Privacy Policy – Duplin Marketing

Last update:
01.01.2026

Platform:
DP Marketing

Art. 1 – General Provisions

This policy regulates the manner in which the Platform processes users’ personal data, in accordance with Regulation (EU) 2016/679 and Law no. 190/2018.

The Platform acts as a personal data controller and is responsible for complying with the principles of lawfulness, fairness, transparency, data minimization, integrity, and confidentiality.

Art. 2 – Categories of Processed Data

The Platform may collect and process the following categories of data:

Identification data: name, surname, personal identification number, series and number of the identity document, to the extent that they are strictly necessary;
Contact data: email address, phone number, postal address;
Legal, contractual, and commercial data: contracts, fiscal and accounting documents, and information necessary for providing the services;
Special categories of data: within the limits of the law, when necessary for resolving specific legal situations (e.g., health data or biometric data), exclusively based on explicit consent or a legal obligation.

Art. 3 – Purposes of Processing

Personal data are processed for the following purposes:

provision of legal and operational services through the Platform;
preparation, transmission, and archiving of documents;
fulfillment of legal obligations, including fiscal and accounting obligations;
communication with users;
protection of the legitimate rights and interests of users before courts or public authorities.

Art. 4 – Processing of National Identification Numbers

The processing of the personal identification number or other national identification numbers is carried out exclusively under the conditions provided by Art. 4 of Law no. 190/2018, with the implementation of appropriate safeguards, including:

limiting access to the data to authorized persons only;
establishing clear storage and deletion periods;
implementing technical measures to ensure data security;
training persons involved in data processing activities.

Art. 5 – Confidentiality and Obligations

The Platform ensures absolute confidentiality of all information and documents obtained.

The obligation to maintain professional secrecy applies throughout the entire duration of the collaboration and continues after its termination, regardless of the reason.

Personal data may not be disclosed to third parties without the consent of the data subjects, except in cases expressly provided by law.

It is prohibited to copy, transmit, or use for personal purposes or for the benefit of third parties any documents or information obtained through the Platform.

Art. 6 – Storage Period

Personal data are stored for the period necessary to fulfill the purposes for which they were collected and subsequently, in accordance with the applicable legislation regarding archiving and professional or fiscal obligations.

Periodic data review and deletion are carried out in accordance with Law no. 190/2018.

Art. 7 – Rights of Data Subjects

Data subjects benefit from the following rights:

the right of access to data;
the right to rectification and updating;
the right to erasure of data (“the right to be forgotten”);
the right to restriction of processing;
the right to data portability;
the right to object;
the right to withdraw consent, where applicable.

The exercise of these rights may be carried out by submitting a written request to the Platform.

Art. 8 – Data Recipients

Personal data may be disclosed, in accordance with the law, to:

courts of law and public authorities;
contractual partners (e.g., accountants, IT service providers), limited to what is strictly necessary;
collaborators of the Platform, based on contractual confidentiality obligations.

Art. 9 – Data Protection Officer

The Platform shall designate a Data Protection Officer in situations required by law, in accordance with Art. 37 of the GDPR and Law no. 190/2018.

In the absence of a legal obligation to designate a Data Protection Officer, the Platform ensures a single point of contact for exercising users’ rights.

Art. 10 – Security of Processing

The Platform implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction.

These measures include access control, encryption, regular backup creation, and training of authorized personnel.

Art. 11 – Liability and Sanctions

Violation of the provisions of this policy may result in civil, disciplinary, administrative, or criminal liability.

Sanctions shall be applied in accordance with Regulation (EU) 2016/679 and Law no. 190/2018.

Art. 12 – Contact

For exercising their rights or for additional information, users may submit a written request to the email address indicated by the Platform or to its registered office.