Skip to main content
You've reached the end of the results
No results found
Popular searches
  • CREDITS
    CARDS
    ACCOUNTS AND TRANSACTIONS
    SAVING AND INVESTING
    INSURANCES
    PREMIUM BANKING
    Reclama
  • Financing
    ACCOUNTS AND TRANSACTIONS
    CARDS
    Payment solutions
    SAVING AND INVESTING
    Specialised sectors
    Reclama - opens in a new tab
  • Careers
    Newsroom
    Blog
    Podcast
    BT Community
    Reclama
  • We have made a firm commitment to Romanians and local entrepreneurs in supporting their dreams, BT being the partner with whom they can start their journey.
    OMER Tetik
    CEO Banca Transilvania
    • Open online account
    Call Center
    • Call Center status meter dynamic emoji
    High waiting time!

    We are currently experiencing a very high number of calls in our Call Center. If you have an urgent problem, call now, otherwise we'll wait for you later. For quick answers try Ask BT - opens in a new tab or BT Visual Help - opens in a new tab.

    • 0264 308 308 028 or *8028The number is available from any national network. Standard rate.
    0264 303 003Hotline for all Romanians who are out of the country, including assistance in English. Standard tariff.
    Fraud assistance
    If you suspect fraud on your account, quickly call 0264 308 055. Standard rate.
    BT AI Chat acronym - opens in a new tab
    Search with AI Search - opens in a new tab

    AI Search on Ask BT answers all your banking questions.

    - opens in a new tab
    BT Visual Help - opens in a new tab

    Quickly view your account details, call 0264 308 000 and receive an SMS with the access link.

    Ad hoc electronic signature information note BT documents

    Version valid from 13.11.2025

    Printable version Download

    • Who is the controller of personal data and data subjects?


    BANCA TRANSILVANIA S.A. ("the bank", "BT" or "we") credit institution, Romanian legal entity, with the identification and contact details in Section III of the General Information Notice on the processing and protection of personal data belonging to BT Customers, ("General Information Notice") offers its customers the possibility to sign documents in relation with the bank with digital certificates issued by the trusted service provider Alfatrust Certification S.A. ("Alfatrust"), in cooperation with BT. 

    If you are an individual authorized to sign documents in relation with the bank on behalf of a customer (legal or natural person) or an individual account holder and you choose to sign the documentation with a digital certificate that Alfatrust will issue to you on the basis of the collaboration with BT, your personal data will be processed as we inform you below. In this context, you are the data subject of this processing.

    On what grounds do we process the data and what happens if you refuse processing?

    We process your personal data, where applicable, on the following grounds:

    • BT's legal obligations (e.g. know-your-customer for the prevention of money laundering and terrorist financing, remote identification by video means)
    • the conclusion/performance of the contract you enter into with BT (if you are the individual customer holding the account)
    • the legitimate interest of BT and/or third parties, (e.g. to prevent fraud)
    • your consent (e.g. for the processing of biometric data)

    If you refuse the processing of biometric or other types of personal data, we cannot identify you beyond doubt. Thus, Alfatrust cannot issue you a digital certificate in this online flow. In this case, you can sign the documentation with another digital certificate of your own that you hold or holographically (only if other possible signatories of the document opt for this option).

    For what purposes do we process your personal data, what is the data, to whom do we disclose it and how long do we keep it?

    • to verify the identity and signatory status of a document in relation to BT

    We use a video remote identification process to make sure you are who you say you are. In the process, we will only take photographs of your face and ID if you give your consent .

    In this case, for identification purposes, we would process the following types of personal data, depending on the situation: (i) data from your identity card (including your passport, if you are not a resident Romanian citizen), which you will be required to photograph in certain situations (this implies access to a camera). If you are a Romanian resident, we will compare this information with the information from the General Directorate for the Registry of Persons - D.G.E.P. (see here for details about the processing of data provided by D.G.E.P.); (ii) the moving facial image from the video selfie we will ask you to take (requires access to the camera); (iii) the biometric facial data obtained by biometrically comparing the image from the selfie with the image from the photographed ID card and/or, where applicable, with the image from the D.G.E.P. We will process your biometric data only if you give your explicit consent, which we will ask you to give before we do so. Biometric matching is performed by analyzing relevant facial features, using specific computer methods, to uniquely confirm that the same person appears in the images. Following the biometric comparison, the computer solution indicates the probability that the face in the two images belongs to the same person. If you refuse to allow us to process your biometric data or if the result issued by the IT solution does not assure us of your identity, there will be the same consequences as we have informed you about in the previous section.

    For remote identification, we use the services of the service provider Onfido and its partners (sub-authors). They process the data from your photo ID, your image (from the selfie/video taken) and biometric facial data only on behalf and under the instructions of the bank.

    Onfido and its partners may be located in third countries, such as the UK (with adequate data protection recognized by the European Commission), or in other countries that do not have such a decision. In these latter cases, we have ensured that the transfer of data is carried out on the basis of adequate safeguards provided by the GDPR, consisting of Standard Contractual Clauses approved by the European Commission which you can find here: https://eur-lex.europa.eu/legal-content/RO/ALL/?uri=CELEX:32021D0914 

    •  for the issuance and management of the Qualified Digital Certificate issued by Alfatrust Certification S.A. for signing the documentation in relation with BT

    If your identification has been successful, you need a qualified digital certificate in order to sign your documentation with BT with a qualified electronic signature.

    There is no cost to you for issuing and using the digital certificate for signing, but BT and Alfatrust are required to jointly process personal data about you as associated operators as follows:

    a. Personal data controllers

    Pursuant to Art. 13-14 of EU Regulation 679/2016 - General Data Protection Regulation ("GDPR"), Alfatrust Certification S.A. ("Alfatrust") and Banca Transilvania S.A. ("BT" or the "Bank"), having the identification and contact details indicated in the Terms and Conditions for the provision of certification services for qualified digital certificates, inform you about the processing of your personal data, as a User ("data subject"), which they carry out as associated operators for the purposes mentioned in lit. b below.

    b. Purpose and basis for processing personal data

    The purpose for which the associated operators process the User's data is to issue and manage the Qualified Digital Certificate ("Certificate").

    BT is the operator that identifies the User, collects from the User the personal data necessary to issue the Qualified Digital Certificate, and transmits it to Alfatrust for this operator to issue the certificate.

    The data that BT collects from the Users are those processed by the Bank in its own records, in the context of the business relationship that is initiated between the User and the Bank at the time of the transmission of the data to Alfatrust.

    During the period of validity of the certificate, personal data are processed by the associated operators, as the case may be, including in situations where Users request the suspension or revocation of the certificate in the manner detailed in the Terms and Conditions of service provision.

    The grounds for the processing of personal data for the defined purpose are the legal obligation (Art. 6 para. 1 lit. c GDPR), the conclusion/performance of the Contract (Art. 6 para. 1 lit. b GDPR) and the legitimate interest of the associated operators (Art.6 para. 1 lit. f GDPR).

    In terms of legal obligation, both BT - as the credit institution with which the User initiates a business relationship, and Alfatrust - as the accredited certification service provider from which the User wishes to obtain a certificate, are subject to the applicable legal provisions in the field of prevention of money laundering and terrorist financing, according to which they must collect a series of personal data. These data are also necessary for the conclusion/execution of the Contract on the basis of which the User is allowed to use the certificate to sign the documentation in relation with BT.

    In order to support Users who wish to make a request for suspension or withdrawal of their certificate, the associated operators justify a legitimate interest in providing them with the possibility to submit such requests not only directly to Alfatrust, but also via BT. The processing of such requests involves the exchange of Users' personal data between the two associated operators.

    The contact data - telephone number and home address will be processed by any of the associated operators, whenever it will be necessary to contact the end user for the proper performance of the contractual relationship related to the qualified digital certificate.

    c, Categories of personal data and persons whose personal data areprocessed.

    The personal data processed for the fulfillment of the above-mentioned purpose are those required by law to be collected by a credit institution, i.e. by a provider of certification services for the prevention of money laundering and sanctioning of terrorism, namely: name, surname, CNP, home/residence address, validity date of the identity card, telephone number and copy of the identity card. All these data, as collected by the Bank, will be made available to Alfatrust for the purpose of issuing and managing the Qualified Digital Certificate.

    The processing of this personal data is necessary to generate the Qualified Digital Certificate. If the User refuses to have this data processed, the Qualified Digital Certificate cannot be issued.

    The data subjects are only the Users as defined in the Terms and Conditions of Use.

    d. Recipients of personal data.

    With the exception of the associated controllers between whom personal data processed for the purpose of the processing will be exchanged, the data are disclosed, where appropriate, to the employees of the associated controllers who need to know them, to IT service providers, auditors, authorities and institutions entitled to know them.

    e. Period of personal data processing.

    Information about a Qualified Digital Certificate (including personal data) is processed by Alfatrust for a period of 10 years from the date of expiration of its validity, in accordance with the legally established terms.

    At Banca Transilvania's level, the remote electronic signature, applied on the basis of the Qualified Digital Certificate issued by Alfatrust on the documentation signed in relation with BT, is kept for the entire period during which a business relationship is established between the User and BT, plus the terms established in the applicable banking legislation, namely at least 5 years from the termination of the business relationship with the credit institution.

    f. The rights of data subjects to the processing of their personal data for the purposes indicated.

    Any User, as a data subject, is guaranteed the following rights with regard to the processing of his/her personal data, at any of the associated controllers: the right of access, the right to rectification, the right to restriction of processing, the right to erasure, the right to object to the processing of data, the right to data portability.

    Users can exercise these rights or contact the Data Protection Officers for any questions / queries regarding the processing of personal data, as follows:

    • Banca Transilvania S.A. - by e-mail to dpo@btrl.ro or by request

    sent to BT headquarters, marked "for the attention of the Data Protection Officer (DPO)"

    • to Alfatrust Certification S.A.- by e-mail to dataprotection@alfasign.ro or by a request sent to the Alfatrust headquarters, with the mention "for the attention of the Data Protection Officer (DPO)".

    Users also have the right to lodge a complaint with the supervisory authority - the National Supervisory Authority for the Processing of Personal Data (ANSPDCP), with headquarters in Bucharest, sector 1, Bd. G-ral Gh. Magheru nr. 28-30.

    • For communication with you

    If the electronic signature of the document in relation to BT is successfully completed, we will send it to the e-mail address from which you initiated the signature flow. We have this contact date and your telephone number from you (e.g. if you declared them to the bank when you became a customer) or, where applicable, we have received them from the account-holding customer who authorized you to sign the documentation in relation to the bank.

     If your identification has been successful, you need a qualified digital certificate in order to sign your documentation with BT with a qualified electronic signature.

    There is no cost to you for issuing and using the digital certificate for signing, but BT and Alfatrust are required to jointly process personal data about you as associated operators as follows:

    • Joint Data Controllers

    Pursuant to Art. 13-14 of EU Regulation 679/2016 - General Data Protection Regulation ("GDPR"), Alfatrust Certification S.A. ("Alfatrust") and Banca Transilvania S.A. ("BT" or the "Bank"), having the identification and contact details indicated in the Terms and Conditions for the provision of certification services for qualified digital certificates, inform you about the processing of your personal data, as a User ("data subject"), which they carry out as associated operators for the purposes mentioned in lit. b below.

    • Purpose and basis for processing personal data

    The purpose for which the associated operators process the User's data is to issue and manage the Certificate

    Digital Qualified ("Certificate").

    BT is the operator that identifies the User, collects from the User the personal data necessary to issue the Qualified Digital Certificate, and transmits it to Alfatrust for this operator to issue the certificate.

    The data that BT collects from the Users are those processed by the Bank in its own records, in the context of the business relationship that is initiated between the User and the Bank at the time of the transmission of the data to Alfatrust.

    During the period of validity of the certificate, personal data are processed by the associated operators, as the case may be, including in situations where Users request the suspension or revocation of the certificate in the manner detailed in the Terms and Conditions of service provision.

    The grounds for the processing of personal data for the defined purpose are the legal obligation (Art. 6 para. 1 lit. c GDPR), the conclusion/performance of the Contract (Art. 6 para. 1 lit. b GDPR) and the legitimate interest of the associated operators (Art.6 para. 1 lit. f GDPR).

    In terms of legal obligation, both BT - as the credit institution with which the User initiates a business relationship, and Alfatrust - as the accredited certification service provider from which the User wishes to obtain a certificate, are subject to the applicable legal provisions in the field of prevention of money laundering and terrorist financing, according to which they must collect a series of personal data. These data are also necessary for the conclusion/execution of the Contract on the basis of which the User is allowed to use the certificate to sign the documentation in relation with BT.

    In order to support Users who wish to make a request for suspension or withdrawal of their certificate, the associated operators justify a legitimate interest in providing them with the possibility to submit such requests not only directly to Alfatrust, but also via BT. The processing of such requests involves the exchange of Users' personal data between the two associated operators.

    The contact data - telephone number and home address will be processed by any of the associated operators, whenever it will be necessary to contact the end user for the proper performance of the contractual relationship related to the qualified digital certificate.

    • Categories of personal data and persons whose personal data areprocessed.

    The personal data processed for the fulfillment of the above-mentioned purpose are those required by law to be collected by a credit institution, i.e. by a provider of certification services for the prevention of money laundering and sanctioning of terrorism, namely: name, surname, CNP, home/residence address, validity date of the identity card, telephone number and copy of the identity card. All these data, as collected by the Bank, will be made available to Alfatrust for the purpose of issuing and managing the Qualified Digital Certificate.

    The processing of this personal data is necessary to generate the Qualified Digital Certificate. If the User refuses to have this data processed, the Qualified Digital Certificate cannot be issued.

    The data subjects are only the Users as defined in the Terms and Conditions of Use.

    • Recipients of personal data.

    With the exception of the associated controllers between whom personal data processed for the purpose of the processing will be exchanged, the data are disclosed, where appropriate, to the employees of the associated controllers who need to know them, to IT service providers, auditors, authorities and institutions entitled to know them.

    • Personal data processing period.

    Information about a Qualified Digital Certificate (including personal data) is processed by Alfatrust for a period of 10 years from the date of expiration of its validity, in accordance with the legally established terms.

    At Banca Transilvania's level, the remote electronic signature, applied on the basis of the Qualified Digital Certificate issued by Alfatrust on the documentation signed in relation with BT, is kept for the entire period during which a business relationship is established between the User and BT, plus the terms established in the applicable banking legislation, namely at least 5 years from the termination of the business relationship with the credit institution.

    • The rights of data subjects to the processing of their personal data for the purposes indicated.

    Any User, as a data subject, is guaranteed the following rights with regard to the processing of his/her personal data, at any of the associated controllers: the right of access, the right to rectification, the right to restriction of processing, the right to erasure, the right to object to the processing of data, the right to data portability.

    Users can exercise these rights or contact the Data Protection Officers for any questions / queries regarding the processing of personal data, as follows:

    • to Banca Transilvania S.A. - by e-mail to dpo@btrl.ro or by a request sent to BT headquarters, with the mention "for the attention of the Data Protection Officer (DPO)"
    • to Alfatrust Certification S.A.- by e-mail to dataprotection@alfasign.ro or by a request sent to the Alfatrust headquarters, with the mention "for the attention of the Data Protection Officer (DPO)".

    Users also have the right to lodge a complaint with the supervisory authority - the National Supervisory Authority for the Processing of Personal Data (ANSPDCP), with headquarters in Bucharest, sector 1, Bd. G-ral Gh. Magheru nr. 28-30.

    • For communication with you

    If the electronic signature of the document in relation to BT is successfully completed, we will send it to the e-mail address from which you initiated the signature flow. We have this contact date and your telephone number from you (e.g. if you declared them to the bank when you became a customer) or, where applicable, we have received them from the account-holding customer who authorized you to sign the documentation in relation to the bank.


    Your rights, DPO contact details and details about the processing of personal data

    Further details about how BT generally processes BT customers' personal data, including information about your rights, how you can exercise them and contact details for the BT Data Protection Officer (BT DPO), are provided in the General Information Notice, which this notice supplements. You can find it at www.bancatransilvania.ro in the Privacy Hub section