Privacy Policy

Last updated: 18 January 2026

This Privacy Policy describes how Redactum Consulting SRL ("Redactum", "we", "our", or "us") collects, uses, discloses, and protects personal data when you access our website, purchase or use our services, or otherwise interact with us.

This Privacy Policy applies to all clients and users, regardless of their country of residence. It is governed exclusively by European Union law, in particular the General Data Protection Regulation (EU) 2016/679 ("GDPR"), and applicable Romanian data protection legislation.

Together with our Terms of Service, this Privacy Policy constitutes a legally binding agreement between Redactum Consulting SRL and its clients (individuals or legal entities), unless a separate written contract expressly provides otherwise.

1. About Us (Data Controller)

Company name: Redactum Consulting SRL

Registered office: Oradea, Romania

Jurisdiction: Romania, European Union

Role: Data Controller within the meaning of GDPR

For all privacy-related matters, you may contact us via the contact details available on our website. All privacy requests are handled directly and with due care.

2. Scope of Services

Redactum Consulting SRL provides digital professional services, including but not limited to:

  • Academic and scientific theoretical research support (literature review, structuring, editing, formatting, review);
  • Professional and business writing, editing, and documentation services;
  • Creation, review, and improvement of presentations (e.g., slide decks);
  • Services for content creators and educators (research-based content, educational materials);
  • Career and professional communication support.

Important: All research services provided are intended exclusively for independent or professional projects. The materials delivered are designed to support research development, conceptual understanding, and informed decision-making. They are not intended to be submitted, in whole or in part, for academic assessment, grading, or fulfillment of degree requirements. Clients remain fully responsible for the appropriate and ethical use of the materials provided.

3. Governing Privacy Framework (EU Law Only)

Redactum Consulting SRL is established in the European Union and processes personal data exclusively under GDPR and Romanian law.

Clients located outside the European Union, including clients residing in the United States, expressly acknowledge and agree that:

  • Their personal data will be processed according to GDPR standards;
  • By using our services, they voluntarily submit to EU data protection rules;
  • No non-EU privacy laws (including U.S. federal or state privacy laws) shall apply to Redactum Consulting SRL solely due to the client's location, unless explicitly required by mandatory law and agreed in writing.

Nothing in this Privacy Policy shall be interpreted as an undertaking by Redactum Consulting SRL to comply with non-EU privacy regimes.

4. Personal Data We Collect

We may collect and process the following categories of personal data:

4.1 Data You Provide Directly

  • Identification and contact details (name, email address, phone number);
  • Billing and invoicing details (address, company name, VAT number);
  • Communications with us (emails, messages, inquiries);
  • Files, documents, texts, presentations, or other materials you submit for the purpose of providing our services.

4.2 Data Collected Automatically

When you visit our website or online store (powered by Shopify), certain technical data may be collected automatically, such as:

  • IP address;
  • Browser and device information;
  • Pages visited and interaction data;
  • Cookies and similar technologies.

5. Use of Software, Tools, and AI-Assisted Applications

To deliver our services efficiently and at a professional standard, Redactum Consulting SRL may use:

  • Document editing and formatting software;
  • Grammar, language, quality, plagiarism and originality checking tools;
  • File storage, transfer, and collaboration tools;
  • AI-assisted tools for generating content, language enhancement, summarization, or content refinement;
  • Email and communication platforms.

As a result, documents, files, and the information contained therein may be temporarily processed within such tools, strictly for the purpose of performing the requested services.

6. How We Use Personal Data

We process personal data for the following purposes:

  • To provide and perform our services;
  • To communicate with clients and respond to inquiries;
  • To deliver completed services and materials (primarily via email, including Zoho Mail or equivalent providers);
  • To issue invoices and comply with accounting and tax obligations;
  • To ensure platform security and prevent fraud;
  • To comply with legal obligations under EU and Romanian law.

We do not currently send marketing communications. If this changes in the future, such communications will only be sent with explicit consent.

7. Legal Bases for Processing (GDPR)

We process personal data based on one or more of the following legal grounds:

  • Performance of a contract (Article 6(1)(b) GDPR);
  • Legal obligations (Article 6(1)(c) GDPR);
  • Legitimate interests (Article 6(1)(f) GDPR), such as service improvement and security;
  • Consent (Article 6(1)(a) GDPR), where applicable.

8. Data Sharing and Third Parties

We do not sell, rent, or otherwise disclose personal data to third parties for their own marketing or commercial purposes.

Personal data may be disclosed strictly on a need-to-know basis and only where necessary for the performance of our services or to comply with legal obligations, including to:

  • Shopify, as the technical platform used to host and operate our website and online store;
  • Payment processors, solely for processing transactions;
  • Email and communication service providers (such as Zoho Mail or equivalent);
  • Software and application providers used exclusively to perform the requested services;
  • Public authorities or courts, where disclosure is required by law.

All third parties are selected carefully. Their tools and services are used subject to their publicly available terms, privacy policies, and security measures, and only to the extent strictly necessary to perform the requested services. Redactum Consulting SRL does not control and is not responsible for the independent data processing activities of such third parties.

9. Relationship with Shopify

Our website and online store are hosted on the Shopify e-commerce platform.

Shopify as a Technical Service Provider (Data Processor)

Shopify processes certain personal data strictly on our behalf and solely for the purpose of providing the technical infrastructure required to operate our online store. This includes, where applicable, hosting, checkout functionality, order management, payment facilitation, and platform security.

In this context, Shopify acts as a data processor and processes personal data only in accordance with our instructions and applicable data processing agreements.

Shopify as an Independent Data Controller (Limited and Separate Processing)

In limited circumstances, Shopify may process certain technical or usage-related data as an independent data controller, exclusively for purposes determined by Shopify itself, such as:

  • Maintaining the security, integrity, and availability of the Shopify platform;
  • Preventing fraud and abuse;
  • Ensuring compliance with Shopify's own legal and regulatory obligations.

Such processing is separate from and independent of Redactum Consulting SRL, and Redactum does not determine the purposes or means of that processing.

Redactum Consulting SRL does not participate in, control, or benefit from any cross-merchant analytics, profiling, or commercial data aggregation performed by Shopify.

Any personal data processed by Shopify in its role as an independent data controller is governed exclusively by Shopify's own privacy policies.

Shopify Applications

We may use applications available through the Shopify App Store to support specific and limited website or business functionalities (such as invoicing, document handling, or automation).

Such applications process personal data only to the extent strictly necessary to perform their functions and are subject to contractual confidentiality and data protection obligations.

10. International Data Transfers

Personal data may be processed or temporarily stored outside the European Economic Area (EEA) solely as necessary for the provision of our services (for example, through secure cloud infrastructure, email delivery systems, or software providers used to perform services).

All such international transfers are conducted in full compliance with the GDPR, using appropriate safeguards, including where applicable:

  • European Commission adequacy decisions;
  • Standard Contractual Clauses (SCCs);
  • Appropriate technical and organizational security measures, such as encryption and access controls.

The applicable data protection framework for all such transfers remains EU law (GDPR), regardless of the client's country of residence.

11. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfill contractual obligations;
  • Comply with legal, accounting, and tax requirements;
  • Resolve disputes.

Client project files are generally deleted or anonymized after completion, unless retention is legally required or explicitly agreed otherwise.

12. Cookies Policy

Our website uses cookies and similar technologies.

Types of cookies:

  • Strictly necessary cookies (essential for site functionality);
  • Analytics cookies (to understand site usage);
  • Functionality cookies (to remember preferences).

Non-essential cookies are used only with your consent, which can be withdrawn at any time via browser settings or cookie tools.

13. Children's Data

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors.

If we become aware that personal data of a minor has been collected, it will be deleted without delay.

14. Your Rights Under GDPR

You have the right to:

  • Access your personal data;
  • Rectify inaccurate data;
  • Request erasure;
  • Restrict or object to processing;
  • Data portability;
  • Withdraw consent at any time.

Requests may be submitted using the contact details on our website. We respond within the time limits set by GDPR.

You also have the right to lodge a complaint with the Romanian Supervisory Authority (ANSPDCP) or another EU supervisory authority.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be published on our website with a revised "Last updated" date.

Continued use of our services constitutes acceptance of the updated Privacy Policy.

Contact

For any questions regarding this Privacy Policy or your personal data, please contact us using the details available on our website.

By using our website or services, you confirm that you have read, understood, and agreed to this Privacy Policy.