Information note regarding the protection of personal data.
2. For further information regarding the processing of personal data, as well as for any communication or incidents regarding the protection of personal data, contact the person responsible for the protection of personal data using the email address [...], telephone [...] or directly at our headquarters.
3. We process personal data for the fulfillment of our legal obligations, the conclusion of legal acts and the execution of our contractual obligations, information that is requested or initiated, invitations to events and organization, recruitment and evaluation of employees and partners, exercising or defending a right in court, maintaining contact with the persons who contact us on their own initiative or during the initiation or realization of contractual relations or involving manifestations of will, as well as for honoring the promises made and the commitments made. Since we are subject to legal obligations and honest practices, we keep records that do not concern personal data, but may contain personal data, so that they are subject to the same protection standards.
4. The legal basis for data processing is Regulation 2016/679 / EU and the subsequent legislation (see https://www.dataprotection.ro/?page=legislatie_primara&lang=en), Law no. 31/1990 and the subsequent legislation (see https://www.onrc.ro/index.php/en/legislatie), OUG no. 77/2009 and the subsequent legislation (see http://onjn.gov.ro/legislatie-2/), as well as other specific legal grounds, such as those regarding the security of goods and persons.
5. We only process personal data necessary for the purposes of processing, respecting the principle of minimizing access. Given the legal provisions that strictly regulate our activity and the reports we have to make, we collect the following categories of data: first name, last name, signature, telephone number, e-mail, address, serial number and identity document, ID, IP address, as well as other related data necessary for the normal conduct of our activity and the fulfillment of the legal and contractual obligations incumbent on us. We also process data that allow the unique identification of a person, which are manifestly made public, by their presence in places with public access and for reasons of major public interest, such as the safety of persons and property, with the assurance of appropriate measures and specific to protect the fundamental rights and interests of the data subjects. If it is necessary for the data to be used for a purpose other than the one for which they were collected, we will provide to the data subjects, prior to this further processing, information on the respective secondary purpose and any relevant additional information.
6. We communicate personal data to the bodies that control our activity, as well as to the institutions and bodies to which we have the obligation to make reports. We also communicate data to our partners, only if is necessary for the fulfillment of their obligations, and we are technically, organizationally and contractually concerned so that they can properly protect the data. The data is also accessible to our team who have the duties that require the processing of the data, only if and to the extent necessary to perform the duties of the service and only after the appropriate training on data protection.
7. We do not make cross-border transfers of personal data.
8. The processing of the data by us does not imply an automated decision-making process, but each processing is analyzed by an employee who exercises his/ her duties in strict accordance with the legal provisions and internal regulations.
9. The period of storage of the data on the current use medium is limited to a maximum of 2 years after the expiry of the current use term, to which are added the procedural time limits for appeal and, subsequently, according to the legal provisions on archiving, which are public order provisions. The period of storage of the data in conservation mode in the general correspondence register is limited to its duration and, subsequently, according to the legal provisions regarding archiving, which are public order provisions.
10. The data we process come from our interaction with suppliers and contractual partners, with customers and with the public who visit our spaces accessible to the public.
11. The data we process come from our interaction with suppliers and contractual partners, with customers and with the public who visit our pages accessible to the public.
We pay full attention to the protection of personal data, which we collect, process, use and delete in strict accordance with the legal provisions. Our organizational and technical procedures regarding the protection of personal data are structured in order to ensure the confidentiality and security of personal data. We have implemented appropriate technical and organizational measures to maintain an acceptable level of risk, including, but not limited to, where appropriate: pseudonymization and encryption of personal data, the ability to ensure the confidentiality, integrity, availability and continuous resistance of processing systems and services , the ability to restore the availability of personal data and access to it in a timely manner in case of a physical or technical incident, the existence of a process for testing, evaluating and periodically evaluating the effectiveness of technical or organizational measures to guarantee security processing. All the measures implemented are based on the documented risk analysis regarding the protection of the rights and freedoms of the data subjects.
12. You have the right to request access to your data, rectification or deletion or restriction of processing, as well as the right to oppose processing, in accordance with the law. You also have the right to data portability and the right to withdraw your consent when the processing has been carried out on the basis of your consent, without affecting the legality of the processing carried out on the basis of the consent before its withdrawal.
14. You have the right to file a complaint with the National Supervisory Authority for Personal Data Processing. If you have any clarity or suggestions regarding your personal data, please contact the data protection officer, taking into account the contact method indicated at the beginning of this information note.