Folosim module cookie și tehnologii similare pentru personalizarea conținutului. Prin apăsarea 'Accept' sau navigarea pe acest site, vă exprimați acordul. Pentru detalii, consultați Politica de Cookies
Last Updated: May 5, 2025
This Privacy Policy describes how Now IT works ("we," "us," or "our"), with its registered office at NCH Office Building, B-dul Pierre de Coubertin 3-5, sector 2, Bucuresti, Romania, collects, uses, and shares personal data of representatives and employees ("you" or "users") of companies ("Clients") that use our Software-as-a-Service (SaaS) application, Fiscal Hub (the "Application").
The data controller responsible for the processing of your personal data is:
Now IT works
NCH Office Building, B-dul Pierre de Coubertin 3-5, sector 2, Bucuresti, Romania
CUI: RO33928000
contact@itworks.ro
We collect the following categories of personal data related to your use of the Application on behalf of your Client company:
2.1. Account Information: When your company registers for an account or when you are added as a user by your company's administrator, we collect information such as your name, email address, job title, department, and the company you represent.
2.2. Usage Data: We collect information about how you use the Application, including the features you access, the actions you take, the data you input related to your company's fiscal activities, and the time and duration of your sessions.
2.3. Device Information: We may collect information about the device you use to access the Application, including the device type, operating system, browser type, IP address, and device identifiers.
2.4. Communications: If you contact us for support or other inquiries related to your company's use of the Application, we may collect the content of your communications and our responses.
2.5. Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information about your browsing behavior and preferences within the Application. This may include session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a longer period). You can manage your cookie preferences through your browser settings.
We process your personal data for the following purposes based on the following legal bases under the GDPR:
3.1. Performance of a Contract (Article 6(1)(b) GDPR):
* To provide and maintain the Application's functionality to your company.
* To manage your user account within your company's subscription.
* To ensure the proper operation and security of the Application.
3.2. Legitimate Interests (Article 6(1)(f) GDPR): Our legitimate interests include:
* Improving and developing the Application based on usage patterns and feedback.
* Providing customer support and responding to inquiries.
* Analyzing usage data to enhance the user experience and optimize the Application.
* Ensuring the security of our Application and preventing fraud.
3.3. Compliance with a Legal Obligation (Article 6(1)(c) GDPR):
* To comply with applicable laws, regulations, and legal processes.
4.4. Consent (Article 6(1)(a) GDPR):
* We will only send you marketing communications about our Application or related services with your explicit consent (which your company administrator may obtain on your behalf). You have the right to withdraw this consent at any time.
We may share your personal data with the following categories of recipients:
4.1. Service Providers (Processors): We use third-party service providers who process personal data on our behalf to provide and maintain the Application, such as hosting providers, analytics providers, and customer support services. These providers are contractually obligated to process personal data only in accordance with our instructions and applicable data protection laws.
4.2. Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. We will inform your company administrator of any such change.
4.3. Legal Compliance and Protection: We may disclose your personal data to government authorities, law enforcement agencies, or other third parties if we believe it is necessary to comply with a legal obligation, protect our rights or the rights of others, or investigate potential violations of our terms of service.
4.4. Within Your Company: Your personal data may be accessible to other users within your company's Fiscal Hub account, depending on the permissions set by your company administrator.
Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer your personal data outside the EEA, we will ensure that appropriate safeguards are in place to protect your personal data in accordance with the GDPR, such as:
* Transferring to countries that have been deemed to provide an adequate level of protection by the European Commission.
* Implementing Standard Contractual Clauses approved by the European Commission.
You can request information about the safeguards we use for international transfers by contacting us.
We will retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, considering our contractual obligations to your Client company, legal requirements, and our legitimate interests. Generally, we will retain your data for the duration of your company's subscription to Fiscal Hub and for a reasonable period thereafter to handle any support queries or legal obligations. Your company administrator may also have specific data retention policies that apply to your account.
As a data subject, you have the following rights under the GDPR:
7.1. Right to Access (Article 15 GDPR): You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and certain related information.
7.2. Right to Rectification (Article 16 GDPR): You have the right to obtain the rectification of inaccurate personal data concerning you and to complete incomplete personal data.
7.3. Right to Erasure ("Right to be Forgotten") (Article 17 GDPR): You have the right to obtain the erasure of personal data concerning you under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
7.4. Right to Restriction of Processing (Article 18 GDPR): You have the right to obtain the restriction of processing of your personal data under certain circumstances, such as when the accuracy of the data is contested.
7.5. Right to Data Portability (Article 20 GDPR): You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from us.
7.6. Right to Object (Article 21 GDPR): You have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
7.7 Right to Withdraw Consent (Article 7(3) GDPR): Where the processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
7.8 Right to Lodge a Complaint with a Supervisory Authority (Article 77 GDPR): You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. The Romanian supervisory authority is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP) (https://www.dataprotection.ro/).
To exercise these rights, please contact your company's administrator, who may need to liaise with us, or contact us directly using the contact information provided below. We may need to verify your identity before fulfilling your request.
We have implemented technical and organizational measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include [Describe your GDPR-compliant security measures, e.g., encryption at rest and in transit, access controls based on roles, regular security audits, data minimization principles]. We continuously review and update our security measures.
We may update this Privacy Policy from time to time to reflect changes in our data processing practices or legal requirements. We will notify your company administrator of any material changes by posting the updated Privacy Policy within the Application or via email to the administrator. The "Last Updated" date at the top of this Privacy Policy indicates when the latest changes were made. Your company's continued use of the Application after the effective date of the revised Privacy Policy constitutes acceptance of the changes on behalf of your organization.
If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact your company's administrator or contact us directly at:
Now IT works
NCH Office Building, B-dul Pierre de Coubertin 3-5, sector 2, Bucuresti, Romania
contact@itworks.ro