Privacy Policy
Last updated: 23 March 2026
1. Introduction
RISKLESS SRL, CUI 48230969, with its registered office in Bucharest, Romania (“RISKLESS”, “we”, “us” or “our”), is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store and share information when you visit our website riskless.ro or interact with our services.
We process personal data in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation — “GDPR”) and applicable Romanian data protection legislation.
2. Data Controller
The data controller for your personal data is:
- Company: RISKLESS SRL
- Tax ID / CUI: 48230969
- Address: Bucharest, Romania
- Email: office@riskless.ro
- Phone: +40 725 252 585
3. Personal Data We Collect
We may collect the following categories of personal data:
3.1 Data You Provide Directly
- Contact information: name, email address, phone number, company name and job title when you fill in a contact form, request a consultation or apply to work with us.
- Communication data: the content of emails, messages or other correspondence you send to us.
- Application data:CV, cover letter and any other documents submitted through our “Work With Us” page.
3.2 Data Collected Automatically
- Technical data: IP address, browser type and version, operating system, device type, screen resolution and language preferences.
- Usage data: pages visited, time spent on each page, referring URL, click-through data and navigation paths.
- Cookie data: information collected via cookies and similar technologies (see our Cookie Policy for details).
4. Purposes and Legal Bases for Processing
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Responding to enquiries and consultation requests | Performance of a contract / pre-contractual measures (Art. 6(1)(b)) |
| Processing job applications | Pre-contractual measures (Art. 6(1)(b)) and your consent (Art. 6(1)(a)) |
| Improving our website and services | Legitimate interest (Art. 6(1)(f)) |
| Analytics and performance measurement | Consent (Art. 6(1)(a)) via cookie banner |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) |
5. Data Sharing and Recipients
We do not sell your personal data. We may share your data with:
- Service providers: hosting, email and analytics providers that process data on our behalf under data processing agreements.
- Professional advisers: legal, accounting or auditing professionals where necessary.
- Public authorities: where required by law or regulation.
All third-party processors are bound by contractual obligations to protect your data and process it only on our instructions, in compliance with the GDPR.
6. International Transfers
Your personal data is primarily stored and processed within the European Economic Area (EEA). If any transfer outside the EEA is necessary, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or an adequacy decision, in accordance with GDPR Articles 44–49.
7. Data Retention
- Contact and consultation requests: retained for up to 3 years after the last communication, unless a contractual relationship is established.
- Job applications: retained for up to 12 months after the recruitment process ends, unless you consent to a longer retention period.
- Analytics data: retained in anonymised or aggregated form for up to 26 months.
- Legal and accounting records:retained as required by Romanian law (typically 5–10 years).
8. Your Rights
Under the GDPR you have the right to:
- Access your personal data and obtain a copy.
- Rectify inaccurate or incomplete data.
- Eraseyour data (“right to be forgotten”) where there is no compelling reason for continued processing.
- Restrict processing in certain circumstances.
- Data portability— receive your data in a structured, commonly used, machine-readable format.
- Object to processing based on legitimate interests.
- Withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, please contact us at office@riskless.ro. We will respond within 30 days.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These include encryption of data in transit (TLS/SSL), access controls and regular security reviews.
10. Complaints
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP):
- Website: www.dataprotection.ro
- Address: B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, 010336, Bucharest, Romania
11. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “Last updated” date. We encourage you to review this page periodically.
12. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- Email: office@riskless.ro
- Phone: +40 725 252 585
- Address: Bucharest, Romania