Skip to Content

Privacy statement

About us

Brink's Cash Solutions (RO) SRL is a part of The Brink’s Company, a publicly listed company (NYSE: BCO). Brink’s is active in 100 countries and operating from 52 countries with more than 76.500 total employees. By working together with stores, banks, and partners, Brink’s develops payment solutions by utilising our expertise in terms of entrepreneurship, payment, technology and security in a smart, interconnected way. 

Brink’s is committed to safeguarding your privacy by protecting your personal data and ensuring that it is handled and stored securely. This privacy statement describes how we, in accordance with the General Data Protection Regulation (GDPR), collect some of your personal data during your visit to this website and when using our services. 
We request you read this statement closely, as it contains important information about who we are, how and why we collect, store, use and share personal data, about exercising your data subject rights. And how to contact us or the relevant supervisory authority in case you have a question or a complaint. 

When Brink's Cash Solutions (RO) collects and uses your personal data, we act as a data controller, and as such we have to comply with the GDPR, which applies across the EU. As data controller, we are responsible for applying this legislation to our use of your personal data.

The information note regarding the processing of personal data carried out by Brink's is available here.

Contact information

Data controller:

 Brink's Cash Solutions (RO)


 Șoseaua Pipera nr. 42, etaj 12

Postal code:


Place of Establishment:

 București, Sector 2, România

Data Protection Officer (DPO):

Personal Data we collect and use

‘Personal data’ refers to all information relating to a person which can be used to identify them, either directly or indirectly.

We process your personal data exclusively on the following legitimate bases: 

  • Based on your explicit consent. You reserve the right to withdraw your consent at any time;
  • To serve our legitimate interests, it is possible that Brink’s processes personal data to safeguard the performance of the website;
  • In order to comply with legal obligations;
  • In order to perform a contract to which you are a party or to prepare a contract. 

Purpose and categories of data processing

When you are visiting our website, we may process the following personal data in order to be able to provide the corresponding services. We process your data to facilitate providing a functioning website, to be able to send newsletters, to enter into contact with interested parties, and to establish an adequate level of security of processing.

Interest form: if you send us a message by using the interest forms on our website, we process the following personal data: 

  • Name (first and last name);
  • Email address;
  • Phone (optional);
  • Company name (optional).

If you send us a message by using the contact email address on our website, we process the following personal data: 

  • Name (first and last name);
  • Email address.

We use the above mentioned information to complete your registration and to provide and bill the enlisted services. Additionally, as a financial service provider, Brink’s is subject to sector-specific legislation, including anti-money-laundering legislation.

In our interactions with individuals who send us requests, complaints, notifications etc., we may process the following personal data provided by them:

   - Name (first and last name);
   - Email address;
   - Postal address;
   - Phone number;
   - Location at a certain date;
   - Data collected by applications used to ensure IT security.

The basis of these processes is either the legitimate interest of our company or the implicit consent of the data subjects, as applicable.

Other parties

In order to provide our services, we sometimes share your data with third parties in their capacity as processors. We conclude data processing agreements with those third parties to guarantee that your data is being processed legitimately. These processors could be the e-mail client, the host of the website, the host of the CRM system and marketing agencies. .

We don’t share your data with other parties without explicit consent or a legal obligation to share it.


When using our website, we use cookies that are necessary to make our website functional. These cookies are active by default and cannot be switched off. Additionally, we use analytical cookies that we use to gain insight in how users use our website, by anonymously collecting and reporting data. These cookies are only active if you consent to them. We also use cookies that allow us to save your preferences, such as your preferred language or your region. These are also only active if you give your consent. Finally, we use marketing cookies, which are used to track user behaviour across websites. By using these, we can provide users with personalised advertising that is more relevant to individual users. Again, these are only active if consent is given.  

See our cookiepolicy for more information.

Data subject rights

Under the GDPR, you as a data subject enjoy certain rights. These rights are listed and explained below. If you want to exercise any of your rights, please contact our DPO (see: contact information at the top of this privacy statement). 

Right of access: you have the right to request a copy of your personal data. This copy includes information about the purposes for the processing, for how long and where the data is stored and to whom we provide this information.

Right to rectification: if you believe any of the personal data we process of you is incorrect or incomplete, you have the right to request rectification. 

Right to erasure: in certain situations, you have the right to have your personal data erased. This might be the case if the data is processed illegally, if the processing is no longer necessary, or if you revoke your consent. Our DPO will assess whether your request is valid or whether there is a legal requirement to retain the data. 

Right to restrict the processing: in certain situations, you have the right to request to temporarily restrict processing (part of) your personal data, for instance because you question whether the information is correct or because you believe retaining the data is no longer necessary. 

Right to object: when we process personal data for our legitimate interest, you have the right to object to the processing. We will consider your objection and assess whether the data processing affects you significantly enough for us to cease processing your personal data.   

Right to data portability: you have the right to request us to directly transfer your personal data to you. This applies to personal data we process with your consent or based on performance of a contract. 

Right to issue a complaint: you have the right to issue a complaint about our processing of your personal data to our DPO.

If Brink’s is not handling your request well, you can also file a complaint with the Dutch Data Protection Authority: 

Autoriteit Persoonsgegevens

  • Postbus 93374
  • 2509 AJ Den Haag 

We don’t make profiles of our website visitors. Therefore the right with regard to automated individual decision-making is not applicable.

Retention periods

In accordance with the GDPR, we follow the principle that we do not store personal data for longer than necessary for the purposes for which the data has been collected. Sometimes a (minimum) legal retention period applies we have to comply with, for instance for tax purposes. In such cases, it is not possible to exercise your right to erasure. 

For cookies, you can check the retention period for each different type of cookie by clicking “details” in the cookie preferences banner. 

Data transfers

As a controller, we take steps to ensure that your personal data is stored and processed inside the European Economic Area and is not transferred to third countries in the absence of an adequacy decision or Binding Corporate Rules. However, we cannot fully guarantee that no personal data is transferred to third countries such as the U.S., where Brink’s headquarters located. Our processing agreements have been concluded in such a way so as to minimise this risk, for instance by including Standard Contractual Clauses. 

We have an Intra-group personal data transfer agreement in place. The purpose of this agreement is to secure your data within the Brink’s group.

Information security

Brink’s has the responsibility to make sure your personal data is processed in a secure manner. To that end, Brink’s has implemented appropriate technical and organisational measures to ensure an appropriate level of security to the risks. These measures include, among others, making sure your connection to this website is secure and that the newsletter is sent securely. 

Is this statement ever going to change?

Brink’s may change this privacy statement. We will make an announcement of such a change on our website. If Brink’s wants to substantially change the purposes of processing, and the processing is based on your consent, Brink’s will again ask for consent for those new purposes. The old version of our privacy statement can be found here.

Version: June 2023.