GDPR Compliance

EBS Software SRL, operating as Bitwise Labs, treats personal data protection as both a legal obligation and an ongoing operational practice.

This page complements the Privacy Policy and explains, in a GDPR-focused format, the categories of data processed, purposes, legal bases, recipients, transfers, retention, and data subject rights.

The personal data controller is EBS Software SRL. Bitwise Labs is the public-facing brand name used to present the company's services.

Email: office@bitwiselabs.ro

Phone: 0732 906 480

Registered office: Constanta County, Constanta City, Aleea Topolog No. 9, Romania

Tax ID (CUI): 53190984 | Trade Registry No.: J2025100872001

• Data provided directly by you: name, email, phone number, business domain, message, and selections made within the contact forms.

• Technical data: IP address, browser type, basic device information, pages accessed, and language settings.

• Consent-related data: the choices saved regarding necessary technologies and optional features.

• Chat-related data, only where the chat widget is enabled through your consent to optional functional features.

• Replying to contact requests and quote enquiries: pre-contractual steps taken at your request or, where applicable, our legitimate interest in handling general enquiries.

• Follow-up communication regarding projects, proposals, and collaboration: legitimate interest.

• Performing contractual obligations: performance of a contract where a contractual relationship exists.

• Meeting legal, tax, and accounting obligations: legal obligation.

• Running the website technically, remembering language choice, and storing consent preferences: legitimate interest and necessary technologies.

• Enabling the chat widget: consent, where the user chooses to allow optional functional features.

• General contact requests: up to 12 months from the last meaningful interaction where discussions do not continue.

• Quote requests, project-scoping materials, and related pre-contractual correspondence: generally up to 24 months from the last meaningful interaction.

• Contractual and finance-related data: retained for the period required by applicable law; at present, accounting records and supporting documents are generally retained for 10 years from the end of the relevant financial year, subject to any statutory exceptions.

• Technical data and logs: generally 30 to 90 days, with longer retention where necessary to investigate a security incident or document remediation steps.

• Cookie consent preferences: stored locally in your browser until changed or deleted by clearing browser data.

Under GDPR, you have the following rights:

• Right of access (Art. 15 GDPR) - you can request information about your personal data we process

• Right to rectification (Art. 16 GDPR) - you can request correction of inaccurate data

• Right to erasure (Art. 17 GDPR) - you can request deletion of your personal data

• Right to restriction of processing (Art. 18 GDPR) - you can request limitation of processing

• Right to data portability (Art. 20 GDPR) - you can request transfer of data to another controller

• Right to object (Art. 21 GDPR) - you can object to processing based on legitimate interest

• Right to withdraw consent (Art. 7 GDPR) - you can withdraw consent at any time

• Right to lodge a complaint (Art. 77 GDPR) - you can file a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP)

To exercise any of the rights mentioned above, please contact us:

Email: office@bitwiselabs.ro

Phone: 0732 906 480

We will respond to your request within a maximum of 30 days from receipt.

We may use providers for hosting, infrastructure, email delivery, technical maintenance, and, where consent is given, the chat widget.

These providers process data only to the extent necessary for the services they provide to us and subject to appropriate contractual safeguards.

Depending on the technical providers used for infrastructure, email, or chat, some data may be processed outside the European Economic Area.

Where applicable, we rely on GDPR-recognized safeguards such as adequacy decisions or standard contractual clauses.

The website currently uses necessary technologies for operation, including language preference and consent storage.

Optional features such as the chat widget are enabled only after the relevant consent is given.

In its current setup, the website does not activate optional third-party scripts before the corresponding consent is granted.

We apply reasonable technical and organizational measures to protect data, including access control, operational security measures, and processes related to infrastructure and communications management.

You have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP) if you believe that the processing of your personal data violates GDPR.

ANSPDCP contact details:

Address: B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest

Phone: +40.318.059.211

Email: anspdcp@dataprotection.ro

Website: www.dataprotection.ro

We may update this page when relevant changes occur in the way the website operates, in the providers we use, or in the applicable legal framework.

The current version and the latest update date are published on this page.

For questions about the processing of your personal data or to exercise your rights, contact us at office@bitwiselabs.ro or by phone at 0732 906 480.