Our Privacy Policy

Our privacy policy applies to your use of (hereinafter referred to as "the Site"). Alu Design Construction Civile SRL (hereinafter referred to as "Alu Design" or "we") understands the importance of your personal data and protects their privacy and security. In this regard, we provide the following information related to the processing of your personal data as data subject (site user) under this Privacy Policy.

In principle, the use of the websites of Alu Design Construction Civile SRL. it is possible without the provision of personal data. If a data subject wishes to request special services of our company through our website, it may still be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we obtain the consent of the data subject.

About us

Alu Design is a company specialized in complete design services in the field of constructions, acting successfully in the field of design, structuring, and facades.


The privacy statement of ALU DESIGN CONSTRUCTION CIVILE S.R.L. is based on the terms used by the European legislative and regulatory authority when adopting the General Data Protection Regulation (GDPR). Our privacy statement should be easy to read and understand for both the public and our customers and business partners. To ensure this, we want to explain in advance the terms used.

We use certain terms in this privacy statement, including but not limited to:

a) Personal data: All information relating to an identified or identifiable natural person (hereinafter referred to as "data subject") constitutes personal data. A natural person is considered to be identifiable which can be identified directly or indirectly, in particular by associating with identification information such as a name, identification code, location data, online identifier or one or more special characteristics, which are the expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

b) Data subject: The data subject is any identified or identifiable natural person, whose personal data is processed by the operator.

c) Processing: Processing means any operation performed with or without the aid of an automated procedure or any series of such operations regarding personal data, such as recording, organizing, ordering, storing, adapting or modifying, reading, querying, using, disclosure by transmission, dissemination or any other form of supply, comparison or binding, limitation, deletion or destruction.

d) Processing limitation: Processing limitation is the marking of stored personal data, with the purpose of limiting their future processing.

e) Profiling: Profiling is any type of automatic processing of personal data consisting of the use of such personal data in order to evaluate certain personal aspects relating to a natural person, especially in order to analyze or predict aspects related to work performance, economic situation, health status, personal preferences, interests, reliability, behavior, residence or change of address of the respective natural person.

f) Pseudonymisation: Pseudonymization is the processing of personal data in a way in which personal data can no longer be associated with a particular data subject without obtaining additional information, insofar as this additional information is kept separately and is subject to technical and organizational measures that guarantee that personal data is not associated with an identified or identifiable natural person.

g) Operator: The operator is a natural or legal person, an authority, an institution or another body that decides alone or together with others on the purposes and means of processing personal data. If the purposes and means of such processing are laid down by EU law or by the laws of the Member States, the operator may, respectively, the criteria for its appointment may be provided by EU law or the laws of the Member States.

h) Operator authorized person: The person authorized by the operator is a natural or legal person, an authority, an institution or another body, which processes personal data on behalf of the operator.

i) Recipient: The recipient is a natural or legal person, an authority, an institution or another body, which makes public the personal data, whether or not a third party. However, authorities that may receive personal data in a particular investigation request in accordance with EU law or Member State laws are not considered as recipients.

j) Third party: The third party is a natural or legal person, an authority, an institution or another body, with the exception of the data subject, the operator, the operator authorized person and the persons who are authorized to process personal data under the direct responsibility of the operator or of the operator authorized person.

k) Consent: The consent represents any voluntary manifestation of will, specific and informed, in the form of an unequivocal statement or other confirmatory act, by which the data subject understands that he/she agrees to the processing of the personal data concerning him/her.

Operator’s name and address

The operator within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other data protection provisions is: ALU DESIGN CONSTRUCTION CIVILE SRL (“ALU DESIGN”), Bucharest, sector 2, 58 Blvd Ferdinand I, entrance C, 1st floor, room 2, VAT# 28751040, reg. code J40/8063/01.07.2011, e-mail

About our Privacy Policy

In accordance with the legal requirements on the processing of personal data and the protection of privacy in electronic communications, Alu Design manages, in safe conditions and only for the specified purposes, the personal data you provide to us, in the context of the website visit and purchasing our services. Because we know how important your privacy is, we have created this Privacy Policy to explain how we collect, use and protect this information.

Information automatically collected by our website

We limit the information we collect only to what is necessary to ensure the proper functioning of the website and the production of traffic statistics for our site. You are not required to log-in, register or provide personal information about you in order to use our website.

When you access our website, we collect the following information:

If you use the contact information provided on our website to contact us directly, we will receive your contact information which may include, depending on how you contact us, your email address, name, company, reason for contact and postal address.

How we use the information that we collect

Difference between personal information and aggregate information

Personal information is information that can be used to identify a particular person, generally understood to be information such as your name, physical address, email address and telephone number. Aggregated information is not considered personal information and cannot be used to identify you.

Whom we share collected information with

What about the cookies?

Alu Design may use cookies in your web browser to identify you when you return to our website. Details about the cookies used on our website can be found in the Cookies Policy. Here you can also find information about stopping them.

Do we collect your e-mail address?

We do not ask you to send us your e-mail address or any other personal information in order for you to use our website. If you use the information provided on to contact us directly (for example, by emailing us at, we will receive your contact information, but we will use them only to respond to your request. If you fill out an online form on our website, we receive your email and we can store that email and the associated contact information for up to 12 months.

Your rights regarding the processing of personal data and how you can use them

In accordance with the applicable regulations, you have the following rights:

However, your access to the processed data may be exercised only to the extent that it does not prejudice the rights and freedoms of other persons;

However, the data will not be deleted when processing is necessary for:

- the exercise of the right to free expression and information;

- compliance with a legal obligation which provides for processing under EU law or national law that applies to the company or for the performance of a task related to the public interest;

- for finding, exercising or defending a right in court.

In addition, when Alu Design has made public in any context the data whose deletion is requested and you request the deletion of data from any recipients, the data will be reasonably kept by appropriate (including technical) measures to ensure the data recipients are informed of such a request.

The restriction applies when:

- you challenge the exercise of the data for a period that allows us to verify the accuracy of the data;

- processing is illegal and you oppose the deletion of personal data, asking instead to restrict their use;

- Alu Design no longer needs your personal data for the purpose of processing, but you ask us to find, exercise or defend a right in court;

- you have objected to the processing, in accordance with the legal provisions governing your right to opposition, for the period of time in which it is ascertained whether our legitimate rights prevail over yours.

In this situation, we will no longer be able to process your personal data, unless we demonstrate the existence of legitimate and compelling reasons that justify processing and prevail over your interests, rights and freedoms or that the purpose of processing is finding, exercising or the defense of a right in court.

a) the processing is based on a consent or is necessary for the implementation of a contract to which you are a party or to carry out actions at your request before the conclusion of a contract; and

b) it is made by automatic means (not in physical/paper form, but by any automated means).

Data processing for automated decision making is allowed when:

- it is necessary to fulfill the object of activity of the company and/or to conclude or implement a contract between you and Alu Design;

- it is authorized by EU or national law that applies to Alu Design and also provides for appropriate measures to protect your legitimate rights, freedoms and interests; or

- you have expressly consented to such processing.

You can exercise your above-mentioned rights and you can learn more about such rights by filing in with us, as data controllers, a written request to ALU DESIGN CONSTRUCTION CIVILE - Bucharest, Sector 2, 58 Blvd Ferdinand I, entrance C, 1st floor, room 2, or by emailing us to In order to identify and prevent unauthorized disclosure of your data, please include a scan/copy of your ID certified by you to be original.

Data protection in the case of applications and the selection procedure

The operator collects and processes the personal data of the applicants in order to carry out the selection procedure. The processing can also be done electronically.

This is especially the case when an applicat submits the appropriate application documents to the operator electronically, for example by e-mail or through a web form which can be found on the Internet. If the operator concludes an employment contract with the applicant, the data transmitted shall be stored for the purpose of carrying out employment relationships in compliance with the legal provisions. If the operator does not enter into an employment contract with the applicant, the application documents will be automatically deleted within twelve months from the notification of rejection, insofar as the deletion does not go against other legitimate interests of the operator.

Legal grounds when we process personal data

Alu Design may base the processing of your personal data on any (one or more) of the following legal grounds:

In cases where the applicable legal provisions require your prior and explicit consent for the processing of special categories of data, we will process the respective data only on the basis of your prior and explicit consent.

At any time, you have the right to withdraw your consent. Withdrawing your consent will not affect the legality of the processing on the basis of consent given before its withdrawal. In order to withdraw your consent for any processing you have previously consented to, please email us at or send us a notification to ALU DESIGN CONSTRUCTION CIVILE SRL ("ALU DESIGN"), Bucharest, sector 2, 58 Blvd Ferdinand I, entrance C, 1st floor, room 2, VAT# 28751040, reg. number J40/8063/01.07.2011.

Keeping the your personal data while necessary to process it

Alu Design complies with its obligations under the national law and the GDPR through actions such as:

Technical and organizational measures have been implemented at Alu Design to maintain the confidentiality and security of your personal data, in accordance with our internal procedures regarding the storage, disclosure and access of personal data. Personal data can be kept on our personal data IT systems and/or in hard copy, in special rooms at each department or according to the specific activity of each one.

Transfer of your personal data abroad

We may transfer your personal data to countries within the EU, EEA or other countries.

In such case, we will ensure that these international transfers are made subject to appropriate safeguards as required by General Data Protection Regulation (EU) 2016/679 or other applicable laws.

Personal data that you provide for other natural persons

If, for any reason, you provide us with personal data regarding another natural person, you must ensure that you have the right to disclose such personal data and that, without taking further measures, we may collect, use and disclose that personal data.

In particular, you must make sure that the person in question is aware of things such as: our identity, how he can contact us, why we collect data, our data disclosure policy; the rights of the natural person with regard to personal data and the right to file complaints regarding personal data management.

Your information pertaining any security breach

Please be assured that we have trained the persons involved in data processing so that they can identify the security breaches and bring them to the attention of the persons in charge in order to take the necessary measures to analyze and limit the consequences of such security breach and, as the case may be, to notify the supervisory authority and possibly the data subjects.

Our company will notify about those security breaches whose notification is obligatory (likely to generate a risk for the rights and freedoms of the data subjects) to the Supervisory Authority for Personal Data Processing.

In cases where the notification of the authority is obligatory, this will be done without delay, in principle no later than 72 hours from the date when the operator became aware of the breach.

When preparing the notification, the operator will seek to protect the confidentiality of the information provided by you, meaning that they will provide the authority with details about the categories and number of affected persons, without compromising the confidentiality of the received data.

In case of a security breach, we will inform you in order to be able to take protective measures, in principle no later than 72 hours from the date on which we became aware of the breach.

You will be notified only if the security incident is likely to create a high risk for your rights and freedoms.

If the specific circumstances do not require another approach, the information will be made through direct communication, using an appropriate communication channel (e-mail, SMS, etc.).

As an exception, only in the case where direct contact would involve a disproportionate effort, public information channels may be used.

We guarantee that you will be informed of any new developments related to the incident and of the measures we will take in connection with it, in consultation with you to limit the consequences and prevent its recurrence.

With respect to each violation, we will assist you in any way, including the provision of sufficient information, as well as support in the investigations conducted by the regulatory authority, with a view to remedying and investigating the breach, to prevent future incidents, limit the impact of the incident on the involved parties and/or limit the damage to you as a consequence of the security breach.

Changes in this Privacy Policy

We may update this Privacy Policy from time to time based on changes in the applicable laws and regulations or other requirements applicable to us, technological changes or changes in our business. Any future changes we make in the Privacy Policy will be posted on this page, so you should review it periodically.

Latest revision: 5 Aug 2019