Privacy Policy

General informations

This Privacy Policy explains how IDODO CORBEANCA S.R.L., a Romanian legal entity with its registered office in Voluntari, 1 Pipera Blvd., Hyperion Towers, Tower 1, 9th Floor, Room II, Office 4, Ilfov County Ilfov, registered with the Trade Registry attached to the Ilfov Court under no. J23/3411/2020, with CUI 36327861 (hereinafter referred to as the “Company”), uses cookies and other similar technologies on the website (hereinafter referred to as the “Website”).

The company acts as a personal data controller, within the meaning of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data (hereinafter referred to as the “GDPR”).

By accessing and using the Site, the User confirms that they have read, understood, and agree to this Privacy Policy, as well as to the processing and storage of their personal data by IDODO CORBEANCA S.R.L., for the purposes and under the conditions described in this section.

Categories of data subjects

This policy applies to the following categories of individuals:

visitors to the website https://denyalake.ro

individuals who contact the Company via the contact form, email, or telephone;

potential customers and business partners.

Principles of Data Processing

The Company adheres to the fundamental principles of personal data processing set forth in Article 5 of the GDPR:

legalitate, echitate și transparență – datele sunt prelucrate în mod legal, corect și transparent față de persoanele vizate;

lawfulness, fairness, and transparency – data is processed lawfully, fairly, and transparently in relation to data subjects;

purpose limitation – data is collected for specified, explicit, and legitimate purposes;

accuracy – the Company makes every effort to ensure that data is accurate and up-to-date;

storage limitation – data is retained only for as long as necessary to fulfill the stated purposes;

integrity and confidentiality – data is protected against unauthorized access, loss, or destruction;

accountability – the Company can demonstrate compliance with these principles.

Types of Data Collected

Depending on the User’s interaction with the Website, the Company may collect the following data:

Data provided directly: first name, last name, email address, phone number, information contained in messages sent via the contact form or email,

Data collected automatically: IP addresses, browser type, operating system, visit duration, pages viewed, browsing behavior, via cookies and statistical analysis tools (e.g., Google Analytics).

The Company does not request or process sensitive data (ethnic origin, political opinions, religious beliefs, medical data, etc.).

Purposes of data processing

Personal data is processed for the following legitimate purposes:

responding to requests, requests for quotes, or questions submitted via the Site;

communications regarding the Company’s services, only if the data subject has given their consent;

ensuring the operation and security of the Website;

anonymous statistical analysis of traffic and improvement of the Website’s content.

The Company does not use the collected data for direct marketing, remarketing, or automated profiling purposes.

Legal Bases for Processing

The Company processes personal data based on one or more of the legal bases provided for in the GDPR:

Article 6(1)(a) – the data subject’s consent, for the processing of data submitted via the contact form or by email, as well as for optional cookies (analytics, marketing);

Article 6(1)(f) – the Company’s legitimate interest in ensuring the secure and efficient operation of the Website, improving services, and conducting general traffic analysis (essentially anonymously).

Data retention period

Personal data is retained only for the period necessary to fulfill the purposes for which it was collected or in accordance with applicable legal obligations.

data from contact forms: up to 12 months from the last interaction;

technical data (cookies, logs): in accordance with the cookie policy, typically between 6 and 26 months;

Relevant business correspondence may be retained for up to 3 years to comply with any legal archiving obligations.

After the expiration of the periods mentioned above, the stored data is permanently deleted.

Recipients and Data Transfers

The Company does not sell, rent, or disclose personal data to third parties, except in the following limited circumstances:

IT service providers (hosting, maintenance, email), who act as data processors and are bound by contractual confidentiality obligations;

public authorities, based on a legal obligation and an express request;

statistical analysis service providers (e.g., Google Analytics), in accordance with their privacy policies.

Data may be stored on servers located within the European Economic Area (EEA). In the event of transfers outside the EEA, these are made only to countries that ensure an adequate level of protection, in accordance with European Commission decisions.

Data Security

The company implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure:

encryption of communications via SSL protocol;

access control and secure passwords;

regular backups and antivirus protection;

staff training on confidentiality.

Rights of Data Subjects

Under the GDPR, data subjects have the following rights:

the right of access to their personal data;

the right to rectification of inaccurate or incomplete data;

the right to erasure (“the right to be forgotten”);

the right to restrict processing;

the right to data portability;

the right to object to processing, under the conditions of Article 21 of the GDPR;

the right to withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal;

the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP).

To exercise these rights, data subjects may send a written request to the email address office@danya-cebus.ro.

The Company undertakes to respond to any request regarding the exercise of the aforementioned rights within a maximum of 30 (thirty) calendar days from receipt of the request.

In exceptional cases involving complex or multiple requests, this period may be extended by up to an additional 60 days, in which case the data subject will be informed of the reasons for the delay and the new estimated response time, in accordance with the provisions of the GDPR.

Responses will be provided, as far as possible, by electronic means, in accordance with the principles of transparency and the protection of personal data.

Withdrawal of Consent

Data subjects may withdraw their consent to data processing at any time by sending an email to office@danya-cebus.ro.

Withdrawal of consent does not affect the lawfulness of processing carried out prior to such withdrawal.

Policy updates

The Company reserves the right to update this Privacy Policy to reflect legislative or organizational changes.

The updated version will be published on the Site and will take effect on the date of publication.

Contact

For questions regarding the protection of personal data, please contact us at office@danya-cebus.ro.

Last updated: 11.02.2026.

Contact

DENYA LAKE SALES

+40 755 992 484

+40 755 992 459

EN
RO EN
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.