Privacy Policy
Last updated: 20 June 2026
Note: This is a courtesy English translation. The Romanian version is the legally binding text under Romanian law.
⚠ CONCEPT / DEMO — Popescu & Asociații is a portfolio demo. The firm's legal details (legal form, registration, Bar data) are illustrative.
1. Data controller
Popescu & Asociații (trading name)
Legal form: ⚠ TODO (SCA / SPRL / individual lawyer's office)
Registration (Bar / register): ⚠ TODO
Coordinating lawyer: Mihai Popescu (Bucharest Bar)
Email: contact@popescu-legal.ro · Phone: 021 140 660
Office: Calea Victoriei 155, Bucharest
2. About this policy
This policy explains what personal data we collect through popescu-legal-website.pages.dev, why, how long we keep it and your rights. It follows the EU GDPR 2016/679 and Romanian Law 190/2018.
3. What we collect
3.1. Consultation form
When you submit the form we collect your name (required), company (optional) and a brief description of the matter (required).
Important: the form is for first contact only. Please do not send confidential, sensitive or privileged information through it. Detailed analysis and document exchange happen later, under an engagement contract, on secure channels. The lawyer–client relationship and professional privilege arise only upon signing that contract.
3.2. Collected automatically
The site is hosted on Cloudflare Pages, which processes IP (pseudonymised, anti-bot), browser type, page and time. We use Cloudflare Turnstile to prevent form spam. No Google Analytics, no Facebook Pixel, no marketing tracking. See the Cookie Policy.
3.3. What we don't collect
- No national ID, bank details or special-category data through the site.
- Not directed at minors; intended for people over 16.
- No profiling or automated decisions (Art. 22 GDPR).
- We never sell your data or share it for marketing.
4. Purpose and legal basis
| Data | Purpose | Legal basis |
|---|---|---|
| Form data (name, company, matter) | To respond, assess if we can act for you, and quote | Art. 6(1)(b) — pre-contractual steps |
| Cloudflare / Turnstile (IP, browser) | Security, anti-spam, performance | Art. 6(1)(f) — legitimate interest |
5. Processors
| Provider | Purpose | Country | Safeguards |
|---|---|---|---|
| Cloudflare, Inc. | Hosting, CDN, Turnstile | US + EU edge | SCCs. Policy |
| Resend | Sends the request email to the firm | US | SCCs. Policy |
| Meta Platforms Ireland (WhatsApp) | If you message us on WhatsApp | EU / US | WhatsApp policy |
6. Retention
- Form requests that don't become a mandate: 12 months, then deleted.
- Cloudflare logs: per Cloudflare policy (typically 30 days).
- Client files (if you retain us): per the law on the legal profession and tax law (typically 10 years).
7. Your rights
Access, rectification, erasure, restriction, portability, objection, and withdrawal of consent (Arts. 15–21, 7 GDPR). Email contact@popescu-legal.ro; we reply within 30 days.
8. Supervisory authority
ANSPDCP — B-dul G-ral Gheorghe Magheru 28-30, Bucharest · www.dataprotection.ro
9. International transfers
Some data may be processed outside the EU (Cloudflare, Resend, and Meta if you use WhatsApp), under Standard Contractual Clauses.
10. Contact
Popescu & Asociații · contact@popescu-legal.ro · 021 140 660