Last Updated: 05.09.2022
https://readytechprivacy.com/is the property of ReadyTech Consulting SRL. By using this site, you, as a User, acknowledge and agree to the contents of this document.
ReadyTech Consulting SRL is a company registered in Romania, headquartered in Cluj-Napoca, Romania, Fiscal registration number: 39792399. ReadyTech Consulting SRL understands the scope and consequences established by EU Regulation 2016/679 (GDPR) as well as related legislation on personal data protection and is committed to protecting your rights and freedoms in order to process them safely and in accordance with all legal obligations.
Through this Personal Data Protection Policy, we want to inform you in a transparent manner about how we collect, use, transfer and protect your personal data when you interact with us through our website.
To reflect any changes to the way we process your personal data or any changes to your legal requirements, periodic updates and changes to this Personal Data Protection Policy will be posted on this page.
1. We process the following categories of personal data
1.1 Contact and navigation data. We collect your personal data directly through the contact form published on our website (email, name, surname and potentially, phone number) and indirectly by accessing our website (the IP used at the time of accessing).
2. Purpose of data processing
We use your personal data as follows:
2.1. To sort out your requests
We also collect your data in order to resolve your requests based on the GDPR, as well as to inform you about changes in our policies, respectively to provide you with information of interest to you as a beneficiary of our services. For this purpose, we will use the contact details provided by you, respectively the e-mail address, function, name and phone number. We process information provided by you via the contact forms exclusively for the processing of your specific request.
We always make sure that processing is carried out in accordance with your rights and freedoms and that the decisions taken on the basis of them do not affect you.
2.2. To defend our legitimate interests
In certain situations, we will use or transmit information to protect our rights and activities. Among these we list:
- Various measures to protect the website and its users against cyber attacks.
- Measures to prevent and detect fraudulent attempts, including the transmission of information to the competent public authorities.
- Various other risk management measures.
In some cases, we base our processing on legal provisions such as the obligation to ensure the safeguarding of goods and values under the applicable legislation in this regard, or various reporting obligations.
3. General grounds for data processing
The legal basis of data processing takes into account the provisions of Regulation (EU) 2016/679 on the protection of individuals with regards to the processing of personal data, on the free movement of such data and regulations on the processing of personal data adopted in Romania.
The processing of personal data listed above is based on at least one of the following legal bases:
- processing may be required for the conclusion of a legal relationship / contract and / or for its execution;
- the processing may be required in order to fulfil a legal obligation incumbent on us (eg those relating to the management of tax supporting documents, reporting to the relevant public authorities, obligations to keep evidence for certain periods of time, etc.);
- processing is necessary for the purpose of our legitimate interests;
- processing is based on your consent.
4. For how long do we keep your personal data?
We retain the personal data we process only for as long as is necessary for the purpose for which it was collected (including applicable law or regulations), such as:
- All data sent to us when you make a request using our contact form will be used strictly to provide you with an answer and to resolve your request, it will be kept for a period of 1 year from the date of receipt of the request.
- Until the withdrawal of consent for the processing of personal data based exclusively on consent.
In any case, except as provided by applicable law, we will delete your data at the time you request it. The applicable exceptional situations will be communicated to the applicant through the answer submitted to them by ReadyTech Consulting SRL in connection with the request to delete the data.
5. To whom do we transmit your personal data?
Where applicable, we may transmit or provide access to certain personal data of yours to various categories of suppliers, personnel, or other companies with which we may develop partnerships necessary for the conduct of our business, provided that there is a good reason.
Your personal data provided through our contact form (including email address, telephone, message) will not be transmitted to any third party without your explicit consent.
We may also disclose certain personal data to public authorities, if we have a legal obligation or if it is necessary to defend a legitimate interest.
We ensure that access to your data by third parties under private law is made in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them. Therefore, all data is transmitted with appropriate safeguards, by encrypting the transmitted files.
6. In which countries do we transfer your personal data?
We currently store and process your personal data in Romania. However, we may transfer certain of your personal data to entities located in the European Union or outside the Union for which the European Commission recognized an adequate level of protection of personal data.
We take all measures to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests, and we allow such transfers only when absolutely necessary, applying the principle of minimization. Data transfers will always be protected by contractual commitments and, where appropriate, by other guarantees of a technical or organisational nature.
We are committed to ensuring the security of personal data by implementing appropriate technical and organisational measures, according to industry standards.
Despite the measures taken to protect your personal data, we do not take responsibility for vulnerabilities in systems that are not under our control. We remind you that the transmission of information via the Internet is not completely secure, there is a risk that the data will be viewed and used by unauthorised third parties regardless of our intervention.
7. What are your rights?
The General Data Protection Regulation provides that you have the following rights as a data subject:
You can ask us to confirm whether we process your personal data, as well as to provide you with a copy of it and to present to you the data we have, what we use it for, to whom we disclose it, if we transfer it abroad, how we protect it, how long we keep it, what rights you have, how you can file a complaint, where we got your data from, to the extent that the information has not already been provided to you in this page.
You may ask us to rectify or complete your inaccurate or incomplete personal data. It is possible to check the accuracy of the data before rectifying it.
7.3. Data deletion
You can ask us to delete your personal data, but only if:
- they are no longer necessary for the purposes for which they were collected;
- you have withdrawn your consent (if the data processing was based solely on your consent);
- they were processed illegally;
- exercise a legal right to oppose;
- we have a legal obligation in this regard.
We are not required to comply with your request to delete personal data in any circumstance. The most likely situations in which we could deny your request are:
- for compliance with a legal obligation;
- for establishment, exercising or the defense of a right in court.
7.4 Restricting data processing
You can request that we restrict the processing of personal data only if:
- their accuracy is challenge and we need to verify their accuracy;
- they are no longer needed for the purposes for which they were collected, but you need them to establish, exercise or defense of a right in court;
- processing is illegal, but you do not want the data to be deleted;
- you have exercised your right to object, and the verification of our rights prevails is ongoing.
We may continue to use your personal data following a request for restriction if we have your consent, or to ascertain, exercise or ensure the defense of a right in court or to protect the rights of ReadyTech Consulting SRL or another natural or legal person.
7.5. Data portability
You can ask us to provide you with personal data in a structured, commonly used and automatically readable format, or you can request that it be ported directly to another data controller, provided that the processing is based on on your consent or on the conclusion or execution of a contract with you and to be done by automatic means, as well as to make the porting technically possible.
7.6. The opposition
You may object to the processing of your data at any time if you believe that your fundamental rights and freedoms prevail over our legitimate commercial interest.
7.7. Automated decisions
You may request that you not be subject to a decision based solely on automatic processing when that decision:
- produces legal effects on you;
- it affects you in a similar way and to a significant extent.
This right will not apply where the decision was reached by following automated decision-making:
- we are required to enter into or enter into a contract with you;
- is authorized by law and there are adequate guarantees for your rights and freedoms;
- is based on your explicit consent.
You have the right to submit a complaint to the National Authority for the Supervision of Personal Data Processing regarding the processing of your personal data, but we recommend that you contact us in advance and we assure you that we will make every effort to resolve any issues in a reasonable and peaceful way.
In order to exercise your reported rights, you may contact us by email at firstname.lastname@example.org. We promise to respond to any valid requests within a maximum of 30 days, unless this is particularly complicated or if you have made multiple requests, in which case we will respond within a maximum of 60 days, with the information your properly.
8. Changes to this Policy
ReadyTech Consulting SRL reserves the right to make changes to this Policy on the protection of personal data at any time by notifying its Users on this page and, possibly, on this site and / or – as far as technically and legally possible. – sending a notification to users through any contact information available to us. It is strongly recommended that you check this page frequently, referring to the date of the last change listed under the title.
If the changes affect the processing activities performed based on the User’s consent, we will collect a new consent from the User, if necessary.
We are always open to find out your thoughts and views and to provide you with any additional information you may need regarding the processing of your data. If you have any questions about the content of this document or wish to exercise your rights, please do not hesitate to contact us by email at address email@example.com.