Privaatsuspoliitika

This Privacy Policy describes how CODESCAPE SRL, acting as controller or processor, collects, uses, stores, and protects personal data in connection with the use of the Quanty platform.

This policy is prepared in accordance with Regulation (EU) 2016/679 on the protection of personal data (GDPR) and with the applicable legislation in Romania.

By using the Quanty platform or by providing personal data to the Provider, the data subject confirms that it has taken note of this policy.

1. Data controller

1.1 Identity of the controller

Personal data is processed by:

CODESCAPE SRL
Strada Constantin Hagi Stoian 34
Targu Mures, 540256
Romania
VAT / Company ID 49414510

hereinafter referred to as the Controller or Provider.

1.2 Contact details

For questions regarding data protection, you can contact us at:

support@quanty.ro

2. Scope of the policy

This policy applies to all situations in which personal data is collected through:

  • the Quanty platform
  • websites operated by the Provider
  • communication with users
  • use of the services and features offered

The policy applies to platform users, client representatives, and other persons whose data is processed in connection with the use of the services.

3. Categories of data processed

In providing the service, the Provider may process the following categories of data:

3.1 Identification data

This may include:

  • first and last name
  • email address
  • phone number
  • job role within the company

3.2 Authentication data

For platform access, the following may be processed:

  • the email address used for authentication
  • encrypted passwords
  • authentication tokens

3.3 Platform usage data

For service operation, information may be collected such as:

  • IP address
  • browser or device information
  • user activity within the platform

3.4 Data entered by users

The platform may store data entered by users while using the service, including:

  • commercial documents
  • invoices
  • financial transactions
  • information about clients or suppliers

In these situations, the Client is typically the data controller, and Quanty acts as the data processor.

4. Purposes of processing

Personal data may be processed for the following purposes:

4.1 Providing the services

Data processing is necessary for:

  • account creation and administration
  • providing platform functionality
  • managing documents and transactions

4.2 Managing the contractual relationship

Data may be used for:

  • billing
  • technical support
  • communication with users

4.3 Platform security

Data may be processed for:

  • fraud prevention
  • detection of unauthorized access
  • protection of technical infrastructure

4.4 Service improvement

Data may be analyzed in aggregate form to improve the platform's functionality.

5. Legal basis for processing

Personal data is processed on the following legal bases:

5.1 Performance of the contract

Processing is necessary to provide the services requested by the Client.

5.2 Legal obligations

In certain situations, data processing is necessary to comply with legal obligations.

5.3 Legitimate interest

The Provider may process data to protect system security or prevent fraud.

6. Data recipients

Personal data may be disclosed to:

  • IT infrastructure providers
  • cloud service providers
  • payment processors
  • public authorities, when required by law

The Provider ensures that any third party processing data complies with appropriate data protection standards.

7. International data transfers

In certain situations, data may be transferred to providers located outside the European Economic Area.

Such transfers are carried out only under the conditions provided by applicable legislation, including the use of standard contractual clauses approved by the European Commission.

8. Data retention period

Personal data is retained only for the period necessary to fulfill the purposes for which it was collected.

The retention period may vary depending on:

  • legal obligations
  • the need to provide the service
  • contractual requirements

9. Rights of data subjects

Persons whose data is processed benefit from the following rights:

  • right of access to data
  • right to rectification
  • right to erasure
  • right to restriction of processing
  • right to data portability
  • right to object

To exercise these rights, data subjects may contact the Provider at the address indicated in this policy.

10. Data security

The Provider implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or disclosure.

These measures include, without limitation:

  • encryption of communications
  • system access control
  • security monitoring of the infrastructure

11. Cookies and similar technologies

The platform may use cookies or similar technologies for:

  • user authentication
  • maintaining active sessions
  • improving the user experience

Details regarding the use of cookies may be described in a separate policy.

12. Changes to the privacy policy

The Provider reserves the right to amend this policy to reflect legislative or technical changes.

The updated version will be published on the website or in the application.

13. Supervisory authority

Data subjects have the right to lodge complaints regarding the processing of data with the competent authority:

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP).

14. Contact

For questions regarding this policy or the way personal data is processed:

support@quanty.ro