AcasăPersoane FizicePersoane JuridiceInstituții Publice

Privacy Policy

Last updated: 18 May 2026

This Privacy Policy explains how Entire Consulting & Management handles personal data when you visit our website (certificatclasificare.ro), when you create a merchant account, and when our AI shopping agents interact with shoppers on merchant stores that use our platform.

We've tried to keep this plain and useful. If anything is unclear, contact us at contact@certificatclasificare.ro.

Who we are

Entire Consulting & Management ("Entire Consulting & Management", "we", "us"), with registered office in Cluj-Napoca, Romania, is the entity responsible for this policy.

For all privacy questions, data subject requests, or complaints, please email contact@certificatclasificare.ro.

Scope

This policy covers three distinct contexts:

  • Site visitors — anyone who visits certificatclasificare.ro, including via demo requests and the newsletter.
  • Merchant accounts — businesses that sign up to use the Entire Consulting & Management platform.
  • End-shoppers — consumers who interact with a Entire Consulting & Management-powered shopping agent on a merchant's store.

Our role and obligations differ across these contexts — see the next section.

Our role: controller vs processor

For site visitors and merchant accounts, Entire Consulting & Management is a data controller: we decide what data is collected and why.

For end-shoppers interacting with our agents on a merchant's store, Entire Consulting & Management is a data processor: the merchant is the controller and decides what data the agent processes. We act on the merchant's documented instructions and only retain end-shopper data for as long as the merchant's contract requires. If you are an end-shopper and want to exercise your data rights, contact the merchant directly; we will support their response.

Every merchant using Entire Consulting & Management is bound by our Terms of Service and accompanying contract terms, which include privacy and data-protection obligations. Each merchant is responsible for choosing the data storage location and configuration for their deployment, for ensuring they have a lawful basis to share end-shopper data with us, for providing appropriate privacy notices to their shoppers, and for managing any consent required under applicable law. Entire Consulting & Management processes data only within the scope set by those agreements.

What data we collect

Site visitors

  • Form submissions: when you book a demo or contact us, we collect your name, work email, company, role, and anything you write in the message field.
  • Newsletter: if you subscribe, we collect your email address.
  • Usage analytics: with your consent, we use Microsoft Clarity to understand how visitors interact with the site (clicks, scrolls, anonymized session replays). See our Cookie Policy for details.
  • Technical metadata: IP address, browser, device type, language — collected by our hosting infrastructure for security and abuse prevention.

Merchant accounts

  • Account data: business name, contact persons, work emails, billing address, tax ID.
  • Billing data: invoices and payment metadata (we don't store full card numbers — payments are handled by our payment processor).
  • Support communications: messages, tickets, and call notes exchanged with our team.
  • Product usage: telemetry about how the platform is used (agents deployed, configuration changes, performance metrics).

End-shoppers (processor role)

When a Entire Consulting & Management agent runs on a merchant's store, it processes data the merchant directs it to process. Depending on the merchant's configuration, this can include:

  • Conversation transcripts between the shopper and the agent
  • Anonymous or pseudonymous behavioral signals (pages viewed, items clicked, cart events)
  • Product catalog data and merchant-provided knowledge bases
  • If the merchant enables it: order history and customer profile data passed to the agent for personalization

Each merchant controls the scope, retention, and shopper rights for this data under their own privacy policy.

Why we use this data (and on what legal basis)

  • To provide the service (Art. 6(1)(b) — contract): operating your account, running agents on your store, processing payments.
  • To improve the product (Art. 6(1)(f) — legitimate interest): aggregated usage analytics, debugging, customer research. Always balanced against your rights.
  • To communicate with you (Art. 6(1)(b) and (f)): replying to support, sending product updates relevant to your contract.
  • Marketing (Art. 6(1)(a) — consent): newsletter subscriptions and the site's usage analytics. You can withdraw consent at any time.
  • Legal obligations (Art. 6(1)(c)): tax records, regulatory reporting.
  • To protect Entire Consulting & Management (Art. 6(1)(f) — legitimate interest): preventing fraud, abuse, and security incidents.

How long we keep it

We keep personal data only for as long as we need it to fulfill the purposes set out in this policy, or for as long as required by applicable law. Retention duration depends on the type of data, the relationship we have with you, and any legal or regulatory obligations that apply.

  • Form submissions and demo requests: kept while there is an active conversation or business relationship, then deleted or anonymized.
  • Newsletter subscribers: until you unsubscribe.
  • Merchant account data: for the duration of the contract and any period required by tax, accounting, or other legal obligations.
  • End-shopper data: as instructed by the merchant. Default retention is the minimum needed to provide the service.
  • Usage analytics: see our Cookie Policy.

When the relevant retention period ends, we either delete the data or de-identify it so it can no longer be linked to you.

Aggregated and de-identified data

We may aggregate or de-identify personal data so that it no longer identifies you, and use the resulting information without restriction — for example, to analyze trends, improve our products, conduct research, or share insights publicly. Such information is not personal data for the purposes of this policy.

Who we share data with

We don't sell personal data. We share it only with subprocessors that help us run the service, under written data processing agreements:

  • Cloud hosting (selected per deployment): by default, the Entire Consulting & Management platform runs on infrastructure located in Germany. Where a merchant requires a specific cloud provider or geographic region, we deploy to that infrastructure instead; the merchant's choice determines who acts as our hosting subprocessor for their store.
  • AI model providers: Entire Consulting & Management offers a range of deployment configurations designed to match different quality, performance, and legal or compliance needs. Depending on the configuration applied to a merchant's deployment, conversation content may be processed by OpenAI, Anthropic, or Microsoft Azure AI Foundry. The chosen configuration determines which of these acts as our subprocessor for that store. Under our agreements with these providers, conversation content and other data processed via their APIs is not used to train their foundation models.
  • Analytics: Microsoft Corporation (via Microsoft Clarity) — only if you accept usage analytics on certificatclasificare.ro.
  • Payment processing: our payment provider handles card data directly; we only see metadata (last 4 digits, brand).
  • Professional advisors: accountants, lawyers, and auditors bound by confidentiality.
  • Authorities: when required by law or to protect our rights.

International transfers

Our default hosting region is inside the EEA (Germany). Where a subprocessor operates outside the EEA — for example, certain AI model providers, or a merchant-selected hosting region outside Europe — we rely on the European Commission's Standard Contractual Clauses and the additional safeguards required by GDPR Chapter V.

Merchants who select a non-EEA hosting region or an AI model provider with non-EEA infrastructure are responsible for assessing and disclosing those transfers in their own privacy notices.

Your rights

If we hold personal data about you, you have the right to:

  • Access the data we hold and request a copy
  • Rectify inaccurate data
  • Erase data we no longer need to keep
  • Restrict or object to processing based on legitimate interest
  • Withdraw consent for processing based on consent (for example, the newsletter or usage analytics)
  • Portability — receive your data in a structured, machine-readable format
  • Complain to your local supervisory authority. In Romania this is ANSPDCP (dataprotection.ro).

To exercise any of these rights, email contact@certificatclasificare.ro. We will respond within the timeframes required by applicable law. If you are an end-shopper on a merchant's store, please contact that merchant first — they control the data and we will support their response.

Security

We apply appropriate technical and organizational measures to protect personal data — including encryption in transit and at rest, access controls, and audit logging on production systems. Access to merchant and shopper data is restricted to authorized employees who need it to operate the service.

No system is perfectly secure. If we ever discover a personal data breach, we will notify affected merchants and the relevant supervisory authority without undue delay, as required by applicable law.

Mergers, acquisitions, and restructuring

If Entire Consulting & Management is involved in a merger, acquisition, financing, reorganization, or sale of assets, personal data may be transferred as part of that transaction. We will take reasonable steps to ensure the recipient continues to handle your data in line with this policy, and where required by law, we will notify you of the change.

Children's data

Entire Consulting & Management is a B2B service intended for business users. We don't knowingly collect data from anyone under 16. If you believe a child has provided data to us, contact contact@certificatclasificare.ro and we will delete it.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top and, for merchant customers, notify you by email or in-product. For purely editorial changes (typos, clarifications), we will simply update the page.

Contact

Questions, requests, or complaints — write to contact@certificatclasificare.ro. We will respond in a reasonable timeframe, and in any case within the periods required by applicable law.

De peste 20 de ani ajutăm afaceri în turism. Scapi de birocrație și timp pierdut în procesul de obținere a certificatului de clasificare.

Entire Consulting & Management SRL

CUI 22642095

Nr. Reg. Com. J2019001883242

Abonează-te la newsletter!

Navigare

AcasăPentru Persoane FizicePentru Persoane JuridicePentru Instituții Publice

Politici

Politica de confidențialitatePolitica de cookie-uri

Entire Consulting & Management © 2026 Toate drepturile rezervate.