CEMACON PRIVACY POLICY
Starting from May 25, 2018, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter "the Regulation") applies to all European Union Member States. Through this Regulation, a unified and uniform legislative framework is aimed at across the European Union territory, which no longer requires national implementation measures.
The operator responsible for the operation of the website www.cemacon.ro is CEMACON S.A., headquartered in Cluj-Napoca, Calea Turzii, No. 178K, 1st floor, Cluj County, postal code 400491, registered under VAT number (CIF) RO677858, with registration number J12/2466/2012, represented by General Manager Daniel Șologon.
This website is exclusively directed to users aged 16 years and above.
In order to comply with our obligations arising from the Regulation, and considering that the protection of your data is a major and constant concern for us, we have prepared this document which sets out the categories of personal data we collect during your visit to our website, the purpose and legal basis for processing, the duration of processing, where we store and to whom we transmit these data, as well as your rights as a data subject, implemented specifically to ensure the protection of your fundamental rights and freedoms, particularly with regard to the protection of personal data.
"Personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
"Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
"Recipient" means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
We assure you that your personal data is processed in a lawful, fair and transparent manner, only for the explicit purposes that have been disclosed to you.
As the operator, CEMACON S.A. processes data in a manner that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, by implementing appropriate technical or organizational measures.
We collect from you only those personal data that are necessary for enabling you to use our website, to contact you regarding our products and services, and to keep you informed about our products and services, to the extent permitted by legal regulations or based on your consent.
Generally, we process the following personal data of yours:
Each category of data will be collected for specific, explicit and legitimate purposes and will not be further processed in a manner incompatible with those purposes, and will be kept for a period that does not exceed the period necessary for the purposes for which they are processed.
To ensure transparency in the processing of your personal data, we hereby inform you of how we process your data, the purposes and the legal basis (legal grounds) for the activities through which we process your data.
COMPLETION OF THE CONTACT FORM
In order to respond to your inquiries about CEMACON products, you have the option to complete the contact form provided on www.cemacon.ro under the Contact section.
By completing the form, we request and collect from you your name, surname, email address, phone number, county, and IP address.
This personal data is necessary for pre-contractual purposes, respectively to respond to/contact you regarding CEMACON products.
Your personal data will be retained by CEMACON for the entire period of existence of a pre-contractual or contractual relationship between the parties, and for a period of 3 years from the termination of the relationship, this being the limitation period.
To the extent we have obtained your consent, personal data will be used for direct marketing or other explicit purposes, and the data will be kept for the entire duration of your consent.
The personal data processed when creating the account are not subject to a decision based solely on automated processing, including profiling, will not be disclosed to any third party, and will not be transferred to a third country or international organization.
Your personal data will be disclosed to the sales, marketing and other departments within CEMACON S.A. with responsibilities for processing personal data, necessary to fulfill the purposes for which the data is processed.
COLLECTION OF ONLINE CVs
Candidates (data subjects) have the option to submit CVs electronically to the HR Department through the personal data form provided by the company on the website www.cemacon.ro under the "Careers" page, "Career Opportunities" subsection.
The CVs will be retained for a maximum period of 18 months from the date of obtaining consent. The duration of processing personal data collected through CVs, relevant for the recruitment process, is a maximum of 18 months from the date of obtaining consent. The processing of personal data is based on your consent.
We do not accept receipt of CVs in electronic format (via email) from colleagues recommending, but only through the career page. Information received via email without complying with the provisions of this procedure will be deleted. The indication of the recommendation responsibility will be subsequently made by the designated person from the HR Department.
NEWS SECTION
To promote CEMACON products, to reward trusted partners, and to keep our partners informed about CEMACON's strategic directions, we periodically organize events for this purpose.
In the News section of the website www.cemacon.ro, we publish photo images and video recordings from the events organized. The images are taken by CEMACON or are sourced from the public domain, being public images.
The processing of this personal data is based on your consent and aims at promoting and presenting the organized events.
Your personal data will be retained by CEMACON for the entire duration of your consent. If you do not wish your image to appear on the website www.cemacon.ro, you can submit a request to gdpr@cemacon.ro stating which images you would like us to delete, and we will promptly comply with your request.
The security of your personal data is a priority for us. We ensure that any processing of data is done in accordance with the principles guaranteed by the Regulation and processed in a way that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, by implementing appropriate technical or organizational measures, by implementing appropriate internal data protection policies.
This site adopts all necessary security measures to protect the personal information of our users. When entering personal data on our website, the information will be protected both offline and online. All personal information will be processed through secure pages using the SSL encryption system.
Regulation 679/2016 ensures the protection of the fundamental rights and freedoms of natural persons, in particular their right to the protection of personal data.
Regarding your personal data, you have the right to request the exercise of any of the following rights to ensure the protection of your personal data:
Right to access your data: you can request to be informed about the categories of personal data being processed, the purposes of the processing, the recipients to whom the data have been or will be disclosed, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; the existence of automated decision-making, including profiling;
Right to rectify the data: if there are errors in the data being processed about you, you have the possibility to request their correction or completion. We will communicate the rectification to each recipient to whom the data have been transmitted, unless this proves impossible or involves disproportionate effort.
Right to request restriction of processing of data: you have the right to request restriction of processing your data in the following situations: if you contest the accuracy of the data, for a period enabling us to verify the accuracy of the data; if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; if we no longer need the personal data for the purposes of processing, but you require them for the establishment, exercise, or defense of legal claims; if you have objected to processing pending the verification whether the legitimate grounds of the controller override those of yours.
Right to request erasure of data: you can request the erasure of processed data if the data are no longer necessary for the purposes for which they were collected or otherwise processed, if you have withdrawn consent and there is no other legal basis for processing; if you object to the processing and there are no overriding legitimate grounds for the processing; the personal data have been unlawfully processed; the personal data must be erased for compliance with a legal obligation; the personal data have been collected in relation to the offer of information society services;
Right to withdraw consent: at any time you can withdraw consent to the processing of your data, without affecting the lawfulness of processing based on consent before its withdrawal;
Right to object: you can object to the processing of your personal data, under certain conditions set out in the Regulation;
Right to data portability: you have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided;
Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the Regulation;
To exercise these rights, please submit a written request by email to gdpr@cemacon.ro or by mail to the headquarters of CEMACON, Cluj-Napoca, Calea Turzii, No. 178K, 1st floor, Cluj County, postal code 400491.
5. Contact Information
This Policy is supplemented by other specific policies of CEMACON SA and the Cookie Policy that you can access on our website. Any changes to the terms of this policy will be included in the revised policy. We will use the information in accordance with the policy under which the information was collected.
This notice is limited to our website and is not valid for third-party operator websites that may be accessed through this webpage. We have no influence over the processing of data by these third-party operators and assume no responsibility or liability for these webpages.
CEMACON SA
Contact Information:
Bogdan Pușcaș
Data Protection Officer
Tel: 0740 303 708
Email: gdpr@cemacon.ro