How Ellipse Marketing collects, uses and protects personal data submitted through this website — in line with the General Data Protection Regulation (GDPR). Client platforms and dedicated services operated on behalf of clients are governed separately.
Ellipse Marketing — incorporated in Romania (J40/20896/2005), registered office Gh. Matac 31, 020341 Bucharest — acts as the data controller for personal data submitted through this website.
We only collect data that you actively provide through the forms on this website. We do not use covert tracking to identify visitors. Three distinct contexts are handled separately:
Contact form data is processed to respond to your inquiry. Legal basis: your consent (GDPR Art. 6.1.a), given when you submit the form.
Career form data is processed to evaluate your application and communicate with you regarding it. Legal basis: steps taken at your request prior to a potential contract (GDPR Art. 6.1.b).
Newsletter data is processed to send you the editorial updates you have requested. Legal basis: your consent at sign-up, withdrawable at any time through the unsubscribe link.
We do not use your data for automated decision-making, profiling, or behavioural advertising. Decisions that affect you — for instance regarding an application — are made by humans, with judgement applied to the specific context.
Personal data is accessible only to authorised members of Ellipse Marketing involved in handling your inquiry, application, or subscription. We do not share it with third parties for commercial prospecting.
We do not sell personal data, in any form, to anyone.
We rely on a small set of providers to operate this website and our communications. Each one acts as a processor under a written agreement, with confidentiality and GDPR-compliant safeguards.
Contact inquiries are retained for up to 24 months from your last interaction, then deleted or anonymised.
Applications are retained for up to 5 years from submission, unless you request earlier deletion or unless a recruitment process is ongoing.
Newsletter subscriptions are retained for as long as you remain subscribed. Once unsubscribed, your address is removed from the active list within 30 days.
Some of our service providers may process data on infrastructure located outside the European Union. Where this is the case, we ensure appropriate safeguards are in place — Standard Contractual Clauses, adequacy decisions, or equivalent mechanisms recognised by the European Commission.
We apply technical and organisational measures appropriate to the nature of the data — encrypted transmission, access controls, secure storage, regular review of provider compliance. While no system is absolutely impenetrable, we treat data security as integral to our duty of care.
In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the Romanian supervisory authority (ANSPDCP) within 72 hours and inform affected individuals without undue delay, as required by GDPR Art. 33–34.
This website is intended for a professional audience and is not directed at children under the age of 16. We do not knowingly collect personal data from minors. If you believe a minor has submitted data through our forms, please contact our DPO so we can delete it.
This website uses cookies for essential functions, audience measurement, and — when applicable — advertising performance measurement. Categories, durations and providers are detailed in our Cookie Policy, where you can also review and update your consent at any time.
You have the following rights regarding your personal data:
We may update this policy to reflect changes in our practices, in our service providers, or in applicable regulation. Material changes affecting the way your data is processed will be communicated where relevant — for instance through a notice on this page or, where appropriate, a direct message.