1. Who the data controller is
We care about your data and we want to be transparent about how we use it. The controller of the personal data collected through the unrivals.com website is:
- Controller
- PFA ENE V. DANIEL
- Registered office
- Str. Strandului nr. 36, Costești, jud. Argeș, România
- Tax ID (CUI)
- 31905573
- Trade Register no.
- F03/1066/2013
- Contact
- contact@unrivals.com
We process data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Romanian law.
2. What data we collect
We collect only the data needed to respond to you and to assess a possible engagement.
Data you provide directly (through the qualification form)
- first and last name;
- business email address;
- phone number;
- company and website;
- business information relevant to qualification: turnover range, field of activity, your objective, who decides on the investment, and the marketing budget range;
- any details you choose to write in the free-text message field.
Data collected automatically (technical)
- IP address and general location (at country/city level);
- device type, browser and operating system;
- the pages visited, when and how you interact with the website.
Technical data is collected through cookies and similar technologies. Details in the Cookie Policy.
3. For what purpose and on what legal basis
| Purpose | Legal basis (GDPR) |
|---|---|
| To respond to your request and assess the fit for an engagement (qualification, diagnostic, call) | Pre-contractual steps at your request, art. 6(1)(b) |
| To manage the client relationship and deliver the contracted services | Performance of the contract, art. 6(1)(b) |
| To keep you informed of UNRIVALS news and relevant content (when you give us your consent) | Consent, art. 6(1)(a) |
| To improve the website and the experience, through usage statistics | Legitimate interest, art. 6(1)(f) (or consent for non-essential cookies) |
| To comply with legal obligations (e.g. tax, accounting) | Legal obligation, art. 6(1)(c) |
Providing the data in the form is voluntary, but without your contact details we cannot respond to you and cannot start an engagement.
4. Who we share data with
We do not sell your data. We disclose it only to the extent strictly necessary, to categories of trusted recipients that help us operate:
- GoHighLevel (HighLevel Inc., USA): the platform that runs the website, the qualification form, the CRM and the automations. This is where the data submitted through the form is stored and processed.
- Google Workspace (Google Ireland Ltd.): email and storage, for correspondence and managing the relationship.
- Hosting, analytics and marketing tool providers that we use to run the website (e.g. web statistics services).
- Public authorities, when we have a legal obligation to do so.
These recipients act as processors and process the data on the basis of our instructions and data processing agreements.
5. Transfers outside the EU
Some of our providers (for example GoHighLevel) are established in the United States. When data is transferred outside the European Economic Area, we ensure the transfer is protected by adequate safeguards, in particular the standard contractual clauses approved by the European Commission or other mechanisms provided for by the GDPR.
6. How long we keep data
- Data from requests that do not lead to an engagement: kept for as long as necessary to assess the fit and for possible later contact, then deleted or anonymized (as a rule within 24 months at most).
- Client data: for the duration of the contract and afterwards, for as long as legal obligations require (for example tax and accounting ones).
- Data for marketing communications: until consent is withdrawn.
7. Your rights
As a data subject, you have the following rights:
- Right of access: to find out what data we hold about you.
- Right to rectification: to correct inaccurate or incomplete data.
- Right to erasure: to request deletion of your data, under the conditions provided by law.
- Right to restriction of processing in certain situations.
- Right to portability: to receive your data in a structured, commonly used format.
- Right to object to processing based on legitimate interest or for marketing purposes.
- Right to withdraw your consent at any time, without affecting the lawfulness of prior processing.
You can exercise your rights by writing to contact@unrivals.com. We respond within the time limits provided by law.
8. Right to lodge a complaint
If you consider that we have breached your rights, you can contact the National Supervisory Authority for Personal Data Processing (ANSPDCP), www.dataprotection.ro. However, please contact us first: we want to resolve any concern quickly.
9. Data security
We apply reasonable technical and organizational measures to protect data against unauthorized access, loss or disclosure. No system is 100% secure, however, which is why we cannot guarantee the absolute security of data transmitted over the internet.
10. Changes to this policy
We may update this policy. The version in force is the one published here, with the last-updated date shown above. We encourage you to review it periodically.
11. Contact
For any question about your data, write to us at contact@unrivals.com.