(1) The company COTROCENI PARK S.A. is a personal data controller within the meaning of EU regulation 2016/679 (GDPR), with its registered office in Vasile Milea Blvd, No .4, Sector 6, Bucharest Unique Registration Code R16785112, registered in the Trade Register under No J40/15178/2004, phone +40314 257 510, e-mail firstname.lastname@example.org referred to in this document as aficotroceni.ro.
(2) The contact details of the data protection officer shall be: email@example.com.
(3) The processing of personal data (meaning information identifying an individual or making it at least identifiable) is done for the following purposes:
- Realization of Customer services
- Realization of marketing activities for company’s own needs.
• Making profiles as described in this document, including through “cookie” technology (for more details about using cookies, please click (here).
• Recruitment and human resources, by processing applications submitted by candidates who register to occupy a position within COTROCENI PARK S.A.
The legal bases of the processing of such personal data, in accordance with Regulation (EU) 679/2016, are as follows:
- Performance of the contract and the preliminary steps for this contract (art. 6 (1) b GDPR) – for data collected through the contact form from clients or data received as a result of customer service;
- Legal obligations (art. 6 (1) GDPR) for the data required for the fulfillment of billing, archiving, and other legal obligations that occur;
- The consent of the website visitors (art 6 (1) of GDPR) for the data used for direct marketing activities (e.g. newsletter subscription, marketing cookies, etc.);
- Fulfillment of the legitimate interests of COTROCENI PARK S.A to perform operations in accordance with its activity, (art 6 (1) f GDPR) for data used for marketing for current clients, to ensure the security of aficotroceni.ro website and the data used internally for optimizing the website aficotroceni.ro, as well as for the data collected through the contact form from data subjects who are not the customer or for data received as a result of relationship services with data subjects who do not have the customer status.
(4) Depending on the interactions you have with our website, aficotroceni.ro collects personal data from its users through three methods:
- Direct from user
- Traffic data from the user’s browser
- By means of cookies.
1. Personal data collected directly.
A1. When you access aficotroceni.ro, when you create an account or fill in a contact form made available to you we can ask you for the following data:
- Name, surname: for identification;
- Email Address: for direct communication;
- Telephone Number: for direct communication;
- Details of your request: message with various information;
- Other data required for the contracting and delivery of all requested information.
If you do not provide us with this data, we will be unable to honor your requests.
This data is stored for the period of time necessary for the fulfillment of the intended processing purposes. The storage of personal data may also be done later, in order to comply with the applicable legal obligations, including, but not limited to, the provisions related to archiving obligation and the financial-accounting obligations.
A2. When accessing the assistance services, we may ask for your name, email address or telephone number. We reserve the right to register any telephone or electronic communication made for the assistance services of aficotroceni.ro in order to improve our services. We will inform you before starting communication that this could be recorded.
This data is stored for the period of time necessary for the fulfillment of the intended processing purposes. The storage of personal data shall be able to be carried out subsequently in order to comply with the applicable legal obligations, including, but not limited to, the provisions related to the archiving obligations and the financial-accounting obligations. This data is used, for example, for the purpose of contacting you to solve a complaint/request.
We may request other data which may constitute personal data only to the extent necessary for these purposes.
A3. When you are requesting a job/internship. We use the personal data contained in the CVs we receive to evaluate the applicants’ qualifications for a position within COTROCENI PARK S.A. The processing of such data is necessary for the purpose of concluding and executing the individual employment contract, respectively to take steps at your request before the conclusion of the contract. The categories of data processed in the context of our relationship with you are your name, email address, phone, fax, and other personal data that you can provide to us directly.
This data is stored for the period of time necessary for the fulfillment of the intended processing purposes. The storage of personal data shall be able to be carried out subsequently in order to comply with the applicable legal obligations, including, but not limited to, the provisions related to the archiving obligations and the financial-accounting obligations.
A4. When you request the receipt of the newsletter or when we process data in other situations for marketing purposes. We may also use your contact details to provide you in electronic form or on paper support offers, information, news regarding our products and services, but only if you have subscribed and if you have given your express consent to such processing. We can also process your data for marketing purposes and in other situations.
Your data will be processed for advertising and marketing purposes throughout the period in which you are subscribed to the newsletter, and in other cases of processing for marketing purposes, for a period of time necessary to fulfill the purposes of the process. The storage of personal data shall be able to be carried out subsequently in order to comply with the applicable legal obligations, including, but not limited to, the provisions related to the archiving obligations and the financial-accounting obligations.
You can always withdraw your consent by expressing your option not to receive this information in the future by clicking “Unsubscribe ” when you receive that email or you can write us on email: firstname.lastname@example.org. The categories of data processed in the context of our relationship with you are the email address, as well as other personal data you can provide to us directly.
2. Traffic data
When you visit a website, regardless of the device you use, you disclose certain information about yourself, such as your address. IP, time of your visit, where you entered our sites, pages visited. Like other operators, aficotroceni.ro, registers this information for a determined period of time. aficotroceni.ro uses external traffic analysis services such as Google Analytics.
For more details about cookies, please access the cookies policy available on the aficotroceni.ro website (here).
This data is used exclusively by aficotroceni.ro to improve our site and services, but also to ensure the security of our website.
This data is preserved for a period of time and for the purpose highlighted in the table below:
|Website||Cookies||Cookies Type||Purpose||Duration (days)|
|.google.com.google.ro||Google Analytics||External||Traffic monitoring||730|
|.productlead.me||Product Lead||External||Tool Product Lead||730|
Certain sections of content on the site may be provided through third parties/third party vendors (e.g. a video clip). Third parties may place these cookies on the site (called “Third party Cookies” as they are not placed by the site owner). Users who do not wish to use third party cookies may use their preferred browser settings to delete or block them:
From the browser settings:
Internet Explorer –http://windows.microsoft.com/ro-ro/internet-explorer/delete-manage-cookies
Mozilla Firefox –http://support.mozilla.org/ro/kb/cookie-urile
Google Chrome –http://support.google.com/chrome/bin/answer.py?hl=ro&answer=95647
THIRD PARTY COOKIES LOCKING BROWSER PLUGS
such as UBlock, Ghostery, AdBlock, PrivacyBadger
(5) The recipients of personal data
Personal data are transmitted for the purposes stated by the website, in some cases, to third parties, service providers and contractual partners of COTROCENI PARK S.A having, for example, the following destinations:
|Contract data (name, address for invoicing, email, phone)||Accounting service||Tax obligations|
|Contract data (name, email, phone)||Afi Gift Card service provider||Issuing Afi Gift cards|
|Contract data (name, email, phone)||Hosting platform / technical support||Website security and technical support|
In these cases, we care that our collaborating partners meet the legal requirements regarding data protection.
In addition, we may disclose your information, wholly or partially, to the following entities:
a) to companies in the same group as the company.
b) The contractual partners of the company/service providers. We may disclose your information to other companies that provide us with services and act as empowered persons, such as companies that help us for billing, companies that are in charge of website maintenance or who send emails in Our name.
These entities are carefully selected to ensure that they meet the specific requirements in terms of personal data protection. These entities may not use your information for purposes other than providing us with services.
c) to the public -in this case, in terms of announcing the winners of competitions (when or if appropriate).
d) The information provided by you, which contains identification data can be transmitted to public authorities if there are requests made within the limits of the competent authorities or a legal requirement in this respect. This information will be used to prepare the employment documents and other documents aimed exclusively for work relations or for commercial communications or answers to your requests, and in case of legitimate requests, will be transmitted to State authorities: Territorial Labour Inspectorate, Employment agency, judicial authorities, other parties with your consent or at your request.
(6) Transfer of personal data
Most of the empowered persons we work with are in the European Union, and those in the United States are enlisted under the United States – European Union Privacy Shield Program.
(7) On the website aficotroceni.ro we do not use automatic decision-making processes or profiling with legal effects or that affect you similarly
We use site visitor profiling systems on aficotroceni.ro for personalized commercial communications and offers sent through the site, for push notifications, email or SMS, as appropriate.
(8) In accordance with the provisions of GDPR, you benefit from the right of information, access, rectification or deletion of personal data, restricting processing, portability of personal data, the right of opposition, the right not to be subject to an automatic individual decision, the right of addressing to the National Supervisory Authority for the Processing of Personal Data, as well as the right to withdraw consent when the processing is based on this basis.
a) The right to information – the right to receive a minimum content of information on the processing activities carried out by the company, in accordance with the legal requirements;
b) Right of access – you can obtain from us upon request and under the conditions laid down by the legislation, the confirmation that we process your personal data, as well as the information on the specifics of the processing.
c) The right to rectify the data – you may ask us to rectify your incorrect/inaccurate personal data or, where appropriate, to complete the data that is incomplete, including by providing an additional statement.
d) The right to deletion of data (“the right to be forgotten”) – you can request deletion of personal data that concerns you, without justified delays, in cases stipulated by law.
e) Withdrawal of consent – you may withdraw any consent related to the processing of the data based on consent. Withdrawal of consent shall not affect the lawfulness of the processing carried out based on consent before its withdrawal.
f) The right of opposition – you can oppose at any time, for justified and legitimate reasons relating to your particular situation, that your data to be subject to processing, except the cases where there are legal provisions contrary; and in the case of direct marketing activities, data subjects have the right to oppose to this processing at any time.
g) Restriction of processing – under certain conditions, to the extent that the conditions stipulated by the law are met, you may request restriction of the processing of your personal data.
h) The right to portability of data – to the extent that we process data by automatic means, you may ask us, under the law, (i) to provide your data in a structured, currently used form, which can be read automatically, as well as (ii) to transmit this data to another data controller, to the extent that the conditions stipulated by the law are met.
i) The right to file a complaint with the National Authority for the Supervision of Personal Data Processing (including at the email address: email@example.com) – You have the right to file a complaint with the National Supervisory Authority for Personal Data Processing for the exercise and defense of any rights guaranteed by the legislation in question, without prejudice to the possibility of addressing the judiciary:
The contact details of the Supervisory Authority shall be as follows:
National Authority for the Supervision of Personal Data Processing in Romania
G-ral. Gheorghe Magheru Blvd, No. 28-30, Sector 1, Bucharest, postal code 010336, Romania
j) The right not to be subjected to an automatic individual decision – the right not to be the subject of a decision based solely on automatic processing, including the creation of profiles, which produces legal effects which concern it or affect it similarly in a significant way.
For the exercise of these rights, you can address Cotroceni Park S.A. by accessing the contact form at firstname.lastname@example.org.
(9) Security of personal data
COTROCENI PARK S.A. implements appropriate technical and organizational measures to ensure a level of security appropriate to the risks associated with the types of processed data and processing operations.