Privacy policy

Privacy policy



Phonetastic GSM S.R.L. (hereinafter referred to as “Phonetastic”), Romanian legal entity, headquartered in Bucharest, 142 Prof. Gheorghe Titeica Str.,2nd district, registered in the Trade Registry of Municipality of Bucharest, under no. J40/10878/2010, tax code no. RO27062757, is presenting you this Privacy Policy to explain how we process and protect your personal data.


1. To whom does this Information Note apply?

This Information Note applies to the processing of personal data of:

  • Our contractual Partners such as manufacturers, clients (“Commercial Partners”);
  • Our website’s visitors and users  (“Users”);

2. What personal data do we collect about you?

We collect and process your personal data as follows:

  • from the information you provide us with by filling in the contact form on our website;
  • through the correspondence with us by telephone or e-mail or by any means.

The information you provide us with could include the name, e-mail address and phone number, company, as well as other information, as appropriate.

Through the activity carried out on our website, we will not collect or process sensitive personal data related to you (racial or ethnic origin information, political opinions, religious confession or philosophical beliefs, health, sexual life or sexual orientation), unless:

  1. we are obliged to do so by law; and/ or
  2. if you separately gave us your explicit consent.

If you voluntarily provide us with personal data ( sensitive personal data included) through your interaction with  website or by contacting us through phone, e-mail or by any other means, of your own free will and not at our request, we will delete such personal data from our systems unless we consider that processing it is necessary for a Phonetastic’s legitimate purpose, unless you have made such data public  (for example, in a forum which is visible to the public), in which case we will delete such data from  website only if the law requires so or if we do not want to retain it.

Every time you visit  website, we automatically collect the following data:

  • technical data, for example this may include Internet Protocol Address (IP) used to connect your computer to the Internet, connection information, browser type and version, time zone setting, browser plug-ins types and versions, operation platform and system, device type and mobile device mark; such data is collected and processed on our behalf through third – parties cookies and you can find more information about this at Cookie Policy
  • data about your visit, for example this may include data about the URL, the sequence of clicks to, through and from the website (date and time included), the information or products you have viewed or searched on the website.

If we get your personal data from a third party, we will provide you with all the relevant information about the procession of such data as soon as possible, but no later than one month after receiving your personal data.

3. What are the purposes and what is the legal basis for processing the data?

We can process your personal data in the following cases:

  • when we need to take the necessary steps to conclude a contract with you;
  • when we have to execute a contract that we have concluded with you;
  • when we have to observe a legal obligation (i.e. the applicable laws in working relationships, accounting, audit);
  • when it is necessary for our legitimate (or a third party’s) interests and for your interests (i.e. to detect and prevent fraud or to ensure IT and computer network’s security), unless your fundamental rights prevail over these interests;
  • if it is necessary for the public interest or for official purposes.

We process your personal data for various technical, administrative and operational reasons, such as:

  • to ensure that the content is presented to you in the most effective way;
  • to improve the website , including its functionality;
  • to manage the website ;
  • for internal operations, including debug, data analysis, testing, research and statistics;
  • to keep the website safe;
  • for advertising and marketing, including specific marketing purposes, so as to offer a content, including personalized content, that may be of greater interest to you.

In some cases we will process your personal data only with your consent (i.e. in cases of advertising and marketing). In these cases we will separately request your consent in a transparent manner, when providing your personal information. Subsequently, you can withdraw your consent at any time by sending a request to  Withdrawal of consent will not affect the lawfulness of the processing that took place before its withdrawal.

When we request personal data in order to comply with legal or contractual obligations, the provision of such personal data by you is required. This means that if such personal data is not provided, we will not be able to manage the contractual relationship or comply with the legal obligations imposed on us. In all other cases, the provision of personal data is optional and you are not required to provide it.

We may process your personal data, such as identification data, contact details and home address, for the purpose of the possible exercise of our rights or claims against you in the future. This processing is based on our legitimate interest by having to exercise our rights in the event of possible litigation.

Specifically, we will use your personal data as follows:

Users and clients:

For the purposes of providing services, delivering goods and making payments under the relevant contracts, we can process your personal data such as identification data, contact details, banking data.

The processing is based on:

  • Performance of a contract to which Users (especially clients) are party, or
  • A legal obligation imposed on us.

We may process your personal data so as to be able to provide you with information regarding goods or services we believe you are interested in. If you are an existing client, we will only contact you by e-mail with information regarding goods and services similar to those which made the object of a previous sale or with information on the main economic and business news as reflected in the media, through the weekly newsletter.

If you are a new client, we will contact you by electronic means only with your prior consent. If you do not want us to use your personal data in this way, tick the appropriate box in the contact form through which we collect your personal data in the user account.

We will not send your personal data to third -parties for marketing purposes without your explicit consent in this regard.

We may also use your personal data to measure or to understand the preferred content related to our products; and to make suggestions and recommendations to you and to other users of our website about products which may be of interest to you or to them.

Phonetastic job candidates:

In relation to your participation in the recruitment and selection process for one or more of the jobs mentioned as available within Phonetastic, we may collect and process your personal data (i.e. data available in the resume. you sent us), for the purpose of selection, assessing professional skills for the job (s) you apply for, as well as for communication with you throughout the recruitment process.

This processing is based on the legitimate interest of Phonetastic GSM.

4. Whom we share your personal data with?

Phonetastic will not send (by sale or by renting) your personal data to third -parties.

Within Phonetastic, staff members who use your personal data are subject to rules of professional confidentiality regarding personal data. Phonetastic’s staff members have the right to manage personal data only on the basis of Phonetastic’s instructions in relation to work responsibilities.

Appropriate technical and organizational measures are taken in order to protect personal data. This website is using security measures against loss, alteration or misuse of the information which is within our control. However, Phonetastic does not take responsibility for the loss of information caused by errors of the software with which the website is designed and hosted. We also are not held responsible for the errors in the security of the server which hosts the website.

Personal data may be communicated to governmental authorities, tax authorities and/ or law enforcement agencies, if required by applicable law or if necessary for the exercise of our rights, including conditions of use, or for the protection of our legitimate interests (including third parties’ legitimate interests) in accordance with applicable laws.

Personal data can also be disclosed to third parties, as follows:

  • To business partners, suppliers and subcontractors for the performance of all contracts we conclude with you in order to provide the products and services you requested;
  • For the deliverance of preorders towards courier companies;
  • To service providers who provide administrative, technical and professional support to the Company, for IT, security and commercial resources support;
  • To external consultants (i.e. lawyers, accountants, auditors), for specific purposes, when necessary

Phonetastic performs an appropriate prior assessment when selecting third -parties service providers and requires these service providers to maintain adequate technical and organizational measures in order to protect personal data and to process it only in accordance with Phonetastic’s instructions. Service providers will have the right to use subcontractors when providing services to Phonetastic, on the condition that each subcontractor respects the same data protection obligations as service providers. 

5. How long do we store your personal data for?

We will retain your personal data for as long as necessary in order to meet the purposes listed in this Policy or for the period required by applicable national law, in accordance with the applicable statutory minimum retention periods and/or for as long as necessary in order to exercise our legal rights (or the legal rights of others).

In case you are a client, we will retain your personal data in the performance of our contractual relationship.

In case our relationship is as partners, we will continue to retain such personal data until the completion of the relationship and for the minimum retention period required by law.

In case you are a user of website (i.e. you have created a user account on the website), we will retain your personal data for as long as the user account is active.

In case you have subscribed to our weekly newsletter, we will retain your personal data for as long as you want to receive such information.

If you are a candidate for one or more of the jobs published by Phonetastic on one of the recruitment websites (Hipo, eJobs, LinkedIn), we will retain your personal data throughout the entire recruitment and selection process plus five years more after the end of the recruitment process (unless the candidate was not hired within the company).

In case we process your personal data under your consent, such personal data will be processed only for the period of time set out through consent, unless you withdraw or limit your consent before the expiry of this period. In such cases, we will cease processing those personal data for the relevant purposes, subject to any legal obligation to process such personal data and/ or our need to process such personal data for the purposes of exercising our legal rights (or the legal rights of others).

6. Storage and transfer of personal data outside the country

The website is managed and maintained by Phonetastic GSM and hosted by the servers belonging to the company Microsoft (Microsoft Azure) located within the territory of the European Union.

We do not intend to transfer your personal data outside EEA if there is no adequate protection, including:

  • a decision issued by the European Commission regarding the appropriateness of the country(ies) of destination;
  • a Privacy Shield certification;
  • binding corporate rules;
  • (an approved code of conduct together with the binding and enforceable commitments of the data controller or of the person empowered by the data controller in the country outside EU and EEA);
  • an approved certification mechanism together with the binding and enforceable commitment of the data controller or of the person empowered by the data controller in a country outside UE and EEA to apply the appropriate safeguards;


  • EU standard contractual clauses approved by the European Commission.

7. What rights do you have?

You have the following rights in accordance with the relevant legislation:

  • The right to be confirmed whether or not your personal data is processed by us and to be provided with a copy of your personal data;
  • The right to request the rectification or removal of personal data processed by website;
  • The right to request the restriction of personal data processing by website;
  • The right to object to the processing of your personal data by website (e.g. the use of personal data for direct marketing purposes);
  • The right to request personal data portability;
  • The right to withdraw your consent at any time without prejudging the legality of the processing performed on the basis of the consent prior to its withdrawal;
  • The right to file a complaint with the National Supervisory Authority for Personal Data Processing.

Please be aware that your rights described above may be limited in certain situations and subject to the applicable laws and regulations on the protection of personal data. For example, the right to object to the processing of your personal data may be limited if we can demonstrate that we have compelling legitimate reasons to process your personal data that outweighs your interests. You will need to prove your identity and give us further details to help us respond to your request.

We will not levy a fee to meet your request except when this is permissible by law and if such fee is levied, it will be reasonable and proportionate to your request.

In order to exercise one or more of these rights, please contact us at

8. Security of personal data

 We store your personal data on the servers of the company Microsoft (Microsoft Azure) situated within the territory of the European Union.

We use appropriate technical and organizational measures in order to protect personal data and to prevent unauthorized access to it. We have entered into contracts with third -parties providing hosting services and these contracts include obligations concerning personal data organizational and technical security.

You are responsible for maintaining the confidentiality of all means of authentication (e.g. username, passwords, etc.) you use to access parts of website. Data transmission on the Internet is not entirely secure. While we do our best to protect your data, we can not guarantee 100% the security of your data transmitted to our site; any personal data transmission is at your own risk. Once we receive your data, we will use strict security procedures in order to try to prevent unauthorized access.

 Cookies website uses cookies to ensure you get the best experience on our website. This processing is based on your consent expressed on the website or through the settings in your browser. For further information, please refer to Cookie Policy.


If you have any questions or ambiguities with regard to the processing of your personal data by website, if you want to exercise one or more of your rights, you can contact us at

Please do not disclose sensitive personal data (e.g. information about racial or ethnic origin, political opinions, religious or other beliefs, health or membership of a trade union), social security numbers, when you contact us.

Last update: September 1, 2018.

Note: We can periodically update this Policy and we will notify you of any amendment by posting the new version on website.

Please periodically refer to Privacy Policy page in order to take account of the new amendments.