Privacy Policy
for the use of the website (GDPR)
This document describes how the personal data of website users are processed, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable national legislation (including Law No. 190/2018).
|
Controller |
DVI Production SRL ("Controller") I.L Caragiale, str. DN72, în incinta parcului industrial Mija, Pavilion C35, camera 3, judeţ Dâmbovița, (I.L Caragiale, DN72 Street, within the industrial park Mija, Pavilion C35, room 3, Dâmbovița county) J15/997/27.09.2016, tax code 36569865, General Manager Viorel Iacob |
|
Website |
www.fortem.ro |
|
Identification data |
Tel: 0753 164 422 E-mail: office@fortem.ro |
|
Data Protection Officer (DPO), if appointed |
Mirela Calota Data Protection Officer
|
To the extent that the Controller collaborates with providers who process data on its behalf ["authorized persons (processors)"], they are selected and contracted in such a way as to ensure adequate security and compliance guarantees.
The website is addressed to users who are at least 16 years old. The Controller does not pursue the intentional collection of data from minors under 16 years old.
Depending on the sections used, we may process the following categories of data:
· identification and contact data (name, surname, telephone number, e-mail address, declared county/location);
· data provided voluntarily in empty fields (for example, the message sent via the form);
· technical data: IP address, online identifiers, access log, device and browser data;
· photo/video images, when provided by you or capture participation in public events (only under the conditions described below);
· data from application documents (CV), if you use the careers section.
We process data only for specified, explicit and legitimate purposes. The main processing activities are described below. The periods may be adjusted if there are legal archiving obligations or the need to defend rights in court.
Processed data: name, surname, e-mail, telephone, county, message content, IP address.
Purpose: managing requests, providing information, preparing offers and steps necessary prior to concluding a contract.
Legal basis: art. 6 para. (1) letter (b) GDPR (proceedings at the request of the data subject, before concluding a contract).
Retention: for the duration of the pre-contractual/contractual relationship and, as a rule, up to 3 years after its termination, for the management of any complaints or litigation (indicative period correlated with the civil statute of limitations).
Processed data: contact details (usually e-mail/telephone) and, where applicable, communication preferences.
Purpose: sending commercial communications about products/services, news, events.
Legal basis: art. 6 para. (1) letter (a) GDPR (consent), when necessary.
The expression of consent regarding the collection and processing of data in accordance with the above is done by checking the relevant box in this section.
Retention: until the withdrawal of consent or until the termination of the campaign/subscription, as the case may be.
Processed data: data from the CV and form (identification, contact, experience, education, other information provided by the candidate).
Purpose: recruitment and selection, contacting candidates, administration of recruitment processes.
Legal basis: art. 6 para. (1) letter (a) GDPR (consent) and/or art. 6 para. (1) letter (b) (pre-contractual steps), as the case may be.
The expression of consent regarding the collection and processing of data in accordance with the above is done by checking the relevant box in this section.
Retention: maximum 24 months from obtaining consent or from completing the recruitment process, unless there is another legal obligation.
Processed data: name, surname, e-mail, telephone, county, IP; where applicable, photo/video images.
Purpose: management of media requests and publication of materials regarding events/activities.
Legal basis: consent (art. 6 para. (1) letter (a) GDPR) and/or legitimate interest (art. 6 para. (1) letter (f) GDPR) in limited situations, depending on the context and the nature of the published materials.
The expression of consent regarding the collection and processing of data in accordance with the above is done by checking the relevant box in this section.
Retention: for the duration necessary for the purpose, namely until the withdrawal of consent or until the justified request for deletion, as applicable.
Processed data: IP, access logs, technical identifiers, device/browser data.
Purpose: security, fraud/abuse prevention, error diagnosis, website operation.
Legal basis: art. 6 para. (1) letter (f) GDPR (legitimate interest in system security and abuse prevention).
Retention: according to internal security policies, usually for limited periods and proportionate to the purpose.
The data may be accessed, as necessary, by:
· authorized personnel of the Controller (e.g. sales, marketing, human resources, IT, legal);
· IT/hosting, maintenance, communications, analysis/marketing service providers, as authorized persons (processors);
· public authorities or courts, when there is a legal obligation or a legitimate request.
When, based on the tools used (e.g. analysis/marketing services), data will be transferred to providers outside the European Economic Area, the Controller will apply the safeguards provided for by the GDPR (e.g. standard contractual clauses and additional measures, as appropriate) and will publish relevant information in the settings/policies related to the tools used.
Under the GDPR, you have the following rights:
· right of access (according to art.15 GDPR);
· right to rectification (according to art.16 GDPR);
· right to erasure ("right to be forgotten"), in the situations provided for by law (art.17 GDPR);
· right to restriction of processing (art.18 GDPR);
· right to data portability (where applicable) (art.20 GDPR);
· right to objection (including objection to direct marketing) (art.21 GDPR);
· right not to be subject to a decision based solely on automated processing, including profiling, in accordance with the law (art.22 GDPR);
· right to withdraw consent, when processing is based on consent (art.7 GDPR);
· right to lodge a complaint with the supervisory authority (art.77 GDPR).
To exercise your rights, you can contact us using the details published on the contact page of the website. You also have the right to file a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP) https://www.dataprotection.ro/.
The website may use cookies and similar technologies. Details are described in the Cookie Policy and in the cookie settings panel available on the website.
The Controller applies appropriate technical and organizational measures to protect data against unauthorized access, loss, destruction or alteration. Communications to the website may be protected by encryption (e.g. SSL/TLS), where implemented.
We may update this Policy whenever necessary (e.g. if the website functionalities or legal requirements change). The current version is published on the website.
________________________________________________________________________________
The undersigned TOMA ALEXANDRA-NICOLETA, certified interpreter and translator for the foreign language English, within the meaning of authorization no. 38050 as of January 22nd, 2016, issued by the Ministry of Justice of Romania, certify the accuracy of the translation from ROMANIAN into ENGLISH, that the presented text was fully translated, without omissions, and that, by the translation, the content and the meaning of the document have not been distorted.
SWORN INTERPRETER AND TRANSLATOR