1. Who we are and scope
1.1. Controller: Bridgecore Partners SRL, headquartered at str. sold. Gheorghe
Buciumat nr. 26, bl. A, basement, ap. D05, room 3, sector 1, Bucharest (“Controller”).
1.2. Website: www.bridgecorepartners.com. Presentation website; we do not provide
user accounts and do not allow user-generated content (UGC/comments).
1.3. Data subjects: website visitors, persons contacting us via forms or e-mail, potential
B2B clients/partners and their representatives.

 

2. Categories of data processed
2.1. Data provided directly: name, surname, position, company, contact details (e-mail,
phone), as well as the content of the transmitted message.
2.2. Data collected automatically: technical data and online identifiers (e.g., IP address,
type of device and browser, accessed pages, date/time of access), technical and
security logs. Cookies and similar technologies are described in the separate “Cookie
Policy” document.

 

3. Source of data
3.1. Directly from the data subject via forms and correspondence.
3.2. Automatically by visiting the website (logs/online identifiers).
3.3. From B2B communications and legitimate professional interactions.

 

4. Purposes of processing and legal bases
4.1. Responding to requests and pre-contractual steps (Art. 6(1)(b) GDPR).
4.2. Website administration and security, abuse prevention, and ensuring infrastructure
operation (legitimate interest – Art. 6(1)(f) GDPR). Legitimate interest test: processing is
necessary for security and functionality; the impact on privacy is limited, and the data
subject’s expectations are reasonable. Right to object may be exercised at any time, for
reasons related to the particular situation.
4.3. Compliance with legal obligations (e.g., tax/accounting, response to authority
requests) – Art. 6(1)(c) GDPR, when applicable.

4.4. Marketing/newsletters and non-essential cookies, only based on consent – Art.
6(1)(a) GDPR. Consent may be withdrawn at any time, without affecting the legality of
previous processing.
4.5. Automated decisions or profiling: we do not perform such actions.

 

5. Obligation or voluntariness of data provision
5.1. Providing data for contact purposes is voluntary; if you do not provide the minimum
necessary data (e.g., e-mail), we cannot respond to your request.
5.2. For newsletters, providing data is voluntary; lack of consent prevents us from
sending commercial communications.

 

6. Recipients and processors
6.1. We may disclose data to processors strictly for providing services to the Controller,
under Art. 28 GDPR and confidentiality agreements:
- Hosting and infrastructure maintenance;
- E-mail and newsletter delivery services;
- Web analytics (aggregated/pseudonymized data, where applicable);
- CRM/workflow automation;
- IT/legal consultants;
- Auditors/accountants, where necessary.
6.2. Public authorities/institutions: only when under legal obligation or for defending
rights in courts/authorities.
6.3. All processors act only based on our instructions and implement adequate security
measures.

 

7. Storage duration
7.1. We retain data only as long as necessary for declared purposes or for legal
deadlines.

 

8. Data subject rights
- Right of access;
- Right to rectification;
- Right to erasure (“right to be forgotten”);
- Right to restriction;
- Right to portability;

- Right to object to processing based on legitimate interest or direct marketing;
- Right to withdraw consent;
- Right to lodge a complaint with ANSPDCP.
Requests regarding rights should be sent to contact@bridgecorepartners.com. We will
respond without undue delay, at the latest within the legal term.

 

9. Minors’ data
9.1. The website is not addressed to minors and we do not knowingly collect minors’
data. If we identify such data without parental/guardian consent, we will delete it
immediately.

 

10. Updating this Policy
10.1. We may update this Policy periodically to reflect legal or operational changes. The
applicable version is the one published on the website, with the date of last update
indicated.

 

11. Contact
11.1. For any questions regarding data protection: contact@bridgecorepartners.com.
11.2. Postal address: available upon request.

 

12. Supervisory authority
12.1. You have the right to file a complaint with the National Supervisory Authority for

 

Personal Data Processing (ANSPDCP):
Address: B-dul G-ral. Gheorghe Magheru 28–30, Sector 1, postal code 010336,
Bucharest, Romania;
Phone: +40.318.059.211; Fax: +40.318.059.602;
E-mail: anspdcp@dataprotection.ro;
Website: www.dataprotection.ro.