I. The company managing the website “romconsulting.ro”:
ROMCONSULTING INTERNATIONAL S.R.L., with headquarters in Bucharest, sector 1, Gheţarilor Street no. 15, 5th floor, office no. 5, registered with the Trade Register Office attached to the Bucharest Tribunal under no. J40 / 9662/2000, CUI 13468314 (hereinafter referred to as “Romconsulting”, “Operator”).
II. Our contact details
If you do not find what you are interested in personal data protection in the information below and you have a question for us, you can write to the following email address: email@example.com.
In addition, any request regarding the processing of your personal data may also be sent by post or courier to the following address: Bucharest, sector 1, Gheţarilor Street, no. 15.
We will investigate and try to resolve any claim or complaint regarding the use or disclosure of your personal information.
If you are not satisfied with our response, you may file a complaint with the National Supervisory Authority for Personal Data Processing.
The information below is very important, we’ll explain why we need some personal data to be able to provide specific services. Please read it carefully!
You will also find here the rights you have regarding the personal data we process, as well as what actions you can take to better understand and control the volume of personal data processed in the online environment and beyond.
III. Relevant definitions in the context of personal data protection
“Personal Data” = According to GDPR, means any information about an identified or identifiable individual (“the data subject”). An identifiable individual is a person who can be identified, directly or indirectly, in particular by reference to an item such as a name, an identification number, location data, an online identifier, or one or more specific elements of its physical, physiological, genetic, psychological, economic, cultural or social identity.
There is no list of personal data for the simple reason that a date can become personal data in a given context, and in another context it is simply an information without personal data value.
For example, we list some personal data: name, date of birth, home address, email address, ID card number, IP, ID cookie, car registration number, etc.Personal data therefore means data that relate to a living person that can be identified: using these data, or from these data and using additional information that is or may be in the possession of the data controller.”Personal data processing” means any operation or set of operations performed on personal data or on personal data sets with or without the use of automated means such as collecting, recording, organizing, structuring, storing, adapting or modifying, extraction, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deleting or destruction.”Operator” = an individual or legal person, who establishes the purpose and means of processing personal data; is the person with whom the applicant for a service has concluded or would conclude one or more contracts.”Consent” means any manifestation of free, specific, informed and unambiguous will of the person concerned by which it accepts, through a statement or unequivocal action, that the personal data concerning it are processed.
IV. Personal data that Romconsulting collects
Information provided directly by you through Romconsulting.ro forms (for example, as a result of a request for a service or as a result of subscribing to our newsletters), or when signing a contract with Romconsulting.Information we obtain when you use our services (for example, we process the history of your interactions with our newsletters so you can understand and limit the newsletters to those you are interested in).
Data collected directly from you.
Romconsulting collects personal data directly from you, usually, that information is provided when signing a contract or during the course of the contract and is processed for the performance of the contract:
• First and last name, date of birth;
• Mailing address and E-mail;
• Phone number;
• Details of transactions made, if necessary;
If we are required to file tax returns, to the extent that the law requires, we will ask for additional tax information. Personal data such as your home address and other tax information that the law requires us to collect and process in connection with the transaction in question may be required to be passed on to the tax invoice. In such a situation, the legal basis for processing will be the obligation to comply with the legal provisions in force.
The www.romconsulting.ro website also uses forms so you can contact us and you can request different information as well as forms that you can subscribe to newsletters. They also include fields to fill in with your personal information, such as: name, e-mail address, mobile phone number, points of interest, etc.
We use this data to allow you access to the site and to deliver the services you have chosen to receive (newsletter, response requests, etc.). The legal basis for such processing is the entry and execution of a contract to which you are a party (whenever you perform the above operations, you agree to the terms and conditions for the provision of those services).
You also have the opportunity to send us a direct message from our website. The data you submit as a result of using this option is processed based on our legitimate interest in responding to your request and / or keeping a record of the claim, service request, and similar ones.
Any marketing communications will only be communicated to you if you have previously consented to this. We also inform you that at any time you have the option of withdrawing your consent, either in the communication itself or by contacting us according to point II. of this information.
Data collected automatically by using our website.
In some situations, Romconsulting can also collect your data by automated means. For example, personal data can be collected through cookies when you visit our site or interact with Romconsulting mobile applications.
The information we are talking about may include the IP of the device you are using for visiting, the region, or the general location from where you visit the site, as well as the type of browser, operating system, or device you are accessing.
We use this information based on our legitimate interest in seeing the extent to which the site pages match the needs of your particular device’s display needs, to review trends, to see how users can better navigate our pages.
V. PERIOD FOR WHICH PERSONAL DATA SHALL BE STORED
Personal data will be stored for as long as it is necessary for the above purposes or for the period of time provided by the applicable legal provisions, including those relating to archiving.
When your personal data is no longer required for the purpose for which it was collected or has been agreed and there is no legal obligation to store, Romconsulting will destroy or delete it in a safe manner.
VI. TO WHOM WE DIVULGE YOUR PERSONAL DATA
Your personal information may be communicated to any affiliated Romconsulting company if we believe it is in our legitimate interest to do so for internal administrative purposes or to audit and monitor our internal processes.
Access to your personal information is limited to those employees who need to know your personal information and may include employees in the marketing, sales, information, legal, accounting and security departments.
We transmit your personal data, where strictly necessary, based on the need for knowledge, to the following categories of recipients:
- Third parties providing us with products and services (empowered), such as: accounting and HR service providers; suppliers and support of information technology systems;
- Companies involved in the operation of our website;
- Other parties, such as public authorities and institutions, auditors, lawyers and other external consultants, whose work involves the need to know such data or where the law forces us to make this disclosure;
We can also disclose your data:
- To some third parties, if you give us your consent for this disclosure;
- To people who demonstrate that they act legally on your behalf;
- To respond to any complaints, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity;
- To protect the rights, property or safety of Romconsulting, of our employees, customers, suppliers or others.
The recipients to whom we transmit your personal data are limited by law or by contract in their capacity to use your personal data only for the specific purposes identified by us. We will always ensure that any third parties to whom we disclose your personal information are subject to the confidentiality and security obligations in accordance with the contracts signed with them and the applicable laws. However, for the avoidance of doubt this can not be the case when disclosure is not our decision.
Except as expressly explained above, we will never disclose, sell or rent your personal information to a third party without notice and, if necessary, without your consent.
We also inform you that we DO NOT transfer personal data to countries outside the EU or EEA, or to international organizations.
VII. THE RIGHTS THAT YOU HAVE REPORTED TO THE PERSONAL DATA PROCESSING
The European Regulation recognizes a number of important rights for the targeted persons as follows:
- Right to information – art. 13 and 14 GDPR. This allows you to know, from the time of collection, how those data will be used, to whom they will be revealed or transferred, what rights you have regarding the processed data, etc.
- Right of data access – art. 15 GDPR. Allows you to obtain from us a confirmation that personal data relating to you are processed or not and, if so, you will be able to request access to that data and other useful information.
- Right to data rectification – art. 16 GDPR. It allows you to obtain from us the rectification or completion of inaccurate personal data that concern you.
- Right to delete data – art. 17 GDPR. It allows you to obtain from us the deletion of the personal data concerning you, in accordance with the legal provisions in force. However, there may be exceptions to this rule, such as whether data are processed to fulfil a legal obligation or to establish or defend a right in court.
- Right of withdrawal of consent. You are at any time entitled to withdraw your consent to the processing of certain personal data. We will immediately cease processing this data and eventually delete it if it is not associated with other processing based on another legitimate reason.
- Right to restrict data – art. 18 GDPR. It is a temporary right. If you contest the accuracy of your personal data, the restriction operates for as long as we can verify the accuracy of the data. You also have the right to obtain a restriction on data processing if it is illegal and you oppose the deletion of the data; in the event that we no longer need your data for processing, but request that data be kept for the purpose of finding, exercising or defending a right in court; for the period of time to verify whether Romconsulting’s legitimate interests prevails over your interests.
- Right to data portability – art. 20 GDPR. You have the right to receive the personal data concerning you and which you have provided to the operator (who processes them under a contract or on your consent by automatic means) in a structured format that is currently used and which can be automatically read and you have the right to transmit this data to another operator without any obstacles on our part. In other words, personal data will be provided to you in a structured format so you can decide to download them or, on the contrary, send them to another operator.
- Right to opposition – art. 21 GDPR. You have the right to oppose, for example, to the processing of your personal data when it is processed for direct marketing purposes. To make it clearer how you can exercise this right, it should be noted, for example, that in all newsletters from Romconsulting (no matter if we are talking about newsletters providing only news or newsletters that promote Romconsulting services or products) you will have always the possibility to unsubscribe.
- The right of not being the object of a decision based exclusively on the automatic processing of your data, including creating profiles that produce legal or significant effects. Romconsulting does not achieve such profiling to be followed by automated decisions with a significant legal or similar effect on the data subject. At the time we make such profiling, we will notify you and we will modify this notice.
- The right to file a complaint with the National Supervisory Authority for the Processing of Personal Data for the protection of any rights guaranteed by the applicable legislation in the field of personal data protection.
We will try to respond to your request within 30 days and we may extend this term for specific reasons, related to the complexity of your application. In all cases, if this period is extended, we will inform you of the extension period and the reasons that led to it.
In some cases, we may not be able to search for your personal information because of the identifiers you provide in your request. In such cases, if we can not identify you as a person, we are unable to comply with the request to perform the legal rights described in this section, unless you provide additional identification information. We will inform you and we will give you the opportunity to provide such additional details.
VIII. SECURITY OF YOUR DATA
Your personal data is processed by Romconsulting respecting all your rights, and applying appropriate technical and organizational measures to protect them against unlawful or unauthorized access. These measures may include limiting access to data, encrypting or anonymizing personal data, storing on secure media, etc.
Although we make every effort to protect the personal data you provide us, the transmission of information between you and us on the Internet is not completely secure (it is possible that the terminal you are using to write us to be monitored by a third parties, for example, and we can do nothing about it). Therefore, we can not guarantee the security of your personal information transmitted over the Internet. So you understand that any such transmission is at your own risk. Once we receive personal data, we will use strict procedures and security features to prevent unauthorized access to it.
- How the regulations apply on the personal data processing in the case of legal persons
The client legal entity undertakes that before transferring the personal data of the representative or contact person to Romconsulting, to obtain their consent for the processing of Romconsulting in the performance of the contract and for the above-mentioned data processing.. By transferring the personal details of the representative or contact person to Romconsulting, the legal entity customer certifies that he / she has obtained the consent of the representative / contact person for the processing of their personal data by Romconsulting according with all of the above and assumes full responsibility for this.
- Modify this INFORMING
We inform you that at any time we may modify / update / complete your personal data processing policy. So, please keep coming back to this Information Note. We will treat your personal data in a manner compatible with the confidentiality notification on the basis of which we have collected, unless we have your consent to treat them differently.