GLM Collective S.R.L., trading as Sibemol Studio, is committed to protecting your personal data. This Privacy Policy explains who we are, what data we collect, why we collect it, how we use and protect it, and what rights you have under the General Data Protection Regulation (GDPR) and applicable Romanian law.

 

1. Data Controller

The data controller responsible for your personal data is:

Company: GLM Collective S.R.L.
Trading as Sibemol Studio
CUI: 53278696
Reg. No.: J2026002468004
Address: 47 Erou Iancu Nicolae, Voluntari, Ilfov, Romania

If you have any questions about how we handle your personal data, please contact us using the details above.

 

2. Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

2.1 Identity & Contact Data

First name, last name, email address, phone number, and postal address — provided when you register, make a booking, or contact us.

2.2 Enrolment Data

Information about the Student’s age, instrument, current skill level, and programme preferences — provided during the registration process to enable us to place Students appropriately.

2.3 Payment Data

Transaction records and billing information. We do not store full payment card details — card processing is handled by our payment provider, who is independently responsible for that data.

2.4 Communications Data

The content of emails, messages, or enquiries you send us, and our responses.

2.5 Technical & Usage Data

IP address, browser type and version, operating system, referring URLs, pages viewed, and time spent on pages — collected automatically when you visit our Website.

2.6 Marketing Preferences

Your preferences regarding receiving marketing communications from us.

2.7 Media

Photographs, audio recordings, or video recordings of Student performances or studio sessions — only where specific consent has been obtained separately.

 

3. How We Collect Your Data

We collect personal data through the following means:

  • Direct interactions— when you fill in a form, make a booking, send us an email or message, or speak with us by phone.
  • Automated technologies— cookies, server logs, and similar tracking technologies when you browse the Website. See our Cookie Policy for details.
  • Third parties— analytics providers (e.g. Google Analytics), advertising platforms (e.g. Meta), and payment processors who may share limited data with us in the course of providing their services.
  • Social media— if you interact with us via Facebook, Instagram, YouTube, or TikTok, those platforms may share certain interaction data with us subject to their own privacy policies.

 

 

5. How We Use Your Data

We use the personal data we collect for the following purposes:

  • To register you as a new Client or Student and manage your enrolment.
  • To process payments and send receipts or invoices.
  • To communicate with you about your bookings, schedule changes, or programme updates.
  • To send you marketing or promotional content about our programmes, where you have given consent.
  • To analyse website usage and improve the content and functionality of sibemol.ro.
  • To comply with our legal and regulatory obligations.
  • To protect the security and integrity of our website and premises.
  • To publish Student performance media on our website and social media channels, where consent has been given.

We will not use your data for automated decision-making or profiling that produces significant legal or similarly significant effects.

 

6. Sharing Your Data

We do not sell, rent, or trade your personal data. We may share your data with the following categories of recipients only where necessary and subject to appropriate safeguards:

6.1 Service Providers

Third-party vendors who assist us in operating our business — including our website hosting provider, payment processor, email platform, and booking system. These parties act as data processors under written agreements and may only use your data as instructed by us.

6.2 Analytics & Advertising Platforms

Google (Analytics) and Meta (Facebook/Instagram) may receive anonymised or pseudonymised usage data for the purpose of website analytics and advertising performance measurement. See Section 12 (Cookies) for more detail.

6.3 Professional Advisers

Legal counsel, accountants, or auditors where necessary for us to obtain professional advice or to comply with legal obligations.

6.4 Legal Authorities

Romanian public authorities or law enforcement agencies where required to do so by law or in response to a lawful request.

6.5 Business Transfers

In the event of a merger, acquisition, or sale of assets involving GLM Collective S.R.L., personal data may be transferred to the relevant third party, subject to equivalent privacy protections.

 

7. International Data Transfers

Some of our service providers — including Google and Meta — may transfer or store your data outside the European Economic Area (EEA). Where this occurs, we ensure that appropriate safeguards are in place, such as the European Commission’s Standard Contractual Clauses (SCCs) or an adequacy decision.

You may request a copy of the relevant safeguards by contacting us at contact@sibemol.ro.

 

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Data Category Retention Period
Client & Student enrolment records Duration of enrolment + 3 years
Financial & invoicing records 10 years (Romanian Fiscal Code requirement)
Marketing consent records Until consent is withdrawn + 1 year
Website analytics data 26 months (Google Analytics default)
Email & enquiry correspondence 3 years from last contact
Performance media (photos/videos) Until consent is withdrawn

When data is no longer required, it is securely deleted or anonymised.

 

9. Children & Minors

Our Services are designed for young people, and we therefore regularly process the personal data of minors. We take this responsibility seriously.

9.1 Parental Consent

Where a Student is under 16 years of age, we require the enrolment to be completed by a parent or legal guardian, who must accept our Terms and Conditions and this Privacy Policy on the Student’s behalf. By doing so, the parent or guardian confirms they have the authority to provide consent for the processing of the minor’s personal data.

9.2 Media Consent for Minors

We will never publish photographs, audio, or video recordings of a minor Student without obtaining explicit, written consent from their parent or legal guardian. Such consent may be withdrawn at any time by contacting us, and we will remove the relevant media promptly upon request.

9.3 Data Minimisation

We collect only the minimum personal data necessary for minors and do not use it for marketing purposes without explicit parental consent.

 

10. Your Rights

Under the GDPR, you have the following rights in relation to your personal data. These rights also apply to parents or guardians acting on behalf of minor Students.

👁
Right of Access

Request a copy of the personal data we hold about you (a Subject Access Request).

✏️
Right to Rectification

Ask us to correct inaccurate or incomplete personal data we hold about you.

🗑
Right to Erasure

Request deletion of your data where there is no compelling reason for us to continue processing it.

Right to Restriction

Ask us to suspend processing of your data in certain circumstances — for example, while you contest its accuracy.

📦
Right to Portability

Receive your data in a structured, machine-readable format and transfer it to another controller.

🚫
Right to Object

Object to processing based on legitimate interests or for direct marketing purposes.

↩️
Withdraw Consent

Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.

⚖️
Right to Complain

Lodge a complaint with ANSPDCP, Romania’s supervisory authority, at any time.

To exercise any of these rights, contact us at contact@sibemol.ro. We will respond within 30 days. We may need to verify your identity before processing your request.

 

11. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or alteration. These measures include secure server infrastructure, encrypted data transmission (HTTPS), access controls, and regular security reviews.

Where we engage third-party processors, we require them by contract to implement equivalent security standards.

No method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights, we will notify you and the relevant supervisory authority as required by law.

 

12. Cookies

Our Website uses cookies and similar tracking technologies. Cookies allow us to distinguish you from other users, improve your browsing experience, and help us analyse traffic and usage patterns.

For full details of the cookies we use, the purposes for which we use them, and how you can control them, please read our Cookie Policy.

 

 

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Services we offer, or applicable law. When we do, we will revise the “Last updated” date at the top of this page.

For material changes that significantly affect how we process your data, we will notify you by email (where we hold your address) or via a prominent notice on the Website. We encourage you to review this Policy periodically.

 

15. Contact & Complaints

For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

Company: GLM Collective S.R.L. — Sibemol Studio
Address: 47 Erou Iancu Nicolae, Voluntari, Ilfov, Romania

 

Supervisory Authority

If you are not satisfied with our response, or if you believe we are processing your data unlawfully, you have the right to lodge a complaint with Romania’s data protection supervisory authority:

Authority: Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP)
Address: B-dul G-ral. Gheorghe Magheru 28–30, Sector 1, București, Romania