Privacy Policy

We appreciate your interest in EnRu Translations. Our website can generally be accessed without providing personal information. However, certain services may require the processing of personal data. If there is no legal basis for this processing, we will seek explicit consent from the individual concerned.

Our handling of personal data, such as names and email addresses, is conducted in strict compliance with the General Data Protection Regulation (GDPR). This privacy policy aims to transparently inform you about the types of personal data we collect, the extent and purpose of its processing, and the rights available to you as a data subject.

EnRu Translations as a data controller has implemented robust technical and organizational measures designed to secure personal data processed through this website to the highest degree possible. Despite the inherent risks associated with internet-based data transmission, we strive to protect your data. Alternatively, for enhanced security, data subjects may choose to transmit personal data via messaging services with end-to-end encryption, such as WhatsApp, Telegram (secret chat option only), or Signal.

1. Definitions

This data protection declaration by EnRu Translations is aligned with the terminology adopted by the European legislator for the General Data Protection Regulation (GDPR). The aim is to ensure clarity and accessibility of this declaration for the general public, clients, and business partners. Below we explain the key terms used:

a) Personal Data: This refers to any information relating to an identified or identifiable natural person (the "data subject"). An identifiable person is one who can be identified, directly or indirectly, through identifiers such as a name, identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

b) Data Subject: Any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing: This includes any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of Processing: This entails marking stored personal data with the aim of limiting their processing in the future.

e) Pseudonymisation: The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

f) Controller: The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

g) Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

h) Recipient: A natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the framework of a particular inquiry by law shall not be regarded as recipients.

i) Third Party: A natural or legal person, public authority, agency, or body other than the data subject, controller, processor, or persons who, under the direct authority of the controller or processor, are authorized to process personal data.

j) Consent: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, through a statement or a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and Address of the controller

Controller for the purposes of the General Data Protection Regulation (GDPR) is:

EnRu Translations

Mite Ruzica 2

Novi Sad 21000

Serbia

Phone: +381616323368

Email: [email protected]

Website: https://enrutransl.com/

3. Collection of general data and information

EnRu Translations employs Google Analytics 4 (GA4) and may use Google Ads to analyze and enhance website traffic and user interactions. The website functions solely on the front-end, meaning it does not collect or store server logs, nor does it directly process sensitive personal data such as IP addresses or browser specifics.

Importantly, Google Analytics 4 aggregates data and does not capture or retain any individualized information. This method of data collection is designed to evaluate user behavior broadly, ensuring anonymity and compliance with data protection standards.

Personal data submitted via JotForm are handled in accordance with the General Data Protection Regulation (GDPR) and other relevant data protection laws under rigorous data protection protocols. This ensures responsible and transparent management of data. Our website operates on a frontend-only basis and does not have servers to store any personal data; instead, all personal data processed through our site are managed by reputable third-party services (Google Analytics, Google Ads, and JotForm). These third-party services adhere to strict data protection and security standards to maintain the highest level of protection and security for the processed data.

4. Contact Possibility via the Website

The website of EnRu Translations offers several methods for electronic contact and direct communication, including an email address and end-to-end encrypted messaging platforms such as WhatsApp, Telegram (secret chat option only), and Signal. Additionally, a JotForm-powered contact form is available for structured submissions. When the data subject uses the JotForm contact form, the personal data provided are automatically stored. This includes required fields such as names and email addresses, as well as optional fields like company names, messages, or project details, which are voluntarily provided by the data subject. These data are retained exclusively for processing the inquiry or maintaining communication with the data subject.

Please note that while JotForm, our data processing partner, manages the data from the contact form, we do not transfer personal data to other third parties. For contacts made through email, WhatsApp, Telegram, or Signal, the data are used solely for the purpose of responding to the communication initiated by the data subject with storage practices governed by the respective platforms' privacy policies.

5. Erasure and Blocking of Personal Data

The data controller processes and stores the personal data of the data subject only for the time necessary to achieve the purpose for which the data are stored, or as required by the European legislator or other relevant authorities through laws or regulations to which the controller is subject. If the purpose for storing the data ceases to apply, or if a storage period prescribed by the European legislator or another competent authority expires, the personal data will be routinely blocked or erased in accordance with legal requirements. This practice ensures that personal data are not retained longer than necessary and are handled in compliance with applicable data protection laws.

6. Rights of the Data Subject

Every data subject has the right granted by the European legislator to request from the controller the erasure of personal data concerning him or her without undue delay. The controller is required to erase personal data without undue delay under the following conditions, unless the processing is necessary:

• The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
• The data subject withdraws consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there is no other legal ground for the processing.
• The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2).
• The personal data have been unlawfully processed.
• The personal data must be erased for compliance with a legal obligation to which the controller is subject.
• The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

Should the data subject wish to request the erasure of personal data stored by EnRu Translations, he or she may contact any employee of the controller at any time. An employee of EnRu Translations will promptly ensure that the erasure request is complied with immediately.

Each data subject is entitled by the European legislator to request from the controller a restriction of processing if one of the following conditions is met:

• The accuracy of the personal data is contested by the data subject allowing time for the controller to verify the accuracy of the personal data.
• The processing is unlawful and the data subject opposes the erasure of the personal data, instead requesting the restriction of their use.
• The controller no longer requires the personal data for the purposes of processing, but they are needed by the data subject for the establishment, exercise, or defense of legal claims.
• The data subject has objected to processing pursuant to Article 21(1) of the GDPR, pending verification of whether the controller's legitimate grounds override those of the data subject.

If the data subject meets one of these conditions and wishes to request the restriction of processing of personal data held by EnRu Translations, he or she may contact any employee of the controller at any time. The employee will arrange for the restriction of the processing as requested.

Each data subject has the right as granted by the European legislator to withdraw consent for the processing of his or her personal data at any time.

Should the data subject decide to exercise this right to withdraw consent, he or she may contact any employee of EnRu Translations at any time to initiate this process.

7. Legal Basis for Processing

Processing operations that rely on the data subject's consent are based on Article 6(1)(a) of the GDPR, which applies to processing for specifically agreed-upon purposes. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, such as the delivery of goods or provision of services, this type of processing is justified under Article 6(1)(b) of the GDPR. This legal basis also covers processing necessary for pre-contractual actions, such as inquiries concerning our products or services.

8. Duration of Personal Data Storage

Personal data are retained only for the duration mandated by legal retention periods. Once these periods expire, the data are systematically deleted unless they are still required for the fulfillment or initiation of a contract.

9. Provision of Personal Data as Statutory or Contractual Requirement; Requirement Necessary to Enter into a Contract; Obligation of the Data Subject to Provide the Personal Data; Possible Consequences of Failure to Provide Such Data

It is important to note that the provision of personal data may be required by law (e.g., tax regulations) or arise from contractual agreements (e.g., information on the contractual partner). At times, in order to conclude a contract, it may be necessary for the data subject to provide us with personal data that we must then process. For instance, when our company enters into a contract with the data subject, he or she is obliged to provide us with personal data. Failure to provide the required personal data would mean that the contract could not be concluded.

Before providing personal data, the data subject should contact any employee of our company. The employee will inform the data subject whether the provision of personal data is mandated by law or contract, or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and the consequences of failing to provide it.

10. Links to External Sites

Our website may include links to external websites not operated by us. Clicking on a third-party link will direct you to that third party's website. We encourage you to review the privacy policy and terms of service of each site you visit. Please note that we do not control and are not responsible for the content, privacy policies, or practices of any third-party sites, products, or services.

11. Privacy Policy Changes

EnRu Translations is committed to maintaining the highest standards of data protection and will update or modify this Privacy Policy in response to changes in legislation, regulatory requirements, or best practices. We will make every effort to notify our users of significant changes through our website or via email before these changes take effect. We encourage you to review this policy periodically to stay informed. Your continued use of our website after any changes have been posted will indicate your acceptance of our updated Privacy Policy.

12. No Automated Decision-Making

As a responsible company, EnRu Translations does not engage in automatic decision-making or profiling. This policy ensures all decisions affecting our clients and partners are made with thoughtful human judgment and transparency.