GDPR Compliant

Privacy Policy

Transparency is the foundation of trust. Find out exactly how Assemblea protects shareholder data and how we comply with EU Regulation 2016/679 (GDPR).

Last updated: 18 December 2025

1. Who we are and our commitment

Assemblea ("We", "the Controller") is committed to protecting the confidentiality of your data. This policy explains how we collect, use and protect the personal information of users of our voting platform.

For the purposes of data protection legislation, we act both as a Controller (for the data of our direct clients) and as a Data Processor (for shareholder data uploaded by listed companies).

2. Categories of data we collect

To ensure the legal validity of votes, we process certain personal data necessary for the legal validity of votes:

  • 01.
    Identification Data: first and last name, ID document series and number (where required under applicable legislation).
  • 02.
    Financial Data: Number of shares held, voting rights.
  • 03.
    Technical Data: IP address, audit logs, vote timestamp (for traceability).

3. Purpose of processing

We do not sell your data. We use it exclusively for:

  • Conducting AGM/EGM meetings in accordance with Law 31/1990.
  • Automatic generation of minutes and attendance lists.
  • Validating participant identity through secure methods (2FA, e-Signature).
  • Mandatory notifications regarding convening notices and voting results.

4. Who we share data with

Data may only be shared in strictly regulated situations:

  • Authorities: ASF, Central Depository or courts of law, upon official request.
  • Infrastructure Providers: Microsoft Azure (servers located in the EU), SMS/Email service providers.

5. Your Rights

Under GDPR, you have the right to access, rectification, restriction, objection, erasure and portability.

Important regarding the "Right to be forgotten": Since shareholder voting data forms part of the company's statutory documents, complete erasure may be limited by legal archiving obligations (e.g. 10 years for financial and accounting documents).

6. DPO Contact & Cookie Policy

The Assemblea website uses cookies and similar technologies to ensure the correct functioning of the platform and to understand how the site is used, in order to improve the user experience.

Types of cookies used:

1. Strictly necessary cookies

These are essential for the operation of the site and include, for example, storing cookie consent preferences.

2. Analytics cookies (Google Analytics)

We use Google Analytics to collect anonymous statistical information about how users interact with the site (e.g. pages visited, session duration). These cookies are only activated after obtaining the user's explicit consent. The data collected does not allow direct identification of users and is processed in accordance with Google's policies and GDPR legislation.

Consent management

Upon first accessing the site, users can express their preference regarding cookie usage via the consent banner. Consent can be withdrawn or modified at any time from the "Cookie Preferences" section.

For any request related to personal data, our Data Protection Officer (DPO) is at your disposal.

Cookie Preferences
Assemblea | Platformă de vot pentru acționari