Jibril Consulting

Privacy Policy

Last updated: January 2025

1. Introduction

Jibril Consulting ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Jibril Consulting is the data controller responsible for your personal data. For any questions regarding this Privacy Policy or our data processing practices, please contact us at gabriel@jibril.ro.

3. Information We Collect

3.1 Personal Data You Provide

When you submit an application or contact us through our website, we may collect:

  • Full name
  • Email address
  • Company name
  • Phone number
  • Project details and business information
  • Any other information you choose to provide

3.2 Automatically Collected Data

When you visit our website, we may automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent on pages
  • Referring website
  • Date and time of access

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Consent: You have given explicit consent for us to process your personal data for specific purposes (e.g., submitting an application)
  • Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., improving our services, analytics)
  • Contractual Necessity: Processing is necessary for the performance of a contract with you
  • Legal Obligation: Processing is necessary to comply with legal obligations

5. How We Use Your Information

We use your personal data for the following purposes:

  • Processing and responding to your application or inquiry
  • Communicating with you about our services
  • Providing consulting services and support
  • Improving our website and services
  • Complying with legal and regulatory requirements
  • Detecting and preventing fraud or security issues
  • Analytics and business intelligence (in anonymized form where possible)

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share your information with:

  • Service Providers: Trusted third-party companies that help us operate our website and deliver services (e.g., email service providers, hosting providers)
  • Legal Requirements: When required by law, regulation, legal process, or governmental request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are required to maintain appropriate security measures and process your data only as instructed by us.

7. International Data Transfers

As we are based in the European Union, your data is primarily processed within the EU. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Typically:

  • Application data: 2 years from submission or engagement
  • Client data: Duration of relationship plus 7 years for legal and tax purposes
  • Website analytics: 26 months

9. Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data we hold
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (right to be forgotten)
  • Right to Restriction: Request restriction of processing in certain circumstances
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise any of these rights, please contact us at gabriel@jibril.ro. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication
  • Employee training on data protection
  • Incident response procedures

11. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies. For detailed information about our cookie practices, please see our Cookie Policy.

12. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected information from a child, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be indicated by the "Last updated" date at the top of this page. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Jibril Consulting
Email: gabriel@jibril.ro
Location: European Union