General Data Protection Regulation

The new EU Data Protection Act, GDPR (General Data Protection Regulation) entered into force on May 25, 2016, but will begin to produce effects as of May 25, 2018. This law is the most significant change in personal data protection over the last 20 years, and has objectives that go far beyond just protecting the private space.

Your privacy is important to us therefore we are committed to safeguarding the privacy of visitors (,,data sub-jects’’) to our Website, as well as those whose personal data has been provided to us by third par-ties, or to which we had access from another source in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council from April 27, 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data (hereinafter referred to as GDPR).

Please read the following policy to understand how your information (,,personal data’’) will be treated.

This notice explains our online information practices regarding GDPR and the choices you can make about the way your information is used on our Website.

The processing of personal data will always be aligned with the GDPR and in accordance with country-specific data protection regulations in which Exe Software operates.

Through this data protection statement, our company would like to inform the visitors about the nature, scope and purpose of the personal data we collect, use and process.

In addition, the subjects are informed through this DATA PROTECTION POLICY (DPP) about the rights they benefit of.


We are Exe Software S.R.L., a company with its headquarters in Bucharest, sector 1, Pașcani street no. 8, 728A Building, entrance A, 9th floor, Ap. no. 1, with serial number at the Trade Registry J40/6017/2001 and unique registration code 13986294. We have as main field of activity NACE code 6201 and our legal representatives are the administrators: UDREA RĂZVAN, COSMESCU GABRIEL and COSMESCU SORINEL.


“Personal Data” means any data or information that can identify you directly (for example, your name) or indi-rectly (for example, your pseudonymous data such as a unique number code). This means that personal infor-mation includes things like email address, home address, mobile phone, username, profile photos, personal preferences and shopping habits, user-generated content, financial information and financial status information. This could include unique numeric identifiers, such as your computer’s IP address or MAC address of your mo-bile device, as well as cookies.


“Processing “means any operation or set of operations performed on personal data or on personal data sets with or without the use of automated means such as collecting, recording, organizing, structuring, storing, adapting or modifying, extracting, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.


The Personal Data Operator (hereinafter referred to as “the Operator”) is Exe Software S.R.L.


Exe Software, as operator, designated Mrs. Adela Nuță as Data Protection Officer (DPO), having the obligation to verify compliance with the GDPR provisions in the data processing operations performed by the operator and to represent the operator in relationship with the subjects and the Supervisory Authority.

Any visitor may at any time contact the Data Protection Officer directly with any questions or suggestions relat-ed to DATA PROTECTION POLICY using the following contact details:

Ms. Nuță Adela


Tel. no. 40 (766) 753 560

Mailing Address: 9th Transilvaniei Street, 1st District, 010796 Bucharest, Romania.


Exe Software shall so far as is reasonably practicable comply with the Data Protection Principles (the Princi-ples) contained in the GDPR to ensure all data is:

  1. Fairly, lawfully and in a transparent manner processed;
  2. Collected for specified, explicit and legitimate purposes;
  3. Adequate, relevant and not excessive in relation to the purposes for which they are processed;
  4. Accurate and up to date;
  5. Kept in a form which permits identification of data subjects for longer than is necessary for the purposes of processing;
  6. Processed in accordance with the data subject’s rights, in a manner that ensures appropriate security of the personal data.


  1. For the purpose of concluding and executing contracts – according to art. 6 par. 1 let. b) of the GDPR, personal data may be processed for the purpose of concluding or executing the contract. In order to be able to offer you our products, we need to process your personal data.
  2. For the purpose of fulfilling legal obligations – according to art. 6 par. 1 let. c) of the GDPR, personal data may be processed for the purpose of fulfilling legal obligations. We request a series of personal data, including, in some cases, the personal numeric code, in order to fulfill our obligations towards the tax authority regarding invoicing and reporting towards the tax authorities.
  3. For marketing purposes – according to art. 6 par. 1 let. a) of the GDPR, personal data may be pro-cessed if the subject has given his / her consent to the processing of his or her personal data for one or more specific purposes. Thus, in certain circumstances, your personal data will be used to: (i) send you marketing messages, information or commercial messages (offers, promotions, advertising and marketing messages on Exe Software and third parties with whom Exe Software has relationships of any kind); ii) participation in competitions, promotions.


We will only use the information you provide to us on the relevant sections of the website in order to process the Contact form. By delivering any of your personal data through Exe Software Website, you agree that such data will be processed in accordance with the provisions of our DPP.

Please note that in order to process your Contact form we may on occasion be required to share your infor-mation with our associated firms and any third parties who provide services on our behalf. However, we have taken steps to ensure that all such entities protect your data adequately and in accordance with GDPR. In rela-tion to any other third parties we will only disclose your information where you have given your consent or where we are required to do so by law, or where it is necessary for the purpose of, or in connection with, legal proceedings or in order to exercise or defend legal rights.

We will not contact you about other matters, unless you specifically request it, nor will we share, rent, or sell your personally identifiable information outside Exe Software, except where we are required to share your in-formation with any third parties who provide services on our behalf.


In relation to any other third parties we will only disclose your information where you have given your consent or where we are required to do so by law, or where it is necessary for the purpose of, or in connection with, legal proceedings or in order to exercise or defend legal rights.

We may on occasion be required to share your information with our associated firms and any third parties who provide services on our behalf.


Our site may contain at some point links to other sites whose information practices may be different than ours. Visitors should consult the other sites’ privacy notices as we have no control over information that is submitted to, or collected by, these third parties.


Our website uses cookies. In this regard, you can review our Cookie Policy available on the SITE and you may exercise the right to disable Cookies, as outlined below.


Exe Software can store processed data for different periods of time, as deemed reasonable for the purposes indicated above. We only retain your data for the period of time necessary to achieve the purpose for which we hold the data, to meet your needs or to fulfill our statutory obligations.

To know how long your data can be stored, we use the following criteria:

  1. When you purchase products and services, we retain your personal data during our contractual rela-tionship and in some cases for a longer term when there is a legal obligation for Exe Software to pro-ceed so;
  2. If you create an account, we retain your personal data until you ask us to delete it or after a period of inactivity (without an active interaction with us). In this regard, please note that data processed for this purpose will be deleted […] years after the last user account interaction (for example, login to your account);
  3. If you have given your consent to marketing communications, we retain your personal data until you unsubscribe or ask us to delete it or after a period of inactivity. In this regard, we mention that the da-ta stored in our databases for the purpose of direct marketing communications are deleted from the records of these databases […] years after the last interaction with you;
  4. If you participate in a promotional offer, we retain your personal data during the promotional offer;
  5. In case you contact us for a question, we keep your personal data for as long as your questions are processed, but no more than […] years after the last mail sent;
  6. If cookies are stored on your computer, we keep them for as long as it is necessary for them to achieve their goals (for example, during a shopping cart cookie session or ID cookies sessions) and for a period defined in accordance with local regulations and guidelines. In this regard, we mention that the data processed through the cookies used to provide online behavioral advertising, to customize our services for you, and to allow our content to be distributed on social sites (distribution buttons to dis-play the SITE) will be retained for a maximum of […] years from collection, based on your consent.


According to GDPR, you have a number of rights regarding the personal data that Exe Software processes:

  1. Right of accessing processed – You have the right to access the personal data that we hold. The first supply of information is free of charge. If you will need further copies of the information already supplied, we may charge a reasonable fee, taking into account the administrative costs of supplying in-formation. The clearly unreasonable, excessive or repeated requests for information may not be an-swered.
  2. Right to data rectification – You may request your data to be rectified if they are inaccurate or ob-solete and / or to be completed if they are incomplete. If you have an account, it may be easier to cor-rect your own data through the “My Account” feature.
  3. Right to delete the data (“the right to be forgotten”) – In some cases, you have the right to ob-tain the deletion or destruction of your data. This is not an absolute right, because sometimes we may have the obligation to keep your data for legal or juridical reasons.
  4. Right to restrict processing – You are entitled to request the restriction of the data processing. This means that your data processing is limited so we can keep the data, but we may not use or process them. This right applies in the specific circumstances set out in the General Data Protection Regulation, namely:
  • the accuracy of the Data is contested by the subject (namely by you) for a period of time that allows the operator (namely Exe Software) to verify the accuracy of the Data;
  • the processing is illegal and the subject (namely you) opposes the deletion of the Data and requests the restriction of the use thereof;
  • the operator (for example, Exe Software) no longer needs Data for processing, but they are required by the subject (namely by you) to establish, exercise or defend legal claims;
  • the subject (namely you) raised objections to the legitimate reasoning of the operator (in this case Exe Software to verify if the legitimate reasons of the operator (Exe Software) exceed those of the sub-ject (namely you).
  1. Right to data portability – You may move, copy or transfer the data you are interested in from our database to another. This applies only to the data you have provided when the data processing is done with your consent or based on a contract and is implemented by automatic means.
  2. Right of opposition – You may at any time oppose the processing of your data when such processing is based on a legitimate interest.
  3. Right to withdraw consent at any time – You may withdraw your consent to the processing of your data when such processing is based on consent. Withdrawal of consent does not affect the lawful-ness of processing on the basis of consent prior to its withdrawal.
  4. Right to file a complaint with the competent supervisory authority – You have the right to file a complaint with the data protection authority in your country of residence or domicile to challenge the data protection practices offered by Exe Sofware.
  5. The right to oppose processing of your data for direct marketing purposes – You can unsub-scribe or opt-out of our direct marketing communication at any time. It is easier to do this by clicking the “unsubscribe” link in any email or communication we send you.
  6. The right to oppose the processing of your data by us when conducting actions in the pub-lic interest or in our legitimate interests or by a third party – You may oppose at any time the processing of your data when such processing is based on a legitimate interest.
  7. Right to disable cookies – You have the right to disable cookies. Settings in internet browsers are usually programmed by default to accept cookies, but you can easily adjust them by changing your browser settings. Many cookies are used to increase the usability or functionality of web sites / appli-cations; therefore, disabling cookies may prevent you from using certain parts of our sites or applica-tions, as detailed in the relevant Cookie table. If you want to restrict or block all cookies set up by our websites / applications (which may prevent you from using certain parts of the site) or any other sites / applications, you can do so through your browser settings. The Help feature in your browser will tell you how. For more information, see the following links:


We access, retain and provide your information to regulatory authorities, law enforcement entities or other entities:

  1. In response to any legal request, when we consider, in good faith, that the law requires us to do so. We may also respond to legal claims when we consider, in good faith, that the response required by the laws of that jurisdiction affects users in that jurisdiction and complies with internationally recog-nized standards.
  2. When we consider, in good faith, that it is necessary to: detect, prevent and respond to acts of fraud, unauthorized use of any material belonging to us, violations of our terms or policies or other harmful or unlawful activities, to protect us (including our rights, property or materials), yourself and others, inclu-sive during investigations or investigations by regulatory authorities, or to prevent imminent death or injury. For example, if relevant, we provide information to and receive information for third partners about the reliability of your account to prevent fraud, abuse and other harmful activities inside and out-side of our materials.

The information we receive about you may be accessed and stored for a longer period of time when they are subject to a legal inquiry or legal obligation, to a governmental inquiry or investigation regarding possible viola-tions of our terms or policies, or in other cases to prevent damage.


Depending on the context, we may find ourselves in the situation of the absolute need to provide information at a higher level, both globally and internally or externally, to our partners and to those with whom we transfer GDPR data in the virtue of providing the most professional services possible. The information controlled by Exe Software could be transferred, transmitted or stored and processed in the EU or in countries other than the country where you live, for the purposes described in this policy. These data transfers are necessary to deliver the highest level of service and to continue to provide to you our materials at the highest level of professional-ism. We use standard contractual clauses approved by the European Commission, and we rely on the appropri-ateness of the European Commission’s decisions on certain countries, as the case may be, in respect to trans-fers of data from the EEA data to the United States and other countries.


Exe Software has adopted technical and organizational data processing measures, updated in accordance with GDPR requirements, to protect your personal data against any unauthorized access, improper use or disclo-sure, unauthorized modification, accidental destruction or loss. All employees and partners of Exe Software, as well as any third parties acting on behalf and for Exe Software, are bound to respect the confidentiality of your information and the GDPR requirements, in accordance with the provisions of the DPP.


THE SITE may link to other sites and / or other webpages that are not owned by Exe Software. Exe Software assumes no responsibility for the content of these sites and therefore can not be held responsible for the content, advertising, goods, services, software, information or other materials available on or through these sites. Exe Software will not be held responsible for the loss of personal data, of any adverse effects on visitors’ personal data, or other moral and / or patrimonial damages caused by the access to those sites.


Please note that this Policy may be subject to periodic content changes by updating the SITE

How will we let you know about the changes made to this Policy?

We will send you a notification before making any changes to this Policy and we will give you the opportunity to review the revised DPP before choosing to continue using our materials.

Please do not continue to use the SITE if you do not agree to such changes. We also rec-ommend that you check this page for any updates.

DPP terms shall be interpreted in accordance with the applicable law.


If you have any questions or concerns about the way we treat and use your personal data or want to exer-cise any of your rights, please contact us by accessing our DPO contact details.