Loading...

Back to Homepage

Priavcy Policy

NEXOR Design Studio

Last updated: 3 March 2026

1. Who We Are

NEXOR is a design agency based in Romania, providing brand identity, UI/UX design, web development, and visual communications services to clients in Romania and internationally. Our websites are nexor.ro and nexoragency.com.

For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and Romanian data protection law (Law No. 190/2018), NEXOR acts as the data controller for personal data collected through our websites and business operations.

 

2. What Data We Collect

We may collect and process the following categories of personal data:

Contact and inquiry data:

  • Full name
  • Email address
  • Phone number (if provided)
  • Company name and role
  • Content of messages or briefs you send us

Website usage data:

  • IP address
  • Browser type and version
  • Pages visited and time spent
  • Referring URLs
  • Device and operating system information

Business and contractual data:

  • Billing address and invoicing details
  • VAT/CUI numbers (for B2B clients)
  • Project-related communications

 

3. How We Collect Your Data
  • Through contact forms on our websites
  • Via email, phone, or direct messages
  • Through cookies and analytics tools when you browse our websites
  • During the course of a business engagement or project

 

4. Legal Basis for Processing

We process your personal data under the following legal bases as defined in Article 6 of the GDPR:

  • Legitimate interests (Art. 6(1)(f)): to respond to inquiries, manage client relationships, and improve our website experience.
  • Contract performance (Art. 6(1)(b)): when you engage us for services, processing is necessary to fulfill our contractual obligations.
  • Legal obligation (Art. 6(1)(c)): to comply with Romanian accounting and tax law (Legea nr. 82/1991, Codul Fiscal).
  • Consent (Art. 6(1)(a)): where we rely on your consent, such as for marketing communications, you may withdraw it at any time.

 

5. How We Use Your Data
  • To respond to your inquiries and provide quotes or proposals
  • To deliver agreed services and manage ongoing projects
  • To send invoices and manage payments
  • To improve our website and understand visitor behavior
  • To send occasional updates (only with your consent)
  • To comply with legal and tax obligations under Romanian law

 

6. Data Sharing and Third Parties

We do not sell your personal data. We may share it with:

  • Service providers: tools we use to operate our business (e.g. email, project management, cloud storage). These parties act as data processors under binding agreements.
  • Accounting and legal professionals: as required to fulfill legal obligations in Romania.
  • Authorities: if required by law or court order, or by ANSPDCP (Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal).

Where we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs).

 

7. Cookies

Our websites use cookies to improve your experience and gather anonymous analytics data:

  • Essential cookies: required for the website to function properly.
  • Analytics cookies: to understand how visitors use our site (e.g. Google Analytics). Only placed with your consent.
  • Preference cookies: to remember your settings.

You can manage or disable cookies via your browser settings. Refusing non-essential cookies will not affect your ability to use our websites.

 

8. Data Retention
  • Contact and inquiry data: up to 2 years if no engagement follows.
  • Client project data: for the duration of the project plus up to 5 years (Romanian accounting regulations, Legea nr. 82/1991).
  • Financial/invoicing records: 10 years, as required by Romanian tax law (Codul Fiscal, Art. 25).
  • Website analytics: as per the retention policy of the analytics tool (typically up to 26 months).

 

9. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of access (Art. 15): to request a copy of personal data we hold about you.
  • Right to rectification (Art. 16): to request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17): to request deletion of your data, where applicable.
  • Right to restriction (Art. 18): to request that we limit how we use your data.
  • Right to data portability (Art. 20): to receive your data in a structured, machine-readable format.
  • Right to object (Art. 21): to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us. We will respond within 30 days as required by GDPR.

You also have the right to lodge a complaint with the Romanian supervisory authority:

ANSPDCP — Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal

Website: www.dataprotection.ro

Address: B-dul Magheru nr. 28–30, Sector 1, Bucuresti, Romania

 

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include secure communications, access controls, and regular review of our data handling practices.

 

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

 

12. Contact Us

NEXOR Design Studio

Romania

Website: nexor.ro | nexoragency.com

Email: hello@nexoragency.com

Jump to

Back to Homepage