Last update: 6th of September 2022

The purpose of this Privacy Policy is to explain how, when and why is your personal data processed by or through our website, as well as to inform you regarding the legal rights you have as a data subject related to the processing of your personal data.

This Privacy Policy does not consider the processing activities performed by our partners. Please check our partner’s privacy notices for information on the way they process your personal data as controllers.

  1. WHO ARE WE?

The website www.datapartners.ro and www.datapartners.eu is owned and administrated by Privacy Data Partners SRL, a company incorporated by Romania laws, headquartered in Bd. Iuliu Maniu nr. 16, Bl. 14, ap. 77, Sector 6, România, registered under trade registration no. J40/11850/2018, VAT no. 39763482, hereinafter referred to as `the Controller` or `Us`.

Privacy Data Partners provides first-class data protection & privacy services by gathering in a single team outstanding personnel from Legal and IT areas. Our specialists worked in various industries and mastered extensive hands-on expertise, which now are made available to our customers to protect and increase their businesses.

  1. DEFINITIONS
  • Personal data or personal information – means any information regarding an identified or identifiable natural person;
  • Controller – means the natural or legal person that determines the purposes and means of the processing of personal data processing. Regarding the personal data processing activities performed through the website, the Controller is Privacy Data Partners SRL;
  • Data subject – means the identified or identifiable natural person the personal data refers to;
  • Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, storage, adaptation, consultation, use, disclose or deletion;
  • Consent of the Data subject – means any freely given, specific, informed and unambiguous indication of the user’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
  • The website – www.datapartners.ro and www.datapartners.eu
  1. HOW DO WE COLLECT PERSONAL DATA?

As a rule, the Personal Data we process is collected directly from you as a Data Subject. However, there may be situations where data is collected indirectly from social media, from the website of the company you represent, from your employer as a contact person, from a third party who recommended you or from various public platforms (for example ad platforms).

When we do not receive personal data directly from you, we will inform you accordingly on the processing activities within the legal term.

  1. CHILDREN AND SENSITIVE DATA

Our Website and services are not intended for individuals below the age of 16. We do not intentionally collect Personal Information from children below the age of 16.

If you are the parent or legal guardian of a child below the age of 16 and you believe your child has provided us with personal information, please contact us to request the deletion of these personal data. If we confirm that we have collected this kind of personal information, we will delete that information as soon as possible.

We do not collect nor is our intention to collect personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation or personal data relating to criminal convictions and offences or related security measures, excepting the situations expressively regulated by the applicable law.

  1. OUR PURPOSES FOR PROCESSING PERSONAL DATA, LEGAL GROUNDS AND RETENTION PERIODS

Below you will find information about the purposes for which we Process your Personal Data, the categories of Data we collect for those purposes, the legal grounds on which we carry out the Processing activities and the periods of time we store the Personal Data, in relation to the purposes of the Processing.

Where the lawful basis for the Processing is the Data Subject’s Consent, you may withdraw your consent at any time without constraint and without affecting the lawfulness of the Processing prior to its withdrawal.

5.1. Purpose: Assistance and support regarding Privacy Data Partners services through e-mail, by phone, through our contact form, offer request form or through social media messages

Personal data categories:  first and last name, e-mail, phone number, your company and any other information that you will willingly provide to us when you are contacting Data Partners, depending on the request type

Legal ground: our business legitimate interest to communicate with you and provide our support for using our services or the Website

Retention period: for 3 years from the date of your request

Your refusal to provide Personal data necessary according to the mentioned purpose will result in the impossibility of providing you assistance and support.

5.2. Purpose: Data Partners’ prospecting

Personal data categories:  first and last name, phone number, e-mail, company, company’s address, role or public details from your LinkedIn account

Legal ground: our business legitimate interest to promote our services and sign contract with new clients

Retention period: for up to 2 years

There may be situations when your personal data will be collected again after this period, when, for example, we find your public data again when we prospect the market or if you were referred by an individual. In this case, we will inform you aging regarding the processing of your personal data.

5.3. Purpose: Our commercial messages

Personal data categories:  first and last name, e-mail address, phone number, your role, your company and your LinkedIn account

Legal ground: your freely expressed consent

Retention period: only for the period while your consent is valid

5.4.Purpose: To conclude and execute the service agreement with Data Partners

Applicable to legal or conventional representatives and contact persons of contractual partners.

Personal data categories:  first and last name, phone and fax number, e-mail, role, company and company’s address

Legal ground: our legitimate interest to sign and provide services to the company that you represent

Retention period: as long as there is a service agreement with the company that you represent, and for 3 additional years after the service agreement have ceased

5.5. Purpose: Recruiting personnel

Personal data categories:  your first and last name, your e-mail address and phone number, your home address, information from C.V. (including gender and nationality), info related to your professional experience, qualifications, the history of your previous roles, conferences, education, information from degrees, information regarding the criminal history (complying with applicable laws) and data communicated in the recruiting interview

Legal ground: to take steps at your request to conclude a working contract with us

Retention period: up to 1 year from the ending date of the selection and recruitment process based on our legitimate interest to contact you for future vacant jobs within Data Partners based on your professional experience

  1. COOKIES

Our Website uses cookies, plug-ins and other online identifiers in order to ensure functional browsing or to provide a better browsing experience, to perform statistical analysis on accessing information on the site, or to provide you with custom content and advertising appropriate to your preferences and interests.

Cookies are small text files placed by the visited website or page, through the browser, on the device you use for browsing (computer, smartphone, etc.), which identifies the device when the website or the page is accessed.

Plug-ins are small software applications placed by social media platform providers that integrate them when they are included on the visited website or page.

Online identifiers may be placed by Privacy Data Partners or by third-parties. In accordance with the permissions you have granted, our partners, third-party websites, will place cookies that will allow you to view the content of these third-party websites on our website and to share the content on the website. The third-parties may collect and use your personal data through their cookies for the purposes they have determined in accordance with their privacy policy. Privacy Data Partners provides you with the identity information and links to these third-parties, as well as the option to accept or reject their online identifiers.

Personal data may be processed through cookies on the basis of the users’ prior consent, excepting those situations when the cookies and other online identifiers are used for the purpose of transmitting a communication via an electronic communications network or they are necessary in order to provide an information society service, expressly requested by the user. In such case, the processing of personal data is carried out in accordance with the legislation in force on personal data processing and privacy protection in the electronic communications sector on the basis of our legitimate interest of ensuring safe browsing of our website, both for us and for our users, by implementing appropriate technical and organizational measures.

Depending on the cookie type, the categories of personal data processed by cookies may be information about the used device, journal information like IP, searches, browser, browser’s language, hardware settings, date and time of the request, method used to send requests to the server, file capacity obtained in response, and other parameters regarding the user’s operating system.

Detailed information on the cookies our website uses may be found in our Cookie Policy.

How can you change your manage cookies?

Most web browsers allow you to manage cookies. You can choose to accept or reject all cookies, or just specific types of cookies.

The following links provide information on how to modify the cookies settings on some popular browsers:

  1. AUTOMATED DECISION MAKING

We do not make decisions based solely on automatic data processing of your data including profiling that will have legal effects on you or that will affect you in a similar way to a significant extent.

  1.  DISCLOSURE AND TRANSFER OF PERSONAL DATA

We may transfer your personal information, to the extent that this is necessary, to the following categories of recipients: companies from the same group, service partners, subcontractors, shipping providers, payment providers, archiving companies, IT service providers, software or hardware vendors, market research companies, marketing companies, public authorities, court or arbitral tribunals, as well as competent authorities to investigate criminal offenses.

The Personal data may be disclosed or transferred to the categories of recipients mentioned above in order to provide our services at the highest quality level, ensuring the intervention of specialists by outsourcing parts of our business or to provide access to services and benefits according to our business partnerships or to ensure compliance the specific legal obligations to which we are subject according to the activity carried out.

As a rule, these recipients are located in the European Economic Area or in third countries for which the European Commission issued decisions recognizing the adequate level of Personal data protection ensured by those countries and we do not transfer data to countries that are not in one of the situations mentioned.

In the event that, in exceptional cases, your data is transferred to third countries other than those for which the appropriate level of protection of personal data has been recognized, you will be informed in accordance with the legal requirements.

  1. SECURITY OF PERSONAL DATA

The security of your Personal Data is important to us. Therefore, we maintain a variety of appropriate technical and organizational measures to protect your Personal Data from loss, misuse, and unauthorized access or disclosure. We limit access to Personal Data to employees who we believe reasonably need to retrieve that information to provide our services. Considering the current state of technology, we have implemented reasonable physical, electronic, and procedural safeguards designed to protect your Personal Data, such as limiting access, encrypting, anonymizing, or storing it on secure media.

Given the technological dynamics and the magnitude of the current threats in the online environment, despite our considerable efforts to ensure the highest possible level of protection of personal data, we cannot always guarantee the absolute effectiveness of the security measures implemented. For this reason, it is very important that you, as the Data subject, know the risks and take minimum measures to protect your Personal data, by thoroughly checking the sources of information, avoiding access to suspicious or unknown links, regular change of passwords and the use of appropriate anti-virus and anti-malware solutions.

  1. YOUR RIGHTS AND HOW TO EXERCISE THEM

Right to be informed:

You have the right to be informed regarding the processing of your personal data, as we are doing through this Privacy Policy.

Right of access:

You have the right to obtain confirmation whether or not we process your Personal Data, as well as information on the specifics of the processing activities, as well as get access to that Personal data.

Right to rectification

You have the right to obtain from the Controller without undue delay the rectification of inaccurate Personal Data concerning you. Taking into account the purposes of the Processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure:

You have the right to obtain from the Controller the erasure of personal data concerning you without undue delay to the extent that the legal requirements are met. Personal Data will be erased when the legal requirements are met.

Right to restriction of processing:

If the applicable legal provisions are met, you have the right to obtain the restriction of Processing of your Personal Data.

Right to data portability:

If the applicable legal provisions are met, you have the right to receive your Personal data which you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit those data to another Controller.

Right to object:

In certain situations, such as when we process Personal Data based on legitimate interest, you have the right to object the Processing of your Personal Data. In the event of unjustified opposition, the Controller is entitled to further process your Personal data.

Right to object commercial communication:

You may also object to the Processing of your Personal Data for the purpose of sending commercial messages.

Right not to be subject to decisions based solely on automated processing:

If the applicable legal provisions are met, you have the right not to be subject to a decision based solely on automatic processing, including profiling, which has legal effects on you or affects you similar to a significant extent.

Right to address to the Supervisory Authority:

You have the right to file a complaint with the competent Supervisory Authority on any violation of your rights regarding the processing of your Personal Data.

The Romanian National Authority for the Supervision of Personal Data Processing may be reached at the following contact details:

If you want to contact the Supervisory Authority from your place of residence, another EU Member State, you may find the contact details at https://edpb.europa.eu/about-edpb/about-edpb/members_en#member-ie.

Consent withdrawal:

To the extent that we process your Personal data based on your given Consent, you can withdraw your Consent at any time, without affecting the lawfulness of the Processing based on the consent prior to its withdrawal.

Except for the right to contact the Supervisory Authority, which you can exercise using the contact details indicated above, you can exercise your legal rights by contacting our Data Protection Officer in writing at the e-mail address [email protected] 

We will respond to your requests without undue delay and in any case within one month of receiving the request. This period may be extended by two months where necessary, taking into account the complexity and number of applications. We will inform you of any such extension within one month of receiving the request, stating the reasons for the delay.

In the event that we do not take action on your request, we will inform you, without delay and no later than one month after receipt of the request, of the reasons for not taking action. In such a case, you have the possibility to lodge a complaint with the competent Supervisory Authority or to take a legal action.

  1. UPDATES

This Policy is subject to periodic review and updating to ensure that it always corresponds to reality and it is in line with the applicable legal requirements. For this reason, please consult this section regularly to keep up to date with any changes. Any major changes to this Policy will be notified accordingly.

  1. CONTACT

If you have any questions or concerns regarding the Processing of your Personal Data, this Privacy Policy or how it applies, or you wish to exercise any of your rights, you can contact the Data Protection Officer within Privacy Data Partners in one of the following methods:

We thank you for your interest,

Privacy Data Partners team

Last update: 6th of September 2022.