PERSONAL DATA PROTECTION STATEMENT - POLICY
Respecting and safeguarding of your personal data and privacy is a concern for us of paramount importance. Not only we are bound to comply with the General Data Protection Rule 679/2016 (GDPR) valid from the 25th of May 2018, but we consider it as key element of our customer care process.
1. WHAT IS PERSONAL DATA?
Personal data are any information which is related to an identified or identifiable natural person. The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons.
2. WHO IS RESPONSIBLE FOR YOUR DATA?
3. WHAT PERSONAL DATA DO WE COLLECT?
4. PATTERN OF PERSONAL DATA PROCESSING
Your personal data are maintained in our records for the duration of the transaction process. Following the completion of the transaction and for the duration of the legally required period of time for reviewing or returning products and refunding if necessary, your data will be kept stored through the pseudonymisation process. We may also process your personal data for promotional purposes such as competitions and special offers.
5. WHAT ARE YOUR RIGHTS AND PROVISIONS?
In regards to your personal data, the following rights have been provided for you by law.
The right of access and oppose play a central role in the General Data Protection Regulation (GDPR) .The right of access allows you, the data subject to exercise further rights (such as rectification and erasure).An omitted or incomplete disclosure is subject to fines. We, the controller must check whether any personal data of the person seeking information is being processed at all. The right of access includes information about the processing purposes, the categories of personal data processed, the recipients or categories of recipients, the planned duration of storage or criteria for their definition, information about the rights of the data subject such as rectification, erasure or restriction of processing, the right to object, instructions on the right to lodge a complaint with the authorities, information about the origin of the data, as long as these were not collected from the data subject him or herself, and any existence of an automated decision-taking process, including profiling, with meaningful information about the logic involved as well as the implications and intended effects of such procedures. At any time you may have access to your personal data that we keep, to modify, correct or update it, even to oppose at any time for whatever reason, the processing of your data. You always have the right to withdraw your consent or even request permanent deletion from our records. To do this either follow the steps listed on e-mails sent to you by us, or file a relevant official request through e-mailing us at email@example.com or by phone at +302114191985. Having proved the identity of the you the subject requesting personal data deletion, we are then bound by law to action immediately, and cease using your data, and furthermore delete all your personal data from our databases. We will also take reasonable technical and organisational measures to inform external collaborators not to process on our behalf your data, though our company has not been deploying yet or planning to do so in the near future, outsourced associates.
The right to be forgotten and right to erasure. The correspondingly-named rule primarily regulates erasure obligations. According to this, personal data must be erased immediately where the data are no longer needed for their original processing purpose, or the data subject has withdrawn his consent and there is no other legal ground for processing, the data subject has objected and there are no overriding legitimate grounds for the processing, or erasure is required to fulfil a statutory obligation under the EU law or the right of the Member States. In addition, data must naturally be erased if the processing itself was against the law in the first place.
6. SECURITY OF YOUR PERSONAL DATA.
As by your consent, we are appointed controllers of your personal data for the purposes described above, considering the state of technological development, regardless the cost of implementing efficient and resilient security measures, protecting your personal data against malicious or unlawful processing is a major priority for us or even accidental misplacement. Your personal data, through the use of an upgraded encryption system, following the completion of transactions is transmitted securely. Your information is stored in our systems located on our premises and all our employees who might have access to your data, are legally prohibited to disclose or share your personal information, and restricted to only using it for the scope of our sales contract with you. Your data will only be disclosed when transmitted to relevant banks for the completion of a transaction between you the customer or user and us the company (ROMINA KARAMANEA S.A.)
Our company maintain the right to amend this policy when necessary to comply with any relevant regulation.