Privacy Policy

Generalities

Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as the GDPR, Regulation or RGPD) was adopted by the European Parliament and the Council of the European Union on April 27, 2016, with its provisions being directly applicable starting from May 25, 2018. This Regulation expressly repeals Directive 95/46/EC, thus also replacing the provisions of Law no. 677/2001 (currently repealed).

The Regulation is directly applicable in all Member States, protecting the rights of all natural persons on the territory of the European Union. In terms of material scope, the Regulation applies to all operators processing personal data. The Regulation does not apply to the processing of personal data relating to legal persons and, in particular, incorporated enterprises, including the name and type of legal person and the legal person's contact details.

Personal data is defined as any information relating to an identified or identifiable natural person („data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing personal data means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Operator identity

Given Article 4(7) of the Regulation, which defines „controller” as the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data, the controller processing personal data through this website is SC RAROPEM RO SRL, located at BAIA MARE STR DEPOZITELOR NR 2, registered at the Trade Register Office J24/1/2015, with tax identification number 33937911, legally represented by Mora Robert, with contact details raropem.robert@gmail.com, 0752669615, .

Personal data collection

What personal data is collected

The operator of this website collects, stores, and processes the following personal data about you:

First name, last name
Personal Numeric Code
ID document series and number Home address and/or residence address
Contact details (email, phone, fax) IP

Obtaining Consent

Generalities

For the processing of personal data to be lawful, GDPR requires it to be carried out based on a legitimate reason, such as the execution or conclusion of a contract, the fulfillment of a legal obligation, or based on the valid consent previously expressed by the data subject. In the latter case, the controller is obliged to be able to demonstrate that the person concerned gave their consent for that processing. Consent given under Directive 95/46/EC remains valid if it meets the conditions provided by GDPR.

Consent must be given by an unequivocal statement or action which constitutes a freely given, specific, specific, informed and unambiguous indication of the data subject's agreement to the processing of his/her personal data. Where the data subject's consent is given in the context of a statement, electronically or in writing, which also relates to other matters, the request for consent should be presented in a form which clearly distinguishes it from the other matters and may even be done by ticking a box. In order for the processing of personal data to be lawful, the GDPR requires that it must be carried out on the basis of a legitimate reason, such as the performance or conclusion of a contract, the fulfillment of a legal obligation, or on the basis of valid consent expressed by the data subject in advance. In the latter case, the controller is under an obligation to be able to demonstrate that the data subject has consented to the processing. Consent expressed under Directive 95/46/EC remains valid if it fulfills the conditions laid down in the GDPR.

Cookies

This website uses cookies. They do not harm your computer and do not contain viruses, but rather serve to facilitate easier, more efficient, and safer use of the site. They are small text files that are saved on your computer and are stored by the browser you use.

Many of the cookies used are called „session cookies,” which are automatically deleted after your visit to this site. Others remain in your computer's memory until you delete them, and these enable your browser to be recognized on a subsequent visit.

You can configure your browser to notify you about the use of cookies, so you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions, or to always reject them, or to automatically delete cookies when you close your browser. Disabling cookies may limit the functionality of this website.

Cookies that are necessary to enable electronic communication or to provide certain functions that you wish to use (such as the shopping cart) are stored in accordance with Article 6(1)(f) of the GDPR, according to which processing is lawful only if and to the extent that it is necessary for the purposes of the legitimate interests pursued by the controller or by a third party. Therefore, the controller of this website has a legitimate interest in storing certain cookies to ensure technically error-free optimization. Other cookies (such as those used to analyze your browsing behavior) are also stored and will be dealt with separately in this document.

Server log files

This site provider automatically collects and stores the information your browser automatically transmits to us via log files. This includes:

Browser type and version Operating system
The URL of the page that originally requested the display of the current page or object (Referrer URL)
Hostname of the computer accessing the server's temporary access data IP address

The legal basis for processing such data is Article 6(1)(b) of the GDPR, which allows the processing of data when it is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract.

Contact Form

If you send us questions via the contact form, we will collect the data entered in the form, including the contact data you provide, in order to respond to your questions and any subsequent ones. We do not pass this information on without your permission. Therefore, we will process all data that you enter into the contact form only with your consent. [in accordance with Article 6 (1) (a) GDPR1]. You can withdraw your consent at any time, an informal email to this effect being sufficient. Data processed before we receive your request can be legally processed. We will keep the data you provide on the contact form until:

request data deletion;
withdraw consent for their storage or if the purpose for their storage is no longer valid.

Any mandatory legal provisions, especially those relating to mandatory data retention periods, are not affected by the above.

Contact by email, phone, or fax

If you contact us by email, phone, or fax, your request, including all personal data you provide, will be stored and processed by us for the purpose of resolving your inquiry, based on your consent.

Therefore, we will process all the data you provide under the following legal provisions of the GDPR, respectively:

only with your consent – in accordance with Article 6(1)(a) GDPR
for the execution of a contract or in the pre-contractual stage – in accordance with the provisions of Art. 6 (1) (b) GDPR
for the fulfillment of our legitimate purpose and interest, namely the efficient processing of requests sent by you – in accordance with the provisions of art. 6 par. 1 lit. f) GDPR.

We will keep the data you provide in this way until:

request data deletion;
revoke consent for their storage or if
the purpose for storing it is no longer valid, in all situations except for mandatory data retention periods.

Sign up on the website

You can register on this website to access additional features and services offered by our company. In this respect, the data entered by you will be used and processed for the purpose of using the respective service or functions for which you have registered. The mandatory data requested at registration must be provided by you in full, otherwise the registration operation will be rejected.

To inform you about important changes, such as those regarding our website or technical updates, we will use the email address you provided at the time of registration.

The processing of personal data, provided in the registration procedure, is done only with your consent and in compliance with the provisions of Art. 1 lit. a) GDPR. You can revoke your consent at any time, an informal e-mail to this effect is sufficient. We will continue to store the data collected during registration for as long as you remain registered on this website, but the mandatory storage periods remain valid and will be observed.

Authenticate with Facebook

If you do not wish to register directly on this site, you can connect through Facebook (Connect). This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

To log in using Facebook, click „Login with Facebook” or „Connect with Facebook” and you will be automatically redirected to this platform, where you will be prompted for your username and password details. You will then log in to this website with your Facebook profile. This will give us access to all the data stored on Facebook, for example (but not limited to):

Name
Profile picture Email address Facebook ID Friend network
Appreciations (Facebook likes)
Birthday Gender Country
Tongue

These data will be used to create and personalize your account on this website.

For more information, you can access Facebook's Terms and Conditions, as well as the Privacy Policy, available at https://www.facebook.com/privacy and on https://www.facebook.com/legal/terms.

Given the Decision of July 16, 2020 (pronounced in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems, The European Court of Justice ruled that the protection offered by the EU-US Privacy Shield is not adequate.

Therefore, the transfer of personal data to the USA and other countries outside the European Economic Area (EEA) is based on the European Commission's Standard Contractual Clauses (SCCs). The Commission has issued two sets of standard contractual clauses for data transfers from EU data controllers to data controllers established outside the EU or the European Economic Area (EEA). It has also issued a set of contractual clauses for data transfers from EU data controllers to processors established outside the EU or EEA. For more information regarding these Clauses, we recommend visiting https://ec.europa.eu/info/law/law- topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.

Facebook uses Standard Contractual Clauses as an adequate safeguard for data protection, in accordance with the level of protection guaranteed by the GDPR.

For more information, visit: https://www.facebook.com/legal/EU_data_transfer_addendum

Comments Section

By accessing the Comments section, certain personal data (such as, but not limited to email address, username, IP address) will be processed and stored, some of which is necessary for the prevention of illegal actions or defamatory content.

There is also the possibility to register/subscribe on this site to receive comments via the provided email, therefore:

Is it possible for the email address to be verified through a confirmation email?;

You can unsubscribe at any time by clicking the link in the emails, and the data you provide will be deleted immediately, except for data provided as a result of accessing other sections (e.g., by signing up for the newsletter) which will remain stored;

The purpose of processing the data collected

Some of the data collected on this site is used to:

Performing the services we offer for your benefit (for example, to resolve any issues regarding our products and services, for

providing support services, etc.)

Optimal functioning and optimization of this site (statistical and analytical) – We constantly strive to offer you the best experience on our site, which is why we may collect and use certain information related to your satisfaction during your navigation on this site, and we may invite you to complete suggestion questionnaires or similar.

Online advertising and promotion activities. You can ask us at any time, through the means described in this document, to stop processing your personal data for marketing purposes, and we will comply with your request as soon as possible.

Periodic user information – We want to keep you updated on our offers. To this end, we may send you any type of message containing general and thematic information, information regarding offers or promotions, as well as other commercial communications such as market research and opinion surveys. For communications of this type, we rely on the consent previously obtained from you. You can change your mind and withdraw your consent at any time.

To defend our legitimate interests. There may be situations where we use or transmit information to protect our rights and business activities. These may include: measures to protect the website and our website user from cyber attacks; measures to prevent and detect fraud attempts, including the transmission of information to competent public authorities; measures to manage other types of risks.

The processing of personal data is carried out in accordance with the provisions of the General Data Protection Regulation, based both on the consent of the data subject and on the grounds of the proper performance of contracts or the legitimate interests of the controller (unless the interests or fundamental rights and freedoms of the data subject prevail, which require the protection of personal data, in particular when the data subject is a child).

User rights

Your rights regarding your personal data and the means to exercise them are: The right to be informed, The right of access, The right to rectification, The right to erasure of data, The right to restrict processing, The right to data portability, The right to object, The right not to be subject to a decision based solely on automated processing of data, The right to lodge a complaint and to pursue legal remedies, The right to withdraw consent.

Right to information - you can request information on the processing activities of your personal data, on the identity of the controller and its representative or on the recipients of your data;

Right of access - you may obtain from the controller a confirmation as to whether or not personal data relating to you are being processed and, if so, access to those data and to the following information : the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or are to be disclosed, in particular recipients in third countries or international organizations ; where possible, the period for which the personal data are expected to be stored or, if this is not possible, the criteria used to determine this period ; the right to request the controller to rectify or erase the personal data or to restrict the processing of personal data or to object to the processing, etc.

Right to rectification – you can rectify inaccurate personal data or complete it;

Right to erasure – you can obtain the erasure of data, in case of processing

their was not legal or in other cases provided by law;

Right to restrict processing - you can request restriction of processing if you dispute the accuracy of the data, as well as in other cases provided by law;

The right to data portability – you may receive, under certain conditions, the personal data you have provided to us, in a machine-readable format, or you may request that said data be transmitted to another controller

Right to oppose — you can object, in particular, to the processing of data based on the legitimate interest of the controller;

The right not to be subject to a decision based solely on automated processing – you can request and obtain human intervention regarding the processing, or express your own point of view regarding this type of processing;

The right to file a complaint and to bring legal action - you can lodge a complaint about the way your personal data is processed with the National Supervisory Authority for Personal Data Processing and/or you can apply to the courts to enforce your rights;

Right to withdraw consent in cases where processing is based on your consent, you can withdraw it at any time. Withdrawal of consent will only have effects for the future; processing carried out before withdrawal will remain valid.

Data operator's obligations

Hosting

The personal data recorded on this website is stored on Claus Web servers. The processing of the data provided and stored complies with the following legal provisions:

art. 6 para. 1 lit. a) GDPR – The processing of data by Claus Web is carried out on the basis of your consent, obtained after fair and complete information;

Art. 6(1)(b) GDPR – the processing of data by Claus Web takes place for the purpose of fulfilling contractual obligations;

Art. 6(1)(f) GDPR – processing of data by Claus Web is carried out for the purposes of the legitimate interests pursued by the controller

Regardless of the purpose for which personal data is processed, the principles of lawfulness, fairness, and transparency are respected, as well as the principle that personal data processed are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

For more information on the processing of personal data by Claus Web, please visit https://www.clausweb.ro/acord-gdpr.php We have a contract/agreement/legal act (including the possibility of including and agreeing to the terms and conditions of the website) with Claus Web to ensure the processing of personal data in accordance with the legal regulations in the field. We comply with the obligations incumbent upon us according to Article 28 of the GDPR by choosing an external service provider that offers sufficient guarantees for the implementation of appropriate technical and organizational measures, so that the processing complies with the requirements set out in the regulation and ensures the protection of your rights.

Data encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential information. You can recognize this encryption by the lock icon that appears in your browser's address bar and by the change from http:// to https:// in the respective browser address.

Once this type of encryption is activated, data transmitted or transferred will not be visible to third parties.

In accordance with the GDPR, if the personal data security breach is likely to result in a high risk to your rights and freedoms, the operator of this website will inform you of this breach without undue delay, unless the supplementary provisions of the same Regulation (Article 34(3)) become applicable.

Data Protection Officer

Informing the data subject (i.e., the user) is not required if any of the following conditions are met:

the controller has implemented appropriate technical and organizational protection measures, and these measures have been applied to the personal data affected by the personal data security breach, in particular measures to ensure that personal data become unintelligible to any person not authorized to access them, such as encryption;
the operator has taken further measures to ensure that the high risk to the rights and freedoms of data subjects referred to in paragraph (1) is no longer likely to occur;
requires disproportional effort. In this situation, public information or a similar measure is carried out instead, whereby the affected persons are informed in an equally

For the exercise of the rights that will be detailed in this Policy, you can submit a written request, dated and signed, to the following contact details:

Data Protection Officer: Mora Robert Email: raropem.robert@gmail.com
Phone: 0752669616
Fax:
Mailing address: Baia Mare, Depozitelor Street no. 2

Evidence of processing activities

In accordance with GDPR regulations, the controller or a processor authorized by the controller should keep records of processing activities for which they are responsible for a reasonable period. Thus, these records shall include all of the following information:

the controller's name and contact details; the purposes of the processing;
description of the categories of data subjects and personal data categories; the categories of recipients to whom the personal data have been or will be disclosed; if applicable/possible:
personal data transfers
planned deadlines for the deletion of various data categories a general description of technical and organizational security measures

The obligation detailed above does not apply to an undertaking or organisation with fewer than 250 employees, unless the processing it carries out is likely to result in a risk to the rights and freedoms of data subjects, the processing is not occasional, or the processing includes special categories of data or personal data relating to criminal convictions and offences.

Appropriate technical and organizational measures

Considering the current state of the art, the context and purposes of the processing, and the risks to the rights and freedoms of natural persons, the controller shall implement appropriate technical and organizational measures to ensure that, by default, only personal data which is necessary for each specific purpose of the processing are processed.

Notification of the supervisory authority in the event of a personal data security breach

In accordance with Article 33(1) of the GDPR, in the event of a personal data breach, we will notify the National Supervisory Authority for Personal Data Processing without undue delay and, where feasible, within 72 hours of becoming aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.

Informing the data subject about a personal data security breach

In relation to the provisions of Article 34 of the GDPR, where a personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, we will inform the data subject without undue delay of that personal data breach, except where:

adequate technical and organizational protection measures have been implemented, and these measures have been applied to personal data affected by the personal data security breach, in particular measures ensuring that personal data becomes unintelligible to any person not authorized to access it, such as encryption;

further measures have been taken to ensure that the high risk to the rights and freedoms of the data subjects previously mentioned is no longer likely to materialize; would require a disproportionate effort. In this situation, public information or a similar measure is carried out instead, informing the data subjects in an equally effective manner.

Social Media

Facebook plugins (Like & Share Button)

This service uses social plugins („plugins”) operated by the social network facebook.com. Plugins can be identified by a Facebook logo (a white „f” on a blue tile or a „thumbs up” sign) or are labeled with the addition of the phrase „Facebook Social Plugin.” The list and appearance of Facebook plugins can be viewed here: https://developers.facebook.com/docs/plugins/. As you use the Like extension, you will appreciate our website's Facebook page without having to leave it. As you use the Share extension, you will share our website or specific content within it on your personal Facebook page, without having to leave the site.

Through the plugin, Facebook receives the information you access on our website. If you are also logged into Facebook at the same time, Facebook can attribute the actions taken on the page to your account and, consequently, to you personally. When you interact with the plugins, for example by clicking the Like button or sharing specific content from the site, the corresponding information is transferred directly from your browser to Facebook and stored there. Even if you are not a Facebook member, there is still a possibility that the social network may obtain and store your IP address.

By clicking one of these buttons, you agree to the use of this plugin and thus to the transfer of personal data to Facebook. We have no control over the nature and purpose of this transmitted data, nor over its further processing. With regard to the purpose and scope of data collection, processing and further use of the data by Facebook, as well as the permissions and privacy settings.

If you do not want Facebook to associate your visit to this website with your Facebook account information, you can log out.

Instagram Plugin

This service uses social plugins („plugins”) managed by the social network Instagram, features offered by Instagram Inc., located at 1601 Willow Road, Menlo Park, CA 94025, USA. Plugins can be identified by an Instagram logo or are labeled by adding the phrase „Instagram Social Plugin.”.

Through the plugin, Instagram is informed about the actions you take on our page. If you are also logged into your personal social media account at the same time, it may attribute the actions taken on our page to your Instagram account and, consequently, to you personally. When you access the plugins, the corresponding information is transferred from your browser to the social network and stored there. Even if you are not an Instagram member, there is still a possibility that it may obtain and store your IP address.

By clicking one of these buttons, you agree to the use of this plugin and therefore to the transfer of personal data to Instagram. We have no control over the nature and purpose of this transmitted data, nor over its further processing. Regarding the purpose and scope of data collection, processing and further use of data by Instagram, as well as user privacy settings and permissions, you can consult Instagram's privacy policies at: https://help.instagram.com/155833707900388.

If you are an Instagram member and do not want it to collect your data through the plugin and link it to data already stored on Instagram, you must log out of the social network before visiting this site.

Tumblr Plugin

This site uses certain Tumblr plugins, which are operated by Tumblr Inc., located at 35 East, 21st Street, 10th Floor, New York, NY 10010, USA. These plugins allow you to make a post or page public on Tumblr. When you visit this site using Tumblr, your browser establishes a direct connection with Tumblr's servers. We have no influence over the amount of data accessed by Tumblr and transmitted through this plugin. Based on our own experience, it is possible that the IP address and URL of the respective site may be transmitted.

More information can be found in Tumblr's privacy policy: https://www.tumblr.com/privacy

Twitter plugin

This service uses social plugins („plugins”) operated by the social network twitter.com. Plugins can be identified by a Twitter logo.

Through the plugin, Twitter receives the information you access on our page. If you are also logged into the social network at the same time, Twitter can attribute the actions taken on the page to your Twitter account and, by extension, to you personally.

When you interact with plugins, corresponding information is transferred directly from your browser to Twitter and stored. Even if you are not a Twitter member, there is still a possibility that it may obtain and store your IP address.

By clicking on one of the plugin buttons, you agree to their use and, therefore, to the transfer of personal data to Twitter. We have no control over the nature and purpose of this transmitted data, nor over its further processing. Regarding the purpose and scope of data collection, processing, and further use of data by Twitter, as well as user privacy settings and permissions, please consult Twitter's privacy policies at: https://twitter.com/en/privacy.

If you are a Twitter member and do not want it to collect your data through the plugin and link it to data already stored on Twitter, you must log out of the social network before visiting the website.

Google+ plugin

This service uses social plugins („plugins”) managed by the social network Google+. Plugins are identifiable by a Google+ logo.

Through the plugin, Google receives information about your activity on our page. If you are also logged into the social network at the same time, Google can attribute the actions performed on the page to your Google+ account and, by implication, to you personally. When you interact with the plugins, the corresponding information is transferred directly from your browser to Google+ and stored there. Even if you are not a Google+ member, there is still a possibility that Google+ may obtain and store your IP address.

By clicking on one of the plugin buttons, you agree to their use and, therefore, to the transfer of personal data to Google+. We have no control over the nature and purpose of these transmitted data, nor over their further processing. Regarding the purpose and scope of data collection, processing, and further use of data by Google+, as well as user privacy settings and permissions, please consult the Google+ privacy policies at: https://policies.google.com/privacy?hl=en.

If you are a Google+ member and do not want it to collect your data through the plugin and link it to data already stored on Google+, you must log out of the social network before visiting the site.

LinkedIn plugin

This service uses social plugins („plugins”) operated by the social network LinkedIn.

Through the plugin, LinkedIn is informed about your activity on our website, and if you are also logged into the social network at the same time, LinkedIn can attribute actions taken on the page to your account and, by extension, to you personally. Even if you are not a LinkedIn member, there is still a possibility that it may obtain and store your IP address through the plugin. Also, when you interact with the plugins, the corresponding information is transferred directly from your browser to LinkedIn and stored there.

If you are a LinkedIn member and do not want it to collect your data through the plugin and link it to data already stored on LinkedIn, you must log out of the social network before visiting the site.

By clicking on one of the plugin buttons, you agree to their use and therefore to the transfer of personal data to LinkedIn. We have no control over the nature and purpose of the data transmitted, nor over its further processing. Regarding the purpose and scope of data collection, processing and further use of data by LinkedIn, as well as user privacy settings and permissions, you can consult LinkedIn's privacy policies at: https://www.linkedin.com/legal/privacy-policy?src=or- search&veh=www.google.ro%7Cor-search.

XING Plugin

This service uses social plugins („plugins”) operated by the social network XING.

Through the plugin, XING receives information about your activity on our website. If you are also logged into the social network at the same time, XING can assign actions performed on the page to your account and, by extension, to you personally. When you interact with the plugins, the corresponding information is transferred directly from your browser to XING and stored there. Even if you are not a XING member, there is still a possibility that it may obtain and store your IP address.

By clicking on one of the plugin buttons, you agree to their use and therefore to the transfer of personal data to XING. We have no control over the nature and purpose of the data transmitted, nor over its further processing. For information on the purpose and scope of data collection, processing, and further use of data by XING, as well as user privacy permissions and settings, please refer to XING's privacy policies at: https://privacy.xing.com/en/privacy-policy.

If you are a XING member and do not want it to collect your data through the plugin and link it to the data already stored on XING, you must log out of the social network before visiting the website.

Pinterest plugin

This service uses social plugins („plugins”) operated by the social network Pinterest.

Through the plugin, Pinterest receives information about your activity on our website. If you are also logged into the social network at the same time, Pinterest can attribute the actions performed on the page to your account and, by extension, to you personally. When you interact with the plugins, the corresponding information is transferred directly from your browser to Pinterest and stored there. Even if you are not a Pinterest member, there is still a possibility that it will obtain and store your IP address.

By clicking on one of the plugin buttons, you agree to their use and, therefore, to the transfer of personal data to Pinterest. We do not control the nature and purpose of the data transmitted, nor its further processing. Regarding the purpose and scope of data collection, processing, and further use of data by Pinterest, as well as user privacy settings and permissions, you can consult Pinterest's privacy policies at: https://policy.pinterest.com/en/privacy-policy.

If you are a Pinterest member and do not want it to collect your data through the plugin and link it to data already stored on Pinterest, you must log out of the social network before visiting the site.

To receive a newsletter, you must provide a valid email address, along with specific information that can identify the owner of that address. Your consent is also required for the transmission of the newsletter, and therefore, we inform you that any other personal data will be collected and stored only with your agreement. The data collected in this way is processed solely for the purpose of transmitting the newsletter and will not be shared with third parties.

Therefore, we will process any data you enter into the contact form only with your consent, in accordance with Article 6(1)(a) of the GDPR.

Plugins and Tools

YouTube

Our website uses plugins from the YouTube platform, which is operated by Google. The website operator is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

If you visit a page on our website that has a YouTube plugin embedded, a connection will be established with YouTube servers. Consequently, the YouTube server will be informed which pages you have visited.

In addition, YouTube will be able to introduce different cookies, which will allow information about the visitors of our website to be obtained. Among other things, this information will be used to generate video statistics in order to improve website usability and prevent fraud attempts.

If you are logged into your YouTube account while visiting our website, you allow YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Usage of YouTube is based on our interest in presenting online content to you in an appealing manner. According to Article 6(1)(f) GDPR, this is a legitimate interest.

Given the Decision of July 16, 2020 (pronounced in Case C-311/18 — Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), The European Court of Justice ruled that the protection offered by the EU–US Privacy Shield is not adequate. Therefore, the transfer of personal data to the United States and other countries outside the European Economic Area (EEA) should be based on Standard Contractual Clauses (SCCs).

– Standard Contractual Clauses) of the European Commission.

For more information on how YouTube handles user data, please refer to the YouTube data privacy policy at: https://policies.google.com/privacy?hl=en.

Vimeo

Our website uses video portal plugins from Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

If you visit one of the pages on our website where a Vimeo plugin has been integrated, a connection will be established to Vimeo's servers. Consequently, Vimeo's server will receive information about the pages you have visited. Additionally, Vimeo will receive your IP address. This will also occur if you are not logged into Vimeo or do not have a Vimeo account. The information recorded by Vimeo will be transmitted to Vimeo's server in the United States.

If you are signed in to your Vimeo account, allow Vimeo to directly assign your navigation patterns to your personal profile. You can prevent this by signing out of your Vimeo account.

The use of Vimeo is based on our interest in presenting your content online in an attractive manner. In accordance with Art. 6 (1) (f) GDPR, this is a legitimate interest.

Therefore, the transfer of personal data to the US and other countries outside the European Economic Area (EEA) is based on the Standard Contractual Clauses (SCC) of the European Commission. The Commission has issued two sets of Standard Contractual Clauses for data transfers from EU data controllers to data controllers established outside the EU or the European Economic Area (EEA). It has also issued a set of contractual clauses for data transfers from EU controllers to processors established outside the EU or EEA. For more information on these Clauses, we recommend visiting https://ec.europa.eu/info/law/law- topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_ro.

Vimeo uses Standard Contractual Clauses as adequate safeguards for data protection in accordance with the level of protection guaranteed by GDPR. For more information, please visit https://www.activecampaign.com/legal/scc and the full privacy policy available here: https://vimeo.com/privacy.

Google Web Fonts

This site uses web fonts provided by Google to ensure consistent font usage on this site.

When you access a page on this website, your browser will load the web fonts required to display the text and fonts correctly as a result of establishing a connection with Google's servers. This way,

The use of Google Web Fonts is based on Art. 6(1)(f) GDPR, with a legitimate interest in the uniform presentation of the font on this website. If consent has been given for this purpose (e.g., consent to store cookies), the data will be processed exclusively on the basis of Art. 6(1)(a) GDPR.

For more information on how Google Web Fonts handles user data, please see the Privacy Policy available at: https://policies.google.com/privacy?hl=en.

Adobe Fonts

To ensure consistent font display, our website uses fonts called Adobe Typekit Fonts provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).

When you access pages on our website, your browser will automatically load the necessary fonts directly from Adobe's website to display them correctly on your device. As a result, your browser will establish a connection with Adobe's servers in the United States. Therefore, Adobe may register that your IP address was used to access our website. According to information provided by Adobe, no cookies will be stored in connection with font delivery.

Adobe holds EU-US Privacy Shield certification. The Privacy Shield is an agreement ratified between the United States and the European Union, aimed at ensuring compliance with European data protection standards. For more information, follow this link: https://www.adobe.com/de/privacy/eudatatransfers.html. The use of Adobe Typekit Web fonts is necessary to ensure the consistent presentation of fonts on our website. This constitutes a legitimate interest, as defined in Art. 6(1)(f) GDPR. For more information about Adobe Typekit Web fonts, please refer to https://fonts.adobe.com/typekit

Given the ruling of July 16, 2020 (rendered in case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the European Court of Justice ruled that the protection offered by the EU-US Privacy Shield is not adequate. Therefore, the transfer of personal data to the USA and other countries outside the European Economic Area (EEA) should be based on Standard Contractual Clauses (SCCs).

– Standard Contractual Clauses) of the European Commission. Adobe's data privacy statement can be accessed at: https://www.adobe.com/ro/privacy/policy.html

Google Maps

This site uses Google Maps, a mapping and location service, via an API. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, United States of America.

To ensure data protection on our website, you will find that Google Maps has been deactivated when you visit our website for the first time. A direct connection to Google's servers will not be established before you independently activate Google Maps, i.e., with your consent in accordance with Art. 6 Para. 1 lit. a) GDPR. This will prevent data from being transferred to Google during your first visit to our website. Once you have activated the service, Google Maps will store your IP address. As a rule, this is then transferred to a Google server in the United States, where it is stored. The provider of this website has no control over this data transfer once Google Maps has been activated.

Google Maps uses Standard Contractual Clauses as adequate safeguards for data protection, in accordance with the level of protection guaranteed by GDPR. For more information, please consult the Google Data Privacy Notice at the following address: https://policies.google.com/privacy

Google reCAPTCHA

We use „Google reCAPTCHA” (hereinafter „reCAPTCHA”) on our website. The provider is Google Inc. with headquarters at 1600 Amphitheater Parkway, Mountain View, CA 94043, U.S.A. („Google”). reCAPTCHA's purpose is to determine whether data entered on our website (e.g., information entered in a contact form) is provided by a human user or an automated program. To determine this, reCAPTCHA analyzes site visitor behavior based on a variety of parameters. This analysis is triggered automatically as soon as the site visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g. IP address, the time the site visitor has spent on the site, or user-initiated cursor movements). Data tracked during these analyses is sent to Google. reCAPTCHA analytics run entirely in the background. Site visitors are not warned that a scan is running.

The data are processed on the basis of Art. 6 (1) lit. f) GDPR. The website operators have a legitimate interest in protecting the operator's web content against misuse by automated industrial espionage systems and against SPAM.

Google reCAPTCHA uses Standard Contractual Clauses as an adequate safeguard for data protection, in accordance with the level of protection guaranteed by GDPR. For more information, please refer to the Google Data Privacy Declaration available here: https://policies.google.com/privacy and here https://policies.google.com/terms?hl=en

Online Chat

Facebook Messenger Online Chat Platform

On this website, we use Facebook Messenger, a free instant messaging application, ensuring

This allows instant text messaging with one or even more people or computers at once. It is an American messaging application and platform developed by Facebook, Inc. Originally developed as Facebook Chat in 2008, the company revamped its messaging service in 2010.

Through Facebook Messenger, we can provide you with quick assistance, allowing interaction with us, including tracking your purchases, receiving notifications, and initiating personal conversations with the company's customer service representatives.

The legal basis for processing personal data through Facebook Messenger is Article 6(1)(f) of the Regulation, based on our legitimate interest in the lawfulness of processing. Regarding the processing of personal data, Facebook Ireland can be contacted online or by mail at the following address: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data collected through Facebook Messenger is used, among other things, to provide, personalize, and improve chat, to enable the offering of analytical services, and also for communication with you.

Facebook Messenger complies with GDPR and the Standard Contractual Clauses (SCC) approved by the European Commission, continuously taking into account its decisions regarding data transfers to the United States and other countries. The European Commission has recognized countries such as Andorra, Argentina, Canada (commercial organizations), the Faroe Islands, Guernsey, Israel, the Isle of Man, Japan, Jersey, New Zealand, Switzerland, and Uruguay as providing adequate protection.

More information is available here https://www.facebook.com/privacy/explanation and here https://www.facebook.com/legal/EU_data_transfer_addendum

Through WhatsApp, we ensure effective communication with our customers. For those residing in a country within the European Economic Area (which includes the European Union) and any other included country or territory (collectively referred to as the „European Region”), WhatsApp is operated by WhatsApp Ireland Limited, of 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

In accordance with WhatsApp's policy, which can be consulted and analyzed here: https://www.whatsapp.com/legal/#privacy-policy, Whatsapp Ltd., also being part of the Facebook Companies, collects and processes personal data through this service in compliance with security and confidentiality principles applicable at the European level (in particular, GDPR) or at the international level (when referring to services provided by Whatsapp Inc. – EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework).

Through WhatsApp, the following are processed:

data provided directly by users (such as user account details – phone number, profile name, photo – user connections. Regarding transmitted messages, they are not stored on WhatsApp servers, except for those that could not be sent (for example, to an offline user) which are stored for a period of 30 days before being deleted.

automatically collected data (user status information “last seen status”, user preferences stored via cookies, IP address, browser-related information, some transaction and payment information – for payment terms and conditions, we recommend consulting https://www.whatsapp.com/legal/?eea=0#payments-in).

The legal basis for processing personal data through WhatsApp is Article 6(f) of the Regulation, based on our legitimate interest for the lawfulness of processing.

WhatsApp uses Standard Contractual Clauses as an adequate safeguard for data protection, in compliance with the level of protection guaranteed by GDPR, according to the information available here. https://www.whatsapp.com/legal/#privacy-policy-our-global-operations

Audio-Video Communications

Audio-Video Communication Services

We use specific online conferencing tools to communicate with our clients. If you choose to communicate with us through one of these tools, your personal data will be collected and processed by both us and the respective provider.

These tools collect all information you provide (e.g., your email address or phone number). Other information is also processed, such as the duration of the conference, the time spent in that conference, the number of participants, other information specific to the functioning of these tools, as well as technical data (such as IP addresses, type of devices used, operating system type and version, details about the camera and microphone used, as well as content data and information – text messages, voice messages, photos and uploaded files, etc.).

The legal grounds for processing personal data through these tools are:

art. 6 lit. b) of the Regulation, to communicate effectively with our contractual partners and with current or potential customers;

art. 6 lit. f) of the Regulation, based on our legitimate interest in the lawfulness of processing, from the perspective of simplifying and accelerating communication with us.

However, we wish to inform you that we do not have full control over all procedural and legal aspects regarding the processing of personal data, and therefore, we ask you to consult the privacy policies of the providers of such video-audio communication tools. To the extent that your consent has been requested, the use of the respective tool will be based on this consent until it is withdrawn.

Regarding the duration of storage of data processed as a result of using these tools, outside of the legal storage periods, at your request or if storage is no longer necessary, personal data will be deleted by us. However, for more details regarding the storage of data by audio-video communication tool providers for their own purposes, please contact them and review their privacy policies.

Zoom

We are using Zoom to facilitate communication with you. The provider of this service is Zoom Communications Inc, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom's privacy policy: https://zoom.us/en- us/privacy.html.

In light of the Judgment of 16 July 2020 (delivered in Case C-311/18 – Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the Court of Justice of the European Union ruled that the protection offered by the EU–US Privacy Shield does not have an adequate character.

Data transmission to the United States through Zoom is based on the European Commission's Standard Contractual Clauses (SCCs). Details can be found here: https://zoom.us/de-de/privacy.html.

Skype

We use Skype to facilitate communication with you. The provider of this service is Skype Technologies S.A.R.L (also known as Skype Software S.A.R.L, Skype Communications S.A.R.L, Skype Inc., and Skype Limited), which is a telecommunications company based in Luxembourg City, Luxembourg (23-29 Rives de Clausen, L-2165) and Palo Alto, CA, United States.

Details regarding the processing of personal data can be found here: https://privacy.microsoft.com/en- us/privacystatement

Microsoft Teams

We use Microsoft Teams to facilitate communication with you. Microsoft Teams is a business communication platform developed by Microsoft, as part of the Microsoft 365 product family.

Microsoft adhered to the EU-U.S. and Swiss-U.S. Privacy Shield principles, but the Privacy Shield Framework as a legal basis for personal data transfers must be interpreted and applied in light of the Court of Justice of the EU's ruling in case C-311/18.

Details regarding the processing of personal data can be found here: https://privacy.microsoft.com/en- us/privacystatement

Google Meet

We use Google Meet to facilitate communication with you. The provider of this service is Google Inc., based in the United States of America, 1600 Amphitheatre Parkway, Mountain View, CA 94043. In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, incorporated and operating under the laws of Ireland (registered number: 368047), with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland.

For more details on the processing of personal data, we recommend consulting the policy available here: https://policies.google.com/privacy

Advertising and Analytics

Google Analytics

This website uses the features of the Google Analytics web analytics service. The provider of this service is Google Inc., located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called cookies. Cookies are text files that are stored on your computer and allow for an analysis of how you use the website. The information generated by cookies about your use of this website is usually transferred to a Google server in the United States and stored there.

The storage of Google Analytics cookies and the use of this analysis tool are based on Art. 6 sec. 1 lit. f) GDPR. The operator of this website has a legitimate interest in analyzing user patterns to optimize both the services offered online and the operator's advertising activities.

Data transfers to the United States are based on the Standard Contractual Clauses (SCCs) of the European Commission.

Anonymize IP

On this site, the IP anonymization function has been activated. As a result, your IP address will be abbreviated by Google within the member states of the European Union or other states that have ratified the Convention on the European Economic Area before being transmitted to the United States. The full IP address will be transmitted to one of Google's servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this site, Google will use this information to analyze your use of this site, to generate reports on website activity and to provide other services to the website operator in connection with website usage. The IP address transmitted in conjunction with Google Analytics from your browser will not be merged with other data held by Google.

Browser plug-in

You have the option to prevent the archiving of cookies by making relevant changes to your browser software settings. However, we must emphasize that in this case, you may not be able to use all the functions of this website. In addition, you have the option to prevent the recording of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

Objection to data recording

You have the option to prevent your data from being recorded by Google Analytics by clicking the following link. This will place an opt-out cookie, which prevents your data from being recorded during future visits to this site: disable Google Analytics.

For more information on Google Analytics’ handling of user data, please see the Google Data Privacy Statement at: https://support.google.com/analytics/answer/6004245?hl=ro.

Demographic parameters provided by Google Analytics

This site uses the „demographic” feature provided by Google Analytics, through which reports are generated providing information on the age, gender, and interests of website visitors. The sources of this information are interest-based advertising generated by Google, as well as visitor data obtained from third-party service providers. This data cannot be assigned to a specific individual. You have the option to disable this feature at any time by making relevant changes to your ad settings in your Google account, or you can generally prohibit Google Analytics from collecting your data.

Google Analytics advertising and remarketing services

Our website uses Google Analytics Remarketing features, in conjunction with Google features

AdWords and Google DoubleClick, which work on all devices. The provider of these solutions is Google Inc., headquartered in the United States of America, 1600 Amphitheater Parkway, Mountain View, CA 94043.

This feature allows you to connect Google Analytics remarketing audience lists with Google AdWords and Google DoubleClick functionalities, which work across all devices. This makes it possible to display personalized, interest-based ads based on past usage and browsing behavior on one device (e.g., mobile phone) in a way that is tailored for both you and any of your devices (e.g., tablet or PC).

If you give us your consent, Google will connect your web browser and app activity to your Google Account for this purpose. As a result, you may see the same personalized ads on every device you sign in to with your Google Account.

To support this function, Google Analytics records the authenticated IDs of users temporarily signed in to Google Analytics data to define and compile target groups for ads to be displayed across all devices.

You have the option to create permanent objections regarding remarketing/targeting across all devices by disabling personalized advertising in your Google account. To do so, follow this link: https://www.google.com/settings/ads/onweb/.

The consolidation of data recorded in your Google account will take place exclusively based on your consent, which you can give to Google and also revoke (Article 6(1)(a) GDPR).

Data logging processes not consolidated into your Google account (e.g., because you do not have a Google account or have opted out of data consolidation) are logged based on Article 6(1)(f) of the GDPR. The legitimate interest lies in the fact that the website operator has a legitimate interest in the anonymous analysis of website visitors for advertising purposes.

Data transfers to the United States are based on the Standard Contractual Clauses (SCCs) of the European Commission.

For more information and relevant data protection regulations, consult Google's Data Privacy Policies at: https://policies.google.com/technologies/ads?hl=en.

Google Ads and Google Conversion Tracking

This site uses Google Ads. Ads is an online advertising program of Google Inc. – 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google”).

Regarding Google Ads, we use a tool called Conversion Tracking. If you click on an ad published by Google, a cookie will be placed for conversion tracking purposes. Cookies are small text files that your web browser places on a user's computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google will be able to recognize that the user clicked on an ad and was redirected to this page.

Another cookie is allocated to each Google Ads customer. These cookies cannot be tracked across Ads customers' websites. The information obtained with conversion cookies is used to generate conversion statistics for Ads customers who have opted in to use conversion tracking. Users receive the total number of users who clicked on their ads and were directed to a page equipped with a conversion tracking tag. However, they do not receive any information that would allow them to personally identify these users. If you do not wish to be involved, you have the option to object to this use by easily deactivating the Google conversion tracking cookie through your web browser in accordance with user settings. If you do this, you will not be included in the Conversion Tracking statistics.

The storage of „Conversion” cookies and the use of this tracking tool are based on Art. 6 para. 1 lit. f) GDPR. The website operator has a legitimate interest in analyzing user patterns for the purpose of optimizing its web offers and advertising.

Data transfers to the United States are based on the Standard Contractual Clauses (SCCs) of the European Commission.

To consult more detailed information about Google Ads and Google Conversion Tracking, please refer to Google's Data Privacy Policy at: https://policies.google.com/privacy?hl=en.

You can configure your browser so that you are notified at any time when cookies are placed, and you can allow cookies only in certain cases or exclude the acceptance of cookies in certain cases or in all situations, and you can also enable automatic deletion of cookies after closing the browser. If you disable cookies, the functions of this website may be limited.

Google AdSense

This website uses Google AdSense, a service for integrating advertisements provided by Google Inc. („Google”). The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America.

Google AdSense uses so-called cookies; that is, text files stored on your computer that

permit the analysis of your use of this website. Google AdSense also uses so-called Web Beacons (invisible graphics). These Web Beacons can be used to analyze information, such as traffic data of visitors to this website.

Information generated by cookies and web beacons regarding your use of this website (including your IP address) and the delivery of advertising formats is transferred to a Google server in the United States, where it is archived. Google may share this information with Google contractual partners. However, Google will not associate your IP address with other data stored by Google.

The storage of AdSense cookies is based on Art. 6 para. 1 lit. f) GDPR. The website operator has a legitimate interest in analyzing user patterns for the purpose of optimizing the operator's web offers and advertising.

You can prevent the installation of these cookies by making an appropriate adjustment to the settings of your browser software; however, we must point out that in this case you may not be able to use all the functions of this website. By using this website, you declare that you consent to the processing of the data that we collect about you in the manner described above and that you agree to the above-mentioned purpose of use.

Data transfers to the United States are based on the European Commission's Standard Contractual Clauses (SCCs). For more information, please see Google's Data Privacy Policies at: https://policies.google.com/privacy?hl=en.

Facebook Pixel

To measure conversion rates, our website uses the Facebook Pixel, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA („Facebook”).

This tool allows tracking of page visitors after they have been connected to the provider's website after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.

For the operators of this site, the data collected is anonymous. We are not in a position to draw any conclusions about the identity of users. However, Facebook archives the information and processes it in such a way that it is possible to log in to the profile and Facebook is able to use the data for its own promotional purposes in accordance with Facebook's Data Use Policy. This allows Facebook to display ads both on Facebook pages and outside of Facebook. The operators of this site have no control over the use of this data.

The use of Facebook Pixel is based on Art. 6 para. 1 lit. f) GDPR. The website operator has a legitimate interest in effective advertising campaigns that include social media.

The transfer of data to the U.S. is based on the European Commission's Standard Contractual Clauses (SCC). In Facebook's data privacy policies, you will find more information about protecting your privacy at: https://www.facebook.com/about/privacy/.

You also have the option to disable the „Custom Audiences” remarketing feature in the Ad Settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must first log in to Facebook.

If you do not have a Facebook account, you can disable user-based advertising through Facebook on the Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/ro/optiunile-mele.

Hotjar

This site uses Hotjar. The provider is Hotjar Ltd., based in St. Julians Business Center, 3 Elia Zammit St., Level 2, St. Julians STJ 1000, St. Julians, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool used to analyze user patterns on this site. Hotjar also has the ability to determine how long the cursor stayed in a particular position. Based on this information, Hotjar compiles so-called Heatmaps, which make it possible to determine which parts of the site the visitor revisits with preference. It can also determine how long you stayed on a site page and when you left. It is also possible to determine when you have suspended making entries in a contact form (so-called conversion channels).

In addition, Hotjar can be used to obtain direct feedback from site visitors. This feature aims to improve the offerings of the site operator's websites.

Hotjar uses cookies. Cookies are small text files that are placed on your computer and stored by your browser. Their purpose is to make the website presentation more user-friendly, effective, and secure. These cookies allow us to determine, in particular, whether the site has been used with a specific device or if Hotjar features have been deactivated for that browser. Hotjar cookies will remain on your device until you delete them.

You can configure your browser so that you are notified at any time when cookies are being placed and you can allow cookies only in certain cases or exclude the acceptance of cookies in certain cases and you can also activate the automatic deletion of cookies when closing the browser. If you disable cookies, the functions of this website may be limited.

The use of Hotjar and the storage of Hotjar cookies are based on Art. 6 para. 1 lit. f) GDPR. The website operator has a legitimate interest in analyzing user patterns for the purpose of optimizing web offers and the operator's advertising.

Deactivating Hotjar

If you wish to disable data recording by Hotjar, please click the link below and follow the instructions provided under the link: https://www.hotjar.com/opt-out.

Please note that you will need to disable Hotjar separately for each browser and each device. For more detailed information about Hotjar and what data needs to be recorded, please refer to Hotjar's data Privacy Statement at the following link: https://www.hotjar.com/privacy.

Amazon Partner Program

The operators of this site participate in the EU Amazon Associates Program. Amazon integrates advertisements and links to Amazon.com on this site, which allows us to earn revenue in the form of advertising cost reimbursements. Amazon uses cookies in this program to determine the source of orders placed. This allows Amazon to determine if you clicked on an affiliate link on this site.

Amazon cookie archiving is based on Art. 6 para. 1 lit. f GDPR. Based on the regulation, the website operator has a legitimate interest to do so, because the determination of the website operator's affiliate earnings depends on the placement of cookies.

– European Commission Standard Contractual Clauses. For more information about Amazon's use of data, please see the Amazon Data Privacy Notice at: https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496.

E-Commerce and Payment Methods

E-commerce

We process personal data to the extent necessary to conclude or modify a contractual relationship with our company/the company that administers this site, in compliance with Article 6(1)(b) of the GDPR. Thus, we process (collect, record, structure, store, modify, extract, etc.) personal data from the moment this website is accessed solely for the purpose of facilitating access to our products or services and/or for collecting payment for them.

Online order delivery

We ensure the delivery of your ordered products through courier services. Personal data processed for the delivery of placed orders are protected by each service provider, in accordance with their own privacy policies. The legal basis for processing data necessary for delivery processing is Article 6(1)(a) of the GDPR. (you, as the data subject, have given your consent for the processing of personal data for the purpose of order fulfillment), art. 6 para. 1 lit. b) GDPR (processing is necessary for the performance of a contract to which you are a party) and Article processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party unless the interests or fundamental rights and freedoms of the data subject override the processing and require the protection of personal data, in particular where the data subject is a child.

The purposes for which personal data are processed are expressly stated in the privacy policies of the providers of such services, with details also existing regarding the transfer of data (to affiliates, partners, employees, authorities, and public institutions), as well as regarding the legal grounds or duration of processing and storage.

DHL

Your order, placed on this website, will be delivered via courier services provided by DHL. The company providing the deliveries is Deutsche Post AG, registered under number HRB 6792 and with VAT identification number DE 169838187, with its main office in Bonn, Charles-de-Gaulle- Straße 20, 53113, Germany.

Deutsche Post AG and its subsidiaries operating under the DHL brand process your personal data for the following purposes:

for pre-contractual phase and for the execution of a contract to which the data subject is a party:
1. data is processed such as: customer identification data, email, telephone, delivery addresses, data
2. the legal basis for the processing of the aforementioned data is 6 para. 1 letter b) of the Regulation.
for advertising and direct marketing purposes:
1. data such as: name, email address, postal address is processed.
2. The legal basis for processing the aforementioned data is Article 6(1)(f) of the Regulation;
3. For sending newsletters, the legal basis is represented by Article 6(1)(a) GDPR. If you unsubscribe from email communications or withdraw your consent, the corresponding data will be deleted or blocked from the mailing list and will no longer be processed for these purposes (the inclusion of your email address in a blocklist occurs to protect the legitimate interests of Deutsche Post AG in accordance with Article 6(1)(f) of the Regulation).
to guarantee security and configuration seamless connection when visiting Company websites
1. The login data of the computer connecting to the DHL website, a list of web pages you visit within the DHL website, the date and duration of your visit, your device's IP address, and identification data for the browser type and operating system used are processed.
2. As a result of using the contact form or requesting information, data provided voluntarily by the user is processed, such as name, address, phone number, or email address (the legal basis in this case being Article 6(1)(a) GDPR).
3. The legal basis for processing the aforementioned data is Article 6(1)(a) of the Regulation, with web tracking data to be stored for a period of 36 months and then automatically deleted.

In accordance with the Privacy Policy, which can be found here: https://www.dhl.com/ro- en/home/footer/local-privacy-notice.html, DHL indicates that certain shipment data will be provided to the authorities in the country of transit or destination for customs clearance and tax authorization or for security verification, in accordance with the legislation of that country.

Fan Courier

For the delivery of the products purchased on this website we collaborate with FAN Courier Express SRL, registered with the Trade Register under no. J40/ 4014/2001 and having fiscal registration code RO13838336, company with registered office in Bucharest, Str. Fabrica de Glucoză, nr. 11C, sector 2, postal code 020332.

According to the information available on the Fan Courier website in the section https://www.fancourier.ro/politica-de- confidentiality/ and in the section https://www.fancourier.ro/politica-de-prelucrare-a-datelor-cu-caracter- personal/, your personal data is processed for the following purposes:

for the development and improvement of specific online delivery and selling activities via websites www.fancourier.ro and www.selfawb.ro - data processed for this purpose could include: name, surname, address (home/residence), e-mail, telephone, technical information; for Fan Courier activities related to marketing, advertising and after-sales - data processed for this purpose could include: name and surname, telephone/fax, e-mail, address (home/residence), voice, habits/ preferences/ behavior.

Fan Courier also processes other personal data for the fulfillment of product replacement services and promotional campaigns (with the identification of winners), such as: identity card identification data, including personal identification number and bank details.

The legal basis for the processing of personal data is Article 6(1)(a) of the Regulation, and the duration of data processing is 3 years, as a rule, or until you exercise your right to object.

Urgent Cargus

Your order will be delivered through courier services provided by Urgent Cargus SRL, based in Măgurele, Sos. Atomiștilor nr.99-115, Corp C1, Jud. Ilfov, having J23/344/2013 and unique registration code RO3541906.

Your personal data, in relation to Urgent Cargus, are processed for the following purposes:

to carry out specific courier and postal activities (which includes customer relations, evaluations, and market research) - the data processed could be the following: name, surname, address (domicile/residence), personal numerical code, phone, fax, email, date and place of birth, sex, signature, voice, preferences, as well as other technical data (IP, data collected through cookies).

to carry out marketing and advertising activities – the data processed could be the following: name and surname, date and place of birth, personal numerical code, telephone/fax, e-mail, address (domicile/residence), preferences, commercial behavior.

For more information on the processing of personal data by Urgent Cargus, you can consult our policy here: https://www.urgentcargus.ro/DOC/Informare-prelucrare-date- personal.pdf and here https://www.urgentcargus.ro/DOC/Politica-de-prelucrare-a-datelor-cu-caracter- personal.pdf. The legal basis on which your personal data is processed in relation to this site and Urgent Cargus is represented by art. 6 para. 1 lit. a) of the Regulation.

Same day

We collaborate with Sameday for local, national, and international courier services for your orders. Sameday is operated by DELIVERY SOLUTIONS S.A., with Fiscal Code RO23743772 and Trade Register Number J40/7031/2008, and its headquarters in Bucharest, Splaiul Independenței 319, Building OB17C, Sector 6.

Sameday processes personal data in accordance with the GDPR and for the purposes listed below, respectively:

For the provision and improvement of specific postal and courier services – the processed data includes that necessary for order pickup, validation, transport, delivery, and billing, as well as for the creation and administration of user accounts; user behavior information may also be collected;

For communications, especially regarding order status – data processed in this way may include first name, last name, email, phone number;

For the defense of legitimate interests, such as taking measures to prevent fraud attempts or measures to protect the website. https://sameday.ro/ and users from cyber attacks.

The processing of data for the purposes set out above is based on Article 6 of the Regulation, letters a), b) and f), with more details available for analysis here: https://sameday.ro/politica-de-confidentialitate/.

NemoExpress

Through the services provided by Nemo Expres Logistic S.A. company, located in Varteju, Unirii street no. 11, building C5, office no. 2, Ilfov county, with registration number J23/4187/2019 and unique registration code RO31692750, we ensure the delivery of orders placed on this website.

The personal data processed for NemoExpress courier services include:

name, surname, address, personal numeric code, e-mail, telephone, fax, delivery addresses, signature, technical information (IP, information collected through cookies) - which are processed for the purpose of carrying out postal and courier services, for market and statistical studies, but also for sending information and responding to possible complaints;
nume și prenume, data și locul nașterii, telefon, email, adresa, obișnuințe, preferințe, comportamentul utilizatorului – date prelucrate cu scopul desfășurării activităților de marketing, publicitate și promovare, pentru transmiterea de comunicate, dar și pentru monitorizarea vânzărilor și a comportamentului clienților;
în plus față de cele indicate la B, vocea și alte date care rezultă din comunicările cu clienții sunt prelucrate cu scopul evaluării serviciilor oferite de NemoExpress
codul numeric personal și seria și numărul actului de identitate sunt prelucrate în cadrul campaniilor de

Prin consultarea Politicii de prelucrare a datelor, disponibilă aici: https://www.nemoexpress.ro/politica-de- prelucrare-a-datelor-cu-caracter-personal/, NemoExpress prezintă și alte aspecte legate deconfidențialiate și prelucrarea efectivă, temeiurile legale fiind cele prevăzute de art. 6 alin. 1 lit. a), b) și

f) din Regulament.

FedEx

Comanda dumneavoastră, plasată pe acest website, va fi livrată prin intermediul serviciilor de curierat asigurate de FedEx. Pe 1 martie 2017, TNT a devenit furnizorul serviciilor FedEx în România, fiind cel care va prelua și va livra toate transporturile FedEx la nivel local.

Când utilizați serviciile de curierat FedEx în Europa, datele dumneavoastră personale sunt controlate de FedEx Express International B.V., cu sediul central în Hoofddorp, Taurusavenue 111, Olanda (la nivel global, de FedEx Corporation, cu sediul central în Memphis, Tennessee, Statele Unite).

Conform informațiilor disponibile aici: https://www.fedex.com/en-ro/privacy-policy.html, datele cu caracter personal prelucrate de FedEx includ:

date de contact (numele, adresa, adresa de e-mail, numărul de telefon)

date financiare și pe cele privind expedierea (numărul de cont bancar, starea plății, date de facturare, starea unei expedieri, locația livrării, informații vamale etc.)

informații de identificare (numărul permisului de șofer, fiind cea mai puțin invazivă pentru confidențialitate; în situația în care nu dețineți, va fi utilizată o altă metodă de identificare care să asigure identificarea dumneavoastră)

informații despre contul și preferințele dumneavoastră (detalii de logare, istoricul cumpărărilor, eventuale reclamații, preferințe)

date colectate automat (IP, tipul de sistem și browser, site-uri web pe care le vizitați, date temporale etc.)

Scopurile pentru care datele enumerate mai sus sunt prelucrate au la bază reglementările legale GDPR (art. 6 lit. a, b, f) și acestea se regăsesc și în scopurile de business urmărite de FedEx, respectiv: dezvoltarea de produse și îmbunătățirea serviciilor FedEx, managementul relațiilor și marketing pentru activități comerciale, management intern, respectarea obligațiilor legale și protejarea intereselor indivizilor.

GLS România

GLS General Logistics Systems Romania SRL (filială a General Logistics Systems B.V., Amsterdam), cu sediul social în Sat Șelimbăr, Comuna Șelimbăr, str. Ștefan cel Mare, nr. 3, Parc industrial Șelimbăr, județul Sibiu asigură servicii poștale pentru comenzile plasate pe acest website.

Date cu caracter personal precum numele, adresa, numărul de telefon și adresa de e-mail sunt prelucrate de GLS România în conformitate cu prevederile legale incidente, respectiv Regulamentul General privind Protecția Datelor, OUG nr. 13/2013 privind serviciile poștale și Legea nr. 365/2002 privind serviciile de comerț electronic și anumite aspecte legate de societatea informațională, astfel cum reiese din Politica de confidențialitate ce poate fi consultată aici: https://gls-group.eu/RO/ro/politica- confidentialitate.

Prin accesarea site-urilor www.gls-romania.ro and https://gls-group.eu/RO/ro/ sunt colectate anumite date în mod automat, prin intermediul cookie-urilor și sunt salvate date temporar în fișierele jurnal, scopul fiind acela de îmbunătățire a serviciilor oferite de GLS România și de realizare de statistici. De asemenea, prin formularul de contact și prin abonarea la buletinele informative, dumneavoastră furnizați GLS România în mod voluntar date cu caracter personal (spre exemplu, nume, adresă de email, telefon). Retragerea consimțământului dumneavoastră poate fi realizată oricând, fără a afecta legalitatea procesării pe baza consimțământului acordat înainte de retragere.

DPD România

Dynamic Parcel Distribution S.A (cunoscut ca DPD România) face parte din grupul internațional DPD Group și are sediul în Mogoșoaia, Str. Buiacului, Nr. 2, Corp A (A1 și A2), 077135, Ilfov.

Datele prelucrate de DPD România sunt următoarele:

adresele, datele de comunicare și numele persoanelor de contact; detaliile conținutului coletului și informațiile de livrare;

informații legale și de facturare relevante; informațiile vamale;

informațiile privind transferul expedierii sau privind urmărirea transportului.

Prelucrarea datelor anterior menționate are ca temei legal art. 6 lit. a) și b) din Regulament, iar DPD România nu transmite datele cu caracter personal unor terțe părți, cu excepția cazului în care transferul duce la îndeplinirea scopului contractului, atunci când există acordul expres al persoanei vizate (adeseori utilizatorul unei aplicații, spre exemplu MyDPD) sau există o obligație legală de a transmite date (de exemplu, pentru declarații vamale sau informații privind mărfurile periculoase).

Pentru a consulta informații mai detaliate despre DPD România, consultați Politica de confidențialitate la: https://www.dpd.com/ro/home/expediere/gdpr.

Plăți online

Conform Regulamentului, “în vederea menţinerii securităţii şi a prevenirii prelucrărilor care încalcă prezentul regulament, operatorul sau persoana împuternicită de operator ar trebui să evalueze riscurile inerente prelucrării şi să implementeze măsuri pentru atenuarea acestor riscuri, cum ar fi criptarea” – considerentul 83. Astfel că disponibilitatea de criptare puternică și eficientă este o necesitate pentru garantarea protecției, confidențialității și integrității datelor cu caracter personal.

În timpul procesului de cumpărare a produselor comercializate prin acest website, datele dumneavoastră bancare sunt în siguranță!

Folosim metode sigure de criptare, datele fiind transmise prin conexiuni de înaltă securitate către unitățile financiare. Astfel că datele furnizate de dumneavoastră pentru efectuarea de plăți nu sunt transmise către terți și nu rămân salvate în baze de date.

PayU

PayU, cu sediul în Clădirea Opera Center, Str. Dr. Nicolae Staicovici, nr. 2, etaj 6, Sector 5, București, România, respectă caracterul privat și securitatea informației furnizate de către dumneavoastră atunci când utilizați acest website.

PayU poate colecta de la dumneavoastră date cu caracter personal, dar numai cu acordul dumneavoastră și dacă le furnizați voluntar.

Colectarea de date cu caracter personal pe Site-ul secure.PayU.ro implică:

Formularele de plată online prezentate dumneavoastră atunci când efectuați o tranzacție eCommerce pe unul din website-urile comercianților web care folosesc soluția PayU vor trebui completate cu toate informațiile solicitate și marcate a fi obligatorii, inclusiv datele cu caracter personal.

Datele cu caracter personal colectate pe Site-ul secure.payu.ro sunt folosite în următoarele scopuri:

facturării produselor/serviciilor comandate de către dumneavoastră; livrării acestora;
efectuării plății online;
asigurării securității tranzacției eCommerce/plății online prin aplicarea de filtre antifraudă.

Datele cu caracter personal vor putea fi dezvăluite fără consimțământul dumneavoastră în caz de litigii/dispute privind fraudele la plată către următorii destinatari: Băncile implicate în plățile online, Organismele Internaționale de Carduri și Furnizori de servicii/produse, respectiv conform prevederilor Legii 677/2001, către instituțiile abilitate.

Prin continuarea tranzacției e-Commerce din cadrul paginii de plată, prin intermediul Site-ului secure.payu.ro, vă exprimați expres consimțământul cu privire la colectarea și prelucrarea datelor cu caracter personal în sistemul de evidență informatizat de către PayU.

PayU colectează informații și le prelucrează în date statistice despre ce pagini accesați în interiorul Site- urilor, inclusiv adresa IP de la care Site-ul este vizitat. PayU poate folosi în cadrul Site-urilor cookie-uri. Un cookie este un fișier pe care serverele le trimit computerului dumneavoastră și pe care computerul dumneavoastră îl trimite înapoi de fiecare dată când accesați o pagină pe Site-ul nostru.

Cookie-urile sunt folosite în următoarele scopuri:

Pentru a îmbunătăți securitatea accesului.
Pentru a îmbunătăți uzabilitatea și a vă furniza un serviciu cât mai bun.

Majoritatea browserelor de internet acceptă automat cookie-urile. Cu toate acestea, puteți solicita browserului utilizat, prin editarea opțiunilor acestuia, să oprească acceptarea de cookie-uri și să vă avertizeze înainte de a accepta un cookie din site-urile pe care le vizitați. Dacă decideți să nu ne acceptați cookie-urile, veți putea totuși să accesați secțiuni ale Site-ului nostru care sunt disponibile publicului general, dar nu veți putea vizualiza anumite informații și caracteristici de pe Site-ul nostru, concepute pentru a îmbunătăți experiența dumneavoastră pe Site-ul nostru.

PayU poate dezvălui datele cu caracter personal către terți dacă acest lucru este cerut de lege sau în cazurile de bună credință în care aceste acțiuni sunt necesare pentru: (a) conformarea la rigorile legii; (b) protejarea și apărarea drepturilor de proprietate ale PayU și ale site-urilor sale web, (c) acționarea circumstanțe de pentru protejarea siguranței personale angajaților, utilizatorilor de produse servicii, persoanelor publice.

Pentru mai multe detalii, puteţi accesa: https://www.payu.ro/politica-de-confidentialitate

NETOPIA MobilPay

NETOPIA mobilPay lucrează permanent pentru realizarea obiectivelor clienților prin plăți sigure, rapide si facile. NETOPIA mobilPay este un serviciu oferit de NETOPIA SRL, care îşi are sediul în Bucureşti, Bulevardul Pierre de Coubertin 3-5 Office Building, etaj 4, sector 2, 021901.

În măsura în care sunteți utilizator al serviciilor prestate de Netopia, această entitate va prelucra datele dumneavoastră după cum urmează:

în calitate de împuternicit al comerciantului către care faceți o plată utilizând serviciile Netopia, în temeiul contractului dintre dumneavoastră și respectivul comerciant, pentru scopul activității de facilitare (procesare) a plăților efectuate de dumneavoastră către respectivul comerciant;

în calitate de operator, în temeiul obligațiilor legale ce revin Netopia, pentru scopul monitorizării și filtrării anti-fraudă.

Există anumite scopuri de prelucrare, pentru care este necesar, conform reglementărilor aplicabile, ca Netopia să obțină consimțământul dumneavoastră. Consimțământul astfel furnizat poate fi retras în orice moment, iar Netopia va ține cont de preferințele dumneavoastră. Scopurile pentru care este cel mai probabil ca Netopia să vă solicite consimțământul sunt următoarele: marketing direct, publicitate prin intermedierea/ promovarea celor mai potrivite produse și servicii Netopia, ale entităților afiliate Netopia sau ale partenerilor Netopia, după caz (inclusiv transferul unor categorii de date către entitățile menționate – în măsura în care este necesar), precum și transmiterea de către Netopia a unor comunicări comerciale în acest scop.

Netopia prelucrează următoarele categorii de date cu caracter personal:

Date de identificare, constând în nume, prenume, telefon, adresa e-mail, adresa de livrare, codul de client atribuit de comerciantul către care faceți o plată utilizând serviciile Netopia;

Date de natura financiară, constând în contravaloarea achitată, numărul cardului, numele înscris pe card, data expirării, codul CVV, cod unic de identificare tranzacție și orice alte date privind metodele de plată utilizate, în măsura în care sunt necesare desfășurării activității Netopia, în scopurile descrise mai jos;

Date referitoare la activitatea frauduloasă / potențial frauduloasă, constând în date referitoare la acuzații și condamnări legate de infracțiuni precum frauda, spălarea de bani și finanțarea actelor de terorism;

Date derivate din categoriile sus-menționate, constând în date privind istoricul activității de utilizare a serviciilor Netopia, informații ce rezultă din neconformitățile semnalate de orice persoană.

Refuzul de a furniza datele cu caracter personal care vă sunt solicitate de către Netopia poate determina imposibilitatea furnizării serviciilor Netopia și/sau îndeplinirii celorlalte scopuri de prelucrare de către Netopia.

Pentru mai multe detalii, puteţi accesa: https://www.mobilpay.ro/public/politica-de-confidientialitate/.

PayPal

Printre alte opțiuni, oferim plata prin PayPal pe site-ul nostru. Furnizorul acestui serviciu de procesare a plăților este PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxemburg (denumit în continuare „PayPal”).

Dacă alegeți plata prin PayPal, anumite date și informații pe care le introduceți cu PayPal vor fi împărtășite pentru scopurile și motivele expuse exemplificativ în continuare:

pentru a presta serviciile solicitate sau autorizate de dvs – anumite date vor fi dezvăluite către alte entități juridice afiliate PayPal;

pentru procesarea tranzacțiilor – date și informații necesare vor fi direcționate către terți, prestatori de servicii care îndeplinesc funcții în interesul și în numele PayPal;

pentru oferirea de alte beneficii financiare – anumite date personale vor fi împărtășite cu alte instituții și entități financiare

pentru îmbunătățirea experiențelor utilizatorilor și pentru a ajuta comercianții să înțeleagă mai bine utilizarea serviciilor de plată (inclusiv pentru rezolvarea diferendelor sau prevenirea și detectarea fraudelor)

Baza legală pentru transferul datelor dvs. cu PayPal, în modalitățile expuse anterior, este Art. 6 alin. 1 lit.

GDPR (obținerea consimțământului dvs.), precum și art. 6 alin. 1 lit. b) GDPR (procesare pentru îndeplinirea obligațiilor provenind dintr-un contract). Aveți opțiunea de a vă retrage în orice moment consimțământul pentru prelucrarea datelor dvs. O astfel de revocare nu are niciun impact asupra eficacității tranzacțiilor de prelucrare a datelor care au avut loc în

Pentru mai multe detalii, puteţi accesa: https://www.paypal.com/ro/webapps/mpp/ua/privacy-full

EuPlătesc

EuroPayment Services S.R.L. (cu sediul în Bucureşti, Str. Mizil 2C, Bl. Socum, etaj 1, Sector 3, 032265, România) respectă confidențialitatea oricăror date, informații legate de utilizatorul înregistrat pe site, precum și a tranzacțiilor efectuate de aceștia, în condițiile și limitările impuse de lege. Conform informaţiilor disponibile la https://www.euplatesc.ro/politica-de-confidentialitate.php, sistemul informatic va pune la dispoziție metode adecvate pentru protecția datelor cu caracter personal ale utilizatorilor, precum și a operațiunilor, tranzacțiilor pe care aceștia le efectuează prin intermediul: www.euplatesc.ro, hd1.euplatesc.ro, manager.euplatesc.ro, secure.euplatesc.ro și alte subdomenii ale euplatesc.ro, euplătesc.ro. În acest sens, EuroPayment Services S.R.L. a desemnat un responsabil cu protecția datelor („data protection officer” sau DPO) certificat de către TÜV Austria Romania.

Europayment Services S.R.L. folosește datele cu caracter personal colectate, inclusiv adresa IP de la care Site-ul este vizitat, configurația browserului și locația, în următoarele scopuri: expedierea și facturarea produselor/serviciilor comandate; efectuarea, procesarea și monitorizarea plății online; livrarea produselor/serviciilor comandate; rezolvarea anulărilor sau plângerilor referitoare la comandă, serviciile sau produsele achiziționate; asigurarea securității tranzacției e-Commerce/plății online prin aplicarea de filtre antifraudă; trimiterea de buletine informative periodice (cu consimţământul persoanei vizate).

Conform informaţiilor din Politica de confidențialitate – procesarea datelor cu caracter personal ( https://www.euplatesc.ro/politica-de-confidentialitate-GDPR.php):

Datele procesate de EuPlătesc sunt (furnizate atât de comerciant, cât şi de cumpărător) : nume, prenume, adresă de email, telefon, adresa de livrare, detalii despre comandă, datele de pe cardul de plată, numărul de telefon, adresa IP, detalii despre dispozitivul utilizat și locația

EuPlătesc nu trimite date cu caracter personal către alte entități cu excepția celor care au fost implicate în procesul de autorizare sau a organelor de control abilitate prin lege.

Arhivarea comunicărilor şi a activităţilor întreprinse de şi prin EuPlătesc are loc pentru minimum un an de zile

Există posibilitatea de distribuire a datelor cu caracter personal la nivel intern (de exemplu, departamentul de suport clienți are acces la istoricul de tranzacționare pentru a putea răspunde solicitării adresate).

Procesează date în interiorul Uniunii Europene, arhivele EuPlătesc fiind salvate criptat folosind chei de criptare proprii pe servere localizate în Elevația.

Baza legală pentru procesarea datelor este, în primul rând, art. 6 alin. 1 lit. a) GDPR, dar şi art. 6 alin. 1 lit. b) sau f) GDPR.

PlățiOnline.ro

Conform informațiilor de pe site-ul https://plati.online/gdpr/, pentru PlățiOnline protecția datelor cu caracter personal este o prioritate. O listă completă a datelor prelucrate poate fi regăsită în Politica proprie a PlățiOnline, prelucrarea datelor cu caracter personal făcându-se cu scopul final al efectuării plăților online solicitate de dumneavoastră sau a căror beneficiar sunteți.

Scopurile pentru care PlățiOnline prelucrează datele dumneavoastră sunt:

Autentificarea utilizatorului;
Online payment authorization;
Collection – transfer of authorized amounts;
Cancellation of authorized payments;
Total or partial refund of amounts received;
To perform anti-fraud security checks;
Automatic e-mail and/or SMS notification of the transaction result;
To respond to requests or questions addressed
To provide access to additional services that can enhance the eCommerce experience and control online payments made through our systems;
To comply with legal obligations

Regarding the transfer of personal data by PlățiOnline, it will only be carried out when necessary for the provision of services or for compliance with certain obligations incumbent upon PlățiOnline as an online payment service provider. The legal basis for data processing is, first and foremost, Article 6(1)(a) GDPR, but also Article 6(1)(b) or (f) GDPR.

Conclusion

The political data processing policy is generated in accordance with the provisions of Regulation no. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as with other applicable national legal provisions.

We reserve the right to make any additions or modifications to this policy. We recommend consulting the Policy regularly for correct and up-to-date information regarding the processing of personal data.

For more details concerning this GDPR Policy, as well as for exercising any of the aforementioned rights, a written notification can be sent to the contact details indicated above.

Privacy Policy

Generalities

Operator identity

Personal data collection

What personal data is collected

Obtaining Consent

Generalities

Cookies

Server log files

Contact Form

Contact by email, phone, or fax

Sign up on the website

Authenticate with Facebook

Comments Section

The purpose of processing the data collected

User rights

Data operator's obligations

Hosting

Data encryption

Data Protection Officer

Evidence of processing activities

Appropriate technical and organizational measures

Notification of the supervisory authority in the event of a personal data security breach

Informing the data subject about a personal data security breach

Social Media

Facebook plugins (Like & Share Button)

Instagram Plugin

Tumblr Plugin

Twitter plugin

Google+ plugin

LinkedIn plugin

XING Plugin

Pinterest plugin

Newsletter

Plugins and Tools

Vimeo

Google Web Fonts

Adobe Fonts

Google Maps

Google reCAPTCHA

Online Chat

Facebook Messenger Online Chat Platform

WhatsApp

Audio-Video Communications

Audio-Video Communication Services

Zoom

Skype

Microsoft Teams

Google Meet

Advertising and Analytics

Google Analytics

Google Analytics advertising and remarketing services

Google Ads and Google Conversion Tracking

Google AdSense

Facebook Pixel

Hotjar

Amazon Partner Program

E-Commerce and Payment Methods

E-commerce

Online order delivery

DHL

Fan Courier

Urgent Cargus

Same day

NemoExpress

FedEx

GLS România

DPD România

Plăți online

PayU

NETOPIA MobilPay

PayPal

EuPlătesc

PlățiOnline.ro

Conclusion

Information

Useful

Categories

contact