Biodiversity
ENROGet in touch
Legal

Privacy & GDPR

How Biodiversity collects, uses and protects personal data submitted through this website, and your rights under the GDPR.

Last updated: June 2026

1. Who is responsible for your data

The data controller is BIODIVERSITY SRL, with its registered office at Str. Pârâului 29K, Breazu, Iași, 707406, Romania. Company identifiers: CUI RO 35756881; Trade Register No. J2016000581221. For any data-protection question or request, contact us at office@biodiversity.ro or +40 742 354 311.

2. What this policy covers

This policy applies to personal data we process in connection with this website (biodiversity.ro) and with enquiries you send us. It does not cover third-party websites we link to.

3. What personal data we collect

  • Data you provide — when you use our contact form or email us: your name, organisation, email address, country, project type and the content of your message.
  • Technical data — our hosting provider may automatically record limited technical information (such as IP address and browser data) in server logs, for the security and stable operation of the site.

4. Why we use your data and our legal basis

  • To respond to your enquiry and discuss a possible engagement — based on your consent (Art. 6(1)(a) GDPR) and/or steps taken at your request prior to entering into a contract (Art. 6(1)(b) GDPR).
  • To manage and respond to business enquiries — based on our legitimate interest in running and developing our consultancy (Art. 6(1)(f) GDPR).
  • To keep the website secure and operational — based on our legitimate interest in protecting our systems (Art. 6(1)(f) GDPR).

We do not use your data for marketing without your consent, and we do not carry out profiling or automated decision-making that produces legal or similarly significant effects.

5. Who we share it with

We do not sell your personal data. We share it only with service providers that process data on our behalf and under our instructions — principally our website hosting provider (CyberFolks) and our email provider — under appropriate confidentiality and data-processing terms.

6. International transfers

We do not transfer your personal data outside the European Union / European Economic Area. Should this change in future, we will ensure appropriate safeguards as required by the GDPR.

7. How long we keep it

We keep enquiry data only as long as necessary to handle your request and for the duration of any resulting engagement, after which we delete it. Technical server logs are retained for the limited period applied by our hosting provider for security purposes.

8. Your rights under the GDPR

You have the right to: access your data; obtain rectification of inaccurate data; request erasure; restrict or object to processing; data portability; and, where processing is based on consent, withdraw that consent at any time (without affecting prior processing). To exercise any of these rights, contact office@biodiversity.ro. We will respond within the time limits set by the GDPR.

9. Right to lodge a complaint

If you believe your data has been processed unlawfully, you may lodge a complaint with the Romanian supervisory authority, the National Supervisory Authority for Personal Data Processing (ANSPDCP): B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, 010336 Bucharest; tel. +40 318 059 211; email anspdcp@dataprotection.ro; www.dataprotection.ro.

10. Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss or disclosure.

11. Changes to this policy

We may update this policy from time to time. The current version, with its date, is always available on this page.

This policy is based on Regulation (EU) 2016/679 (GDPR) and Romanian Law no. 190/2018.