SIDD SIDD

Legal

Privacy Policy

How we collect, use and protect your personal data — GDPR compliant

Last updated: 16 May 2026 · Effective: 16 May 2026 · Version: 1.0

1. Controller

The data controller for personal data processed via this website is:

  • INNO SOLUTIONS CORP S.R.L.
  • Registered office: Str. Safirului 105-109, Bl. 1, Sc. A, Et. Parter, Ap. 3, Cam. 1, Bragadiru, Ilfov County, Romania
  • Romanian Trade Register: J23/6125/2022 · CUI: 46798114
  • Contact for privacy matters: privacy@sidd-tech.com

This policy is issued in accordance with Regulation (EU) 2016/679 (GDPR), Romanian Law 190/2018 and the ePrivacy Directive as transposed in Romania.

2. What data we collect

We collect personal data only when you choose to provide it to us or when it is strictly necessary to operate the website.

2.1 Data you provide

  • Contact, Offset and Partner forms: name, organisation, country, email, telephone (optional), department of interest, message content, consent record.
  • Press & institutional correspondence: any content you voluntarily share when reaching out via email.

2.2 Data collected automatically

  • Technical data: IP address (truncated where possible), browser type and version, device type, referrer URL, pages viewed, timestamp.
  • Strictly necessary cookies (see Cookies Policy).

3. Why we process your data — purposes & legal basis

PurposeLegal basis (GDPR Art. 6)
Respond to enquiries and partnership requestsArt. 6(1)(b) pre-contractual / Art. 6(1)(f) legitimate interest
Send institutional updates if you opt inArt. 6(1)(a) consent
Operate the website, security & abuse preventionArt. 6(1)(f) legitimate interest
Comply with legal, export-control or regulatory obligationsArt. 6(1)(c) legal obligation

We do not engage in advertising profiling. We do not sell personal data.

4. How long we keep your data

  • Contact and partnership enquiries: up to 24 months from last interaction, then deletion or anonymisation.
  • Pre-contractual records leading to a signed agreement: retained per the contract and applicable archival law.
  • Technical logs: up to 90 days unless required for security incident review.

5. Who can access your data

Access is limited to authorised SIDD personnel and to trusted processors strictly necessary to operate the website:

  • Cloudflare, Inc. — website hosting, DNS, DDoS protection, edge caching.
  • FormSubmit (or successor form relay) — secure transmission of form submissions to our mailbox.
  • Email provider — receipt and storage of institutional correspondence.

We do not transfer personal data to any third party for marketing or profiling purposes.

6. International transfers

Some of our processors may be located outside the European Economic Area. Where this occurs, transfers are protected by EU Standard Contractual Clauses (Decision 2021/914), adequacy decisions, or equivalent safeguards. You may request a copy of the safeguards in place by writing to privacy@sidd-tech.com.

7. Your rights

Under GDPR you have the right to:

  • access your personal data (Art. 15);
  • request rectification of inaccurate data (Art. 16);
  • request erasure ("right to be forgotten", Art. 17);
  • request restriction of processing (Art. 18);
  • data portability (Art. 20);
  • object to processing based on legitimate interest (Art. 21);
  • withdraw consent at any time without affecting prior lawful processing (Art. 7(3));
  • lodge a complaint with the Romanian Supervisory Authority — ANSPDCP (www.dataprotection.ro).

To exercise any of these rights, contact privacy@sidd-tech.com. We respond within one month of receipt.

8. Security

We implement reasonable technical and organisational measures: HTTPS/TLS transport encryption, access controls, principle of least privilege, secure-by-design hosting, regular review of access logs, and incident response procedures. No system is perfectly secure; in the event of a personal data breach affecting your rights, we will notify ANSPDCP and you, where required, within the timelines set by Articles 33–34 GDPR.

9. Children

This website is intended for institutional, defence, security and industrial audiences. We do not knowingly collect personal data from individuals under the age of 16.

10. Changes

We may update this Privacy Policy. Material changes will be reflected in the "Last updated" date and, where appropriate, communicated through the website.