This Privacy Policy aims to illustrate the means and purposes of the processing of personal data carried out by Romcab S.A., in its quality of data controller (hereinafter the “Controller” or the “Company”), in connection and through the website https://www.romcab.com/ (hereinafter the “Website”).
Please note that this Policy shall apply to anyone who navigates and/or uses the Website, or otherwise interacts with the contents and services accessible through the Website (hereinafter the “User”).
The processing of personal data of the Users will take place full compliance with the applicable data protection legislation, including the Regulation (EU) 2016/679 (the “GDPR”).
1. Redirect to other websites
The Website incorporates links which allow you to connect to other websites run by third parties. The Company assumes no responsibility regarding the processing of personal data which may take place through and/or in connection with third-parties’ websites.
Therefore, each User who accesses such web pages and/or social platforms through the Website must carefully read the relevant privacy policies in order to better understand how their personal data will be processed by the third parties which, as autonomous controllers, will provide and manage such websites.
2.Categories of personal data collected
Traffic data
The computer systems and software procedures used to operate this Website need to acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes: IP addresses, browser type, operating system, the domain name and website addresses from which you are logged in or out, the information on pages visited by User within the Website, the time of access, time period of User's staying on a single page, the internal path analysis and other parameters regarding the User's operating system and computer environment.
This technical / IT data is collected and used only in an aggregated and not immediately identifiable manner and can be used to ascertain liabilities in case of hypothetical crimes committed within or against the Website or upon competent authorities’ request.
3. Purposes of the processing
The Website has been designed with the main goal of providing information – and therefore as an interactive window – regarding the activities, products and services offered by the companies belonging to the Romcab S.A. This is the reason why, in most cases, the collection of the User's personal data is not required.
In any case, according to the principles set forth by the GDPR, the Website is also set to minimize the collection of personal data, as well as to exclude the processing of such data in all cases when the purposes described hereunder can be achieved with different means and/or by anonymous data.
Your personal data will be processed by the Company for the sole purposes of:
- allowing an appropriate navigation on the Website;
- allowing the Users to better explore and get more information regarding the activities, services and products offered by the Company;
- answering and fulfilling the Users’ requests;
- to run the recruitment process and collect the CVs delivered through the Website;
- to comply with obligations provided for by applicable laws and/or requests or orders made by competent authorities;
- delivering promotional newsletter regarding the products and services of the Company.
Should the data be collected in the future also for purposes other than those described above, it will be duty of the Company, on one hand, to provide adequate information to the User relating to such new purposes in order to enable transparency and user awareness and, on the other hand, ensure that that a valid legal basis (such as the User’s consent) exists, where needed, to undertake the relevant processing.
4. Legal basis of the processing
The provision of personal data by the User - unless otherwise noted - is optional, but it must be highlighted that in case of refusal to make some data available to the Company, it could be impossible to fulfill the User’s request or provide certain specific services.
The processing activities listed from a) to e) above do not require the acquisition of the User’s consent, as they are based on different legal bases, i.e. the need to perform and provide the services which have been directly requested by the User and the need to ensure compliance with a legal obligation applicable to the Controller.
5. Methods of the processing and data security
The personal data are collected and processed lawfully and fairly, for the above purposes and in accordance with the fundamental principles established by the applicable legislation.
Processing operations may take place both manually and electronically, or by information technology tools, always under technical and organisational measures that ensure the security and confidentiality of the data, especially in view of reducing the risks of accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to the personal data or, more generally, processing that is not compliant with the purposes of the collection.
The processing will be carried out under the authority of the Controller only by those subjects who have been duly authorized to access and process the data in accordance with the instructions provided for by the Company and the applicable data protection laws and regulations.
6. Communications to third parties
The personal data collected through the Website will not be shared or communicated to third parties, unless upon specific consent of the User.
Should the data be made available by the Company to third-party suppliers or partners (such as service providers, mail carriers, hosting providers, IT companies, communication agencies) in order to enable them to perform specific services connected to or necessary for the fulfilment of the purposes listed above, it will be responsibility of the Controller to appoint such third parties as data processor by virtue of their capacity, experience and reliability and to provide them with specific instructions regarding the security of the data. The updated list of appointed data processors can be accessed at any time by sending a written request to the Company, as specified below.
It remains understood the Users’ personal data must be communicated to third parties, such as public or judicial authorities, to comply with binding orders and request, as well as with applicable legal provisions.
7.Data retention
Personal data collected by the Website will be kept in a format that allows User’s identification for no longer than necessary to fulfill the purposes for which the data have been originally collected and, in any case, within the time limits set forth by applicable laws and regulations, as well as to enforce or protect the rights of the Controller (consistent with the retention periods and statutes of limitations provided for by the law), where necessary.
When no longer necessary in accordance with the above, the data will be cancelled or anonymized.
The following data is stored for a period of 3 years.
8. Data controller
The Data controller is Romcab S.A. - a company duly incorporated under romanian law, with head office at Str. Voinicenilor no.35, Targu-Mures, Romania.
9. Policy updating
Below is highlighted the date when the last version of this policy has been uploaded.
Last Update: 01/31/2023