Privacy Policy

The protection of your personal data is of the utmost importance to S.C. Cosmos Quantum Distribution S.R.L. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the "General Data Protection Regulation" or "GDPR"), as well as the applicable Romanian legislation.

By accessing our website www.cosmos-quantum.ro or interacting with us through any communication channel, you acknowledge that you have read and understood this Privacy Policy.

The data controller responsible for the processing of your personal data is:

Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Depending on how you interact with us, we may collect the following categories of personal data:

a) Data provided directly by you (contact and inquiry forms):

• Full name
• Business email address
• Phone number
• Company name and position
• Subject and content of your message
• Products selected for wholesale inquiry

b) Communication data:

• Records of correspondence between you and Cosmos Quantum (emails, form submissions)
• Preferences regarding communication channels and frequency

c) Technical and usage data (collected automatically):

• IP address
• Browser type and version
• Operating system
• Referring URL and pages visited on our website
• Date, time, and duration of your visit
• Device type (desktop, mobile, tablet)
• Cookie identifiers and similar technologies (see Section 10)

We process your personal data only when we have a valid legal basis under the GDPR. The purposes and corresponding legal bases are:

In accordance with the GDPR, we adhere to the following principles when processing your personal data:

• Lawfulness, fairness, and transparency: data is processed lawfully, fairly, and in a transparent manner in relation to the data subject.
• Purpose limitation: data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
• Data minimization: only data that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed is collected.
• Accuracy: personal data is accurate and, where necessary, kept up to date. Inaccurate data is erased or rectified without delay.
• Storage limitation: data is kept in a form that permits identification of data subjects for no longer than is necessary for the purposes of processing.
• Integrity and confidentiality: data is processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods include:

• Contact and inquiry form data: 24 months from the date of submission, unless a commercial relationship is established.
• Contractual and commercial data: for the duration of the business relationship plus the statutory retention period required by Romanian fiscal legislation (generally 10 years).
• Marketing and newsletter data: until you withdraw your consent or unsubscribe.
• Website usage and technical logs: up to 12 months.
• Cookie data: as specified in our Cookie Policy (varies by cookie type).

After the applicable retention period expires, personal data is securely deleted or anonymized.

Under the GDPR, you have the following rights regarding your personal data:

To exercise any of these rights, please contact us at office@cosmos-quantum.ro or by post at the address listed in Section 2. We will respond to your request within 30 days. In complex cases, this period may be extended by a further 60 days, and we will inform you of any such extension.

We do not sell, rent, or trade your personal data. However, we may share your data with third parties in the following circumstances:

• Email service providers (e.g., SMTP2GO), for the sole purpose of delivering transactional emails and inquiry responses.
• Hosting and infrastructure providers (e.g., Railway, Pantheon), where your data is processed on servers in accordance with GDPR-compliant data processing agreements.
• Analytics providers, for aggregated, anonymized website usage statistics to improve our services.
• Legal and accounting advisors, when required for compliance with legal obligations.
• Public authorities, when disclosure is required by law, by court order, or to protect our legitimate rights.

All third-party processors are carefully selected and bound by data processing agreements (DPA) ensuring full compliance with GDPR requirements. Where data is transferred outside the EU/EEA, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCC) approved by the European Commission.

Our website uses cookies and similar technologies to ensure its proper functioning, to analyze website traffic, and to improve your browsing experience.

Cookies are small text files placed on your device when you visit our website. They allow us to recognize your browser and remember certain information across sessions.

For detailed information about the types of cookies we use, their purposes, and how to manage them, please refer to our Cookie Policy.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, accidental loss, alteration, disclosure, or destruction. These measures include, but are not limited to:

• Encrypted data transmission using HTTPS/TLS protocols
• Access control mechanisms and authentication procedures
• Regular security audits and vulnerability assessments
• Employee training on data protection and information security
• Physical security of premises where data is stored
• Regular backup procedures and disaster recovery plans

While we strive to protect your personal data, no method of electronic transmission or storage is 100% secure. We continuously review and improve our security practices.

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP):

We reserve the right to update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. Any modifications will be posted on this page with an updated revision date. We encourage you to review this page periodically to stay informed about how we protect your personal data.

Continued use of our website after any changes to this policy constitutes acceptance of those changes.

For any questions, concerns, or requests regarding the processing of your personal data or this Privacy Policy, please contact us:

We will make every effort to respond to your inquiry within 30 calendar days.