Privacy & Confidentiality Policy
INTRODUCTION AND CONTACT
BY USING THE SITE, YOU AGREE WITH THE COLLECTION, STORAGE, USE AND DISTRIBUTION OF YOUR DATA AS DESCRIBED IN THIS POLICY FOR BOTH MARKETING AND COMPLIANCE WITH OBLIGATIONS ARISING FROM CONTRACTS ENTERED INTO BETWEEN US AND YOUR COMPANY. IF YOU DISAGREE WITH THIS POLICY, PLEASE DO NOT USE THE WEBSITE IN ANY WAY.
The purpose of this document is to inform you about the collection, storage, use and distribution of your data (“Data”) arising out of the use of this Site and about your rights in this regard.
Please read this page carefully before you start using this Site. If you do not wish to be bound by this Policy, then you must not access this Site.
The Data can be used by our company and all the Prime Kapital Group entities (hereinafter “We”, “Company”). They can also be used by the Company’s Business Partners.
For us, the security of your Data is of paramount importance and we spare no effort to provide a confidential and secure environment.
The contact address of the Data Protection Officer (DPO) is: firstname.lastname@example.org.
- You may also contact the DPO at the following postal address: Globalworth Tower, etajul 11, bd. Barbu Vacarescu nr. 201, 020276 Bucharest, Romania, PK DEVELOPMENT SRL, Trade Registry number J40/3162/2007, single registration code (CUI) 21103980.
Should you have any questions regarding this Policy or any complaints about the use of Data, please contact the DPO and we will do everything in our power to handle your complaint or your questions as soon as possible.
DATA COLLECTED AND USED BY US
The Data we collect are the ones you choose to provide us with.
Visiting the Site involves the automatic collection of data such as your IP address, operating system and browser type, for system administration and for security reasons, as well as the collection of aggregate information. These are statistical data about the actions and browsing patterns of our users.
The types of personal information we collect and process include:
- the information you provide us with upon filling in the registration form on our website. This may include, among others, your name, e-mail address, and telephone number.
- any communications held with you including, but not limited to notices, requests, questions etcetera.
When you access our Site, we also collect and store a set of personal data which your browser sends automatically, such as:
- IP (Internet Protocol) addresses;
- Browser type and release;
- Type of device used and its operating system;
- Date and time of your Site visit;
- Your location.
By using the Site, you express your consent for your personal Data to be transferred for storage to the server administered by your IT service provider or any of its affiliates and/or subcontractors, with the maintenance of technical, organizational and personal at the same level.
WHAT DO WE DO WITH THE DATA?
We may use the Personal Data you make available to us by accessing our website:
- to provide the requested information and reply to your communications;
- to send you marketing information about us, our projects/campaigns/events/activities, etcetera;
- to inform you about any of our activities which we believe may be of interest to you;
- to make our Site content known to you in a way we consider to be the most effective;
- for other specific uses during local campaigns, promotions or activations (see the special regulations provided in these circumstances);
- to be able to contact you when needed.
Your personal data will be stored throughout the existence of the Account and/or the Newsletter subscription. We will delete any Data associated to either your account or the Newsletter subscription as soon as you decide to deactivate the Account or unsubscribe from the Newsletter, as the case may be. However, deleting Data may not take place concurrently with deleting the Account and/or unsubscribing from the Newsletter. Besides, we reserve the right to retain the Data in the event that they are required in order for us to meet our legal obligations, to settle disputes., etcetera.
TRANSFER OF PERSONAL INFORMATION OUTSIDE THE EEA
We can transfer the information provided by you to our group companies in non-EEA countries. Countries outside the European Economic Area may not always have strong data protection laws. However, we will always take steps to make sure your information is used in compliance with this Policy and is safely stored. If you disagree with such transfer, please do not register yourselves on our Site.
THIRD PARTY DISCLOSURE
The data you deliver to us are treated with the highest confidentiality. However, in some cases, we might be asked to disclose your data in order to comply with legal requirements. We may also disclose the Data to our group companies or third parties:
- which provide services to us, in the event we need to offer you any information you have requested. For instance, it is possible we need to disclose your personal information to our agents or PR advisors;
- if such third party provides professional advisory services to us or our group companies;
- the Data we collect when you fill in the newsletter subscription form or the contact form can be transferred to our services and maintenance provider.
If we receive your personal data that we have not requested directly from you and we realise that, had we requested it, we could have obtained it directly from you, we will take the necessary steps to notify you within a reasonable time frame that we have collected the concerned Data. If we could have not collected such Data upon a request addressed to you, we will destroy or anonymize it. Any Unsolicited Data you provide to us will be used for the purposes mentioned in this Policy and in compliance with the purpose they were provided by you for.
YOUR RIGHTS REGARDING PERSONAL DATA
Right of Access
For as long as your Data are processed, you have the right, without any obligation to pay taxes or costs of any kind, to obtain the following information from us by filing a request in this respect:
- Your confirmation whether to process your Data
- Access to the concerned Data, as well as to the following information:
- Purpose of Data processing;
- Types of personal data concerned;
- Recipients or types of recipients such Data have been or will be disclosed to;
- The period such Data is expected to be stored for;
- The right to rectification or erasure, or the right of restriction, as well as the right to object the processing;
- The right to file complaint with Autoritatea Nationala de Supraveghere a Datelor cu Caracter Personal seated in Bucharest, Bd. Gh. Magheru nr. 28-30, Sector 1;
- Unless the Data is collected directly by us, any available information on its source;
- The existence of an automated decision-making process, including profiling.
- To the extent that your Data is transferred to a third country, guarantees on their safe transfer;
- The right to obtain a copy of your Data.
Right of Rectification
For as long as your Data are processed, you have the right, without any obligation to pay taxes or costs of any kind, to have us rectify your Data which is inaccurate or fill in any missing data within no more than 30 days from receipt of your written request to do so.
Right to Erasure
For as long as your Data are processed, you have the right, without any obligation to pay taxes or costs of any kind, to have us erase your Data or, as the case may be, we will proceed to erase your Data of our own motion, should any of these circumstances occur:
- Data are no longer necessary for the purposes they were collected or processed for;
- You withdraw your given consent for Data processing and there is no other legal basis to support the processing;
- You object to the processing of your Data and there are no legitimate reasons prevailing over such processing;
- Personal data have been processed illegally;
- Data must be deleted in order to comply with a legal obligation of ours.
Right of Restriction
For as long as your Data are processed, you have the right, without any obligation to pay taxes or costs of any kind, to have us restrict Data processing, within no more than 30 days from receipt of your written request to do so, should any of these circumstances occur:
- You challenge the accuracy of your data; the restriction will apply throughout the period we verify data accuracy;
- Data processing is illegal and you object to the erasure of your Data, requesting their restricted use in exchange;
- We no longer need your data for processing purposes, but you request it from us in order to establish, exercise or defend any right in court;
- While we verify whether our legitimate rights as data controller prevail over your rights as data subject, in the event you object to data processing.
In these circumstances of restricted processing, the Data may, except for storage, be processed only with your consent or for the purposes of establishing, exercising or defending a right in court or protecting the rights of another individual or legal entity for reasons of public interest.
Right to be informed about the rectification or erasure of Data or the restriction of processing
For as long as your Data are processed, you have the right, without any obligation to pay taxes or costs of any kind, to have us provide you, within no more than 30 days from receipt of your written request to do so, with information on the recipients of personal data who have been informed about the rectification or erasure of personal data or the restriction of processing.
Right to Data Portability
For as long as your Data are processed, you have the right, without any obligation to pay taxes or costs of any kind, to have us provide you, within no more than 30 days from receipt of your written request to do so, with structured, machine-readable Data that relate to you and you delivered to us, as well as the right to transfer such Data to another data controller, if:
- The processing is consent-based or contract-based; and
- Processing is performed automatically.
The transfer to another data controller can be made directly by us, insofar as you request it, and whenever this is technically feasible.
Right to object and in relation to automated decision making
You have the right, at any time, to object to Data processing, including profiling, as well as the right to object to Data processing for direct marketing. You may exercise your right to object by sending us your written request. Within the meaning of the above, you can address your request directly to our DPO.
DATA PROCESSING AND STORAGE PERIOD
Your Data will be processed and stored based on your consent and until you cancel it.
PRIVACY AND SECURITY
The protection of your Data is of paramount importance to us. We will take all security measures necessary to protect your Data against unauthorized access to or any unauthorized modification, disclosure or destruction of such Data. This involves internal reviews of data collection, storage and processing practices and of security measures, as well as of physical security measures for Data protection against unauthorized access to the systems in which we store personal information.
We have implemented technical and organizational Security measures in order to protect your Data from unauthorized access, accidental or intentional loss, destruction or modification. We constantly update and adapt these measures in order to ensure the highest Data protection.
All personal information will be processed via secure pages that use SSL encryption, marked with a padlock symbol at the bottom of the browser window.
CHANGE OF THIS POLICY
We may unilaterally change this Policy at any time. Should such change occur, it shall be effective from the posting of its updated version on our website.
LEGAL CORPORATE CHANGES
If the Company undergoes a process of reorganization, merger, acquisition or any other change of control over us or transfer of assets, your Data may be transferred as part of that transaction and you will be notified thereof at that time.
This Policy applies to cookies and webpages of this Site.
What are cookies?
A cookie is a small file of letters and numbers, which are stored on the user’s computer, mobile terminal or other equipment used to access the Internet. The cookie is installed upon a request by a web server to a browser (e.g., Internet Explorer, Chrome) and is completely ‘passive’ (contains no software, viruses or spyware nor cannot access the information on the user’s hard drive).
What are cookies used for?
These files make it possible to recognize the user’s terminal and submit the content in a relevant manner, adapted to the user’s preferences. Cookies are used to compile anonymous aggregate statistics that help us understand how a user benefits from our webpages and allows us to improve their structure and content, excepting the user’s personal identification.
What cookies do we use?
We use two types of cookies: per-session and persistent. Persistent cookies are temporary files that remain in the user’s terminal until the end of the session or until the application (web browser) is closed. The persistent files remain in the user’s terminal for a period within the cookie’s parameters or until the cookies are manually deleted by the user.
How are cookies used by this site?
The cookies that may be set by this Site when you visit it include:
- Performance cookies
- Visitor analytics cookies
- Geographical targeting cookies
- Login cookies
- Advertising cookies
- Advertiser tracking cookies
Do cookies contain personal data?
Cookies as such do not require personal information to use it and, in most cases, do not personally identify Internet users. Personal data collected by cookies may only enable specific functionalities to the user. Such data is encrypted in a way that makes it impossible for unauthorized persons to access it.
Why are cookies important for the Internet?
Cookies are core for the efficient functioning of the Internet and help generate a friendly browsing experience, adapted to each user’s preferences and interests. Refusing or disabling cookies may make some sites impossible to use.
Refusing or disabling cookie does not necessarily mean you will no longer receive online advertising; it only means that such ads can no longer take into account your preferences and interests suggested by your browsing behaviour.
Examples of important uses for cookies (not requiring user account-based authentication)
- Content and services adapted to user preferences – categories of products and services.
- Offers adapted to users’ interests – password saving.
- Maintenance of Internet content filtering for child protection (family mode options, safe search functions).
- Limiting ad frequency – limitation of ad displays for a specific user on a website.
- Providing more relevant advertising for the user.
- Measurement, optimization and analytics features, such as confirming a certain level of website traffic, what type of content is viewed and how a user reaches a website (e.g through browsing, direct links from other websites, etcetera). Websites carry out such website analyses to improve websites for the user’s benefit.
Security and privacy issues
Cookies use plain text. They are not made up of pieces of code so they cannot be executed nor auto-run. Consequently, they cannot duplicate or replicate on other networks to run or replicate again. They cannot be considered viruses as they cannot perform these functions.
However, cookies may be used for negative purposes. As they store information about users’ preferences and browsing history, whether on a specific website or on several, cookies can be used as spyware. Many anti-spyware products are aware of this and constantly tag cookies in order for them to be deleted during anti-virus/anti-spyware deletion/scanning procedures.
Generally, browsers have in-built privacy settings that provide different levels of cookie acceptance, validity periods and automatic deletion after the user visits a particular site.
Other cookie-related security issues
Since identity protection is highly valuable and is a right every internet user has, it is advisable to know what possible problems cookies can create. As information is constantly transmitted through cookies from the browser to website and vice-versa, the information contained in a cookie may be intercepted if an attacker or unauthorized person tampers with the information transfer process.
Although very rare, this can happen if the browser connects to the server using an unencrypted network (for instance, an unsecured WiFi network).
Other cookie-based attacks happen because of incorrect cookie settings made on servers. If a website does not ask the browser to use encrypted channels only, attackers can capitalise on this vulnerability to trick browsers into sending information via non-secure channels. Attackers then use the information to gain unauthorized access to certain sites. It is highly important to be careful in choosing the most appropriate protection for the personal information.
Tips for safe and responsible cookie-based browsing
- Customize your browser settings for cookies to a comfortable level of cookie security for you.
- If you do not mind cookies and you are the only user of the computer, you can set long expiration dates for the storage of your browsing history and personal access data.
- If you share your computer, you may want to consider setting your browser to clear individual browsing data each time you close your browser. This way, you access sites that place cookies and delete any information on your visit when you close the browsing session.
- Install and constantly update your anti-spyware applications. Many of the spyware detection and prevention applications incorporate website attack detention. This prevents the browser from accessing websites that could exploit browser vulnerabilities or download malware.
- Make sure you always have your browser up to date. Many of the cookie-based attacks are possible as they exploit the weaknesses of older browser versions.
Cookies are everywhere and cannot be avoided if you want to have access to the best and largest local and international websites. By clearly understanding how they operate and the benefits they bring, you can take the necessary security measures so that you can confidently navigate the Internet.
Some websites may become impossible to use or difficult to visit and use when disabling and refusing to receive cookies. Also, the refusal to accept cookies does not mean that you will no longer receive/see online advertising.
Browser settings may be made so that these cookies are no longer accepted or that they are accepted from a specific site only. However, if you are not registered when using cookies, for instance, you will not be able to leave comments.
All modern browsers allow you to change cookie settings. Such settings are usually found under the browser’s ‘Options’ or ‘Preferences’. The following links may be useful in understanding such settings; otherwise, you can use the browser’s ‘Help’ option to find out more.
- Cookie settings in Internet Explorer
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari
To find out more on the settings for third-party cookies, please also visit Your Online Choices.
If you want to know more about cookies and what they are used for, please access the links below: