Privacy Policy

‍

GENERAL INFORMATION

We operate under the brand name NOMAZI ADVERTISING, which is a registered trademark with OSIM (Romanian State Office for Inventions and Trademarks). Our legal entity is BLK WORKS SRL, with Tax Identification Code RO43150702, registered at the National Trade Register Office as J40/12969/07.10.2020, having its registered office at Str. Emil Racovita 12, Bl. R3, Sc. 1, Et. 1, Ap. 5, 041758, Bucharest, Romania. You can contact us at iulia.boloca@nomaziadvertising.com or (+40) 726 576 928. Throughout this document, we refer to our business as "Company", "we" or "our", understanding that while you may know us by our brand name, our legal entity BLK WORKS SRL serves as the data controller responsible for your personal information.

‍

This Privacy Policy provides a comprehensive description of how we collect, use, store and protect your personal information when you visit and use our website https://www.nomaziadvertising.com. We are committed to ensuring the privacy and security of your personal data in accordance with applicable Romanian and European Union legislation.

‍

LEGAL FRAMEWORK

Our privacy practices are governed by and comply with the General Data Protection Regulation (GDPR) - EU Regulation 2016/679, Romanian Law No. 190/2018 regarding implementation measures for GDPR in Romania, and the Romanian Civil Code provisions regarding privacy protection. These regulations ensure that your personal data is processed lawfully, fairly, and transparently, with appropriate safeguards for your privacy rights.

‍

TYPES OF PERSONAL DATA COLLECTED

We collect personal information through various means when you interact with our website and services. When you contact us directly, we collect contact data including your name, email address, and phone number, as well as any communication data contained in the messages you send via email or phone. After entering into a contractual relationship, we also collect contractual data consisting of information you provide during the contracting process.

‍

Our website automatically collects certain technical data including your IP address, browser type, operating system, and the time of your visit. We also gather navigation data such as the pages you visit, the time you spend on our site, and the links you access. This information helps us understand how our website is being used and allows us to improve our services.

‍

Through our embedded social media content from Instagram, Facebook, LinkedIn and TikTok, these platforms may collect data according to their own privacy policies. We recommend reviewing the privacy policies of these platforms to understand what information they may collect when you interact with their embedded content on our site.

‍

PURPOSES AND LEGAL BASIS FOR PROCESSING

We process your personal data for several specific purposes, each with its own legal basis under GDPR. For communication with potential clients, we rely on our legitimate interest to respond to inquiries and provide information about our services. This includes processing your contact data and the content of your communications. When we enter into contractual relationships, we process your contractual, contact and communication data based on the necessity to perform the contract.

‍

To improve our services and website functionality, we process navigation and technical data based on our legitimate interest in enhancing user experience and maintaining an effective online presence. When required by law, such as for tax or accounting purposes, we process data to comply with our legal obligations under Romanian legislation.

‍

DATA RETENTION PERIODS

We retain different types of personal data for varying periods based on the purpose of processing and legal requirements. Contact data from prospects who have not entered into contracts with us is kept for two years from the last communication to allow for follow-up on potential business opportunities. For contractual relationships, we retain relevant data for ten years from contract completion in accordance with Romanian Civil Code requirements for commercial documentation.

‍

Communication data, including emails and records of phone conversations, is preserved for three years from the last communication to maintain a complete record of our business interactions. Technical logs from our website are kept for twelve months to support system maintenance and security monitoring. Cookie data is retained according to the specific periods outlined in our cookie policy section.

‍

DATA RECIPIENTS

Your personal data may be shared with carefully selected recipients who assist us in providing our services. Within our company, only authorized personnel who need access to your data for legitimate business purposes can view your information. We use Webflow as our website hosting provider, which may have access to certain technical data as part of their hosting services.

‍

In cases where we are legally required to do so, we may share your data with public authorities such as tax offices or courts. After entering into contractual relationships, we may share relevant data with our CRM service providers to manage client relationships effectively. We want to emphasize that we never sell, rent or transfer personal data to third parties for commercial purposes outside of these specific operational requirements.

‍

INTERNATIONAL DATA TRANSFERS

Some of the services we use, including Webflow for hosting and various social media platforms, may transfer your data to locations outside the European Economic Area. When such transfers occur, they are conducted with adequate safeguards in place as required by GDPR, such as standard contractual clauses or adequacy decisions from the European Commission to ensure your data remains protected.

‍

YOUR RIGHTS UNDER GDPR

As a data subject, you have several important rights regarding your personal information. You have the right to be informed about how we process your data and to access a copy of the personal data we hold about you. If any of your personal information is inaccurate or incomplete, you have the right to request that we correct it promptly.

‍

Under certain circumstances, you may request that we delete your personal data entirely, which is commonly known as the "right to be forgotten." You can also request that we restrict the processing of your data in specific situations, such as when you contest the accuracy of the data or when processing is unlawful but you prefer restriction over deletion.

‍

If you wish to transfer your data to another service provider, you have the right to data portability, allowing you to receive your data in a structured, commonly used format. You also have the right to object to processing that is based on legitimate interests, and we will cease such processing unless we can demonstrate compelling legitimate grounds that override your interests.

‍

We do not engage in automated decision-making or profiling that would significantly affect you. To exercise any of these rights, please contact us at contact@nomaziadvertising.com, and we will respond to your request within the timeframes required by law.

‍

COOKIES AND SIMILAR TECHNOLOGIES

Currently, our website operates without proprietary cookies, meaning we do not directly place tracking cookies on your device. However, the social media platforms we have embedded on our site, including Instagram, Facebook, LinkedIn, and TikTok, may place their own cookies according to their respective privacy policies when you interact with their content.

‍

In the near future, we plan to implement Google Analytics to better understand how visitors use our website and improve our services accordingly. We also intend to use CookieBot to manage cookie consent and ensure compliance with privacy regulations. Additionally, we may introduce functional cookies designed to enhance your user experience by remembering your preferences and improving site functionality.

‍

When we do implement cookies, you will maintain full control over them through your browser settings. While you can disable cookies entirely, please note that doing so may affect certain functionalities of our website. We will ensure that any cookie implementation includes appropriate consent mechanisms and clear information about their purpose and duration.

‍

DATA SECURITY MEASURES

We take the security of your personal data very seriously and have implemented comprehensive technical and organizational measures to protect it. Our website is hosted through Webflow, which provides enterprise-level security infrastructure including secure data centers, regular security updates, and monitoring systems.

‍

Access to personal data within our organization is strictly limited to authorized personnel who require it for their job functions. Our data backup and recovery procedures ensure that your information is preserved securely and can be recovered in case of technical failures.

‍

We provide regular training to our staff on data protection principles and security best practices to ensure everyone understands their responsibilities regarding personal data handling. Our systems are regularly monitored for potential security threats, and we maintain incident response procedures to address any security concerns promptly.

‍

DATA BREACH PROCEDURES

In the unlikely event of a personal data security breach, we have established clear procedures to minimize impact and meet our legal obligations. We will notify the National Supervisory Authority for Personal Data Processing within seventy-two hours of becoming aware of the breach, providing detailed information about the nature of the incident, the data involved, and the measures taken to address it.

‍

If a breach poses a high risk to your rights and freedoms, we will also inform you directly without undue delay. Our notification will include clear information about the nature of the breach, the likely consequences, and the measures we have taken or propose to take to address the breach and mitigate its potential adverse effects.

‍

PROTECTION OF MINORS

Our website and services are designed for and directed toward adults and businesses. We do not intentionally target or collect personal information from individuals under sixteen years of age. If we become aware that we have inadvertently collected personal data from a minor without appropriate parental or legal guardian consent, we will take immediate steps to delete such information from our systems.

‍

Parents and legal guardians who believe that a minor has provided us with personal information without consent should contact us immediately so that we can take appropriate action to remove the information and prevent further collection.

‍

CHANGES TO THIS PRIVACY POLICY

We reserve the right to update and modify this Privacy Policy as needed to reflect changes in our practices, services, or applicable laws. When we make changes, we will update the "last updated" date at the top of this policy and publish the revised version on our website.

‍

For significant changes that materially affect how we collect, use, or share personal data, we will provide additional notice through appropriate means, such as email notification to our clients or prominent notices on our website. We encourage you to review this policy periodically to stay informed about how we are protecting your information.

‍

FILING COMPLAINTS

If you have concerns about how we handle your personal data or believe we have not addressed your privacy rights appropriately, you have the right to lodge a complaint with the Romanian supervisory authority. The National Supervisory Authority for Personal Data Processing (ANSPDCP) can be contacted at B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest. You can reach them by phone at (+40) 318 059 211, by email at anspdcp@dataprotection.ro, or visit their website at www.dataprotection.ro.

‍

Before filing a formal complaint, we encourage you to contact us directly as we are committed to resolving any privacy concerns promptly and fairly. However, you always retain the right to contact the supervisory authority if you are not satisfied with our response or prefer to address your concerns through official channels.

‍

CONTACT INFORMATION FOR DATA PROTECTION MATTERS

For any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us directly. You can reach us by email at iulia.boloca@nomaziadvertising.com, or by phone at (+40) 726 576 928. We are committed to responding to your inquiries promptly and addressing any privacy concerns you may have.

‍

Our designated contact person for data protection matters will handle your requests and ensure that you receive appropriate assistance with exercising your rights under applicable privacy laws. We aim to respond to all privacy-related inquiries within thirty days, though we often respond much sooner depending on the complexity of your request.

‍

This Privacy Policy becomes effective on September 1, 2025 and applies to all users of our website and individuals who interact with our services. By using our website or providing us with personal information, you acknowledge that you have read and understood this policy and agree to the processing of your personal data as described herein.

‍