OpticNet General Privacy Policy below applies.
In addition, the following specific provisions apply to CrmBot:
CrmBot is a Slack application that receives information from the CRM-IMM platform that is operated by OpticNet as established by the CRM-IMM company, called Company.
OpticNet provides the Company with the CrmBot and CRM-IMM platform.
OpticNet ensures that CrmBot complies with data security requirements and administers it in such a way as to minimize the security risks of personal data.
Since the Company uses Slack with one or more teams, it is directly responsible for the confidentiality of the information in that team in accordance with Slack's confidentiality.
Since the company has installed CrmBot and set up its team to communicate with the CRM-IMM instance for its Company, it has to ensure that the CRM-IMM informations arrives at the members of its team and will allow those team members have the right to have access to informations submitted by CRM-IMM Company instance.
PRIVACY POLICY within OPTICNET SERV S.R.L.
on EU Regulation 2016/679 (GDPR) on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
OPTICNET SERV S.R.L. (here referred to as "the Company" or "the Company") aligns with Regulation (EU) 2016/679 of the European Parliament and of the Council - on the protection of individuals with regard to the processing of personal data and on the free movement of such data repealing Directive 95/46/EC (hereinafter referred to as the "Regulation" or "GDPR"), which will become applicable on May 25, 2018.
This Policy applies:
- Offices and workstations belonging to OPTICNET SERV S.R.L.
- All departments and staff of OPTICNET SERV S.R.L.
- All contractors, suppliers and other persons working on behalf of OPTICNET SERV S.R.L.
- All web sites owned by OPTICNET SERV S.R.L.
TERMS OF REGULATION:
Operator
- the entity - in this case - OPTICNET SERV S.R.L., or any other legal person, public authority, agency or non-governmental organization that processes or determines the purposes and means of processing personal data;
Personal data
- any information concerning an identified or identifiable natural person, an identifiable person is one who can be identified - directly or indirectly by reference to an identifier: name / surname, address, personal numeric code, e-mail, phone, revenue, biometric data, image, by reference to medical, genetic, ethical or racial origin data, political, religious, philosophical, cultural or trade union affiliation;
The person targeted
- any natural person whose personal data can or will be processed by the operator;
GENERAL INFORMATION:
OPTICNET SERV S.R.L, with its registered office in Ploiesti, Str. Mihai Viteazul Square nr.1 Block 26C, Apt. 7, registered at the Trade Register Office at the Prahova Tribunal under no. J29 / 1766/2004, with fiscal code 16726965, e-mail: gdpr@opticnet.ro, is responsible for the processing of your personal data that we collect directly from the targeted individuals or from other legal sources.
Our company - OPTICNET SERV S.R.L. as an operator according to the provisions of the new Regulation. In order for the data of the individuals concerned to be processed safely, we have made every effort to implement reasonable measures to protect their personal information.
When the person concerned enters into a relationship of any kind with us, he entrusts us with his or her information.
The purpose of this Privacy Policy is to explain to the individuals concerned what data we process, why we process them and what we do with them - in our capacity as an operator. We take privacy seriously and never sell lists or email addresses. Being fully aware that personal information belongs to every individual, we do our best to safely store and process them carefully. We do not provide information to third parties without first informing the data subjects. This information is important. We hope they are read carefully.
This Privacy Policy does not cover third-party apps and sites that people can access by accessing links from our site. This goes beyond our control. We encourage everyone to review the Privacy Policy on any site and / or application before providing personal data.
This Privacy Policy also covers the process of recruiting and selecting candidates for the jobs offered by the company (eg - the company obtains personal data as a result of requesting to fill out a form from an application or by submitting a CV - by e- mail). The company informs the applicants of the personal data that will be collected, the purpose for which they are collected and how they will be used, in connection with the existence of the company-specific privacy policy (in the e-mail recruitment operation there is a link to privacy policy).
According to the legislation, the recipient of our services or the person in any relationship with us is a "target person", that is an identified or identifiable individual. In order to be fully transparent with regard to data processing and to enable it to easily exercise its rights at any time, we have implemented measures to facilitate communication between us, the data controller and the data subject.
OPTICNET SERV SERVICE REPRESENTATION :
Protecting the personal information of the individuals concerned is very important to us. That is why we are committed to complying with the new Regulation (EU) 2016/679, the applicable national legislation in the field, but also the following principles:
- Legality, fairness and transparency:
We process personal and legal data correctly. We are always transparent about the information we use and the person concerned is properly informed.
- Control belongs to the target person
Within the limits of the law, we offer it the opportunity to examine, modify, delete the personal data that it has shared with us and to exercise its other rights.
- Data integrity and goal limitation:
We use the data only for the purposes described at the time of collection or for new purposes compatible with the original ones. In all cases, our goals are compatible with the law. We take reasonable steps to ensure that personal data is accurate, complete and up-to-date.
- Security:
We have implemented reasonable security and encryption measures to protect the information as accurately as possible. However, it is important to note that no website, application or internet connection is completely secure.
QUESTIONS:
If there are any questions or concerns about the data processing of the data subjects or they wish to exercise their legal rights in relation to our data, or if there are concerns about the way we deal with any confidentiality issue, any interested person concerned can write to the e-mail address: gdpr@opticnet.ro
We may change this Privacy Policy at any time. All updates and changes to this Policy apply immediately upon their notification, which we will make by site display and / or notification by e-mail.
INFORMATION FOR PERSONS COVERED:
When the data subjects interact in any way with us, it is possible to provide us or obtain from other sources information such as:
- Name surname
- Address
- Age
- E-mail
- Phone
- sex
- Socializing profile
- Interests and preferences
- PNC
- Banking information
- The picture
- Skills
- studies
- CNP
WHY COLLECTS OPTICNET SERV S.R.L. THESE DATA :
We collect the information of the data subject for specified and legitimate purposes including but not limited to the following:
- To perform commercial transactions in electronic stores;
- In order to communicate with the candidates on the positions offered by the company;
- To make the right decision to hire them;
- In order to conclude and execute an employment contract according to the specialization / qualification of the candidates;
- In order to conclude or execute / change a contract between the persons concerned and the company;
- To answer the questions and requests of the individuals concerned;
- For marketing purposes, but only if we have the prior consent of the person concerned;
- To provide and improve the services and products the company offers;
- To diagnose or fix technical problems;
- To provide creative and personalized content
- To defend the company against cyber attacks;
- For creating and / or maintaining accounts;
- To comply with the company law;
- For finding or claiming a right in court;
- To uniquely authenticate the user for mounting
- To monitor access to society under the laws of protection and security
- To control compliance with labor protection rules
- To perform remote quality control, according to the quality standards in force
WHICH IS THE LEGAL THRESHOLD FOR PROCESSING:
a) The data subject has given his / her consent to the processing of personal data:
Please note that the data subject may at any time withdraw his / her consent by following unsubscribe instructions from each e-mail or by sending a written request to the following e-mail address: gdpr@opticnet.ro
b) Processing is required for the conclusion or performance of a service or purchase contract between the target person and the company:
c) Processing is necessary to fulfill a legal obligation of the organization, such as Law 333/2003 on the protection of objectives, goods, values and protection of persons
d) Processing is necessary to protect the vital interests of the individual or other natural person;
e) Processing is necessary for the purposes of our legitimate interests or that of another party:
a. According to the quality standard SR EN ISO / IEC 17025: 2018 the secondary quality control assessment can be done by video monitoring of the test executors;
b. visual identification by digital photo of user accounts on computers
c. promoting company activities on the company website or company social pages in the interest of the service
STORAGE OF DATA WITHIN OPTICNET SERV S.R.L.
We store personal data only for the time required to meet the goals, but no more than 10 years after the termination of the contract or the last interaction of the physical person concerned with the company. After the end of the period, the personal data of the data subjects will be destroyed or deleted from computer systems or converted to anonymous data for scientific, historical or statistical research purposes.
It is important to note that in certain situations that are expressly regulated, we store the data for the period required by law.
PARTICIPATION OF YOUR INFORMATION WITH THIRD PARTIES:
OPTICNET SERV S.R.L. will not disclose data obtained from individuals targeted during the recruitment stages to other third parties without having previously obtained express and separate consent to this effect.
The company confirms that personal data obtained from the recruitment process is stored securely or destroyed, meaning that we inform the data subjects that there are data processing agreements with the software vendor / vendors through which they have assured themselves the company is compliant with GDPR.
OPTICNET SERV S.R.L. may disclose the data of the individuals concerned, respecting applicable law, business partners or other third parties, such as their own empowered persons.
We are continually making reasonable efforts to ensure that these third parties have implemented appropriate safeguards and security measures. With these third parties we have contractual clauses so your data is protected. We will inform individuals every time about the identity of these companies prior to transmission or within a reasonable time and we will ensure that any transfer is legitimate based on their consent or other legal basis.
For example, we may provide personal data to other companies, such as IT service providers or telecommunications, accounting, legal services and other third parties with whom we have a contractual relationship. These third parties are selected with special care so that these data can only be processed for the purposes we specify.
The company could also share the data of the individuals concerned with business partners as a result of a joint effort to offer a product or service.
Although unlikely, the company might sell the business or part of the business in the future, which will include the transfer of these data.
It could also transmit the data to other parties with the consent or the instructions of the natural person concerned.
Personal information may also be provided to the prosecution, police, courts and other competent authorities of the State, on the basis and within the limits of legal provisions and as a result of express requests made.
Within reasonable limits, the company will make sure that the data of the data subjects do not leave the European Economic Area, but insofar as it transfers data to non-EEA countries, it will in all cases monitor that the transfers are legitimate, based on the consent explicit of the person concerned or another legal basis.
THE RIGHTS OF THE PERSON COVERED IN THE LIGHT OF THE NEW REGULATION:
- The right to withdraw consent where the processing is done on the basis of consent;
- The right to be informed about your data processing;
- Right of access to data;
- The right to rectify inaccurate or incomplete data;
- Right of wiping ("the right to be forgotten");
- The right to restrict the processing
- The right to transmit the data we have about the data subject to another operator
- The right to oppose data processing
- The right not to be the subject of a decision based exclusively on automatic processing, including the creation of profiles
- The right to appeal to justice
- Right to file a complaint before the Supervisory Authority.
OPTICNET SERV S.R.L. informs any natural person concerned that:
- Can withdraw consent to the processing of sensitive and / or direct marketing data at any time by following unsubscribing instructions in each email / sms or other electronic message.
- If he wants to exercise his rights, he can do so by submitting a written request, signed and dated to the e-mail address: gdpr@opticnet.ro
- The rights listed above are not absolute. There are also exceptions, so each received request will be analyzed so that it can be decided whether it is founded or not. Insofar as the application is well founded, the company will facilitate the exercise of rights. If the application is unfounded, it will reject it, but will inform the data subjects of the reasons for the refusal and their rights to file a complaint with the Surveillance Authority and address the case to the courts.
- The company will try to respond to its request within 30 days. However, the deadline may be extended depending on various aspects, such as the complexity of the application, the large number of requests received or the impossibility to identify yourself within a useful time.
- If the company does not succeed in identifying the person concerned and does not provide additional information to identify it, the company will not be required to comply with the request.
REQUESTS AND EXERCISE OF RIGHTS:
Should you wish to exercise any of the rights listed above in this information, make comments or obtain further information or clarification regarding the processing of your personal data if you have any questions or concerns regarding the processing of your information or you wish to exercise your legal rights or any other privacy concerns regarding your data, please contact OPTICNET SERV SRL via the designated person, namely Mr Musil Vasile, to the e-mail address gdpr@opticnet.ro to ensure that OPTICNET SERV S.R.L. complies with all GDPR requirements.
The response to all requests will be sent to you as soon as possible, but will not exceed one month from receipt of the request, with the possibility of extending the duration by a maximum of 2 months if we are talking about complex or high volume processing of such requests.
All requests can be submitted personally or sent by post / courier to our office in Ploiesti, Str. 12 Maramureş Street, Prahova County, or by e-mail at gdpr@opticnet.ro.
At the same time, it is good to know that at the level of Romania, the National Authority for Personal Data Processing Supervision ("ANSPDCP") operates and you have the right to file a complaint when you feel that your rights have been violated by visiting the www. dataprotection.ro.
OPTICNET SERV S.R.L.