1. Who are we?

1.1 Interoptik SRL, with the address at Str. S.M. Caceu 39 300568 Timişoara, Trade register number J35/4917/1992, having tax reference number RO3043006, [email protected], email data protection officer__________,

2. Duty of disclosure

2.1 Under the conditions of Article 13 of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data, the undersigned company hereby informs you that your personal data shall be processed by our company under the below-described conditions.

3. What is personal data?

3.1 According to GDPR, “personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

4. What information do we collect?

4.1 To achieve our object of activity, we collect and process, in principle, the following personal data.

4.2 Identification data

last name, first name etc.

4.3 Contact data

phone, e-mail etc.

4.4 Other data

information provided through the contact form

4.5 In principle, such personal data is provided directly by the data subject and/or it shall be related to the services to be provided at the request of the data subject.

5. Purpose of processing.

5.1 Provision of services. Personal data shall be processed in view of providing the services covered by our collaboration.

5.2 Supply of goods. Personal data shall be processed in view of supplying the goods covered by our collaboration. Novelties in our organisation’s scope of business.

5.3 Customer assistance. Personal data shall be processed to help you and to solve any issues notified by you. We use the data to investigate, to respond to, and to solve any notified issues.

5.4 Advertising & Marketing. Personal data shall be processed, after receiving your consent, in view of directing messages having an advertising and marketing purpose.

5.5 Newsletter. Personal data shall be processed, after obtaining your consent, to direct to your email address, any messages containing

6. Legal grounds

6.1 INTEROPTIK SRL shall process your data based on the following legal grounds: the conclusion and performance of a contract

7. How and to whom we share your data

7.1 We shall never disclose, sell, or lease your personal data to a third party without notifying you and, if applicable, without obtaining your consent. By way of exception, for our internal use, we shall send your personal data where strictly necessary, on a need-to-know basis, to the following categories of third parties: (I) Suppliers of products or providers of services. We may share your personal data to service providers and/or suppliers of products with whom our Company has entered into contracts and who are under the obligation to perform such contracts in relation to us, regardless of their object. (II) Under the legal provisions, we share your personal data to public authorities and institutions, to accountants, auditors, lawyers, and other external consultants. We may also share your data, as necessary, for the purpose (i) of satisfying any applicable law, set of rules, procedure or government request, (ii) to enforce any obligations undertaken by our Company and not performed, (iii) to respond to your requests, (iv) to protect our rights and assets or the rights and assets of our customers.

7.2 Any third parties to whom we disclose your personal data as above shall be limited (by law and by contract) in their capacity to use your personal information only for the purposes specifically identified by us.

8. How we store your data

8.1 Out company stores the personal data you disclose both in electronic form, being entered in IT applications, and in physical form, namely on paper.

9. Cross-border transfer of data

9.1 To process your data, the Organisation shall not transfer personal data to third countries, as defined by Regulation No 679/2016. The Company’s operations may extend abroad, to EEA countries or international organisations, when the company’s operations and needs regarding the technological, processing, and communication resources cannot be limited to the local availabilities. In this context, personal data may be transferred outside, in compliance with the legal rules in force.

10. Surveillance using audio/video means

10.1 The organisation uses audio/video surveillance and monitoring system for the purpose of protecting the employees, the assets of the company, of the customers, and of the visitors. Surveillance shall occur on the premises of the company, in the places and in the time interval established by the operator. The company shall ensure that pictographs of the type “Premises under video surveillance” are installed in the key-areas of the monitored premises, in the most visible places possible, to caution the persons subject to data processing.

11. Storage period

11.1 We shall keep most of your personal data for 5 years from our last interaction. We shall also keep your personal data after the standard period has passed, if reasonably necessary to meet our legal obligations (including the requests of the authorities), to comply with the requirements of the legal regulations, to settle litigations, to maintain security, to prevent fraud and abuse.

12. Your rights

12.1 The legal rules in force provide for 9 specific rights in the matter of personal data processing, which may be exercised inasmuch as they do not prejudice the rights and freedoms of others. Such rights are provided by Regulation No 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (Articles 12-22)

1. Right of information: the data subject shall have the right to be informed on how their data is processed.
2. Right of access: the data subject shall have the right to request access to their data and to be provided with information on how it is processed.
3. Right to rectification: the data subject shall have the right to request rectification of inaccurate data or to have incomplete data completed.
4. Right to erasure (right to be forgotten): the data subject shall have the right to request the erasure of their personal data in certain circumstances, such as when it is no longer necessary in relation to the purpose for which it was collected or processed.
5. Right to restriction of processing: the data subject shall have the right to request the restriction of their data processing in certain circumstances, such as when contesting the accuracy of the data.
6. Right to data portability: the data subject shall have the right to receive their data in a structured, commonly-used format, and to transmits such data to another entity.
7. Right to object: the data subject shall have the right to oppose the processing of its data under certain circumstances.
8. Right to object to automated individual decision-making: the data subject shall have the right to object to any decision having legal effects on them and which was taken exclusively based in the automated processing of their data.
9. Right to lodge a complaint with the supervisory authority

13. Further important information

13.1 We monitor and attempt to prevent security breaches. We implement security mechanisms conceived to protect your data. We regularly monitor our systems to detect potential vulnerabilities and attacks. However, we cannot guarantee the security of any information you submit. There are no guarantees that such data cannot be accessed, disclosed, modified, or destroyed due to a breach or in one of our physical, technical, or administrative security systems. We commit to protect the provided personal data against improper use, disclosure, modification, unavailability, unauthorised access, and destruction. The company shall take all reasonable precautions to protect the confidentiality of such data, also by using adequate organisational and technical measures. To process your data, the Organisation shall not use automated decision-making, as defined in Article 22 of Regulation No 679/2016. To process your data, the Organisation shall not use profiling, as defined in Article 22 of Regulation No 679/2016.

14. Security

14.1 We commit to protect the provided personal data against improper use, disclosure, modification, unavailability, unauthorised access, and destruction. The organisation shall take all reasonable precautions to protect the confidentiality of such data, also by using adequate organisational and technical measures.

15. Data Protection Officer & Contact information

15.1 If you have any questions or complaints regarding this policy, please contact the Data Protection Officer first. If your complaint is not settled using such contact, you are provided with more contact options in the first chapter.

15.2 The contact data of the Data Protection Officer is as follows:
Data Protection Officer
LADARIU LUCIAN IONUT
Email [email protected]