Cybersecurity Policy

Introduction

At Imobiliaa.ro, we consider cybersecurity essential for protecting our users’ information and ensuring a safe environment on our platform.
• This policy describes our measures, procedures, and commitments to protect personal data and IT infrastructure against cyber threats.

1. Policy Objective

This policy aims to:
• Protect the confidentiality, integrity and availability of collected and processed data;
• Prevent unauthorized access, loss, alteration or disclosure of data;
• Ensure compliance with applicable data protection laws (GDPR);
• Promote responsibility and awareness among users and employees.

2. Types of Protected Data

On the imobiliaa.ro platform we collect and protect the following categories of data:
• Personal data (name, email, phone);
• Authentication data (encrypted passwords);
• Transaction and interaction data with the platform;
• Technical data (IP addresses, browser type, cookies).

3. Security Measures Implemented

a) Technological:
• SSL/TLS encryption for all connections;
• Passwords secured with advanced hashing algorithms;
• Firewall and DDoS protection;
• Continuous monitoring of platform activity.
b) Organizational:
• Access restricted to authorized personnel;
• Regular security training;
• Clear incident handling procedures.

4. Password and Authentication Policy

Users must choose strong passwords of at least 8 characters including letters, numbers and symbols.
• The platform encourages two‑factor authentication (2FA).
• Account access is temporarily locked after multiple failed attempts.

5. Backup and Incident Recovery

Data is backed up periodically and stored in secure locations.
• There are well‑defined plans for rapid service restoration in case of major incidents.
• Backups are routinely tested for integrity.

6. Security Incident Management

Any security incident is promptly reported and investigated.
• In case of an incident affecting personal data, users and relevant authorities are notified within 72 hours.
• Corrective measures are implemented to prevent recurrence.

7. Protection Against Internal and External Threats

We use up‑to‑date antivirus and antimalware software.
• Strict access and usage policies are applied to internal systems.
• Regular vulnerability assessments and security audits are conducted.

8. Cookie Policy

We use cookies to:
• Ensure essential site functionality;
• Analyze traffic and improve user experience;
• Personalize content and ads based on your consent.
• Full details can be found in our Cookie Policy.

9. User Data Rights

Under GDPR, you have the right to:
• Request access to your data;
• Correct inaccurate data;
• Delete data (“right to be forgotten”);
• Restrict or stop processing;
• Withdraw consent;
• Request data portability.
• To exercise these rights, contact support@imobiliaa.ro.

10. Vulnerability Reporting

If you identify a vulnerability or security issue, please report it immediately to security@imobiliaa.ro.
• All reports are handled confidentially and with priority.

11. Policy Updates

This policy may be updated periodically to reflect new security standards or legal requirements.
• We recommend reviewing our page regularly for the latest information.
• Last updated: June 2025.