Data We Do Not Collect

We do not collect sensitive personal data (racial origin, political opinions, health data, biometric data) unless specifically required for a project and with your explicit consent.

3. Legal Basis for Processing (Art. 6 GDPR)

We process your personal data based on the following legal grounds:

Purpose Legal Basis Data
Responding to enquiries Legitimate interest (Art. 6(1)(f)) Name, email, message content
Providing services Performance of contract (Art. 6(1)(b)) Contact, billing, project data
Legal obligations Legal obligation (Art. 6(1)(c)) Invoicing and tax records
Website analytics Consent (Art. 6(1)(a)) Usage and technical data

4. How We Use Your Data

  • To respond to your enquiries and provide project quotes
  • To deliver and manage our software development services
  • To issue invoices and fulfil accounting/tax obligations
  • To improve our website and services
  • To comply with legal requirements

We will never sell your personal data to third parties or use it for automated decision-making or profiling.

5. Data Sharing & Transfers

We may share your data with:

  • Service providers: hosting (EU-based), email services, and project management tools — all bound by data processing agreements
  • Legal authorities: when required by Romanian or EU law
  • Professional advisors: accountants, lawyers — under strict confidentiality

We prioritise EU-based service providers. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place (Standard Contractual Clauses, adequacy decisions, or equivalent protections per Chapter V GDPR).

6. Data Retention

  • Contact form submissions: 12 months from last contact (or until you request deletion)
  • Client project data: 5 years from project completion (legal/accounting requirements)
  • Invoices and financial records: 10 years (Romanian fiscal law)
  • Website analytics: 26 months (anonymised)

7. Cookies

Our website uses minimal cookies:

  • Essential cookies: required for basic website functionality (no consent needed)
  • Analytics cookies: used only with your consent to understand how visitors use our site

You can manage cookie preferences through your browser settings. Disabling cookies may affect website functionality.

8. Your Rights (GDPR Chapter III)

Under the GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you (Art. 15)
  • Rectification — request correction of inaccurate data (Art. 16)
  • Erasure — request deletion of your data ("right to be forgotten") (Art. 17)
  • Restriction — request limited processing of your data (Art. 18)
  • Data portability — receive your data in a structured, machine-readable format (Art. 20)
  • Object — object to processing based on legitimate interest (Art. 21)
  • Withdraw consent — at any time, without affecting prior lawful processing (Art. 7(3))

To exercise any of these rights, contact us at office@global-soft.ro. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit (TLS), access controls, regular security reviews, and staff awareness training.

10. Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with:

ANSPDCP (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal)
Romania's Data Protection Authority
Website: www.dataprotection.ro

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.