Privacy Policy

S.C. OMV Petrom S.A. Romanian Legal Entity with Headquarters in 22 Coralilor Street, District 1, Bucharest, Romania, registered with the Trade Register under no. J40/8302/1997, having the unique Registration Code RO1590082. As a personal data controller, hereinafter referred to as  “the operator”, “the controller” ,”we” or “us”, 

Understands the importance of the processing of personal data and in this regard undertakes to protect the personal data processed in the current activities it carries out,  in accordance with the applicable legal provisions (including Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data) (“GDPR Regulation”).

Through this note, we would like to inform you about:

  1. The purposes for which we collect and process your personal data, the legal basis for the processing of these data and the categories of data we collect from you. 
  2. The length of time that you process these data.
  3. The rights you receive as the person concerned and the way you can exercise them.
  4. Third party companies that could receive your personal data.

Purposes of the data processing, legal bases, and legitimate interests that are pursued by the Controller or by a third party, as well as categories of recipients

Log files

Each time access is made to websites, information is sent by the respective internet browser on your respective end device to the server of our website/application, and temporarily stored in log data files, the so-called log files. The data sets stored in this way contain the following data which are stored up until automatic erasure: date and time of the retrieval, name of the site retrieved, IP address of the inquiring device, referral URL (source URL, from which you arrived at our websites), the data quantity transferred, loading time, and the product and version information of each browser used as well as the name of your access provider.

The legal basis for the processing of the IP address is Article 6(1)(f) GDPR. We have a legitimate interest in:

  • guaranteeing that connections are established smoothly,
  • guaranteeing convenient use of our website, and
  • evaluating system security and stability.

No immediate inference as to your identity is possible by means of the information; nor do we draw any such inference. The data are stored and automatically erased after the aforementioned purposes have been achieved. The periods established by the regulation for erasure are determined by the criterion of necessity.


For our website/application, we use so-called cookies, tracking tools, and targeting procedures. The following will explain in detail precisely which procedures are involved and how your data are used for them.

Cookies – general information

On the site, we use cookies in order to make the visit to our website attractive and to enable the use of certain functions, as well as to record statistics about the use of our website. Cookies are small text data files which your browser automatically creates and which are saved on your end device (laptop, tablet, smartphone, and the like) whenever you visit our site. Cookies do not damage your end device; nor do they contain any viruses, Trojan horses, or any other malware. The cookie stores information that follows in each instance in connection with the end device specifically used. However, this does not mean that we thereby receive any direct knowledge of your identity.

Most of the cookies used by us are erased again after the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognize your computer again during the next visit (so-called permanent or cross-session cookies). These cookies, in particular, serve to make our offer user-friendly, more effective, and more secure. Thanks to these data files, it is possible, for instance, for you to receive on the site displays of information that are customized to your interests.

Of course, you can set up your browser in such a manner that it does not store our cookies in your end device. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, provided that you set up your browser to notify you whenever you receive a new cookie, or how you can erase all of the cookies already received and block any additional ones.

Please take the following steps:

In Internet Explorer

  1. Select the “Tools” button in the menu, then select “Internet Options”.
  2. Select the “Privacy” tab.
  3. Now you can perform the security settings for the internet. Here, you can adjust whether and which cookies are supposed to be accepted or blocked.
  4. Confirm your setting with “OK.”

In Firefox:

  1. Click the menu button and choose “Options.”
  2. Select the Privacy & Security panel.
  3. In the drop-down menu, choose Use custom settings for history.
  4. Now you can set whether cookies ought to be accepted, how long you wish to keep these cookies and add exceptions, and which websites you always or never wish to allow to use cookies.
  5. Confirm your setting by clicking on “OK.”

In Google Chrome:

  1. Click on the Chrome menu on the browser symbol bar.
  2. Select “Settings”.
  3. Click “Advanced.”
  4. Under “Privacy & Security,” click “Content Settings”.
  5. Click “Cookies”. From here, you can make the following adjustments for cookies: 

5.1. erase cookies;

5.2. block cookies by default;

5.3. erase cookies and site data automatically after closing the browser

5.4. allow exceptions for cookies from specific sites or domains

However, we would like to point out that in this event, it is possible that you will not be able to use all of the features of this website in their fullest scope.

Insofar as personal data are involved with these cookies and/or the information contained therein, the legal basis of the data processing is Article 6(1)(f) GDPR. Our interest in optimizing our website is in the course of such to be regarded as legitimate within the meaning of the aforementioned regulatory provision.

Google Analytics 

For the purpose of the needs-based configuration and ongoing optimization of our websites, we use – upon the basis of Article 6(1)(a).

GDPR – Google Analytics, a web analysis service of Google, Inc. (“Google”). Google Analytics uses so-called “cookies,” text files that are stored on your computer and facilitate an analysis of your use of the website. In this connection, pseudonymized use profiles are created and cookies are used. The information generated by the cookie about your use of this website includes:

  1.  browser type/version,
  2. operating system used,
  3. referral URL (the previously visited site),
  4. host name of the accessing computer (IP address),
  5. time of the server inquiry

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports about website activities, and to render additional services affiliated with the website use and the internet use vis-à-vis the website operator. The IP address transferred by your browser within the framework of Google Analytics is not merged with other data from Google. Using a corresponding setting on your browser software, you can prevent cookies from being stored; however, we would like to point out that in this event, it is possible that you will not be able to use all of the features of this website in their fullest scope. Moreover, you can prevent Google from recording the data generated by the cookie and relating to your use of the website (including your IP address) by downloading and installing the browser plug-in available under the following link:

You can find additional information about data protection in connection with Google Analytics on the Google Analytics website.

(II) The length of data processing

We will keep the personal data only for a period that is reasonably necessary given the requirements to respond to issues that are raised or to resolve problems, make improvements, activate its services and fulfil the requirements of the applicable legislation. This means that it may keep the personal data for a reasonable time, including after the interested party has stopped using the Website. After this period, the personal data will be deleted.

(III) Recipients of personal data. Transfer of personal data

With the exception of the processing shown here, we do not share your data with recipients having their seat outside the European Union or the European Economic Area.

(IV) Security of processing

We will assure the security of your data processing from the time they are conceived by implementing appropriate technical and organizational measures.

We will also inform you without undue delay if any breach of your data security is likely to create a high risk to your rights and freedoms, except as provided in Art. 34 of the Regulation.

(V) The rights you receive as a person concerned:

Taking into account your personality status, you have the following rights:

  1. The right to be informed about all essential aspects of data processing;
  2. The right of access to the processed data and to a series of information, in accordance with the law, allows you to be informed whether your personal data is being processed by us as well as the details available in this respect (including but not limited to the scope of processing, the categories of personal data concerned, the recipients or categories of recipients to whom personal data has been or will be disclosed etc.),
  3. The right to obtain the rectification and / or completion of personal data without undue delay;
  4. The right to obtain the deletion of personal data without undue delay in the cases provided for by law (for example, when personal data are no longer required for the purposes for which they were collected or processed);
  5. The right to obtain restriction of processing in the cases provided by law (for example, when challenging the accuracy of data for a period that allows the operator to verify the accuracy of the data).
  6. The right to data portability You have the right to obtain personally processed data in a structured manner, which is currently used and can be read automatically for the purpose of transmitting this data to another operator, without any obstacle from the operator, in the cases provided by art. 20 of the Regulation.
  7. Right of objection You have the right to oppose, for reasons related to your particular situation, the processing under the public interest or the legitimate interest of the operator or for direct marketing purposes, including the creation of profiles based on such justifications, except as provided in art. 21 of the Regulation.
  8. The right not to be the subject of a decision based solely on automatic processing, except for the exceptions provided by art. 22 of the Regulation.
  9. The right to lodge a complaint with the National Authority for the Supervision of Personal Data Processing (ANSPDCP).
  10. The right to a remedy before the courts in Romania.

How you can exercise your rights

In order to exercise any of the above rights, please make a written or verbal request, indicating your quality of person and object of the request, which you can address to US using the contact details below:

To the attention of: Privacy department


As long as you request a copy of the personal data processed by Us, it will be provided to you in a material or electronic format as your option. Any subsequent copies of the same data will be provided for a fee.

We will analyze the merits of your requests and will provide you with an unreasonable delay and in any event within one month of receipt of the request. This period may be extended by two months when the complexity and number of applications require it. For requests submitted by you in electronic format, replies will also be sent electronically, unless expressly requested to provide them in another format.