Mindit Consulting S.R.L., acknowledges the importance of the confidentiality in terms of the personal data of our website visitors. This Confidentiality Policy („the Policy”) sets out the basis on which we manage and store the personal information that we collect on our website https://mindit.ro („Website”)
The new European Regulation in terms of the protection of the personal data consists in the Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “The Regulation”) and repealing Directive 95/46/EC (General Data Protection Regulation).
Our Confidentiality Policy lays out the principles and the measures taken in order to provide the conformity of the data processing according to the Regulation. Thus, we plan to have with our clients, partners and our website visitors a relation based on good faith, ethics, trust and transparency.
The Controller’s Identity and Contact Data
The company Mindit Consulting S.R.L., a Romanian legal entity, with the registered office in Voluntari, Str. Erou Iancu Nicolae nr. 38H, judetul Ilfov, registered under the no. J23/90/2013, Sole Registration Code RO31079854, registered with the Personal Data Processing Register, under the number 29458, represented through Irina Arsene, as Director;
The Data Protection Officer’s Contact Data
The Data Protection Officer is DPO DATA PROTECTION S.R.L., a Romanian legal entity, with the registered office in Bucharest, str. Ilioara nr. 54, bl. B, sc. 1, et. 1, ap. 8, camera nr. 1, sector 3, registered with the Companies Register Office in Bucharest under the no. J40/20331/2017, Sole Registration Code 38586668, represented through Lilia Mosoreti Panait , as DPO Consultant.
The Purpose and the Legal Ground of the Processing:
The purpose of your personal data processing consists in replying to the request conveyed by you on our website.
The legal ground of the personal data processing is represented by your consent given as per the art. 6 in EU Regulation 2016/679 of the European Parliament and of the Council on Personal Data Protection and our lawful interest arising from the risk management.
If it is required that the data be processed subsequently to other purpose than those for which they were collected, we undertake to provide you with information on the new purposes and any relevant further information before any such new processing.
The Data Categories
In its capacity of Controller, the company Mindit Consulting S.R.L. processes as far as you are concerned, the following personal data categories: surname; first name; email address; telephone number; information transmitted by the data subject by means of the request as well as data from the data subject’s CV, if it was transmitted to the Company .
How Your Personal Data from the Website are Processed
If you download certain articles or materials from our website or other types of business content in relation to our products and services, we will collect the email address. The newsletters or warnings will always contain a method of unsubscription;
If you send an application of employment, applying for a job within our company, you can provide us certain personal data on you, such as those comprised in a CV, letter of intent or other similar materials related to employment. We use such information in order to process or reply to your application in terms of current and future career opportunities. The non-requested CVs will be preserved for one-year period, and after such period, they will be destroyed;
If you contact us with a comment, a question or complaint, you may be requested information in order to be identified, such as your name, address and telephone number, together with further required information in order to help us to give you promptly a reply. We may preserve such information in order to help you in the future and to improve our services to clients, service offers and website;
Warning! You are not obliged to give us such information, but unless you provide them to us, we may not provide you relevant or detailed replies to your business requests. The methods by means of which we get in touch with you, we will always provide you with the possibility of requesting the removal of your personal data from the future communications.
Our website stores and processes information from browser using its own cookies. Insofar as such information may be considered as personal data, they are used exclusively for the purposes of managing our website. The cookies that we use are functional or computer ones, but in order to understand better why we need them, please be aware of the below listed explanations:
The cookies of third parties: there are two categories:
- Performance cookies – are used for reviewing how our website operates and how we can improve it. They provide information related to: to the website visits, the type of visitors – new or recurrent ones, the duration of a session, the average sessions per visitor, the visited pages and the average pages per session, the place from which our website has been accessed, the periodicity of visits and retention of visitors in time, the language and the geographical location, the devices from which the website is accessed, the browser types, the operating system, the screen resolution, statistical demographic data – sex and age, the visitors’ interests and their affinity to our website, the visitors’ behaviour – how they interact with the website, how they respond to different types of content, the traffic sources – direct, organic and paid searches, references, social media and other statistical data on how our website is used and what our visitors are interested in. All the information collected by such cookies are aggregate, therefore anonymous and may be set by third parties, among which Google – Analytics, Tag Manager and Search Console.
- Advertising cookies – although we do not display third parties’ advertisements on our website, there may be cookies related to the online advertising campaigns that we display, that are intended for providing to us statistical information on the performance of such campaigns.
The Categories of Recipients to Which Data are Transmitted
Your personal data are stored and preserved in our database corresponding to the company website. No third party has access to your data, save where there is a legal or contractual obligation.
The contractual obligation will be designed according to how the verification process is carried out that would require the transmission of the data to the Controller’s contractual partners.
The data will be transmitted to the contractual partners only if they provide they comply with the data processing obligation and the implementation of adequate technical and organizational measures.
The Personal Data Storage Period
The data that the Company collects and processes from our website are preserved during the recruiting period, if it is about the transmission of CV to this purpose. If the data subject requests information in connection with the services provided by our company, the data will be stored during the communication period, for the purpose of providing a reply to your request. Following the expiry of such storage period, all personal data will be permanently deleted.
The Rights of the Data Subjects
In connection with the processing of the Personal Data and based on the conditions specified by the Regulation on data protection, you may exercise any of the following rights:
- The right of access to the personal data concerning you: you may request that you will be communicated the categories of personal data that are processed, the purpose of the processing, the recipients to whom they have been or will be disclosed, the envisaged for which they will be stored or, if not possible, the criteria used to determine that period; the existence of an automated decision-making, including profiling;
- The right to rectification or update when the data are inaccurate or incomplete throughout the processing and before the issue of the final report; if there are errors related to your processed data, you may request their rectification; if the data are incomplete, you may request their completion. The rectification will be communicated to each recipient to whom such data were disclosed, unless it proves impossible or involves disproportionate efforts;
- The right to erasure of data under certain circumstances (e.g. when the personal data are no longer necessary in relation to the aforementioned purposes): you may request the erasure of the processed data, if such data are no longer necessary in relation to the purposes for which they were collected or processed, if you withdrew your consent and there is no other legal ground for the processing; if you object to the processing and there are no overriding legitimate grounds for the processing; the personal data have been unlawfully processed; the personal data have to be erased for compliance with a legal obligation; the personal data have been collected in relation to the offer of information society services;
- The right to restriction of the processing under certain circumstances: you have the right to restriction of the data processing in the following cases: you have contested the accuracy of your personal data for a period enabling us to verify the accuracy of data; if the processing is unlawful and you oppose the erasure of personal data and request the restriction of their use instead; if the controller no longer needs the personal data for the purposes of the processing, but you request them for the establishment, exercise or defence of legal claims; if you objected to processing pending the verification whether the legitimate grounds of the controller override yours;
- The right to lodge a complaint with the supervisory data protection authority;
- The right to object to processing: you have the right to object to processing of your personal data if they refer to direct marketing. Therewith, you may object to processing, unless the controller demonstrates legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims;
- The right to withdraw consent, at any time, for the processing of data concerning you under a request sent to the email email@example.com;
- The right to be forgotten, in the sense of sending a request of erasure of your personal data records;
- The right to your data portability, in the sense of the transfer of your personal data to another controller designated by you;
- The right to be informed in case of personal data breaches by controller.
- The right not to be subject to a decision based exclusively on the automated data processing: You will not be subject to a decision based exclusively on the automated data processing.
The Update of the Confidentiality Policy
This Confidentiality Policy may be updated from time to time, for example following the amendment of the relevant legislation. We encourage the visitors of our website to verify this page periodically in order to get informed on the latest news as to our confidentiality practices.
If you consider that your rights have been violated, you may lodge a complaint with the National Authority for the Surveillance of the Personal Data Processing. For any further information on the processing of personal data or in connection with the use of the personal data by Controller, please contact the Data Protection Officer to the email addressees: firstname.lastname@example.org and email@example.com