Data Protection

Ship Design Group S.R.L. attaches great importance to the protection of personal data and processes such data in accordance with Regulation (EU) 2016/679 (GDPR) and Romanian Law No. 190/2018.

  1. Data Controller

The controller of the personal data processed through this website is Ship Design Group S.R.L., with its registered office at 1A Luminoasa Street, Costi, Vânători commune, 807325, Galați County, Romania (“SDG” or the “Controller”).

Contact details: e-mail sdg@shipdesigngroup.eu; phone +40 (0)236 476 672.

  1. Data Protection Officer (DPO)

For any matter relating to the processing of your data and for exercising your rights, you may contact the Data Protection Officer (DPO) at: sdg@shipdesigngroup.eu.

  1. What data we process, for what purposes and on what legal basis

We process personal data only to the extent necessary and for specified purposes, as follows:

Server log files. When you access the website, the server automatically records: IP address, browser type and version, operating system, referrer URL, date and time of the request. Purpose: ensuring the operation, stability and security of the website. Legal basis: the Controller’s legitimate interest — Art. 6(1)(f) GDPR.

Enquiries sent by e-mail. If you contact us at the e-mail address displayed, we process the data you provide (name, e-mail address, content of the message and any other data included). Purpose: handling your enquiry and related correspondence. Legal basis: our legitimate interest in responding to enquiries — Art. 6(1)(f) — or, where applicable, taking steps prior to entering into a contract at your request — Art. 6(1)(b).

Cookies and analytics tools. With your consent, we use cookies and web analytics tools (see section 4). Legal basis: consent — Art. 6(1)(a) GDPR.

  1. Cookies and similar technologies

The website uses cookies. Strictly necessary cookies ensure the basic functioning of the website and do not require consent. Analytics cookies are set only after you have given consent through the cookie banner.

On your first visit you may accept, reject or configure the cookie categories. You may withdraw your consent at any time, as easily as it was given, through the preferences panel available on the website.

For web analytics we use services provided by Google (e.g. Google Tag Manager and/or Google Analytics), which are activated only after consent.

  1. Recipients and processors

For the hosting and technical administration of the website we work with an IT service provider acting as a processor, under a data processing agreement pursuant to Art. 28 GDPR. For web analytics and for the map embedded on the Contact page we use services provided by Google. We do not sell your data and do not pass it to third parties for their own marketing purposes.

  1. Transfers outside the European Economic Area

The use of Google services may involve the transfer of certain data (including the IP address) to servers located outside the European Economic Area, including in the United States. Such transfers are carried out on the basis of appropriate safeguards under the GDPR, namely the EU-U.S. Data Privacy Framework and/or the standard contractual clauses adopted by the European Commission.

  1. Storage period

We retain data only for as long as necessary for the purposes for which it was collected:

server log files: 30 days, except where needed to investigate security incidents;

e-mail enquiry data: for the duration of handling and subsequent correspondence, then in accordance with SDG’s internal retention rules;

data collected via cookies: for the lifetime of each cookie or until consent is withdrawn.

  1. Your rights

As a data subject you have the right of access, rectification, erasure (“right to be forgotten”), restriction of processing, data portability, objection, and the right to withdraw your consent at any time (without affecting the lawfulness of processing carried out before withdrawal).

To exercise these rights, contact us at sdg@shipdesigngroup.eu. We will respond within one month, a period that may be extended under Art. 12 GDPR.

  1. Right to lodge a complaint

You have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP): 28-30 G-ral Gheorghe Magheru Blvd., District 1, 010336 Bucharest; e-mail anspdcp@dataprotection.ro; www.dataprotection.ro.

  1. Data security

The connection between your browser and this website is secured using the HTTPS protocol. We also apply appropriate technical and organizational measures to protect personal data against unauthorized access, loss or disclosure, including access restriction based on individual authentication.

  1. Changes to this policy

We may update this policy from time to time to reflect changes in the law or in the way we process data. The applicable version is the one published on the website, with the date of the last update indicated.

Last updated: July 1-st  |  Revision H / 2026.