Privacy and Data Protection Notice
Controller
Danube Tactical SystemsCRIȘANEI NR. 23, SIBIU, JUD. SIBIURomaniasecuritydanubets.com0120-345-67-89Regulatory Framework
Danube Tactical Systems processes personal data in accordance with:
- EU General Data Protection Regulation (GDPR)
- Romanian data protection legislation
- EU cybersecurity and defence-related regulatory requirements (where applicable)
- Industry-recognised security standards and best practices
Where relevant, Danube Tactical Systems aligns its security framework with recognised standards such as ISO 27001 principles and EU cybersecurity guidance.
Security-Focused Processing Approach
Due to the nature of our activities in security, defence and advanced technology environments, we apply enhanced technical and organisational measures to protect:
- Personal data
- Sensitive business and partner data
- Security-relevant technical information
- Confidential project and R&D information
Processing is restricted to defined business purposes and authorised personnel only.
Categories of Data Processed
Depending on interaction with our services or website, we may process:
- Identification and contact data
- Business and professional data
- Technical system access data
- Website usage data
- Communication data
We do not intentionally collect special categories of personal data unless legally required or contractually necessary.
Legal Bases for Processing
Processing may be based on:
- Art. 6(1)(a) GDPR — Consent
- Art. 6(1)(b) GDPR — Contract performance
- Art. 6(1)(c) GDPR — Legal obligation
- Art. 6(1)(f) GDPR — Legitimate interest (e.g. cybersecurity, system protection, fraud prevention)
Website Security and Server Logs
When accessing our website, technical data may be processed including:
- IP address
- Timestamp
- Browser type and version
- Operating system
- Referrer URL
Purpose:
- Cybersecurity and threat detection
- System stability
- Incident investigation
Legal basis: Art. 6(1)(f) GDPR.
Cookies and Tracking Technologies
Necessary cookies are used to ensure secure and stable operation of the website.
Analytics or performance cookies are used only after explicit consent via our consent management platform.
Analytics Services
If analytics services (e.g. Google Analytics) are used:
- Processing occurs only after consent
- IP anonymisation is applied where available
- Transfers to third countries are protected via EU Standard Contractual Clauses and additional safeguards where required
Third-Party Processors and Supply Chain Security
Danube Tactical Systems applies strict vendor and supply chain security requirements.
Processors must:
- Meet recognised security and compliance standards
- Enter into Data Processing Agreements
- Implement adequate technical and organisational safeguards
- Where applicable, comply with EU security, defence and export control requirements
International Data Transfers
Where data is transferred outside the EEA, we apply:
- EU Standard Contractual Clauses
- Adequacy decisions (where applicable)
- Additional technical safeguards if required
Transfers are assessed using a risk-based approach.
Data Retention
Personal data is stored only:
- For as long as necessary for the processing purpose
- According to contractual obligations
- According to statutory retention requirements
- According to security and compliance documentation requirements
Secure deletion procedures are applied after expiry.
Security Incident and Breach Management
Danube Tactical Systems maintains internal incident response procedures.
In case of a personal data breach:
- Incidents are investigated without delay
- Risk assessments are performed
- Supervisory authorities are notified where legally required
- Affected individuals are informed where required
Data Subject Rights
You have the right to:
- Access your personal data
- Rectify inaccurate data
- Request erasure
- Restrict processing
- Data portability
- Withdraw consent at any time
- Object to processing
Supervisory Authority
You have the right to lodge a complaint with the competent supervisory authority.
For Romania, the competent authority is the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP).
Confidentiality and Security Commitment
All employees, contractors and partners are bound by confidentiality and security obligations.
Access to data is restricted to authorised personnel on a need-to-know basis.
Binding Language
This document may be provided in multiple languages.
In case of discrepancies, the legally binding version is the version published in the official language of the website.
Contact
Danube Tactical Systemssecuritydanubets.com