Last update: 27.07.2022
This policy details the practice of Eltrex SRL regarding the processing of visitors’ personal data https://www.eltrex.net (from here on generically referred to as the Site) and its purpose is to inform users about this topic.
By continuing to use the Site, you acknowledge that you have read and agree to this Privacy and Data Protection Policy, Cookies Policy of use and the Terms and Conditions, documents posted on the Site.
CONTENT:
Name: Eltrex SRL (hereinafter referred to as “the Company” or Eltrex,)
Headquarters: Grigore Alexandrescu Street, no.180, Timișoara, Romania
J35 /396 /1999, CUI RO11738772
E-mail: info@eltrex.ro; hr@eltrex.ro
The company collects information from users in the following ways: directly from the user, from the traffic reports recorded by the servers hosting the Site and cookies.
Information directly provided by the user:
The transmission of requests using the data from the “Contact” section it is not mandatory neither for visiting the Site, nor for benefiting from the services of the Company. Moreover, all this information can be transmitted in another way (for example, presenting written addresses at the Company’s headquarters).
The Company also confirms that none of the personal data indicated above will be used for other purposes than those expressly indicated, in particular these will not be processed for marketing purposes without complying with legal provisions.
Information from the server’s traffic report:
When a website is visited, users disclose certain information about them, such as their IP address, time of visit, location from which the Site was accessed. The company, as well as other operators, records this information.
Information obtained using cookies:
All the details related to the way the data are processed in this context are indicated in the Cookie Policy existing on the Site.
The contact details that the visitor can use to send any requests, notifications or complaints regarding this Privacy and Data Protection Policy, the Terms and Conditions and the Cookie Policy, as well as any other information posted on the Site, policies or operations performed by the Company, are indicated in paragraph 1 above.
The company will send a response within 30 days from receiving the request.
Considering that the Company processes personal data of the visitors/users from the Site, they have the quality of Targeted Person and they declare that they are over 18 years old.
If the information/requests submitted by users also concerns personal data relating to other persons (these persons also will have the status of Targeted Person), the Company will process their data in strictly order to be able to respond the information/request.
Any information concerning an identified or identifiable person, respectively the targeting person, can be personal data.
The Company tries to minimize the personal data processed.
So, according to the Cookie Policy, the targeted person will be able to check the types of cookies applicable where their use is not done automatically, in order to ensure a more complete and better experience when browsing the Site.
The Company will processes the following data from the “Contact” section, in order to provide answers to the requests/notifications sent by the users:
Depending on the cookie settings, other data may be processed (especially those related to the user’s preferences and behavior on the Site).
Represents the personal data processing, performing any operation or set of operations on personal data or personal data sets, with or without the use of automated resources.
The company accesses, collects, uses and carries out any other steps permitted by the applicable legislation on personal data provided by visitors, as indicated in point 4 above.
The Site Visitor is the person who accesses this page (respectively you) and whose personal data are processed for various purposes, namely:
If the Company intends to continue the personal data processing for other purposes than those indicated above, it will give the targeted person additional relevant information on this secondary purpose, before this further processing, with the completion of the legal formalities in force.
The personal data of the targeted person are processed by:
The list of suppliers named above is not exhaustive, but indicates the main such partner companies.
They will have the quality of independent operator, associated operator or authorized person in relation to the Company. Regardless of the quality held, they undertake to maintain the privacy and security of the personal data of the targeted person, adopting appropriate technical and organizational measures. The main clauses of these contracts can be communicated on request.
Public authorities (including National Authority for Consumer Protection and National Agency of Fiscal Administration) and courts, may process all/any of the data of visitors obtained through the Site, although they do not have the quality of recipients according to legal interpretations.
The data processing activities performed by the Company mainly refer to:
The storage period of the collected personal data is:
At the expiration of the aforementioned periods, all data will be deleted from the Company’s records.
The Company’s regulations and internal policies are available for the targeted person and are permanently available at the headquarters – see this policy in this regard, the Cookie policy and the Terms and Conditions.
The company reserves itself the right to modify/update the content of the Site, including the policies referred to, at his discretion, any time and for any reason (including but not limited when legislative or jurisprudential changes occur, which may affect the consequences of those published on the Site). Reviewing this policy in the future will be known by changing the date at the top at „Last update”.
However, if there are significant changes that could affect visitors’ rights and freedoms their consent it’s required; informing them about the respective changes will be done through easily visible indications posted on the Site (Pop-ups) or by sending emails to the provided addresses, if necessary. Such significant changes will take effect for visitors within 15 days of the pop-up in question or the e-mail transmission by the Company (the way in which the information will be made being decided by it, from case tot case).
However, regardless of the extent of the change, the responsibility to check the content of the Site and to be up to date with the latest versions, is entirely the responsibility of the user. (including the Terms and Conditions, and the policies displayed). So, the study of Privacy and Data Protection Policy, Terms and conditions, and Cookie Policy, represents a step to be taken by visitors every time when the Site is accessed and before performing any data recording or providing, because changes may occur.
The targeted person will be informed of the essence of the contracts concluded with the above recipients and of data source, when possible, on request.
If the targeted person wants information about how the data is processed, he may submit a request to the Company and the Company will reply within 30 days from the date of its receipt.
If the targeted person will wish to rectify/complete the incorrect/incomplete data, he may submit a request to the Company and the Company will reply within 30 days from the date of its receipt.
If the targeted person wishes to delete his/her personal data, this approach is possible:
The exception cases provided in art. 17.3 of the European Regulation no. 679/2016 are applicable.
Some data are part of Eltrex’s records, which it keeps in relation to its legal obligations or its legitimate interest. So, by the law, not all data can be deleted. Any deletion refusal, will be argued by the Company and will be based on a clear legal basis.
The restriction of data processing may be applied if the targeted person finds that:
The company may continue to process restricted data if necessary for the establishment, exercise or defense of a right in court, or protecting/defending a person, but only with the consent of the targeted person.
Eltrex will notify the recipients of the rectification, deletion or restriction of the data, unless it is impossible or disproportionate.
The targeted person or the person indicated by this one may receive on request, the data processed by the Company. Eltrex does not assume responsibility for the processing of data by that recipient.
The obligation to ensure the right to portability belongs to the Company only if the processing of that data is based on the consent of the targeted person or on concluding and performing the contract. Actions will be taken within a maximum of 30 days from receipt of the request.
The targeted person has the right to object at any time to the processing of his personal data on the basis of the legitimate interest of the Company (including profiling) – for reasons related to his particular situation.
Regardless of the above, data processing may continue if Eltrex demonstrates legitimate reasons for processing the data prevailing over the interests, rights and freedoms of the targeting person or for establishing, exercising or defending the legal rights held.
The targeted person may submit:
The company wants any conflict/dispute to be resolved amicably and is fully available in this regard.
The targeted person may withdraw his or her consent at any time, without prejudice to the lawfulness of the pre-withdrawal processing or to any other ground.
The company does not take decisions based on automatic data processing.
The targeted person has the obligation to maintain the confidentiality of all personal information with which he comes into contact in his relations with the Company, for an unlimited period of time.
The targeted person will not process any confidential or personal data of third parties, unless this is absolutely necessary; the privacy is ensured and specific legislation is fully respected. If targeted person brakes the above obligations (art. 12), the company can obtain from him the coverage of all the damages caused.
The company respects data protection legislation and applies appropriate technical and organizational measures to ensure the security of the personal data processed and the rights of the targeted persons. So, the Company applied measures such as:
The Company will also inform the competent data protection authority about a data security incident, without unjustified delays and, if possible, within a maximum of 72 hours from the date took note of it, unless it is unlikely to produce a risk to the rights and freedoms of individuals. If the notification to the Authority does not take place within 72 hours, it shall be accompanied by a reasoned explanation for the delay.
Eltrex will also inform the targeted person without unjustified delay in case of an incident involving the security of personal data, if the violation of personal data security is likely to present a high risk to his rights and freedoms. However, the information of the above-mentioned targeted person is not required if any of the following conditions is fulfilled:
Any statistics provided to third party advertising networks or to partner sites regarding the traffic of users of the Site/application are provided only as a set of data and do not include any identifiable information about any individual user.
Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Consequently, despite the Company’s efforts to protect users’ personal data, it cannot ensure or guarantee the security of the information submitted by them through the Site. Users are warned that any information sent through the online environment will be at their own risk.
In order to reduce this risk, Eltrex makes available to all interested parties the possibility of sending requests/ requests/addresses/messages in material form at the Company’s headquarters, so, it’s not necessary to send emails using the addresses indicated in the “Contact” section.
The liability of the Company in relation to the targeted person will be established in relation to the quality held in the respective data processing operation, the reason and place of the incident, security measures taken, incidents avoidance measures and compliance with other legal obligations.
The Company does not transfer outside Romania personal data of the targeted person collected through the Site.
This policy applies to the Company and visitors to the Site (including those who complete the forms on the Site).
This document is part of Eltrex’s security policy set. Other policies may apply to the topics covered in this document and will be reviewed as appropriate.
Address: 180 Grigore Alexandrescu, CP 300369, Timisoara, Romania
Tel: (+40) 256 21 89 21
Fax: (+40) 256 24 40 42
Email: info@eltrex.ro, hr@eltrex.ro
© 2018 Eltrex | All rights reserved | Developed by Online Hub