Privacy Policy

Privacy Policy of the Limitless Website

We appreciate your visit to our web pages and wish to provide you with some essential information regarding our commitment to the security and privacy of personal data.

By „Limitless Websites,” we mean any web page (website, landing page, etc.) owned, managed, or under the umbrella of Limitless. Example: https://limitless.agency/contact/

Please consult this section regularly, as the policy may undergo changes or updates. Any significant changes to this policy will be notified.

In addition to this policy, please consult the Cookie Policy.

Who we are
Limitless (Limitless PPC and Limitless SEO) is an online marketing agency with over 10 years of experience, specializing in growing businesses through various digital marketing channels, including Google Ads, SEO, Facebook Ads, and TikTok Ads. With a well-defined methodology, Limitless offers personalized services, including SEO optimization, PPC campaigns, and automations for Google and Facebook Shopping Ads. Official partnerships and case studies highlight client success, and with a team of over 100 specialists, Limitless positions itself at the top of the digital marketing agencies in Romania, promising limitless results for its clients’ businesses.

Information about Limitless companies

Limitless PPC Agency SRL (“Limitless PPC”) has its registered office at Aleea Profesorilor 1A B, Ploiești and is registered in the Trade Register under no. J29/779/2014, having the tax identification number RO33215812.

Limitless SEO Agency SRL (“Limitless SEO”) has its registered office at Grigore Alexandrescu Street 59 E, Bucharest and is registered in the Trade Register under no. J40/12250/2020, having the Unique Identification Code 43092601.

Limitless Contact Details

Email: dpo@limitless.agency

Address: Grigore Alexandrescu Street, No. 59, 1st Floor, Bucharest

Using the Limitless Websites
By accessing or using any part/feature of the Limitless Websites, it means you commit to accepting and abiding by the terms, conditions, and policies mentioned and/or available through a hyperlink and you are of legal age in accordance with the applicable national legislation. If you do not accept the terms, conditions, and policies presented in this documentation, then you should not continue accessing our site and/or using our services.

Intellectual Property Rights
The content of the Limitless Websites: images, texts, web graphics elements, scripts, software, design rights, model rights, trademarks, constitute entirely the property of the Limitless companies and are protected by copyright and related rights laws and intellectual and industrial property laws. Unauthorized use of any elements listed above is punishable according to current legislation.

Limitless PPC and Limitless SEO may provide the user/client, through an agreement, the right to use in a described form, certain site content. This agreement applies strictly to the defined content(s), for a period set in the agreement and only for the person(s) who were allowed to use these contents, without being able to use other contents of the Limitless Websites.

The use of any registered trademark name on the Limitless Websites does not constitute advertising for the respective company. The Limitless companies do not assume responsibility and cannot be blamed for damages arising from the use of the site content.

Please report any potential copyright infringement noticed on the site to dpo@limitless.agency

Where We Collect Data About You
Generally, the personal data we collect are provided by you through email, through the Limitless Websites, social media networks, or during your visits to our office.

Occasionally, when we are in the process of recruitment, we may collect data about you from online platforms (eJobs, LinkedIn, etc.) or from resumes you send us.

Also, when you interact with us on social media networks (i.e., likes, shares, comments, reviews, etc.), we will inevitably have access to information about you, especially data you have made public on your social media profile.

How We Use Personal Data
Please find below, the purposes for which we process your personal data, who has access to your data, and how we store it.

When you interact with us through the contact channels available on the site or social media
If you interact with us using the contact details available on the pages/contact forms of the Limitless Websites or interact with us through the messenger functions of social media networks (e.g., feedback, complaints, information requests, etc.), we will use your contact data and the data you communicate to us to provide you with information and offers regarding our services, to resolve the reported situation, to evaluate our clients’ satisfaction level, and to continuously improve the services we offer.

Personal data: Name, surname, phone number, email address, position, Internet Protocol (IP), cookie ID, data you have made public on your social media profile, and any other data you voluntarily send us.
Legality of processing: We process your data to take steps at your request before

entering into a contract (Art. 6/1/b of Regulation (EU) 2016/679) In pursuit of our legitimate interest to respond to any questions, complaints, or recommendations you send us and to improve our services and the experience we offer our clients (Art. 6/1/f of Regulation (EU) 2016/679).
Who we may share your data with: IT service providers for our companies (data hosting and storage) or providers to whom we outsource certain technical support services for our site or customer relationship management system providers The platform on which our site was developed and which provides our site hosting – Claus Web Social media platforms: Facebook, Instagram, LinkedIn, YouTube, TikTok Regulatory authorities and other state authorities, if requested by legal or statutory requirements.
We will disclose your personal data only to the extent strictly necessary to achieve the pursued purpose. We have taken all necessary measures to ensure that external service providers who have access to your data have implemented physical, electronic, and managerial security measures to protect the data.

How long we will store the data: We will not keep communications older than 1 year from the date of the last interaction in our database. Data transmitted through social media networks will be stored by them according to their own policies.

Where the data are stored: Data recorded through the Websites will be stored on the servers of the hosting provider, located in Romania. Data transmitted through social media networks will be stored by them according to their own policies.

Data we download locally will be stored on our secure Servers, local and in the cloud.

Commercial and Marketing Communications
We may send you information about the services we offer if you have requested this information (for example, by subscribing to a newsletter) or if you are already our client, and these pieces of information may be of particular interest to you.

Personal data: Name, surname, email address, phone number
Legality of processing: We process your data to take steps at your request before entering into a contract (Art. 6/1/b of Regulation (EU) 2016/679) We process the data based on your consent (Art. 6/1/a of Regulation (EU) 2016/679), for marketing communications We will process the data in a legitimate interest if you are already our client, and we consider that the information could be of great interest to you (Art. 6/1/f of Regulation (EU) 2016/679)

Who we may share your data with: IT service providers for our companies (data hosting and storage) or providers to whom we outsource certain technical support services for our site or customer relationship management system providers Marketing automation tool (newsletter sending)
Regulatory authorities and other state authorities, if requested by legal or statutory requirements.

We will disclose your personal data only to the extent strictly necessary to achieve the pursued purpose. We have taken all necessary measures to ensure that external service providers who have access to your data have implemented physical, electronic, and managerial security measures to protect the data.

How long we will store the data: In the case of subscribing to a newsletter, the processing will continue until you request to unsubscribe In the case of processing carried out in legitimate interest, when you are already our client, we will process your data for the duration of the contract execution and will continue to do so for 3 years after the termination of the contract.

Where the data are stored: Data we download locally will be stored on our secure Servers, local and in the cloud.
Important: If you wish to no longer receive newsletters or informative materials from Limitless Websites, all you need to do is press the „Unsubscribe” button available in the received email or send an email mentioning the desire to unsubscribe to …………………… and you will be unsubscribed from the respective communications.

Processing of candidate data in the recruitment, selection, and talent evaluation process
If you wish to join the Limitless team, we invite you to contact us through the contact details or forms available on the Limitless Websites.

We will process the data you provide us when expressing your intention to join the Limitless team and other additional information we may request later, to analyze your real potential and motivation so that we can evaluate if the information you have provided matches the employee profile we are looking for.

Important: The resume you send us should not contain sensitive data regarding (i) racial or ethnic origin (ii) political affiliations (iii) philosophical or religious beliefs; (iv) membership in a trade union or political party; (vii) criminal record or criminal proceedings and the penalties or fines associated; (viii) the commission of any illegal or inappropriate behavior and associated sanctions; or (ix) any national identification number of a person.

Personal data: Identification data: name and surname, contact details (email and phone) Other information requested by Limitless PPC or Limitless SEO CV, certifications, skills, and qualifications for the desired position; Cover letter, previous and/or relevant work experience or other experiences; Information from interviews and telephone conversations you may have, if applicable; Details about the type of job you are looking for, current and/or desired salary, and other information related to compensation and benefit packages, the desire to relocate or other work preferences, and the type of organization preferred; Information from references and/or information received following background checks (if applicable), including information provided by third parties and/or letters of recommendation; Information regarding the previous employment history. Other information provided voluntarily by the candidate.

Sensitive and/or demographic personal data: Sensitive and/or demographic information voluntarily provided by the candidate during the recruitment process, such as: citizenship and/or citizenship information, medical or health information of the candidate, racial, ethnic, or religious origin data
Legality of processing: We process your data to take steps at your request before entering into a contract (Art. 6/1/b of Regulation (EU) 2016/679)
Who we may share your data with: IT service providers for our companies (data hosting and storage) or providers to whom we outsource certain technical support services for our site or customer relationship management system providers The platform on which our site was developed and which provides our site hosting – Claus Web Regulatory authorities and other state authorities, if requested by legal or statutory requirements.

We will disclose your personal data only to the extent strictly necessary to achieve the pursued purpose. We have taken all necessary measures to ensure that external service providers who have access to your data have implemented physical, electronic, and managerial security measures to protect the data.

How long we will store the data: We will not keep candidate data older than 3 years
Where the data are stored: Data recorded through the Limitless Websites will be stored on the servers of the hosting provider, located in Romania. Data we download locally will be stored on our secure Servers, local and in the cloud.

Conclusion of contracts and execution of client requests
We primarily process personal data existing in the documents we exchange and the information necessary for concluding and fulfilling contracts.

Personal data: Name, surname, phone number, email address, signature, role in the company
Legality of processing: We process your data for the conclusion and execution of a contract (Art. 6/1/b of Regulation (EU) 2016/679)
Who we may share your data with: IT service providers for our companies (data hosting and storage) or providers to whom we outsource certain technical support services for our site or customer relationship management system providers Regulatory authorities and other state authorities, if requested by legal or statutory requirements.

We will disclose your personal data only to the extent strictly necessary to achieve the pursued purpose. We have taken all necessary measures to ensure that external service providers who have access to your data have implemented physical, electronic, and managerial security measures to protect the data.

How long we will store the data: We will not keep personal data older than 5 years from the moment the contract ends, except for documents subject to national legislation retention requirements (for example, accounting data)
Where the data are stored: Data we download locally will be stored on our secure Servers, local and in the cloud.
When you react to content on social media or share information from the site

We are present on Facebook, Instagram, LinkedIn, YouTube, and TikTok. Whenever you interact with us through our accounts opened on these platforms (e.g., comments, likes, shares, reviews, etc.), we will have access to publicly available data on your profiles.

Personal data: Name, image, and any other publicly accessible information in your social media profile or voluntarily communicated by you
Legality of processing: We process your data to take steps at your request before entering into a contract (Art. 6/1/b GDPR) or in our legitimate interest (Art. 6/1/f GDPR) to respond to any questions, complaints, or recommendations you send us and to improve our services and the experience we offer our clients and the legitimate interest to keep you updated with the news published by Limitless companies that might be of interest to you.
Who we may share your data with: Marketing service providers (PR Agency) Social media platforms: Facebook, LinkedIn, Instagram, Twitter, Pinterest Regulatory authorities and other state authorities, if requested by legal or statutory requirements.
We will disclose your personal data only to the extent strictly necessary to achieve the pursued purpose. We have taken all necessary measures to ensure that external service providers who have access to your data have implemented physical, electronic, and managerial security measures to protect the data.

How long we will store the data: Data transmitted through social media networks will be stored by them according to their own policies.
Where the data are stored: Data are stored on the servers of social media networks, located in the European Union or the USA Marketing service providers (PR agency) will store data on their own servers

Data we download locally will be stored on our secure Servers, local and in the cloud

Facilitating easy and enjoyable navigation on our site
When you access our site, we collect data about you through online identifiers (cookies and IP), which are stored in log files.

We use this

information to design our site to better adapt to our users’ needs. We may also use your IP address to help diagnose any malfunctions of our servers and to manage our site, maintaining the security of our website and preventing fraud, authorizing the use of services available on our website, analyzing trends, tracking visitor movements, and collecting general demographic information to help identify visitor preferences.

You can find more information about cookies, as well as how to delete cookies and disable tracking by accessing the Cookie Use Policy available on our site.

Personal data: Internet Protocol (IP), the general location of the computer, device (country level), website viewing history, timestamp, request/action, type and version of browser and operating system Other information generated while using our website, including when, how often, and under what circumstances you use it

Legality of processing: We use cookies to make your navigation on our site easy and enjoyable, in our legitimate interest (Art. 6/1/f of Regulation (EU) 2016/679) Non-essential cookies are not used without your consent (Art. 6/1/a of Regulation (EU) 2016/679)
Who we may share your data with: IT service providers for our companies (data hosting and storage) or providers to whom we outsource certain technical support services for our site or customer relationship management system providers Third parties placing cookies: Google, YouTube Regulatory authorities and other state authorities, if requested by legal or statutory requirements
We will disclose your personal data only to the extent strictly necessary to achieve the pursued purpose. We have taken all necessary measures to ensure that external service providers who have access to your data have implemented physical, electronic, and managerial security measures to protect the data.

How long we will store the data: There are session cookies and persistent cookies. While session cookies are deleted when closing the browser, persistent cookies can have a different lifespan, depending on the purpose they serve. More information about the duration of use of the cookies we use can be found in the Cookie Use Policy.

Where the data are stored: Data collected through our own cookies will be stored on the servers of the hosting provider, located in Romania. Data collected through third parties placing cookies will be stored on their servers, located in the European Union or the USA

Is data processed by Limitless companies safe?
Limitless PPC and Limitless SEO pay close attention to protecting your data and apply adequate technical and organizational measures to ensure the protection of processed personal data, appropriate for risks and categories of protected data, in particular, protect the data against sharing with unauthorized persons, taking by an unauthorized person, processing in violation of applicable laws, and against change, loss, damage, or destruction of data.

However, remember that unfortunately, no data transmission is guaranteed 100% secure.

If you suspect a breach of the confidentiality of your data, please contact us immediately at dpo@limitless.agency.

Important: After the data retention period ends, your data will be deleted. If we consider that this data could help us improve the quality of products or services, we will continue to use this data only after irreversible anonymization.

Links to other websites
Please note that we are not responsible for the privacy practices of other websites or third parties. We encourage you to be aware when you leave our site and to read the privacy policies of each website that may collect personal information.

Processing data of minors
Limitless companies are not intended for and do not knowingly collect information from minors under 18 years old through the site. Access and use of the site by minors imply the implicit agreement of the legal guardian in navigating our site by the minor under their care. Also, if we discover that a minor has used our site without the approval of the legal representative, we will delete all personal data about them.

International transfers of personal data
Limitless PPC and Limitless SEO share personal data with partners who operate outside the European Economic Area („EEA”).

List of international partners with whom we share data:

Third parties placing cookies: Google (Google Tag Manager, Google Analytics, and Google Ads), YouTube, Hotjar, Facebook Pixel, Linkedin, Tik Tok Pixel, OptinMonster Online platforms: Facebook, Instagram, LinkedIn, YouTube, TikTok Marketing automation tool (newsletter sending): Brevo
Personal data may be stored and processed in any country where we engage service providers. We may transfer the personal data we hold about you to recipients in other countries than the country in which the personal data were initially collected, including the United States or Israel. These countries may have data protection rules that are different from those in your country. However, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your personal data remain protected according to the standards described in this privacy policy. In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may have the right to access your personal data.

In cases where applicable law requires us to ensure that an international data transfer is governed by a data transfer mechanism, we use one or more of the following mechanisms:

EU standard contractual clauses with a data recipient outside the EEA or the UK Verification that the recipient has implemented binding corporate rules
We will also ensure that all our international partners have adopted additional measures to provide adequate guarantees, enforceable rights, and effective legal remedies. The role of these measures is to provide additional assurances to data subjects that data transfers based on standard contractual clauses or binding corporate rules provide a level of protection equivalent to that guaranteed within the European Union.

Your rights
As a data subject, you have specific legal rights regarding the personal data we collect and process. Limitless companies respect your rights and ensure that your interests are appropriately considered.

Withdrawal of consent: If the processing is based on your consent, you may withdraw your consent for the respective processing at any time. Rectification of data: If you notice that we hold incorrect personal data about you, you can request us to rectify the personal data concerning you at any time. We make reasonable efforts to keep personal data – which are used on an ongoing basis and which are in our possession or control – accurate, complete, current, and relevant, based on the latest information available to us. Restriction of processing: If you find yourself in one of the situations below, you can request us to restrict the processing of your data: you contest the accuracy of the personal data for the period in which we must verify the accuracy, the processing is illegal and you request the restriction of processing rather than the deletion of personal data, we no longer need your personal data, but you request them for the establishment, exercise, or defense of a right, or you object to the processing while we verify whether our legitimate reasons prevail over your rights.

Access to your data:

You can ask us for information about the personal data we hold about you, including information about what categories of data, for what they are used, where we collected them if they were not collected directly from you, and to whom they were disclosed if applicable. You can obtain a copy from us, free of charge, containing the personal data we hold about you. We reserve the right to charge a reasonable fee for abusive requests.

Right to portability: Upon request, we will transfer personal data to another operator, where technically feasible, provided that the processing is necessary for the execution of a contract. Rather than receiving a copy of your personal data, you can ask us to transfer the data directly to another operator, specified by you.

Right to erasure: You can obtain from us the deletion of personal data, in case: your data are no longer necessary in relation to the purposes for which they were processed, you object to the further processing of personal data (see Right to object below), personal data have been processed unlawfully, you withdraw your consent on which the processing is based Except in cases where processing is necessary: to fulfill a legal obligation that requires processing of those data by us; especially for legal data retention requirements; for the establishment, exercise, or defense of legal claims.

Right to object: You can object at any time to the processing of personal data due to your particular situation. In this case, we will no longer process personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. When you object to processing, please mention whether you want the deletion of personal data or the restriction of the processing of these data.

Right to file a complaint: In case of an alleged violation of applicable privacy legislation, you can file a complaint with the data protection supervisory authority: The National Supervisory Authority For Personal Data Processing by completing the online form available on the website www.dataprotection.ro Remember! Time period: We will try to solve your request within 30 days. However, the period may be extended for specific legal reasons or due to the complexity of the request.

Restriction of access: In certain situations, we may not be able to grant access to all or part of your personal data due to legal restrictions. If we deny your access request, we will inform you of the reason for the refusal. Inability to identify: In some cases, we may not be able to identify personal data due to a lack of identification elements provided in the request you send us. In such cases, if you do not provide additional information that allows us to identify you, we will not be able to proceed with the request to exercise legal rights as described in this section.

Exercising your rights To exercise legal rights, please contact our Data Protection Officer in writing at the email address at dpo@limitless.agency.