Privacy Policy of FLOWMATIQ SRL

Last updated: 16 November 2025

1. Introduction

FLOWMATIQ SRL (“we,” “our,” or “us”) is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect, use, and process your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Romanian laws.

By using our website, flowmatiq.tech, or utilizing our services, you agree to the collection and use of information in accordance with this policy.

2. Data Controller Contact Information

The data controller responsible for the processing of your personal data is:

Company Name: FLOWMATIQ SRL Website: flowmatiq.tech Address: Str. Bradului 2, Magurele, Ilfov, ROMANIA Fiscal Code: 52620463 Registry No.: J2025075363007 EUID: ROONRC.J2025075363007 Email for Privacy Matters: privacy@flowmatiq.tech

3. Data We Collect

We may collect and process the following categories of personal data:

a) Data provided directly by you:

  • Identity Data: Name, job title, and company affiliation.

  • Contact Data: Email address, telephone number, and postal address.

  • Inquiry Data: Information you provide when contacting us via contact forms, email, or telephone (e.g., details about your project, support requests).

  • Client/Contract Data: Data necessary for concluding and executing a contract, such as billing and payment information.

b) Data collected automatically:

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting and location, operating system and platform.

  • Usage Data: Information about how you use our website, products, and services (e.g., pages viewed, time spent on pages, and referring website addresses).

  • Tracking Technologies Data: Data collected through cookies and similar tracking technologies.

4. How and Why We Use Your Data (Legal Basis)

We process your personal data under the following legal bases as set out in the GDPR:

Purpose of Processing Type of Data Used Legal Basis for Processing (GDPR Article 6)
To provide services and fulfill contracts (e.g., consulting, software development). Identity, Contact, Client/Contract Data. Contract (Necessary for the performance of a contract).
To respond to inquiries and provide support. Identity, Contact, Inquiry Data. Legitimate Interest (Responding to user communication).
To manage and improve our website and internal operations (e.g., troubleshooting, data analysis, testing). Technical, Usage Data. Legitimate Interest (Necessary for our business to monitor and improve the site).
To send marketing communications (only with consent). Contact Data. Consent (Where required by law).
To comply with legal obligations (e.g., accounting, tax requirements). Identity, Contact, Client/Contract Data. Legal Obligation (Necessary to comply with legal duties).

5. Disclosure of Your Personal Data

We may share your personal data with the following parties when necessary:

  • Service Providers: Third parties who provide IT and system administration services, accounting, and legal services (e.g., hosting providers, cloud services). These parties are bound by strict contractual agreements to keep your data confidential and secure.

  • Business Partners: In connection with providing services requested by you.

  • Legal Authorities: If required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect our rights or property, or ensure the personal safety of users or the public.

  • Potential buyers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the new owner.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

6. International Transfers

As we are based in Romania (EU), your data is primarily processed within the European Economic Area (EEA).

If we transfer your personal data outside the EEA, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:

  • Transferring data to countries deemed to provide an adequate level of protection by the European Commission.

  • Using specific contracts approved by the European Commission which give personal data the same protection it has in Europe (Standard Contractual Clauses).

7. Data Security and Retention

Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. Access to your personal data is limited to those employees, agents, contractors, and other third parties who have a business need to know.

Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Generally, we retain customer data for the duration of the contractual relationship plus a period of 5 years after its termination, to comply with legal retention periods (e.g., tax and accounting laws).

8. Your Legal Rights (GDPR Rights)

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These rights include:

  1. The right to be informed (as explained in this policy).

  2. The right of access (to obtain a copy of your personal data).

  3. The right to rectification (to have incomplete or inaccurate data corrected).

  4. The right to erasure (The “right to be forgotten”).

  5. The right to restrict processing (to stop the processing of your data in certain situations).

  6. The right to data portability (to transfer your data to another controller).

  7. The right to object to processing based on legitimate interests.

  8. The right to withdraw consent at any time (where consent is the legal basis for processing).

If you wish to exercise any of these rights, please contact us using the details provided in Section 2.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or the place of the alleged infringement. In Romania, the supervisory authority is:

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP)

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be posted on our website, and we will update the “Last updated” date at the top of this policy. We encourage you to review this policy periodically for any changes.