Privacy Policy

This Privacy Policy explains how Bliss IMPEX S.R.L., operating SOFTPAS.COM ("we", "our", "the Company"), collects, processes, stores, transfers, and protects personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), Romanian data protection legislation, and other applicable laws.

1. Scope of Application

This Policy applies to SOFTPAS.COM, its subdomains, and all related services where this Privacy Policy is referenced. It applies when users voluntarily provide personal data or interact with our services.

2. Data Controller

Data Controller:
Bliss IMPEX S.R.L.
Registered Address: 1 Decembrie 1918 BL C8 – Giurgiu – Romania
Email: [email protected]
Data Protection Contact: [email protected]

3. Categories of Personal Data Collected

Identification data (name, email address).
Account credentials and registration data.
Support communications and correspondence.
Usage data, IP address, browser type, device data.
Analytics and advertising identifiers (where consented).

4. Legal Basis for Processing

Consent (Art. 6(1)(a) GDPR)

Newsletter subscriptions.
Marketing communications.
Personalized advertising.

Contractual Necessity (Art. 6(1)(b) GDPR)

Provision of account-based services.
Service-related communications.

Legitimate Interest (Art. 6(1)(f) GDPR)

Platform security and fraud prevention.
Service optimization and analytics.
Content recommendations.

Legal Obligations (Art. 6(1)(c) GDPR)

Regulatory compliance.
Law enforcement cooperation when legally required.

5. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards including:

Standard Contractual Clauses (SCCs).
Adequacy decisions by the European Commission.
Contractual data processing agreements (DPAs).

6. Third-Party Processors & Advertising

We may use trusted third-party providers for hosting, analytics, marketing, and advertising services, including contextual and interest-based advertising networks such as Google AdSense.

These providers may process limited personal data strictly under contractual obligations and applicable data protection law.

7. Data Retention

Personal data is retained only for as long as necessary for the purposes described, or until consent is withdrawn, unless extended retention is required by law.

8. Data Security Measures

We implement appropriate technical and organizational safeguards, including:

Encrypted data transmission (HTTPS/TLS).
Access control restrictions.
Secure infrastructure and server-level protections.
Internal data minimization practices.

9. Your Rights Under GDPR

Right of access.
Right to rectification.
Right to erasure.
Right to restriction of processing.
Right to data portability.
Right to object.
Right to withdraw consent at any time.

Requests may be submitted to [email protected]. You also have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP).

10. Limitation of Liability

While we implement industry-standard safeguards, no transmission or storage system is completely secure. The Company shall not be liable for unauthorized access resulting from force majeure events, cyberattacks beyond reasonable control, or third-party platform vulnerabilities.

11. Policy Updates

This Policy may be updated periodically. Material changes affecting user rights will be communicated appropriately. Continued use of the Site after updates constitutes acknowledgment of the revised Policy.