- General dispositions
- Details about our company
- Processed data. Purpose, duration and basis of processing
- Sensitive data processed. Purpose, duration and basis of processing
- Mechanisms and use of automated decision-making systems
- Disclosure and Additional Use of Your Data
- How we collect data
- Information security
- Transfer of your data outside the European Economic Area
- Your rights to personal data
- Privacy of minors
- Principles of politics
- availableÞii general
1.1 The confidentiality of personal data is one of the main concerns within the company ELM ELECTROMONTAJ CLUJ SA (hereinafter "the Company"). As such, we want to ensure the highest standards of confidentiality, integrity and transparency regarding the personal data we process in our activity.
1.3 Our data protection policy and practices focus on the appropriate and lawful processing, exchange and storage of personal information while ensuring confidentiality, integrity and availability.
- Details about our company
2.1 ELM ELECTROMONTAJ CLUJ SA (hereinafter the "Company") is a Romanian company, established according to Romanian law, with its registered office in the municipality of Cluj-Napoca, Traian Vuia str., no. 240-242, Cluj county, registered at the Office of the Trade Registry next to the Cluj Court under no. J12/3821/1991, having CIF RO201594 (hereinafter referred to as "Elm Electromontaj Cluj" or "Company").
2.2 The company acts as the operator of the personal data collected through the website www.elm.ro (the "Site").
2.3 The operator has the obligation to administer safely and only for the specified purposes, the personal data that the users www.elm.ro provides them.
- Processed data. Purpose, duration ANDand the basis of the processing
Time of processing
Purpose of processing
Basis of processing
Where it is stored
3.1 Accessing the Site
3.1.1 Web Server Log
Ensuring the security of the IT network
compliance with legal obligations – Article 6 paragraph (1) letter (c) of Regulation no. 679/2016
The server of the hosting site
3.2 Contact by email
3.2.1 Email and any other identification data contained therein
To respond to inquiries and messages we receive and to keep records of correspondence.
Only as long as they will be needed and at most one year, as long as there is no litigation.
is necessary for the performance of a contract or to start the process of engaging in a contract at your request (Article 6(1)(b))
in electronic format, on the server
3.3 Contact by telephone
3.4.1 phone number + data provided in conversation
To respond to inquiries and messages we receive and to keep records of correspondence
Calls are not recorded.
your consent (Article 6(1)(a)
3.4 Signing up for the newsletter/invitations to EnergoBit events
3.6.1 First name, last name, function, company, email, telephone
To send relevant information to our customers about various solutions and products developed by Elm Electromontaj Cluj -
(e-mail) and to be able to invite you to Elm Electromontaj Cluj events – product presentations, services, webinars, debates, round tables (phone).
Until you unsubscribe
your consent (Article 6(1)(a) of the General Data Protection Regulation).
in electronic format on the server
3.7 Sending a CV – (curriculum vitae), for recruitment and selection purposes, for available positions.
Name, surname, telephone number, e-mail and other data contained in the CV, filled in as you consider necessary to increase your chances of being selected.
Regarding the content of your CV, we consider the following information relevant for the recruitment and selection process: studies, professional experience, training, specializations, personal skills, the candidate being, however, free to complete with any other data he considers relevant in the recruitment process.
This information will not be processed only in the context of a recruitment for a certain determined position, available at a given time within EnergoBit, but will also be able to be used for other possible opportunities (positions) that will appear within the company.
2 years from the date the data came into our possession, if you have not already become an employee of the company.
your consent (Article 6(1)(a) of the General Data Protection Regulation). Your provision of your CV and application to a position proposed by us is interpreted as an unequivocal action/manifestation of free will, informed and unambiguous by which you accept that the personal data in your CV will be processed under the terms of this Policy .
in electronic format, on the server
3.9 Criteria for establishing retention periods
The data will be stored for the minimum period necessary to fulfill the purpose, taking into account the following:
- the purpose and use of your information both now and in the future (for example, if it is necessary for us to continue to store that information to continue to fulfill our obligations under a contract with you or to contact you in the future);
- if we have a legal obligation to continue processing your information (such as any record-keeping obligations imposed by law or relevant regulations);
- if we have any grounds to continue processing the information (such as your consent);
- the levels of risk, cost and liability involved in continuing to hold the information.
3.10 If we receive informationÞii about you from greANDEALA
If we receive information about you in error from a third party and/or we do not have a lawful basis for processing that information, we will delete your information.
- Sensitive data processed. Purpose, duration ANDand the basis of the processing
Website www.elm.ro does not collect sensitive data.
- mechanisms ANDand the use of automatic decision-making systems
5.1 We use automated decision-making mechanisms on our website. We do not consider this to have any legal effect on you or affect you in a similar way.
- disclosure ANDand further use of your data
This section sets out the circumstances in which we will disclose your data to third parties and any additional purposes for which we use your data.
6.1 Disclosure of Your Data to Service Providers
6.1.1 disclosure ANDand informed useÞto you for legal reasons
- Indication of possible criminal acts or threatsÞcountries to the safe addressÞpublic them to a competent authority.
If we suspect that criminal or potential criminal behavior has occurred, we will, in certain circumstances, need to contact an appropriate authority, such as the police. This could be the case, for example, if we suspect fraud or cybercrime, or if we receive threats or malicious communications against us or third parties.
Legal basis for processing: our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation), respectively to prevent crime or suspected criminal activity (such as fraud).
- In connection with a legal or potential litigation or proceedingÞlegal issue
We may need to use your information if we are involved in a dispute with you or a third party, for example, either to resolve the dispute or as part of mediation, arbitration or a court order or similar process.
Legal basis for processing: our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation).
Legitimate interest: resolution of disputes or potential disputes.
III. For continuous compliance with laws and regulations ANDand other requirementsÞit's legal
We will use and process your information to comply with legal obligations to which we are subject. For example, we may be required to disclose your information pursuant to a court order or subpoena, if we receive one.
Legal basis for processing: compliance with a legal obligation (Article 6(1)(c) of the General Data Protection Regulation).
Legal obligation: the legal obligations to disclose information, established in our charge by domestic or international normative acts (for example in the form of an international agreement that Romania has signed).
Legal basis for processing: legitimate interest (Article 6 paragraph (1) letter (f) of the General Data Protection Regulation).
Legitimate interest: if the legal obligations are part of the laws of another country and have not been integrated into the legal framework of Romania, we have a legitimate interest to comply with these obligations.
- How we collect data
7.1 We collect your personal data in the following manner direct from you, for example, when you send us an email, apply for a job or sign up for the newsletter.
- Security informsÞDISCLOSURES
8.1 We take appropriate technical and organizational measures to secure your information and protect it against unauthorized or unlawful use and accidental loss or destruction, including:
- sharing and providing access to your data to the minimum extent necessary, subject to confidentiality restrictions where applicable and anonymously whenever possible;
- using secure servers to store information;
- verifying the identity of any person requesting access to information before granting them access to information;
- using the Secure Sockets Layer (SSL) standard to encrypt any information you submit to us through any forms on our website;
- we only transfer your data via a closed system or encrypted data transfers.
8.2 Sending information to us by email
Transmission of information over the Internet is not entirely secure, and if you send us information over the Internet (by email or any other means), you do so entirely at your own risk.
We cannot be liable for any expense, loss of profit, damage to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to submit information to us by such means.
- Transfer of your data outside SpaÞthe European Economic Union (hereinafter "EEA")
9.1 Your data will not be transferred to countries outside the EEA.
- Your rights to personal data
10.1 The person responsible for the protection of personal data
We have designated a personal data protection officer whom you can contact in connection with any matter related to the processing of your data, as well as to exercise your rights under applicable legal provisions, in particular if you have questions or concerns about how in which we process your personal data. The email address at which you can contact the Data Protection Officer is: firstname.lastname@example.org
10.2 Subject to certain restrictions, you have the following rights in relation to your data which you can exercise by sending a written request or email to email@example.com
- request access to your information and information about the use and processing of your information;
- request correction or deletion of your data;
- request the limitation of the use of your data;
- receive the information you have provided to us in a structured format and the right to transfer that information to another data controller (including a third-party data controller);
- to object to the processing of your data for certain purposes (for more information, see the section below entitled “Your right to object to the processing of data for certain purposes”);
- withdraw your consent to the use of your data at any time where we rely on your consent to use or process that information. Please note that if you withdraw your consent, this will not affect the lawfulness of the use and processing of your data based on your consent before the time you withdraw your consent.
10.3 You can also submit a complaint related to the processing of your data to the National Authority for the Processing and Supervision of Personal Data (B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, postal code 010336, Bucharest, Romania, www .dataprotection.ro, firstname.lastname@example.org).
10.4 Identity verificationÞii yours if you requestÞand access to informationÞyour
If you request access to your information, we are required by law to use all reasonable steps to verify your identity before doing so.
These measures are designed to protect your information and reduce the risk of identity fraud, identity theft, or general unauthorized access to your information.
10.5 How do we verify your identity?
10.5.1 Where we have appropriate information about you in our database, we will attempt to verify your identity using that information.
10.5.2 If it is not possible for us to identify you based on this information, or if we do not have sufficient information about you, we may request copies or certificates of documents in order to verify your identity before we can provide you with access to your data .
10.5.3 We will be able to confirm the exact information we need to verify your identity in the particular circumstances given, if and when you make such a request.
10.6 Your right to object toÞdata processing for certain purposes
You have the following rights regarding your data which you can exercise by sending an email to email@example.com:
- object to us using or processing your information to carry out a task in the public interest or in our legitimate interest, including analyzing or predicting your behavior based on your information;
- object to the use or processing of your data for direct marketing purposes (including any profile we engage in connection with such direct marketing) by clicking on the unsubscribe link or by sending an email/sms containing only the word "UNSUBSCRIBE” in response to any marketing communication we send.
- confidentialityÞthe ality of minors
11.1 We process data of persons under the age of 16, only with the consent of the legal representative, for the optimal performance of the services contracted by the legal representatives of minors.
11.2 We may receive information about persons under the age of 16 through the fraud or deception of a third party. If we are notified of this, as soon as we verify the information, when required by law, we will immediately obtain the consent of the legal representative to use this information or, if we cannot obtain such consent, we will delete the information from our servers. If you would like to notify us of receiving information about persons under the age of 16, please do so by sending an email to firstname.lastname@example.org.
- The principles on which our data protection policy is based:
- a) The processing of personal data will be done in a legal, fair and transparent manner;
- b) The collection of personal data will only be done for specified, explicit and legitimate purposes and the data will not be further processed in a manner incompatible with those purposes;
- c) The collection of personal data will be adequate, relevant and limited to the information necessary for the purpose of processing;
- d) Personal data will be accurate and, where necessary, updated;
- e) All necessary steps will be taken to ensure that incorrect data is deleted or corrected without delay;
- f) Personal data will be kept in a form that allows the identification of the person concerned and for a period no longer than that in which the personal data is processed;
- g) All personal data will be kept confidential and stored in a manner that ensures the necessary security;
- h) Personal data will not be distributed to third parties unless necessary for the purpose of providing services according to the agreements;
- i) The persons concerned have the right to request access to personal data, their rectification and deletion, opposition or restriction of data processing as well as the right of data portability.
We will provide you with information about the change in question and the purpose and any other relevant information before we use your information for the new purpose.
Whenever necessary, we will obtain your prior consent before using your information for a purpose other than the purposes for which we originally collected it.