6290
Other information technology service activities
This code covers a wide range of IT services not included in other more specific codes, such as cybersecurity consultancy, software testing, database administration, backup and data recovery services, as well as technical user support. Essentially, if your business offers customized, niche, or support IT services that do not exactly fall under other categories, this is the appropriate code.
Entrepreneur Profile
Acest cod este ideal pentru freelanceri, microîntreprinderi sau SRL-uri care oferă servicii IT specializate, cum ar fi consultanță în securitate cibernetică, testare software, administrare baze de date sau suport tehnic. De asemenea, este potrivit pentru firmele care nu dezvoltă software propriu, ci oferă servicii de mentenanță, optimizare sau suport pentru sistemele existente.
Who should avoid:
Avoid the exclusive use of code 6290 if the main activity of your company shifts towards other commercial or related branches not specified in the official description. See the excluded activities section below.
Authorization procedure and Trade Register aspects for CAEN 6290
For the registration of a company that will carry out activities classified under CAEN code 6290 ("Other information technology service activities"), the procedure at the National Trade Register Office (ONRC) involves submitting the standard application, the articles of incorporation, proof of registered office, and the affidavit pursuant to Law 359/2004 on fulfilling the operating conditions. A certificate of registration from ONRC is not required before starting the activity, but it is recommended to check the availability of the company name. For the registered office, the owner's consent and proof of use rights (lease agreement, loan agreement or title deed) are required. The Tax Authority (ANAF) will issue proof of tax registration, and subsequently the unique registration code (CUI) and the tax registration certificate will be requested. For CAEN 6290, no special prior authorizations from ONRC are required, but actual operation may require specific permits described in the following section.
Regulatory framework, specific permits and control institutions
Activities classified under CAEN 6290 cover various IT services (consultancy, technical assistance, network administration, cybersecurity, etc.) not included in other separate codes. From a legal perspective, there is no single operating authorization at national level for this code. However, depending on the specifics, permits from the National Authority for Administration and Regulation in Communications (ANCOM) may be required if the services involve electronic communications networks or postal services. If hardware maintenance services are provided, regulations on electrical/electronic waste (WEEE) apply, with the obligation to register with the National Environmental Protection Agency. For financial-related activities (e.g., payment systems), obtaining clearance from the National Bank of Romania is required. Relevant control institutions are ANAF, ITM, ISU, Environmental Guard, and the National Supervisory Authority for Personal Data Processing (ANSPDCP) – the latter for GDPR compliance when processing client data.
Tax management, ANAF audit risk and specific accounting
From a tax perspective, taxpayers with CAEN code 6290 are subject to the general rules of the Fiscal Code. Corporate income tax (16%) or micro-enterprise income tax (1% or 3% depending on revenue) applies based on classification. VAT is due if turnover exceeds the threshold of RON 300,000/year or if opting for registration. The risk of ANAF audit is medium, but since the activity is predominantly intellectual, strict documentation of contracts, invoices, and justification of performance through receipt minutes or activity reports is recommended. For IT services with digital delivery (platform access, licenses), specific VAT rules apply (place of supply, electronic invoicing via RO e-Factura). Accounting must distinctly show projects, personnel costs and development expenses. Maintaining time records is recommended to support expense deductibility. The single declaration (Form 212) is relevant for individuals earning income from IT services as a sole proprietor or from intellectual property rights. Also, the fiscal vector must be updated in case of change of registered office or activity.
Included Activities
- ✅ Consultancy services for IT security
- ✅ Software testing and quality assurance
- ✅ Database administration and maintenance
- ✅ Backup, archiving and data recovery services
- ✅ Technical user support (helpdesk)
- ✅ Software installation, configuration and updating
- ✅ IT system monitoring services
- ✅ Consultancy on selecting and implementing IT solutions
- ✅ Data migration services
- ✅ IT audit and risk assessment
Excluded Activities
- ❌ Software design and development activities (code 6201)
- ❌ Management consultancy activities (code 7022)
- ❌ Hosting and related services (code 6311)
- ❌ Web portals (code 6312)
- ❌ Repair of computers and peripheral equipment (code 9511)
- ❌ Telecommunications activities (code 61)
- ❌ Software publishing activities (code 582)
- ❌ Renting of office machinery and equipment (code 7733)
Similar or Related CAEN Codes:
From the same category of economic activities:
Întrebări Frecvente
Do I need special permits to carry out cybersecurity activities under this CAEN code?
There are no specific mandatory authorizations at national level for cybersecurity consultancy, but it is recommended to hold recognized certifications (CISSP, CEH, etc.) for credibility. If you process personal data, you must comply with the GDPR Regulation.
Can I invoice software development services using code 6290?
No, software development falls under code 6201. Code 6290 is intended for ancillary services such as testing, consultancy or support, not for creating new software.