Get a Quote

Inari IT Group

Privacy Policy

  1. General Information

This Privacy Policy explains how INARI IT GROUP S.R.L., headquartered in Sat Ilteu, Comuna Petriș, str. Principală, no. 3, registered with the Trade Register under no. J35/3948/2022, having VAT number RO46698506 (hereinafter referred to as the “Company”), collects, uses, stores, and protects the personal data of individuals who access the website www.inari.com (hereinafter referred to as the “Website”).

The Company acts as a data controller within the meaning of Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (hereinafter referred to as the “GDPR”).

By accessing and using www.inari.com, the User confirms that they have read, understood, and agreed to this Privacy Policy, as well as to the processing and storage of their personal data by INARI IT GROUP S.R.L., for the purposes and under the conditions described herein.

 

  1. Categories of Data Subjects

This Policy applies to the following categories of data subjects:

  • visitors of the Website www.inari.com;
  • individuals contacting the Company via the contact form, e-mail, or telephone;
  • potential clients and business partners.

 

  1. Principles of Data Processing

The Company processes personal data in accordance with the fundamental principles set forth in Article 5 of the GDPR:

  • lawfulness, fairness, and transparency – data is processed lawfully, fairly, and transparently towards the data subjects;
  • purpose limitation – data is collected for specified, explicit, and legitimate purposes;
  • data minimization – only data strictly necessary for the purpose of processing is collected;
  • accuracy – the Company takes all reasonable steps to ensure data accuracy and timeliness;
  • storage limitation – data is kept only for as long as necessary to fulfill the stated purposes;
  • integrity and confidentiality – data is protected against unauthorized access, loss, or destruction;
  • accountability – the Company can demonstrate compliance with these principles.

 

  1. Types of Data Collected

Depending on the User’s interaction with the Website, the Company may collect the following types of data:

  • Data provided directly: name, surname, e-mail address, phone number, and any information included in messages sent through the contact form or by e-mail.
  • Data collected automatically: IP addresses, browser type, operating system, visit duration, viewed pages, and browsing behavior through cookies and analytical tools (e.g., Google Analytics).

The Company does not request or process special categories of data (such as racial or ethnic origin, political opinions, religious beliefs, or health-related data).

 

  1. Purposes of Data Processing

Personal data is processed for the following legitimate purposes:

  • responding to requests, inquiries, or offers submitted via the Website;
  • communicating information about the Company’s services, only if the data subject has given explicit consent;
  • ensuring the proper functioning and security of the Website;
  • performing anonymous statistical analysis of traffic and improving the Website’s content.

The Company does not use collected data for direct marketing, remarketing, or automated profiling.

 

  1. Legal Basis for Processing

The Company processes personal data under one or more of the legal bases provided by the GDPR:

  • Article 6(1)(a) – the data subject’s consent, for processing data submitted via the contact form or e-mail, as well as for optional cookies (analytics, marketing);
  • Article 6(1)(f) – the Company’s legitimate interest in ensuring the secure and efficient operation of the Website, service improvement, and general (essentially anonymous) traffic analysis.

The Company does not process personal data under Article 6(1)(b) (contractual necessity), as the Website is purely informational and does not create direct contractual relationships.

 

  1. Data Retention Period

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or in accordance with applicable legal obligations:

  • data from contact forms: up to 12 months from the last interaction;
  • technical data (cookies, logs): according to the Cookie Policy, generally between 6 and 26 months;
  • relevant commercial correspondence may be retained for up to 3 years, in compliance with legal archiving obligations.

After the expiration of these periods, stored data is permanently deleted.

 

  1. Data Recipients and Transfers

The Company does not sell, rent, or disclose personal data to third parties, except in the following limited situations:

  • IT service providers (hosting, maintenance, e-mail) acting as data processors, bound by contractual confidentiality obligations;
  • public authorities, based on a legal obligation and an express request;
  • analytical service providers (e.g., Google Analytics), according to their own privacy policies.

Data may be stored on servers located within the European Economic Area (EEA).
In cases where data transfers occur outside the EEA, they will be made only to countries that ensure an adequate level of protection, in accordance with the European Commission’s decisions.

 

  1. Data Security

The Company applies appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure, including:

  • encryption of communications using SSL protocol;
  • access control and secure passwords;
  • periodic backups and antivirus protection;
  • staff training regarding confidentiality and data protection.

 

  1. Rights of Data Subjects

In accordance with the GDPR, data subjects have the following rights:

  • right of access to their personal data;
  • right to rectification of inaccurate or incomplete data;
  • right to erasure (“right to be forgotten”);
  • right to restriction of processing;
  • right to data portability;
  • right to object to processing under Article 21 GDPR;
  • right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP).

To exercise these rights, data subjects may send a written request to office@inariitgroup.com.

The Company commits to responding to any request concerning the exercise of these rights within 30 (thirty) calendar days from receipt.

In exceptional cases involving complex or multiple requests, this period may be extended by up to 60 additional days, in which case the data subject will be informed of the reasons for the delay and the new estimated response deadline, in accordance with the GDPR.

Responses will be provided, whenever possible, by electronic means, ensuring transparency and data protection.

 

  1. Withdrawal of Consent

Data subjects may withdraw their consent for data processing at any time by sending an e-mail to office@inariitgroup.com.

Withdrawal of consent does not affect the lawfulness of processing carried out prior to such withdrawal.

 

  1. Policy Updates

The Company reserves the right to update this Privacy Policy to reflect legislative or organizational changes.

The updated version will be published on the Website and will take effect from the date of publication.

 

  1. Contact

For questions regarding personal data protection, please contact us at office@inariitgroup.com.

 

Last Updated: November 5, 2025

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.