Are you staying abroad? You open an account online from BT Pay100 euro cashback in account Your home bank
  • CREDITS
    CARDS
    ACCOUNTS AND OPERATIONS
    ECONOMY AND INVESTMENTS
    INSURANCES
    PREMIUM BANKING
    Bt pay kiddo
    Bt pay kiddo
    DIASPORA
    DIASPORA
    Advertisement - opens in a new tab
  • ACCOUNTS AND OPERATIONS
    Funding
    CARDS
    Payment solutions
    ECONOMY AND INVESTMENTS
    Specialized sectors
    Advertisement
  • Careers
    Newsroom
    Blog
    Podcast
    BT Community
  • We have taken a firm commitment towards Romanians and local entrepreneurs in supporting their dreams, BT being the partner with whom they can start their journey.
    OMER Tetik
    CEO Banca Transilvania
    • Open an account online
    Call Center
    • Call Center status meter dynamic emoji
    High waiting time!

    Currently, we are recording a very large number of calls in the Call Center. If you have an urgent problem, call now, and if not, we look forward to seeing you later. For quick answers, try Question BT - opens in a new tab or BT Visual Help - opens in a new tab.

    • 0264 308 028 or *8028The number is available from any national network. Normal rate.
    0264 303 003Direct line for all Romanians who are abroad, including assistance in English. Regular rate.
    Fraud assistance
    In case you suspect fraud on your account, call quickly at 0264 308 055. Normal rate.
    BT AI Chat Logo - opens in a new tab
    Search with AI Search - opens in a new tab

    AI Search from Ask BT answers all your banking questions.

    - opens in a new tab
    BT Visual Help - opens in a new tab

    See your account details quickly, call 0264 308 000 and you receive a text message with the access link.

    You have reached the end of the results
    No results found
    Popular searches
    Skip to main content

    Information note ad hoc electronic signing BT documents

    Version valid starting from the date 13.11.2025

    Printable version of this information note Download

    • Who is the personal data operator and the data subjects?


    BANCA TRANSILVANIA S.A. ("the bank", "BT" or "we")credit institution, Romanian legal entity, with identification and contact details from section III of the General information notes regarding the processing and protection of personal data belonging to BT Clients, („General information note”) offers its clients the possibility to sign documents related to the bank with digital certificates issued by the trusted service provider Alfatrust Certification S.A. (“Alfatrust”), in collaboration with BT.

    If you are an authorized natural person to sign documents in relation to the bank on behalf of a client (legal or natural person) or a natural person account holder and you choose to sign the documentation with a digital certificate that Alfatrust will issue for you based on the collaboration with BT, your personal data will be processed as we inform you below. In this context, you are the data subject of this processing.

    On what grounds do we process the data and what happens if you refuse their processing?

    We process your personal data, as applicable, on the following grounds:

    • legal obligations of BT (e.g. customer knowledge for preventing money laundering and terrorist financing, remote identification through video means)
    • the conclusion/performance of the contract that you enter into with BT (if you are the individual account holder)
    • the legitimate interest of BT and/or some third parties, (e.g. for fraud prevention)
    • your consent (e.g. for biometric data processing)

    If you refuse the processing of biometric data or other types of personal data, we cannot identify you beyond any doubt. Thus, Alfatrust cannot issue you a digital certificate within this online flow. In this case, you can sign the documentation with another digital certificate you own or by handwritten signature (only if other potential signatories of the document also opt for this signing option).

    For what purposes do we process your personal data, what data is it, to whom do we disclose it, and how long do we keep it?

    • for the verification of identity and the status of signatory of a document in relation to BT

    We use a process of remote identification by video means, to make sure you are who you say you are. In this process, we will take photos of your face and your identity document, only if you give your consent.

    In this case, for identification, we would process the following types of personal data, depending on the situation: (i) the data from the identity document (including passport, if you are not a Romanian citizen resident), which you will need to photograph in certain situations (this implies access to the camera). If you are a Romanian resident, we will compare this information with that from the General Directorate for Personal Records - G.D.P.R. (see here details about the processing of data provided by D.G.E.P.); (ii) the image small faces in motion, from the selfie video that we will ask you to make (requires access to the camera), (iii) the biometric data of the face, obtained by biometric comparison of the selfie image with that of the photographed identity document and/or, as applicable, with the image from D.G.E.P.. We will process your biometric data only if you give your explicit consent, which we will request from you before we carry out such processing Biometric comparison is performed by analyzing relevant facial characteristics, using specific IT methods, to uniquely confirm that the same person appears in the images. Following biometric comparison, the IT solution indicates the probability that the face in the two images belongs to the same person. If you refuse to allow us to process your biometric data or if the result issued by the IT solution does not assure us of your identity, the same consequences will apply as those we informed you about in the previous section.

    For remote identification, we use the services of the service provider Onfido and some of its partners (subprocessors). They process the data from your photographed ID card, your image (from the selfie/video taken), and the biometric data of the face only on behalf of and under the instructions of the bank.

    Onfido and its partners may be located in third countries, such as the UK (with adequate data protection recognized by the European Commission), or in other countries that do not have such a decision. In the latter cases, we have ensured that the data transfer is carried out on the basis of appropriate safeguards provided by the GDPR, consisting of Standard Contractual Clauses approved by the European Commission which you can find here: https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32021D0914 

    •  for issuing and managing the Qualified Digital Certificate issued by Alfatrust Certification S.A. for signing documentation in relation to BT

    If your identification was successful, in order to sign the documentation with a qualified electronic signature in relation to BT, you need to have a qualified digital certificate.

    The issuance and use for signing of the digital certificate does not involve costs for you, but it is necessary that BT and Alfatrust jointly process, as associated operators, personal data concerning you, as follows:

    a. Operators of personal data

    Based on Art. 13-14 of EU Regulation 679/2016 - the General Data Protection Regulation (“GDPR”), Alfatrust Certification S.A. (“Alfatrust”) and Banca Transilvania S.A. (“BT” or “the Bank”), having the identification and contact data indicated within the Terms and Conditions for providing certification services for qualified digital certificatesinforms you about the processing of your personal data, as a User ("data subject"), which is carried out as associated operators for the purpose mentioned in point b below.

    b. The purpose and basis of processing personal data

    The purpose for which the associated operators process the User's data is the issuance and management of the Qualified Digital Certificate ("Certificate").

    BT is the operator that identifies the User, respectively collects from them the personal data necessary for issuing the Qualified Digital Certificate, and transmits it to Alfatrust so that this operator can issue the certificate.

    The data that BT collects from Users are those processed by the Bank in its own records, in the context of the business relationship initiated between the User and the Bank at the time the data is transmitted to Alfatrust.

    During the validity period of the certificate, personal data are processed by the associated operators, as appropriate, including in situations where Users request the suspension or revocation of the certificate in the ways detailed in the Terms and Conditions of service provision.

    The legal grounds for processing personal data for the defined purpose are the legal obligation (Art. 6 para. 1 lit. c GDPR), the conclusion/performance of the Contract (Art. 6 para. 1 lit. b GDPR), and the legitimate interest of the associated operators (Art. 6 para. 1 lit. f GDPR).

    Regarding the legal obligation, both BT - as a credit institution with which the User initiates a business relationship, and Alfatrust - as an accredited certification services provider from which the User wishes to obtain a certificate, are subject to the legal provisions applicable in the field of preventing money laundering and terrorism financing, according to which they must collect a series of personal data. This data is also necessary for the conclusion/performance of the Contract under which the User is allowed to use the certificate for signing the documentation in relation to BT.

    In order to support Users who wish to submit a request for suspension or withdrawal of the certificate, the associated operators justify a legitimate interest in offering them the possibility to send these requests not only directly to Alfatrust, but also through BT. The processing of these requests involves the exchange of Users' personal data between the two associated operators.

    Contact details - phone number and home address will be processed by any of the associated operators, whenever it is necessary to contact the end user for the proper conduct of the contractual relationship related to the qualified digital certificate.

    c, Categories of personal data and of persons whose personal data areprocessed.

    Personal data processed for the purpose of fulfilling the mentioned goal are those provided by law as mandatory to be collected by a credit institution, respectively by a certification service provider for the prevention of money laundering and the sanctioning of terrorism, namely: name, first name, personal numerical code (CNP), home/residence address, identity document expiration date, phone number, and a copy of the identity document. All these data, as collected by the Bank, will be made available to Alfatrust for the issuance and management of the Qualified Digital Certificate.

    Processing of this personal data is necessary for the generation of the Qualified Digital Certificate. The User's refusal to have this data processed leads to the impossibility of issuing the Qualified Digital Certificate.

    The persons targeted by this processing are only the Users, as they are defined in the Terms and Conditions of use.

    d. Recipients of personal data.

    Except for the associated operators among whom a transfer of personal data processed for the fulfillment of the processing purpose will take place, the data is disclosed, as the case may be, to the employees of the associated operators who need to know it, IT service providers, auditors, authorities, and institutions entitled to know it.

    e. Period of processing of personal data.

    Information regarding a Qualified Digital Certificate (including personal data) is processed by Alfatrust for a period of 10 years from the date of its validity termination, in accordance with the legally established deadlines.

    At the level of Banca Transilvania, the remote electronic signature, applied based on the Qualified Digital Certificate issued by Alfatrust on the documentation signed in relation to BT, is kept for the entire period during which a business relationship is carried out between the client User and BT, to which the terms established in the applicable banking legislation are added, namely at least 5 years from the termination of the business relationship with the credit institution.

    f. Rights of data subjects regarding the processing of their personal data for the indicated purpose.

    To any User, in their capacity as a data subject, the exercise of the following rights regarding the processing of their personal data is guaranteed with any of the associated operators: the right of access, the right to rectification, the right to restriction of processing, the right to erasure of data, the right to object to data processing, the right to data portability.

    Users can exercise these rights or contact the data protection officers for any questions/requests regarding the processing of personal data, as follows:

    • to Banca Transilvania S.A.- by message sent to the e-mail address dpo@btrl.ro or by a request

    sent to the BT headquarters, with the mention "to the attention of the data protection officer (DPO)"

    • to Alfatrust Certification S.A.- through message sent to the e-mail address dataprotection@alfasign.ro or by a request sent to the Alfatrust headquarters, mentioning "to the attention of the data protection officer (DPO)".

    Users also have the right to file a complaint with the supervisory authority - the National Authority for the Supervision of Personal Data Processing (ANSPDCP), with headquarters in Bucharest, sector 1, G-ral Gh. Magheru Blvd. no. 28-30.

    • For communication with you

    If the electronic signing of the document in relation to BT is successfully completed, we will send it to the email address from which you initiated the signing process. We have this contact information, as well as your phone number, from you (e.g., if you declared them to the bank when you became a client) or, as the case may be, we received them from the account holder client who authorized you to sign the documentation in relation to the bank.

     If your identification was successful, in order to sign the documentation with a qualified electronic signature in relation to BT, you need to have a qualified digital certificate.

    The issuance and use for signing of the digital certificate does not involve costs for you, but it is necessary that BT and Alfatrust jointly process, as associated operators, personal data concerning you, as follows:

    • Operators of personal data

    Based on Art. 13-14 of EU Regulation 679/2016 - the General Data Protection Regulation (“GDPR”), Alfatrust Certification S.A. (“Alfatrust”) and Banca Transilvania S.A. (“BT” or “the Bank”), having the identification and contact data indicated within the Terms and Conditions for providing certification services for qualified digital certificatesinforms you about the processing of your personal data, as a User ("data subject"), which is carried out as associated operators for the purpose mentioned in point b below.

    • The purpose and legal basis for processing personal data

    The purpose for which the associated operators process the User's data is the issuance and management of the Certificate

    Digital Certificate (“Certificate”).

    BT is the operator that identifies the User, respectively collects from them the personal data necessary for issuing the Qualified Digital Certificate, and transmits it to Alfatrust so that this operator can issue the certificate.

    The data that BT collects from Users are those processed by the Bank in its own records, in the context of the business relationship initiated between the User and the Bank at the time the data is transmitted to Alfatrust.

    During the validity period of the certificate, personal data are processed by the associated operators, as appropriate, including in situations where Users request the suspension or revocation of the certificate in the ways detailed in the Terms and Conditions of service provision.

    The legal grounds for processing personal data for the defined purpose are the legal obligation (Art. 6 para. 1 lit. c GDPR), the conclusion/performance of the Contract (Art. 6 para. 1 lit. b GDPR), and the legitimate interest of the associated operators (Art. 6 para. 1 lit. f GDPR).

    Regarding the legal obligation, both BT - as a credit institution with which the User initiates a business relationship, and Alfatrust - as an accredited certification services provider from which the User wishes to obtain a certificate, are subject to the legal provisions applicable in the field of preventing money laundering and terrorism financing, according to which they must collect a series of personal data. This data is also necessary for the conclusion/performance of the Contract under which the User is allowed to use the certificate for signing the documentation in relation to BT.

    In order to support Users who wish to submit a request for suspension or withdrawal of the certificate, the associated operators justify a legitimate interest in offering them the possibility to send these requests not only directly to Alfatrust, but also through BT. The processing of these requests involves the exchange of Users' personal data between the two associated operators.

    Contact details - phone number and home address will be processed by any of the associated operators, whenever it is necessary to contact the end user for the proper conduct of the contractual relationship related to the qualified digital certificate.

    • Categories of personal data and of persons whose personal data areprocessed.

    Personal data processed for the purpose of fulfilling the mentioned goal are those provided by law as mandatory to be collected by a credit institution, respectively by a certification service provider for the prevention of money laundering and the sanctioning of terrorism, namely: name, first name, personal numerical code (CNP), home/residence address, identity document expiration date, phone number, and a copy of the identity document. All these data, as collected by the Bank, will be made available to Alfatrust for the issuance and management of the Qualified Digital Certificate.

    Processing of this personal data is necessary for the generation of the Qualified Digital Certificate. The User's refusal to have this data processed leads to the impossibility of issuing the Qualified Digital Certificate.

    The persons targeted by this processing are only the Users, as they are defined in the Terms and Conditions of use.

    • Recipients of personal data.

    Except for the associated operators among whom a transfer of personal data processed for the fulfillment of the processing purpose will take place, the data is disclosed, as the case may be, to the employees of the associated operators who need to know it, IT service providers, auditors, authorities, and institutions entitled to know it.

    • Period of processing personal data.

    Information regarding a Qualified Digital Certificate (including personal data) is processed by Alfatrust for a period of 10 years from the date of its validity termination, in accordance with the legally established deadlines.

    At the level of Banca Transilvania, the remote electronic signature, applied based on the Qualified Digital Certificate issued by Alfatrust on the documentation signed in relation to BT, is kept for the entire period during which a business relationship is carried out between the client User and BT, to which the terms established in the applicable banking legislation are added, namely at least 5 years from the termination of the business relationship with the credit institution.

    • The rights of the data subjects whose personal data is processed for the stated purpose.

    To any User, in their capacity as a data subject, the exercise of the following rights regarding the processing of their personal data is guaranteed with any of the associated operators: the right of access, the right to rectification, the right to restriction of processing, the right to erasure of data, the right to object to data processing, the right to data portability.

    Users can exercise these rights or contact the data protection officers for any questions/requests regarding the processing of personal data, as follows:

    • to Banca Transilvania S.A.- by message sent to the e-mail address dpo@btrl.ro or by a request sent to the BT headquarters, with the mention "to the attention of the person responsible for data protection (DPO)"
    • to Alfatrust Certification S.A.- through message sent to the e-mail address dataprotection@alfasign.ro or by a request sent to the Alfatrust headquarters, mentioning "to the attention of the data protection officer (DPO)".

    Users also have the right to file a complaint with the supervisory authority - the National Authority for the Supervision of Personal Data Processing (ANSPDCP), with headquarters in Bucharest, sector 1, G-ral Gh. Magheru Blvd. no. 28-30.

    • For communication with you

    If the electronic signing of the document in relation to BT is successfully completed, we will send it to the email address from which you initiated the signing process. We have this contact information, as well as your phone number, from you (e.g., if you declared them to the bank when you became a client) or, as the case may be, we received them from the account holder client who authorized you to sign the documentation in relation to the bank.


    Your rights, contact details of the DPO and details about the processing of personal data

    Other details about how BT processes, in general, BT clients' personal data, including information about your rights, how you can exercise them, and the contact details of BT's data protection officer (DPO BT), are made available to you at General information note, with which this information is completed. You can find it on the website www.bancatransilvania.ro, in the section Privacy Hub

    Ai Search
    Maintenance iconOops, it seems that something went wrong. Don't be afraid, it is not your fault. Small problems happen from time to time. What can you do? Try again later.
    Logo Question BT
    Întreb BT is the largest online financial education program of Banca Transilvania, with over 2,000 questions and answers about banking.
    Frequently Asked Questions
    Powered by Microsoft Foundry
    AI Search offers automatically generated answers, using Claude-Haiku-4.5 technology and an advanced orchestration mechanism through agents. The answers may contain inaccurate or potentially offensive content, which does not represent the point of view of Banca Transilvania. You are solely responsible for the use of the content generated by this service. Read .
    Terms and conditions

    Disclaimer

    AI Search is a pilot project - in beta version - that uses Claude-Haiku-4.5 technology to simplify the process of searching and understanding banking products.

    AI Search is trained to answer questions exclusively related to banking products offered by BT, but in certain situations and depending on the questions asked, it may also answer general questions. The answers provided are generated automatically and should be used for informational purposes only. The service may sometimes provide inaccurate or potentially offensive content, which does not represent the view of Banca Transilvania. You are solely responsible for using the content generated by this service in any manner. Do not rely on this service for financial, legal, or other professional advice and do not enter personal data or other confidential information into it.

    The use of AI Search implies acceptance of the Terms and Conditions.

    Access to and use of the service implies unconditional acceptance of these terms and conditions. If you do not agree with them, please do not use this service. By accepting the terms and conditions to use this service algorithmically provided by an artificial intelligence model, you assume all risk regarding the quality, safety, and performance of this service.

    Banca Transilvania does not provide any guarantees regarding the answers given by this service.

    AI Search provides algorithmically generated answers and these may sometimes contain inaccurate information or potentially offensive language. This information does not express the position of Transilvania Bank and cannot engage the Bank's responsibility for the provided content.

    AI Search does not provide answers to personalized questions, so by using it you are obliged not to provide or enter any personal data or other confidential information in the messages/questions sent. In case of non-compliance with this obligation, by inserting personal data/confidential information within AI Search, you express your consent for the processing of such data for the purpose of providing the service (answers to the questions you ask), as well as for the improvement of the algorithmic model of the robot by its developer.

    Any information provided by users during interaction with AI Search will be treated confidentially, being disclosed only to recipients who have the right and need to know it.

    The content offered by AI Search is for informational purposes only.

    Users are responsible for the questions and messages addressed within the use of AI Search. Any abuse or inappropriate language may lead to the interruption of the interaction.

    AI Search does not provide financial, legal, or professional advice and does not replace consulting human experts or specialized professionals in the respective field. Users should not rely on the information provided by AI Search for decision making.

    The bank reserves the right to interrupt the AI Search service at any time, without prior notice.

    Terms and conditions may be reviewed/updated at any time.