A. Identity of the Controller

Sales Partner Automotive SRL (“Sales Partner”, “we”, “us”, or “our”) is the entity responsible for the processing of personal data as described in this Privacy Policy.

Our contact details are:

Sales Partner Automotive SRL

Str. Dr. Thoma Ionescu nr. 10

Sector 5, 050569, Bucharest

Romania

Email: privacy@salespartner.app

Telephone: +40 744 783 168

We act as the data controller where we determine the purposes and means of processing personal data in connection with our Services. In some circumstances, we may act as a data processor on behalf of our business clients, in which case the client’s privacy policy will govern the processing.

For residents of jurisdictions where a local representative is required, or for inquiries regarding data privacy rights under applicable laws, you may contact us at the details provided above.

 

B. Contact Details for Data Protection Officer (DPO)

We have appointed a Data Protection Officer (DPO) to oversee our compliance with applicable data protection laws and to serve as a contact point for data subjects.

You may contact our DPO as follows:

Data Protection Officer

Sales Partner Automotive SRL

Str. Dr. Thoma Ionescu nr. 10

Sector 5, 050569, Bucharest

Romania

Email: privacy@salespartner.app

Telephone: +40 744 783 168

For matters specifically related to data protection or to exercise your rights under applicable data protection laws, you may contact our DPO at the email address above.

In Brazil, our DPO (Encarregado) also acts as the point of contact for data subjects in accordance with Article 41 of the Lei Geral de Proteção de Dados (LGPD).

 

C. Purposes of Processing

We process personal data for the following purposes:

1. To provide and operate our Services, including user account creation, authentication, and access management.

2. To communicate with business contacts, customers, and prospects, including responding to inquiries, support requests, and other business communications.

3. To manage our contractual relationships, billing, and payments.

4. To improve and develop our products and Services, including conducting analytics, measuring performance, and enhancing user experience.

5. To ensure the security and integrity of our systems, prevent fraud, and protect our legal rights.

6. To comply with legal and regulatory obligations applicable in jurisdictions where we operate.

7. To conduct marketing and business development activities, including sending B2B marketing communications where permitted by law, based on our legitimate interests or your consent where required. You have the right to opt out of receiving such communications at any time.

We only process personal data where we have a lawful basis under applicable laws, such as fulfilling our contracts with customers, complying with legal obligations, protecting our legitimate business interests, or where we have obtained your consent.

 

D. Legal Bases for Processing

We only process personal data when we have a lawful basis to do so under applicable data protection laws. Depending on the circumstances and the jurisdiction, our processing activities are based on one or more of the following legal grounds:

1. Performance of a contract: When processing is necessary to enter into or perform our agreements with customers or partners, such as providing our Services or managing accounts.

2. Legal obligations: When processing is necessary for us to comply with laws or regulatory requirements.

3. Legitimate interests: When processing is necessary for our legitimate business purposes, such as improving our Services, ensuring security, maintaining business relationships, or communicating with business contacts. We balance our interests against your fundamental rights and freedoms.

4. Consent: When you have provided your consent for specific processing activities, which you can withdraw at any time.

Under the laws of some countries, such as Brazil’s LGPD or Turkey’s KVKK, we may rely on similar legal grounds including compliance with legal obligations, performance of contracts, regular exercise of rights, protection of health and safety, or legitimate interests where allowed by law.

If you would like more details about the specific legal basis that applies to a particular type of processing, please contact us using the details provided in this Privacy Policy.

Purpose of Processing	Legal Basis for Processing
To provide and operate our Services, including account creation, authentication, and access management.	Performance of a contract; Legitimate interests where applicable.
To communicate with business contacts, customers, and prospects, including responding to inquiries and support requests.	Legitimate interests; Consent where required by law.
To manage our contractual relationships, billing, and payments.	Performance of a contract; Legal obligations.
To improve and develop our products and Services, including analytics, measuring performance, and enhancing user experience.	Legitimate interests.
To ensure the security and integrity of our systems, prevent fraud, and protect our legal rights.	Legitimate interests.
To comply with legal and regulatory obligations in jurisdictions where we operate.	Legal obligations.
To conduct marketing and business development activities, including sending B2B marketing communications where permitted by law.	Legitimate interests; Consent where required by law.

 

E. Categories of Personal Data Collected

Depending on how you interact with us and the Services you use, we may collect the following categories of personal data:

1. Identification Data

   – Full name

   – Job title

   – Employer name or organization

2. Contact Data

   – Business email address

   – Business phone number

   – Business postal address

3. Account Data

   – Username and password

   – User preferences

   – Account settings

4. Professional or Business Information

   – Role or function within your company

   – Industry or sector

5. Marketing and Communication Data

   – Marketing preferences

   – Responses to surveys or marketing communications

6. Technical Data

   – IP address

   – Device identifiers

   – Browser type and version

   – Operating system

   – Language settings

7. Usage Data

   – Logs of access dates and times

   – Pages or features used in our Services

   – Clickstream data

8. Communication Data

   – Contents of messages, emails, or support tickets you send us

   – Records of communications and interactions

9. Cookie and Tracking Data

   – Cookie identifiers

   – Information collected through pixels, tags, or similar tracking technologies

We do not intentionally collect sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, health data, or similar special categories) in the context of our Services unless it is required and lawful under applicable laws.

If you provide personal data of other individuals, you are responsible for ensuring you have their permission to share that data with us.

 

F. Sources of Data

We collect personal data from the following categories of sources:

1. Directly from you:

   – When you create an account, fill out forms, communicate with us, or use our Services.

2. Automatically through your use of our Services:

   – We collect technical and usage data through cookies, logs, and similar technologies when you visit our websites or use our applications.

3. From your employer or colleagues:

   – For example, when your organization provides us with your business contact details to set up user accounts or manage licenses.

4. From publicly available sources:

   – Such as publicly accessible websites, business directories, or professional networking platforms (e.g. LinkedIn) to identify potential business customers and contacts.

5. From third-party data providers and lead generation services:

   – We may obtain business contact details and professional information from reputable data vendors, business information platforms, or lead generation services, in accordance with applicable laws.

6. From social media or online interactions:

   – When you engage with our social media pages or content.

We only collect personal data from these sources as permitted by applicable laws and for the purposes described in this Privacy Policy.

 

G. Recipients / Categories of Recipients

We may share personal data with the following categories of recipients, where necessary and in accordance with applicable laws:

1. Service providers and vendors:

   – Companies that help us operate, maintain, and improve our Services, including cloud hosting providers, IT support, analytics services, customer relationship management (CRM) systems, and marketing platforms.

2. Professional advisers:

   – Lawyers, auditors, consultants, accountants, and other professional service providers who assist us in managing our business operations and compliance obligations.

3. Business partners and resellers:

   – Trusted partners who collaborate with us in delivering our Services, such as integration partners or authorized resellers.

4. Corporate transactions:

   – If we engage in a merger, acquisition, restructuring, sale of assets, or similar business transaction, personal data may be shared as part of the due diligence process or transferred as part of the transaction.

5. Legal and regulatory authorities:

   – Government authorities, regulators, law enforcement, or courts when required by applicable law, court orders, or legal processes, or to protect our legal rights or the rights of others.

6. Other users within your organization:

   – For example, administrators or team managers within your company may have visibility over your account details or activity logs, depending on how your organization configures our Services.

We require all recipients who process personal data on our behalf to comply with appropriate data protection obligations and to use personal data only for the purposes we specify.

 

H. International Transfers

Because we operate internationally, your personal data may be transferred to, and stored or processed in, countries outside your own jurisdiction. These countries may have data protection laws that differ from those of your country and may not always guarantee the same level of protection.

For example, we use cloud service providers such as HubSpot to store and manage personal data related to our Services, customer accounts, and business operations. HubSpot is headquartered in the United States, and while it provides options for data hosting in the European Union, certain support and operational processes may involve transfers of personal data to the United States or other countries where HubSpot or its partners operate.

Whenever we transfer personal data internationally, we ensure that appropriate safeguards are in place to protect your personal data, including:

• Transfers to countries that have been officially recognized as providing an adequate level of data protection by relevant authorities, such as the European Commission for residents of the European Economic Area (EEA) or the UK Government for UK residents.
• Where no adequacy decision exists, we use legally binding agreements approved by regulatory authorities, such as Standard Contractual Clauses issued by the European Commission or the UK Information Commissioner’s Office. These agreements require recipients to protect personal data in line with European or UK data protection standards.
• Implementation of additional technical and organizational measures where necessary—such as encryption, pseudonymization, and strict access controls—to enhance the security and confidentiality of personal data, particularly where local laws could allow government access in ways that do not align with European privacy standards.

Specifically:

• EEA and United Kingdom Residents: We ensure that any transfer of personal data outside the EEA or the UK complies with the General Data Protection Regulation (GDPR) and the UK GDPR. We conduct transfer impact assessments where required and implement supplementary measures to protect your personal data when transferred to countries without adequacy decisions.
• Brazil Residents: Any international transfer of personal data complies with the Lei Geral de Proteção de Dados (LGPD), including transfers to countries approved by Brazil’s data protection authority (ANPD) as providing an adequate level of protection or based on contractual safeguards where required.
• South African Residents: We comply with Section 72 of the Protection of Personal Information Act (POPIA), ensuring that personal data transferred outside South Africa is protected by laws or binding agreements that ensure an adequate level of data protection.

If you would like more information about the specific mechanisms we use for international transfers, the safeguards in place, or the countries to which your personal data may be transferred, you can contact us using the details provided in this Privacy Policy.

 

I. Retention Periods

We keep personal data only for as long as it is necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

In general:

– Account and profile data: retained for as long as your account is active and for a reasonable period thereafter to fulfill legal obligations, resolve disputes, or enforce agreements.

– Communication and support data: retained for up to 5 years after the last interaction, unless required longer for legal reasons.

– Transaction and billing records: retained for up to 10 years, or as required by tax and accounting laws.

– Marketing data: retained until you withdraw your consent or object to further processing, plus a reasonable period to record your opt-out request.

– Technical and usage data: retained for up to 2 years to analyze and improve our Services.

We may also retain personal data for longer periods where necessary to comply with legal obligations, to protect our legal rights, or where retention is required for legitimate business purposes.

When personal data is no longer needed, we securely delete it or anonymize it so that it can no longer be linked to any individual.

If you would like more information about specific retention periods for particular types of data, please contact us using the details provided in this Privacy Policy.

Category of Data	Retention Period
Account data	As long as account is active + reasonable period
Communication records	Up to 5 years
Billing data	Up to 10 years
Marketing data	Until withdrawal of consent
Technical logs	Up to 2 years

 

J. Data Subject Rights

Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:

1. Right of Access:
   1. To request confirmation of whether we process your personal data and to receive a copy of the personal data we hold about you.
2. Right to Rectification:
   1. To request correction of any inaccurate or incomplete personal data.
3. Right to Erasure:
   1. To request deletion of your personal data under certain circumstances, such as where it is no longer necessary for the purposes for which it was collected.
4. Right to Restrict Processing:
   1. To request that we limit the processing of your personal data in certain cases, such as when you contest its accuracy.
5. Right to Data Portability:
   1. To request your personal data in a structured, machine-readable format and to transmit it to another controller, where technically feasible.
6. Right to Object:
   1. To object to certain types of processing, including direct marketing, at any time.
7. Right to Withdraw Consent:
   1. To withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
8. Rights Related to Automated Decision-Making:
   1. To not be subject to decisions based solely on automated processing, including profiling, where such decisions produce legal effects or similarly significant consequences.
9. Right to Non-Discrimination:
   1. Under certain laws, such as the California Privacy Rights Act (CPRA), you have the right not to receive discriminatory treatment for exercising your privacy rights.
10. Additional Rights for California Residents:
    1. To know the categories of personal information collected, purposes of use, and categories of third parties with whom data is shared.
    2. To request deletion or correction of personal information.
    3. To opt out of the sale or sharing of personal information.
    4. To limit the use and disclosure of sensitive personal information.
11. Additional Rights for Brazil Residents:
    1. To request anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data.
    2. To obtain information about entities with whom your data has been shared.
    3. To object to processing in case of non-compliance with the LGPD.
12. Additional Rights for South African Residents:
    1. To request access to your personal information and to request correction or deletion of personal information held about you under the Protection of Personal Information Act (POPIA).

 

How to Exercise Your Rights

To exercise any of these rights, please contact us using the details provided in the “Contact Us” section of this Privacy Policy.

We aim to respond to all requests as quickly as possible and in accordance with applicable laws. Typically:

• For residents of the European Economic Area (EEA) and the United Kingdom: We will respond within one month of receiving your request. This period may be extended by up to two additional months if necessary, depending on the complexity and number of requests. We will inform you if we need more time.
• For residents of California: We will respond within 45 days of receiving your request, with the possibility of extending this period by an additional 45 days if necessary and with prior notice.
• For residents of Brazil and South Africa: We will respond within the timeframe required by applicable laws, which is typically 15 to 30 days.

Please note that we may require you to verify your identity before processing your request. Certain rights may be subject to limitations or exemptions under applicable law.

K. Automated Decision-Making / Profiling

We do not use personal data to make decisions that produce legal effects or similarly significant impacts based solely on automated processing, including profiling, without human involvement.

However, we may use limited forms of automated processing, such as profiling, for purposes like:

– Analyzing usage patterns to improve and personalize our Services.

– Tailoring marketing communications to your business interests, where permitted by law.

These activities do not produce legal or similarly significant effects on individuals.

Depending on your location and applicable data protection laws, such as the General Data Protection Regulation (GDPR), Brazil’s Lei Geral de Proteção de Dados (LGPD), or the California Privacy Rights Act (CPRA), you may have the right:

– To request information about whether we use automated decision-making, including profiling.

– To request meaningful information about the logic involved, as well as the significance and potential consequences of such processing.

– To request human intervention, to express your point of view, and to contest decisions made solely by automated means, where applicable.

For more information about how to exercise these rights, please refer to Section J (“Data Subject Rights”) of this Privacy Policy.

If we engage in automated decision-making that produces legal or similarly significant effects, we will inform you separately and provide details about your rights in relation to that processing.

If you have any questions about our use of automated decision-making or profiling, you can contact us using the details provided in this Privacy Policy.

 

L. Security Measures

We take the security of personal data seriously and implement appropriate technical and organizational measures to protect it against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Depending on the nature of the data and the risks involved, our security measures include:

– Encryption of data in transit and at rest to protect data from unauthorized access.

– Access controls to limit who can access personal data, including role-based permissions and authentication measures.

– Regular monitoring of systems for vulnerabilities and potential security threats.

– Secure development practices for our software and systems.

– Training of employees on data protection principles and security best practices.

– Incident response plans to detect, manage, and mitigate potential data breaches or security incidents.

Despite our efforts, no method of electronic storage or transmission over the Internet is entirely secure. We encourage you to take appropriate measures to protect your personal information, such as keeping passwords confidential and using secure networks.

If you suspect any security issue or wish to report a potential vulnerability, please contact us using the details provided in this Privacy Policy.

 

M. Marketing and Consent

We may send marketing communications about our products and services, updates, events, or other information we think may interest you, based on our legitimate interests or your consent, depending on the laws of your country.

How We Collect Consent

• In some jurisdictions, we may rely on your express consent before sending electronic marketing communications, such as emails or newsletters.
• In other cases, especially in a B2B context, we may rely on our legitimate interests to send you marketing communications, provided such communications are relevant to your role or business and where the law permits this approach.

Your Rights to Opt Out

You can opt out of marketing communications at any time by:

• Clicking the “unsubscribe” link in any marketing email we send you.
• Contacting us directly using the details provided in this Privacy Policy.

Even if you opt out of marketing messages, you may still receive non-marketing communications from us, such as transactional or service-related messages.

Your Rights Under Different Laws

Depending on your location, additional rules may apply:

• EEA and UK Residents: Under the GDPR and UK PECR, we may send B2B marketing emails based on legitimate interests, but you have the right to object at any time. For unsolicited marketing to individual subscribers, we will obtain your consent where required.
• California Residents: Under the California Privacy Rights Act (CPRA), you have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes.
• Canadian Residents: Under Canada’s Anti-Spam Legislation (CASL), we require express or implied consent to send you commercial electronic messages.
• Australian Residents: Under the Spam Act 2003, we require your consent to send commercial electronic messages.

In Canada and Australia, we send marketing communications only where we have your express consent, or where consent can reasonably be inferred from a business relationship or publicly available business contact information. You may opt out of these communications at any time.

We respect your choices and will honor any applicable legal obligations relating to marketing communications.

 

N. Cookies and Tracking

We use cookies and similar tracking technologies on our websites and online services to help us operate our Services, analyze traffic, personalize content, and deliver relevant advertising, where permitted by law.

What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help us remember your preferences, understand how you interact with our Services, and improve your user experience.

Types of Cookies We Use

• Strictly Necessary Cookies: These cookies are essential for the operation of our Services and cannot be switched off in our systems.
• Performance and Analytics Cookies: These help us analyze how our Services are used so we can improve them. They may collect information such as pages visited and traffic sources.
• Functional Cookies: These allow our Services to remember choices you make, such as language preferences.
• Advertising and Targeting Cookies: These may be set by us or third parties to build a profile of your interests and show you relevant ads on other sites. This may involve cross-context behavioral advertising under certain laws, such as the California Privacy Rights Act (CPRA).

Consent and Your Choices

Where required by law, such as under the ePrivacy Directive, UK PECR, or other applicable regulations, we obtain your consent before placing non-essential cookies on your device.

You can manage or withdraw your consent for cookies at any time through:

• Our cookie banner or cookie preference center, where available.
• Adjusting your browser settings to block or delete cookies.
• Using industry opt-out mechanisms for targeted advertising, where applicable.

Please note that disabling certain cookies may affect the functionality of our Services.

California Residents

For California residents, certain uses of cookies may be considered a “sale” or “sharing” of personal information under the CPRA, particularly when used for cross-context behavioral advertising. You have the right to opt out of such activities, which you can exercise through our cookie preference tools or by contacting us as described in this Privacy Policy.

For more details about how we use cookies and similar technologies, please refer to our Cookie Policy here: https://salespartner.app/cookie-policy-eu/

 

O. Complaint Rights

We are committed to protecting your personal data and addressing any concerns you may have about how we handle it.

If you believe your personal data has been processed in a way that does not comply with applicable data protection laws, or if you have questions or concerns about your privacy, you have the right to lodge a complaint.

How to Contact Us

We encourage you to contact us first so we can try to resolve your issue promptly.

• Email: privacy@salespartner.app

We will acknowledge your complaint within five (5) business days. We aim to provide a full response as quickly as possible, and always within the timeframes required by applicable laws—for example, typically within one month for EEA and UK residents, 45 days for California residents, and 15–30 days for residents of other jurisdictions.

Your Right to Contact Supervisory Authorities

Depending on where you are located, you also have the right to lodge a complaint with a data protection authority if you are not satisfied with how we handle your personal data or your complaint.

• Residents of the European Economic Area (EEA):

You can contact your local data protection authority. A list of EEA supervisory authorities and their contact details is available here:

https://edpb.europa.eu/about-edpb/board/members_en

• UK Residents:

You can contact the UK Information Commissioner’s Office (ICO):

Website: https://ico.org.uk/

Telephone: +44 303 123 1113

• Brazil Residents:

You can petition the Brazilian National Data Protection Authority (ANPD) regarding the processing of your personal data. More information is available here:

https://www.gov.br/anpd/

• South African Residents:

You can lodge a complaint with the Information Regulator of South Africa. More details are available here:

https://www.justice.gov.za/inforeg/

• California Residents:

Under the California Privacy Rights Act (CPRA), you may also lodge complaints with the California Privacy Protection Agency (CPPA). More information is available here:

https://cppa.ca.gov/

We value your trust and are committed to resolving all privacy-related concerns fairly and promptly.

 

P. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons.

If we make significant changes that affect your rights or how we process personal data, we will inform you by appropriate means, such as through our website, email notifications, or other direct communication, where required by applicable law.

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your personal data.

For California residents: In compliance with the California Privacy Rights Act (CPRA), we review and update our Privacy Policy at least once every 12 months and indicate the date of the last update below.

 

Our privacy policy explains:

● What information we collect and why we collect it;

● How we use the information;

● The options we offer, including how to access and update the information.

Contact Information

This website is managed by Sales Partner Automotive SRL, a Romanian company with its registered office at 10 Dr. Thoma Ionescu Street, 5th District, Bucharest.

Information about Data Protection and GDPR

In all member countries of the European Union (EU), starting from May 25, 2018, Regulation 2016/679 on the protection of persons concerning the processing of personal data and on the free movement of such data becomes applicable, also known by the acronym GDPR (General Data Protection Regulation).

Legal Grounds for Data Processing

The legal grounds for processing these data are:

● Execution of the contract and preliminary steps for this contract (Art. 6(1) b GDPR) – for data collected through the order form or data received as a result of customer service activities;

● Legal obligations (Art. 6(1) c GDPR) for data necessary for invoicing;

● Consent (Art. 6(1) a GDPR) for data used for marketing purposes for site visitors (e.g. newsletter subscription, marketing cookies, etc.);

● Legitimate interest (Art. 6(1) f GDPR) for data used for marketing to current customers (in accordance with Law 506/2004 Art. 12(2)) of www.salespartner.app, for the security of the www.salespartner.app site (Recital 49 GDPR), and for data used internally to optimize the www.salespartner.app site (and anonymized or pseudonymized, as applicable).

The personal data you submit to Sales Partner Automotive SRL (via the website or email) or that you fill in during the use of the www.salespartner.app site are processed. All information you fill in/submit during the use of www.salespartner.app must be complete, correct, and up to date.

Any attempt to access another user’s personal data, modify the content of the www.salespartner.app site, or affect the performance of the server on which the www.salespartner.app site runs will be considered an attempt to defraud the www.salespartner.app site and will initiate criminal investigation against those who attempted such actions.

What Kind of Information We Collect from You and How These Information Are Used

The website www.salespartner.app collects personal data from its users in three ways:

● Directly from the user;

● Traffic data from the user’s browser;

● Through cookies.

Directly Collected Personal Data

1. When you access www.salespartner.app, create an account, or fill out a form, we may ask for your first name, last name, and/or email address, as well as other necessary contact details.

2. When you access support/consultancy services, we may ask for an email address or phone number. We reserve the right to record any communication made for the support services of www.salespartner.app to improve our services. We will inform you before the communication begins that it might be recorded. These data are used, for example, to contact you to resolve a complaint/request. We may request other data that may constitute personal data only to the extent necessary for these purposes. These data are retained until the consent is revoked.

3. Also, when you subscribe to our newsletter, we ask you to provide an email address, a name, and other information necessary to personalize communication with you. These data are retained until the consent is revoked or until your activity shows that you are no longer interested in our communication. Your personal data for the newsletter is also shared with Messenger OS / Kooperativa 2.0 / MailChimp, acting as a data processor for Sales Partner Automotive SRL, providing the newsletter delivery service.

4. All data processors we work with are in the European Union, and those in the United States have signed Standard Contractual Clauses with us, to which we have added additional data protection clauses.

5. Under the GDPR, you have the right to access, rectify, or delete personal data or restrict processing or data portability. You also have the right to object to processing. For data collected through consent, you have the right to withdraw consent at any time. To exercise these rights, you can send a request by email to privacy@salespartner.app. You also have the right to file a complaint with a supervisory authority or to take legal action.

6. We use profiling systems for visitors to the www.salespartner.app site for personalized commercial communications and offers sent through the site, push notifications, email, or SMS, as appropriate.

Information from Traffic Monitoring Reports

When you visit a website, you disclose certain information about yourself, such as your IP address, the time of your visit, the location from which you entered the site, and information about your device (such as hardware model, operating system version, browser used, etc.). Sales Partner Automotive SRL, like other operators, records this information to improve the user experience and the quality of the services offered.

Any statistics regarding our users’ traffic that we may provide to partners or third-party advertising networks are provided only as aggregated data and do not include any personally identifiable information about any individual user.

Information Obtained Through Cookies

The website www.salespartner.app may use cookies to facilitate the storage and tracking of your preferences, as well as to optimize our site, including for personalization or marketing purposes. More details can be found on the Cookie Usage Policy page.

How We Protect the Information Collected from You

Sales Partner Automotive SRL does not share the information collected (via the website, email, or phone) with third parties without your express and prior consent.

Your access to certain services and information on the site (including access to personal data) is protected by a username and password. We recommend that you do not disclose these details to anyone. The www.salespartner.app site will never ask for your account passwords in unsolicited messages or phone calls. Therefore, we advise you not to disclose your password to anyone who asks for it.

When accessing the site from a public computer, you should remember to log out of your account at the end of each session. We also advise you to close the browser window in which you were working.

These tips are intended to prevent unauthorized persons from accessing your personal information or correspondence when you are working in a public network environment (e.g., internet cafes).

You should also remember that whenever you voluntarily disclose personal information in an online communication environment (e.g., email, forums, discussion groups, chat services), the information disclosed can be easily collected and used by unauthorized persons. Although www.salespartner.app does its best to protect your personal information, you must understand that you are solely responsible for maintaining the secrecy of the information (passwords, usernames, etc.) related to the accounts you have acquired as a result of using our services.

However, we guarantee that we will make every effort to ensure the security of your personal data in our systems, according to the security standards imposed by Romanian legislation in force.

We strive to protect www.salespartner.app and our users against unauthorized access, unauthorized alteration, disclosure, or destruction of the information we hold. In particular:

• We offer secure access to personal data;
• We review our information collection, storage, and processing practices, including physical security measures, to protect against unauthorized access to systems;
• We restrict access to personal information, granting it only to Sales Partner Automotive SRL employees, contractors, and agents who need to know that information to process it on our behalf and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

However, while our security systems are effective, no system is impenetrable. We cannot guarantee the impenetrability of our security services or the fact that information transmitted to us will not be intercepted when shared.

Who Has Access to the Information Collected from You

Sharing personal data with third parties under the conditions stipulated above implies your acceptance that the recipients may have separate privacy and data collection practices. Sales Partner Automotive SRL has no control over and cannot guarantee all legal aspects involved in the use of these independent privacy practices.

Additionally, we will share personal information with companies, organizations, or individuals outside Sales Partner Automotive SRL when we believe in good faith that access, use, preservation, or disclosure of the information is reasonably necessary to:

● Comply with applicable law, regulations, legal processes, or enforceable governmental requests;

● Enforce the current Terms and Conditions, including investigating potential violations;

● Detect, prevent, or otherwise address fraud, security, or technical issues;

● Protect against harm to the rights, property, or safety of Sales Partner Automotive SRL, our users, or the public, as required or allowed by law.

What Are Your Rights

If you have reasons to believe that any personal data we hold about you is incorrect or incomplete, you have the right to request to see this information, rectify it, or ask for it to be deleted, request the restriction of processing, object to processing, and also have the right to data portability. To exercise these rights, please contact us at privacy@salespartner.app.

If you wish to file a complaint about how we have processed your personal data, please contact the Data Protection Officer at the following email address: privacy@salespartner.app. The Data Protection Officer will contact you to resolve the issue raised.

You can also contact the National Authority for the Supervision of Personal Data Processing at www.dataprotection.ro and file a complaint.

Changes

Our Privacy Policy may change periodically. Your rights under this Privacy Policy will not be diminished without your explicit consent. Any changes to the Privacy Policy will be posted on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of changes to the Privacy Policy).

Last modified: 22^nd August 2025.