1. Introduction
This Privacy Policy explains how MVO Service Auto Autorizat RAR (“MVO Express”, “we”, “us”, or “our”) collects, uses, stores, and protects your personal data when you visit our Website (transport-mvo.ro) or interact with us in any other way.
We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and Romanian data protection laws (Law 190/2018).
By using our Website or our services, you acknowledge that you have read and understood this Privacy Policy.
2. Data Controller
The data controller responsible for your personal data is:
MVO Service Auto Autorizat RAR Sediul social: Bucuresti, Sector 6, Str. Pestera Scarisoara, Nr. 1A, Bl. 701, Sc. A, Et. 4, Ap. 13 Romania
CUI: RO21963720
Nr. Registrul Comerțului: J40/11841/2007
For any privacy-related question or request, contact us or email office@medicalvision.ro.
3. What personal data we collect
We collect the following categories of personal data, depending on how you interact with us:
3.1. Information you provide directly
When you complete a contact form, request a quote, or otherwise communicate with us, we may collect:
Full name
Email address
Phone number
Company name and role (if applicable)
Country / location
The content of your message (including any details you choose to share about your shipment, schedule, or business needs)
3.2. Information collected automatically
When you visit the Website, we may automatically collect:
IP address (anonymised where possible)
Browser type and version
Operating system
Pages visited, time spent, and navigation patterns
Referring website
Approximate geographic location (country/city level)
This data is collected through cookies and similar technologies (see Section 8).
3.3. Information from drivers and applicants
If you apply to collaborate with us as a driver or vehicle owner, we may additionally collect:
Driving licence details
Vehicle registration and type
Professional qualifications (ADR certification, etc.)
Tax and identification details required by Romanian transport regulations
4. Why we collect your data (legal basis)
We process your personal data only when we have a valid legal basis under GDPR Article 6:
| Purpose | Legal basis |
|---|---|
| Responding to quote requests and inquiries | Performance of a contract / pre-contractual measures |
| Providing transport and forwarding services | Performance of a contract |
| Issuing invoices and meeting tax obligations | Legal obligation (Romanian tax law) |
| Improving our Website and services | Legitimate interest |
| Cookie analytics | Consent |
| Communicating updates about our services | Legitimate interest, with opt-out option |
| Driver/contractor onboarding | Performance of a contract / legal obligation |
We do not sell your personal data, and we do not share it for marketing purposes with third parties.
5. How long we keep your data
We retain your personal data only as long as necessary for the purposes set out above:
Contact form submissions: up to 3 years from last contact, then archived or deleted
Quote requests that did not result in a contract: up to 2 years
Active client records: for the duration of our commercial relationship plus 10 years (per Romanian accounting law for invoices and tax records)
Driver/contractor records: for the duration of the collaboration plus 5 years
Website analytics data (cookies): typically 14 months, anonymised after this period
Email correspondence: up to 3 years
After these periods, data is securely deleted or anonymised.
6. Who we share your data with
We share your personal data only with trusted parties, and only when necessary:
6.1. Service providers (“data processors”)
Hosting providers (for the Website and email infrastructure)
Accounting and invoicing software providers (for billing purposes)
Customs and forwarding agents (where required for international transport)
Insurance providers (Mannheimer Versicherung AG, for CMR insurance claims)
Subcontractor carriers (for shipments handled through our forwarding network — limited to information necessary for completing the transport)
All processors operate under data processing agreements compliant with GDPR.
6.2. Public authorities
We may disclose your data if required by Romanian or EU law — for example, to tax authorities, courts, customs, or police investigations.
6.3. International transfers
Some of our service providers may be located outside the European Economic Area. Where this is the case, we ensure appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions), as required by GDPR.
7. Your rights under GDPR
Under GDPR, you have the following rights regarding your personal data:
Right of access — to know what data we hold about you and obtain a copy
Right to rectification — to correct inaccurate or incomplete data
Right to erasure (“right to be forgotten”) — to have your data deleted in certain circumstances
Right to restrict processing — to limit how we use your data
Right to data portability — to receive your data in a structured, commonly used format
Right to object — to processing based on legitimate interest
Right to withdraw consent — at any time, where processing is based on consent
Right to lodge a complaint — with the Romanian National Authority for the Supervision of Personal Data Processing (ANSPDCP)
To exercise any of these rights, please email office@medicalvision.ro or contact us. We will respond within 30 days.
If you believe we are not handling your data in accordance with the law, you have the right to file a complaint with:
ANSPDCP (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal) B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucuresti Email: anspdcp@dataprotection.ro Website: dataprotection.ro
8. Cookies
Our Website uses cookies — small text files stored on your device — to:
Make the Website function correctly (essential cookies)
Remember your language preferences
Analyse how visitors use the Website (analytics cookies)
Improve our services based on usage patterns
Types of cookies we use:
Essential cookies — required for the Website to function. These do not require your consent.
Analytics cookies — used to understand how visitors interact with the Website (e.g., Google Analytics, anonymised). We ask for your consent before placing these.
Functional cookies — remember your preferences (language, etc.)
Managing cookies: You can control or delete cookies through your browser settings. If you disable essential cookies, some parts of the Website may not function correctly.
9. Data security
We take the security of your personal data seriously. We have implemented technical and organisational measures including:
ISO 27001 certification for information security management
Encrypted connections (HTTPS) on the Website
Restricted access to personal data on a need-to-know basis
Regular security audits and staff training
Secure backup procedures
While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we will notify you and the relevant authorities promptly if a personal data breach occurs that affects your rights.
10. Children’s privacy
Our Website and services are intended for businesses and professionals, not for children. We do not knowingly collect personal data from individuals under the age of 16. If we discover that we have collected data from a child without parental consent, we will delete it.
11. Third-party links
Our Website may contain links to external sites (e.g., Google Maps, downloadable PDFs hosted by partners). This Privacy Policy applies only to our Website. We are not responsible for the privacy practices of third-party websites — please review their privacy policies separately.
12. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, in the law, or in our services. The “Last updated” date at the top of this page will indicate when changes were made.
Significant changes will be communicated through a notice on the Website or, where appropriate, via direct email to active clients.
13. Contact
If you have questions, concerns, or requests regarding your personal data or this Privacy Policy, please reach out:
Email: office@medicalvision.ro
Phone: +40 735 157 555
Postal address: Bucuresti, Sector 6, Str. Pestera Scarisoara, Nr. 1A, Bl. 701, Sc. A, Et. 4, Ap. 13, Romania
Online: Contact page
We aim to respond to all privacy-related inquiries within 30 days, as required by GDPR.