Privacy Policy

PRIVACY POLICY

06.02.2026

2. SCOPE

This policy applies to all users, visitors and individuals who interact with the website, regardless of the device used, and covers all personal data collected through the website, including, but not limited to, data provided through contact forms, user accounts, cookies or other electronic means.

This Privacy Policy applies exclusively to activities carried out online through this website and does not extend to the way in which third parties or external platforms process personal data, even if such platforms may be accessed through this website.

By accessing and using this website, users confirm that they have read the provisions of this Privacy Policy and agree to them.

For the purposes presented in this Privacy Policy, Global Remote Services is the Personal Data Controller. You can find information about our identity and contact details below

 

3. REFERENCE DOCUMENTS

4. POLICY

4.1 WHO WE ARE

4.2 MEANING OF THE TERMS

 

Terms with the following meanings are used in this policy:

Personal data = any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more specific elements, physical, physiological, genetic, mental, economic, cultural or social identity

Processing = any operation or set of operations performed on personal data or on sets of personal data, with or without the use of automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction

Restriction of processing = marking of stored personal data for the purpose of limiting their future processing

Controller = entity that establishes the purposes and means of the processing of personal data; when the purposes and means of the processing are established in accordance with the applicable legal provisions, namely Global Remote Services

 

Profiling = any form of automatic processing of personal data consisting of the use of personal data to assess certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements of that natural person

 

 

Supervisory Authority = National Supervisory Authority for Personal Data Processing

 

 

Online Platform = Websites developed under the domain name owned by Global Remote Services (www.globalremoteservices.com)

 

Cookie = small text files stored on the device used (computer, tablet or mobile) when you are on the Internet, including on the www.globalremoteservices.com website

User = any person who interacts in a certain way with the website www.globalremoteservices.com 

4.3 HOW TO COLLECT DATA

In general, we collect personal data directly from data subjects when they interact with the www.globalremoteservices.com website through the means made available, such as telephone, email or communication platforms. To do this, we may carry out campaigns to update your data. At the same time, we will correct and update your data whenever we find inaccuracies or errors.

Your data may be collected in the following situations:

• When you contact us via the “Contact Us” form, by email, telephone or through Global Remote Services’ online communication channels and social media.
• When you send us requests, requests or other official communications related to the services provided by Global Remote Services.
• When you apply for a vacancy by email or by filling out the form on the website.
• When you interact with the Global Remote Services website, in which case technical and usage data may be collected, such as IP address, device identifiers, language settings, pages visited or login events, according to the Cookie Policy (Cookiebot).

When you communicate with the Global Remote Services team by email or phone, including in subsequent correspondence, and in certain situations, where lawful and with prior notice, calls may be recorded for the purpose of ensuring the quality of service.

4.4 PURPOSES AND GROUNDS FOR PROCESSING

Categories of processed data	Voice, first name and last name, e-mail address, telephone number, information voluntarily provided in the communicated message
Applicable legal basis	Performing pre-contractual actions at the request of the data subject

 

2. Filling in and submitting the contact form

Categories of processed data	First name and last name, e-mail address, telephone number, country, information voluntarily provided in the communicated message
Applicable legal basis	The data subject has given his/her consent for processing his/her personal data by filling in and submitting the form.

 

3. Recruitment

Categories of processed data

First name and last name, phone number; email address; any other data/information/details that you communicate to us (in case you fill in the form available on the website); by sending your CV, we may process data such as: name and surname, address, telephone number, email address, information on studies, qualifications, certifications, professional experience, photo (if included in the CV), any other personal data that you voluntarily communicate to us during the recruitment process, the results of any tests taken during the recruitment process.

Applicable legal basis

Taking steps at the request of the person, for the purpose of concluding a contract.

 

4. Interaction with social media networks

Categories of processed data	First and last name, nickname, email address, photo published as a profile picture, description or preferences, login details, other information you have shared
Applicable legal basis	Legitimate interest

 

5. Use of cookies

www.globalremoteservices.com website  uses cookies to improve your browsing experience and to ensure the optimal functioning of the platform. These cookies allow the automatic collection of technical information that may lead to the indirect identification of the user, such as: IP address, device identifiers, language settings, pages visited, login events, according to the Cookie Policy (Cookiebot).

The Website uses Cookiebot to manage cookie consent. The types of cookies used and the storage times are detailed in the “Cookie Policy”. Consent can be changed or revoked at any time from the banner on the website.

Cookies are mainly used for the following purposes:

1. Ensuring a proper functioning of the website;
2. Displaying content correctly;
3. Customizing the interface, ensuring the security of the website against fraud or illicit use;
4. Creation of statistics to know the reactions of users in relation to the content of the website.

For information about the specific cookies placed on the website, as well as for the options to control, manage or disable them, we invite you to consult the Cookies Policy.

 

6. Processing requests received via email and/or telephone

Categories of processed data	First and last name, pseudonym (public name), phone number, email address, reported problem, voice (in the case of a phone call), username, user ID, public profile data (in the case of requests received through social networks).
Applicable legal basis	Legitimate interest of the GRS to respond to requests made by users.

 

7. Processing requests made by data subjects

Categories of processed data	First and last name, telephone number, email address, any other data/information/details that you communicate to us in the application or to which we have access as a result of formulating the response to the applicant.
Applicable legal basis	The legal obligation established for the Controller to respond to the requests of data subjects regarding the exercise of their rights provided for by the General Data Protection Regulation.

 

8. Managing contractual relations with GRS partners

Categories of processed data	First and last name, phone number, email address, position, employer, signature.
Applicable legal basis	Global Remote Services’ legitimate interest in performing its contractual obligations to its partners

 

9. Carrying out relations with public authorities with regulatory and control attributions

Categories of processed data	First and last name, phone number, email address, position, employer, signature.
Applicable legal basis	Legal obligation

4.5 RETENTION PERIOD

Global Remote Services complies with the principles set out in Article 5 of Regulation (EU) no. 679/2016, collecting data for specific, explicit and legitimate purposes and ensuring adequate, relevant and limited processing to what is strictly necessary. Personal data is kept for a period not exceeding the time necessary to fulfill the purposes for which it was collected.

Personal data is stored for specified periods, in accordance with legal retention obligations, as well as other applicable laws, regulations or specific provisions. In addition, the following criteria apply:

• the time limits set by the applicable law;
• the time required for the expiry of legal time limits and/or legal limitation periods;
• internal deadlines and procedures, including those relating to the storage of data in the archival nomenclature;
• the duration necessary for the anonymization or effective deletion of the data after the expiry of the legal or internally established deadlines.

The retention of personal data is carried out strictly for the period necessary to fulfil the purposes for which they were collected, as follows:

• for requests submitted via the contact form, the data are usually kept for a period of up to 36 months, which is necessary for the management of requests, subsequent correspondence and any clarifications or resulting business relations.
• for data collected through cookies, they are kept for the specific duration of each type of cookie, according to the information detailed in the Cookie Policy.
• for data relating to contractual relationships (including contractual documents, invoicing data and financial-accounting documents), they are kept for the periods required by the applicable legislation, in order to comply with legal, tax and accounting obligations.

Upon expiry of these periods, the data is deleted or anonymized, in accordance with the internal procedures of Global Remote Services and the legal requirements in force.

4.6 RECIPIENTS AND INTERNATIONAL TRANSFERS

To achieve the purposes described above, we may share data with certain contractual partners. They have the status of Processors, and some of the personal data may be provided to them to be used strictly within the limits of the obligations assumed towards Global Remote Services and according to our instructions regarding the processing of such data.

Among the recipients to whom your data may be communicated are, for example:

• Service providers (hosting, IT security etc.)
• control and regulatory authorities and institutions, including the National Authority for the Supervision of Personal Data Processing (ANSPDCP);
• Courts and judicial authorities, when data is requested in a legal contex

In the event of any transfer of personal data, we assure you that Global Remote Services applies the necessary security measures to protect it. Transfers are always made in accordance with the applicable legal provisions and Regulation (EU) no. 679/2016 on the protection of personal data (GDPR), to guarantee that your information is processed securely and only for the purposes for which it was collected.

In case of accessing the Facebook page of Global Remote Services, personal data may be transferred to Meta Inc., outside the European Union (European Economic Area), in accordance with the legal provisions on data protection, for the personalization and optimization of the services offered. For detailed information on how Meta collects and processes this data, as well as for managing your privacy preferences, please consult the privacy policy available at: https://www.facebook.com/policy.php.

 

4.7 SECURITY MEASURES

GRS applies appropriate technical, organisational and physical measures to ensure the confidentiality, integrity and availability of personal data. These include, but are not limited to:

• Role-based access control (RBAC), with multi-factor authentication for authorized users;
• Encryption of data in transit;
• Secure monitoring and logging of access and activities, with alerting mechanisms for incidents;
• Back-up and restore procedures for continuity of operations;

Internal policies and regular staff training on data protection and cybersecurity.

4.8 RIGHTS OF DATA SUBJECTS

In the context of the processing of personal data, data subjects benefit from the following rights:

• Right of access to the personal data processed: the right to obtain confirmation as to whether or not the data is being processed by Global Remote Services and, if so, to request a copy thereof 

• The right to request the rectification or completion of inaccurate or incomplete personal data;

• Right to obtain restriction of processing, where:
• the personal data processed is inaccurate, for a period that allows Global Remote Services to verify the accuracy of the personal data;
• the processing is unlawful, but the data subject does not wish to erase the personal data processed, but to restrict the use of such data;
• where Global Remote Services no longer needs your personal data for the defined purposes, but the data is needed to establish, exercise or defend a claim in court, or
• the data subject has objected to the processing, for the period of time necessary to verify whether the legitimate grounds prevail over his rights;

• The right to request the erasure of the personal data processed, if one of the following grounds applies:
• personal data are no longer necessary for the fulfilment of the purposes for which they were collected or processed,
• the data subject withdraws his/her consent on the basis of which the processing takes place, and there is no other legal basis for the further processing,
• the data subject exercises his or her right to object, and the Controller has no legitimate grounds to prevail in order to continue the processing,
• the data has been processed unlawfully,
• Deletion is necessary for compliance with European or national law.

• The right to withdraw consent to the processing at any time, when the processing is based on consent, without affecting the lawfulness of the processing activities carried out up to that point;

• The right to object to the processing of data for reasons related to the particular situation of the data subject, as well as to object, at any time, to the processing of data for direct marketing purposes, including profiling;

• The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the data subject or similarly affects him or her in a significant manner. We do not make decisions that produce legal effects exclusively through automated processing in the context of the website. Any use of automations (e.g. chatbots) is limited to customer support and does not produce legal effects

• The right to data portability, meaning the right to receivethe personal data provided to Global Remote Services in a structured, commonly used and machine-readable form, as well as the right to transfer such data to another Controller, where the processing is based on your consent or the performance of a contract and is carried out by automated means; 

The right to lodge a complaint with the National Authority for the Supervision of Personal Data Processing. The following contact details of ANSPDCP can be used to submit the complaint: Address: 28-30 G-ral Blvd. Gheorghe Magheru, Sector 1, postal code 010336, Bucharest, Romania; email address: anspdcp@dataprotection.ro; dpo@dataprotection.ro. More information on the submission of the Complaint/referral to the Authority can be obtained by accessing www.dataprotection.ro.

4.9 EXERCISE OF RIGHTS AND RESOLUTION OF CLAIMS

To exercise any of the rights listed above, respectively to formulate requests or complaints, please contact us at 43 Șoseaua Pipera, Building B, 1st floor, Sector 2, Bucharest, Romania or using the electronic mail address: dpo@globalremoteservices.com.

Global Remote Services will prepare a response and communicate it within 1 month of receiving your request or complaint. This period may be extended by two months if necessary, taking into account the complexity and number of applications.

If the application was submitted by electronic means, the reply will also be provided in digital form as far as possible, unless you request another format. All requests will be dealt with promptly, free of charge and in accordance with applicable law.

If the requests are manifestly unfounded or excessive, in particular because of their repetitive nature, Global Remote Services shall be entitled: (a) to charge a reasonable fee, taking into account the administrative costs for providing the information or communication or for taking the requested action; b) to refuse to settle the application.

4.10 POLICY UPDATE

This policy may be updated from time to time to reflect changes in legislation, our data processing practices or the services we offer. The current version is available on the website, together with the date of the last revision, so that you can check the updated information at any time. In the event of significant changes that could affect the way your data is processed, they will be communicated by means of a clear and visible announcement on the website, so that you are informed and have the opportunity to familiarize yourself with the new provisions.

This Privacy Policy was last revised on 06.02.2026.