Contact our Sales Team:
+40 771 218 471
 
sales@papervee.com

Privacy Policy

of PIXELSOL S.R.L. (Papervee.com)

The safeguarding, security, and confidentiality of personal data are paramount concerns for us. Accordingly, the information that you furnish to us may constitute personal data, which is protected under relevant European or national legislation.

This document, henceforth referred to as the 'Privacy Policy,' 'Information Note,' or simply 'the Document,' comprehensively details the usage of personal data. It is imperative that you give this document your utmost attention. Additionally, this notice should be read in conjunction with the Terms and Conditions of use. In the event of any discrepancies between the terms set forth in this Document and those in any other contractual clauses agreed upon between our company and yourself, the stipulations of this Document shall prevail.

Our company uses cookies, so for more information about them and similar technology, please access this link that provides the Cookie Usage Policy.

The Privacy Policy aims to present, among other things, the categories of personal data we process, the legal basis for processing, how we process this data, and the rights you have as a data subject according to the General Data Protection Regulation ('GDPR') and how you can exercise these rights.

Our status towards you depends on the context in which data is processed. PIXELSOL SRL may act both as a data controller and as a data processor, as detailed in the section “PIXELSOL SRL’s Role in Data Processing” below.

We inform you that you agree to this Privacy Policy as a result of visiting our website, purchasing our services/products, or in any situation where you interact with us in any form, including through communication channels (email, phone, social networks).


Definitions

1. General Data Protection Regulation referred to as 'GDPR', 'RGPD' or 'Regulation' means Regulation (EU) No 2016/679 of the European Parliament and of the Council adopted on 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).

2. 'Personal Data' means any information about an identified or identifiable natural person ('data subject'); an identifiable natural person is a person who can be identified, directly or indirectly, especially by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.

3. 'Processing' means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

4. 'Controller' - a natural or legal person, public authority or other body which alone or jointly with others determines the purposes and means of processing personal data; where the purposes and means of processing are determined by Union or Member State law, the controller or the specific criteria for their nomination may be provided for by Union or Member State law. Our company PIXELSOL SRL, a Romanian company with its registered office at Str. Sălciilor nr. 3, Sibiu, Sibiu County, Romania, 550090, registered in the Sibiu Trade Register under no. J32/1694/2017, having fiscal code 38487613, acts as a data controller for data collected directly from data subjects (clients, potential clients, website visitors, newsletter subscribers, job applicants) and as a data processor for employee data of Clients (Beneficiaries), processed through the Papervee platform on their behalf and in accordance with their instructions. Details regarding this distinction can be found in the section “PIXELSOL SRL’s Role in Data Processing” below.

5. 'Data Subject' - any identified or identifiable natural person whose personal data is processed by us as a controller, such as customers, potential customers, and website visitors.

6. 'Consent' - any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they signify agreement to the processing of personal data concerning them.

7. 'Data Processor' - a natural or legal person, public authority, or other body which processes personal data on behalf of the controller. In the context of the Papervee platform, PIXELSOL SRL acts as a data processor for the employee data of Clients (Beneficiaries), processing such data exclusively for the purpose of providing the contracted services and in accordance with the Client’s instructions.

8. 'Client' (Beneficiary) - the customer of PIXELSOL SRL who uses the Papervee platform as an employer or legal entity, and who, in relation to the employee data entered into the platform, acts as the data controller under the GDPR.

PIXELSOL SRL processes the personal data mentioned in this privacy policy in accordance with the principles established in the data protection legislation applicable in Romania, including Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC ('GDPR'), data that we obtain directly from you or from other sources.

In terms of GDPR, you are the data subject since you can benefit from our services, being our client or potential client, a website visitor, and/or a person who can enter into any kind of relationship with us, given the services we promote.

We aim to assure you that the protection of information provided by you is of major interest to us. Therefore, you will find in this Document measures by which you can exercise the rights conferred by law.

It is certain that this policy aims to respect European and national legislation and, consequently, the principles of the GDPR, namely:

  • legality, fairness, transparency - processed lawfully, fairly, and transparently;
  • collected for specified, explicit, and legitimate purposes;
  • adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed, accurate, and, where necessary, kept up to date;
  • security - processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures ('integrity and confidentiality').

The Privacy Policy may undergo changes, but all these will be valid after prior notification, which we will publish on the website or communicate via email.


PIXELSOL SRL’s Role in Data Processing

Depending on the context and nature of processing, PIXELSOL SRL may act in two distinct capacities under the GDPR:

A. PIXELSOL SRL as Data Controller

PIXELSOL SRL acts as a data controller when it independently determines the purposes and means of processing personal data. This includes the following categories of data subjects and data:

  • Clients and potential clients (representatives of Beneficiaries): name, email, phone, company name, position within the company – legal basis: Art. 6(1)(b) GDPR (contract performance);
  • Website visitors: IP addresses, browsing data, cookies – legal basis: Art. 6(1)(f) GDPR (legitimate interest);
  • Newsletter subscribers: email address – legal basis: Art. 6(1)(a) GDPR (consent);
  • Job applicants: CV, cover letter, contact details – legal basis: Art. 6(1)(a) and (b) GDPR.

In these situations, PIXELSOL SRL is directly responsible for fulfilling all obligations under the GDPR, including responding to data subject rights requests (right of access, rectification, erasure, etc.), in accordance with Articles 15–22 GDPR.

B. PIXELSOL SRL as Data Processor

PIXELSOL SRL acts as a data processor when it processes personal data on behalf of and in accordance with the instructions of the Client (Beneficiary), who acts as the data controller. This specifically applies to the following categories of data entered by the Client into the Papervee platform:

  • Employee time tracking data: clock-in/clock-out times, daily attendance, overtime, geolocation data;
  • Leave data: leave requests, approvals, remaining leave balance;
  • Contractual and salary data: employment contracts, salaries, HR documents;
  • Employee contact data: name, address, phone number, position within the company.

In this capacity, PIXELSOL SRL:

  • processes the personal data of the Client’s employees exclusively for the purpose of providing the services contracted through the Papervee platform and in accordance with the Client’s instructions;
  • does not determine the purposes or means of processing such data – these decisions belong exclusively to the Client in their capacity as controller;
  • does not monitor, exercise control over, or bear responsibility for the accuracy, legality, or content of data entered by the Client into the platform;
  • assists the Client, through appropriate technical and organizational measures, in fulfilling its obligation to respond to data subject rights requests, in accordance with Art. 28(3)(e) GDPR;
  • implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, in accordance with Art. 32 GDPR.

C. Exercising Rights by Employees of Clients

Employees whose personal data is processed through the Papervee platform (e.g., time tracking data, leave records, HR documents, salaries) are informed that:

  1. The controller of their data is their employer (the Client of the Papervee platform), not PIXELSOL SRL. The employer is the entity that determines the purposes and means of processing its employees’ data.
  2. Requests to exercise rights under the GDPR (right of access – Art. 15, right to rectification – Art. 16, right to erasure – Art. 17, right to data portability – Art. 20, etc.) must be addressed directly to the employer in its capacity as data controller.
  3. PIXELSOL SRL will facilitate the fulfillment of such requests at the Client’s (controller’s) request, by exporting the requested data or through other necessary technical measures, within the legally prescribed timeframe.
  4. If an employee of a Client addresses a request directly to PIXELSOL SRL, it will be redirected to the relevant Client (employer), who will respond in accordance with their legal obligations.

D. Data Processing Agreement (DPA)

The relationship between PIXELSOL SRL (as data processor) and the Client (as data controller) is governed by a Data Processing Agreement (DPA), in accordance with Art. 28 GDPR. This agreement establishes, among other things: the subject matter and duration of processing, the nature and purpose of processing, the types of personal data processed, the categories of data subjects, and the rights and obligations of the controller. The DPA is available upon request at gdpr@papervee.com or may be accessed as an annex to the service contract.


Purposes of Processing Personal Data and Legal Grounds

Considering that our company is a provider of software and services, we may collect and process the following personal information about you:

  • Purpose: software demonstration, providing various information about our products and services, as well as making it available, we will collect first name, last name, email (preferably business), phone, the name of the company you represent, position within the company, areas of interest in the HR field, as well as contact information of your employees (name, address, phone, position within the company, attendance, salaries).

Legal Basis: contract performance or conclusion – Art. 6 (1) lit. b GDPR;

  • Purpose: for billing, to comply with legislation for fraud prevention and other offenses – name, address.

Legal Basis: contract performance or conclusion – Art. 6 (1) lit. b GDPR, fulfilling a legal obligation - Art. 6 (1) lit. c GDPR – Art. 6 (1) lit. b GDPR;

  • Purpose: job application, when applying for a job, you can provide us with certain personal information about you, such as those contained in a CV – name, first name, address, email, phone, as well as those from the cover letter or other similar employment-related materials, as well as any other requests that the software makes available to employees. We use this information to process and respond to your request regarding current and future career opportunities.

Legal Basis: consent – Art. 6 (1) lit. a GDPR, as well as contract performance or conclusion – Art. 6 (1) lit. b GDPR, as applicable; – Art. 6 (1) lit. b;

  • Purpose: for creating an account on the site for direct marketing or subscribing to our email marketing list to receive newsletters and alerts, we will collect: email address, preferably a business one, but newsletters and alerts will always contain an unsubscribe option.

Legal Basis: consent – Art. 6 (1) lit. a GDPR;

  • It is possible to collect IP addresses for the purpose of defending against cyberattacks, preventing fraud, and network operation.

Legal Basis: legitimate interest – Art. 6 (1) lit. f) GDPR;

We have tried to identify all the data collected by us, but please be aware that all the information presented above may be complemented with other data, as it is not exhaustive.


Data Collection Methods

Generally, the personal data collected is provided by you (by completing the form on the website), or it may be provided by third parties (your employer, business partners, or other platforms).

Depending on the circumstances, in addition to the information mentioned above, there is also the possibility of collecting the following information:

  • how you interact with our website (such as information about how you access the website, when you do so, or what device you use to access the website). To see the necessary information on this matter, please refer to our Cookie Usage Policy.
  • information obtained from form completions or questionnaires.
  • content of messages sent through messaging systems and/or email.

In the case of making purchases with a credit card, certain payment information will be collected, namely the data from the card used, but it will be stored by our payment processing partners in a manner and location to which we do not have access, meaning we do not know this data.

Additionally, for the purposes listed below, there is the possibility of processing personal data:

  • to provide customer support, answer questions, and respond to requests;
  • to offer and improve services already provided;
  • to identify or remedy technical problems;
  • for marketing purposes, but only when we have your prior consent or when there is a legal exception to obtaining it;
  • to prevent or defend against cyberattacks;
  • to create and/or maintain accounts;
  • to remain in compliance with applicable laws, such as tax regulations requiring the retention of accounting documents for a period of 10 years;
  • if necessary, in the event of a dispute, for asserting or defending a right in court.

Data Retention Period

Your personal data will be stored only for the period necessary to fulfill the purposes but not for more than 5 years from the moment the contract ends or from the last interaction with us. When this period expires, this data will be destroyed/eliminated/deleted from the computer systems or transformed into anonymous data for use in scientific, historical, or statistical research purposes (if applicable). The exception to this mentioned period is provided by situations expressly stated in legal provisions, for which data will be stored for the duration required by law.


Data Transfers

In accordance with applicable law, we may disclose your data to business partners or other third parties, but every effort is made to ensure that they have implemented secure measures for the protection and security of personal data. Also, with the third parties we mentioned, we have contractual clauses in place to protect your data. In such situations, we will ensure that any data transfer is legitimate under the law. For example, providing your data to other companies/partners such as accounting or legal services. The transmission of data to other recipients with your consent is not excluded (for example: in the case of a portability request).

Upon explicit requests, we may provide your personal information to the police, public prosecutors, courts, and other authorized state authorities, in accordance with and within the limits of legal provisions.


International Transfers

The transfer of personal data to a third country can only take place if the country to which the data is transferred ensures an adequate level of protection, even if that country's legislation does not provide a level of protection at least equal to that offered by the GDPR but provides sufficient guarantees for the protection of the fundamental rights of data subjects. These guarantees will be established through contracts with providers/service providers to whom the transfer of personal data will be made. Whenever we transfer your personal data outside the European Economic Area (EEA), we will ensure that there is a similar level of protection through one of the following data protection mechanisms provided by the GDPR. Currently, we can transfer this data to countries where the European Commission has deemed that they provide an appropriate level of safety and security for personal data. For more information, click here. For certain service providers, especially those located in the United States of America, we may use contract models provided and approved by the European Commission, which ensure the same level of protection for personal data as in Europe. For other types of transfers, we will consider your consent or specific derogations for particular situations.

You can contact us at the email address gdpr@papervee.com if you want more information about how the transfer of personal data operates outside the EEA.


Personal Data Security

Personal data security is important, and we take necessary measures to protect our customers and other individuals whose data we process from unauthorized access to personal data, as well as from unauthorized modification, disclosure, or destruction of data we process in our day-to-day activities.

We have implemented the following technical and organizational security measures for personal data:

  1. Adoption of internal policies. We constantly adopt and review internal practices and policies for processing personal data to protect our systems from potential unauthorized access or other security threats. These practices and policies are continuously checked to ensure compliance with legal requirements and optimal system performance.
  2. Minimization of data. The personal data we process is limited to what is necessary and relevant for the purposes stated in this Policy.
  3. Restriction of data access. We strive to limit access to personal data we process to the minimum necessary, including employees, collaborators, and other individuals who need to access this data for processing and service delivery. Those we partner with or collaborate with are subject to strict obligations of confidentiality and protection.
  4. Adoption of specific technical measures. We employ technologies to ensure the security of personal data, striving to implement the best data protection solutions. We also perform data backups to recover data in case of an incident and have established audit procedures for equipment security. However, it should be noted that no website, application, or internet connection is completely secure and immune to breaches.
  5. Ensuring the accuracy of personal data. We may ask you to confirm the accuracy of your personal data to ensure that it is consistent with reality.
  6. Staff training. Our collaborators and employees are regularly trained and tested on legislation and best practices in personal data processing.
  7. Pseudonymization/anonymization of data. Whenever possible, we attempt to pseudonymize or anonymize personal data we process, so that they no longer reflect the identity of the individuals they refer to.

Despite our continuous efforts to ensure the security and protection of the personal data entrusted to us, unfortunate events and security incidents may occur. In these cases, we strictly follow security incident reporting and notification procedures and take all necessary measures to rectify the situation as quickly as possible.


Direct Marketing

If you give your prior consent or are already a customer of the company, we may use direct marketing technologies using the information collected about you. Currently, we conduct this marketing through methods such as email/SMS marketing, push notifications, and postal marketing.

You can also object to direct marketing and/or withdraw your consent at any time by following the unsubscribe instructions included in each email (‘unsubscribe’) or by sending a request regarding this matter to the address gdpr@papervee.com.


Profiling and Automated Decisions

We do not make automated decisions with legal effects or significant impact on you.


Your Rights

According to the GDPR, your rights are as follows:

  1. The right to be informed about the processing of personal data.
  2. The right to access data. You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the respective data and information as per Article 15(1) of the GDPR.
  3. The right to rectify inaccurate or incomplete data. You have the right to obtain without undue delay the rectification of inaccurate or incomplete personal data concerning you.
  4. The right to erasure ('right to be forgotten'). In the situations expressly provided for in Article 17 of the GDPR, you have the right to request and obtain the erasure of personal data.
  5. The right to restriction of processing. Article 18 of the GDPR governs the cases in which you have the right to request and obtain the restriction of data processing.
  6. The right to data portability.
  7. The right to object to data processing. In accordance with the provisions of Article 21 of the GDPR, you have the right to object to data processing.
  8. The right not to be subject to a decision based solely on automated processing including profiling, which produces legal effects concerning you or similarly significantly affects you.
  9. The right to seek redress for the defense of your rights and interests.
  10. The right to lodge a complaint with a Supervisory Authority, address: 28-30 G-ral. Gheorghe Magheru Blvd, Sector 1, postal code 010336, Bucharest, Romania, contact information: +40.318.059.211 or +40.318.059.212, email. anspdcp@dataprotection.ro.

Important: With regard to employee data processed through the Papervee platform, the rights listed above must be exercised by the employee directly with their employer (the Client of the Papervee platform), who acts as the data controller for such data. PIXELSOL SRL, in its capacity as data processor, will assist the Client in fulfilling such requests upon the Client’s instruction. If an employee addresses a request directly to PIXELSOL SRL, it will be redirected to the respective employer.



Brief Conclusions

  • If you no longer wish to participate in the marketing process, you can withdraw your consent at any time by unsubscribing or by sending a written request to the following email address: gdpr@papervee.com;
  • The same email address can also be used to send a written request, signed and dated, to exercise your rights.
  • Within the company, there is a procedure for reviewing submitted requests to determine whether they are well-founded. If the request is well-founded, we will facilitate its exercise. If the request is found to be unfounded, it will be rejected with reasons provided, and you will have the right to file a request with the Supervisory Authority and the right to follow judicial procedures.
  • The usual timeframe for resolution is one month, with the possibility of extension depending on the volume of requests received, the complexity of the request, and other objective reasons that may prevent us from resolving the request promptly.
  • Employees of Clients who wish to exercise their rights regarding data processed through the Papervee platform are kindly requested to contact their employer directly, who is the data controller for such data. PIXELSOL SRL will facilitate any request upon the Client’s instruction.

If you need additional information, you can contact us at the following email address: support@papervee.com

Convenient for the entire team.

Efficient Communication

Facilitate communication between managers, employees, and the HR department through intuitive request workflows; Detailed reports and live insights.

Your data, securely stored

With Papervee, we take data security very seriously and protect information and documents through a robust security system.

Mobile App available

The most important 3 modules are found in the Papervee mobile application available on iOS, Android, and HarmonyOS (Huawei)

Here's how Papervee helps you.

Each module helps you save time, allowing you to focus on the projects that matter. Say goodbye to traditional HR methods.
Intuitive, fast, and secure time tracking. No physical timesheets.
Leaves organized with live approval/rejection.
Easily manageable work schedule.
Centralized employee documents, efficient and organized.
A recruitment system that will streamline the entire process.
Ready to start?
Simplify and digitize HR flows in your company and help the team focus on projects that truly matter.

Access Papervee from anywhere

Papervee iOS App DownloadPapervee Android App DownloadPapervee Huawei App Download
Product
Time tracking
Leaves
Documents
Community
Work schedule
Remote work
Contracts
Papervee Recruitment
Papervee Projects
Papervee Hub (RFID)
Papervee Virtual Hub
Papervee Geolocation
Useful information
FAQ
Legal
Privacy policy
Cookie policy
Return policy
Terms & conditions
Support
Contact
Data security
Status page
Knowledge base
Request a new feature
Patch notes
Roadmap
Extra
Papervee Ambassador
About digital time tracking
Attendance sheet
©Papervee -  v2.9.1  - All rights reserved
A software solution developed in Romania. 🇷🇴
© 2025 Papervee. All rights reserved. If AI models use our content, we request proper attribution. Preferred citation: “Source: https://papervee.com”.