CERTSIGN S.A., with the registered office in Bucharest, 107A, Olteniței Road, building C1, 1st floor, room 16, 4th Sector, registered with the Trade Register under the no. J40/484/17.01.2006, CUI 18288250, phone: 0311 011 870, fax: 021 311 9905, e-mail: office@certsign.ro.
Having regard to:
– the provisions of Regulation (EU) 2016/679 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing of Directive 95/46 EC – „GDPR”,
– processing of personal data of contractual partners, natural persons, of contact persons, legal or conventional representatives, collaborators, employees and / or other natural persons designated by the contractual partners as legal entities, sent to CERTSIGN for the purpose of negotiating, concluding and conducting contractual relations
we hereby inform you about the processing of personal data for the purpose of negotiating, concluding and executing contracts in which CERTSIGN S.A. is a contracting party:
1. Capacity of certSIGN as regard to the processing of personal data
CERTSIGN S.A. is a personal data controller, according to the provisions of art.4, para. 7 of GDPR.
2. Categories of data subjects
Personal data processed by CERTSIGN belong to the following categories of data subjects: contractual partners, natural persons, contact persons designated by the contractual partners, their legal or conventional representatives, collaborators, employees and / or other categories of natural persons whose data are disclosed to CERTSIGN by the contractual partners (collectively referred to as hereinafter referred to as “Data subjects “. These personal data are transmitted to CERTSIGN at the initiation of contractual relations with the contractual partners or over the course of these relations.
3. Grounds and purposes for processing personal data
The purposes for processing your personal data are:
The legal grounds for data processing operations refer to Article 6 (1) (a), (b), (c) and (f) of the GDPR, as detailed above.
4. Categories of personal data
The categories of personal data that CERTSIGN processes for the purposes mentioned above may be but not limited to:
5. Transmission of data and the consequences of non-compliance
The provision of the aforementioned personal data is necessary to achieve the purposes specified above. Your refusal to provide the data will make it impossible to provide the services or products covered by the contracts.
Should you no longer want to receive promotional materials and marketing communications regarding our products and services, we will no longer process your data for this purpose.
6. Duration of personal data processing
CERTSIGN S.A. processes all information and personal data provided by the contractual partners throughout the negotiation and conduct of the contractual relationship. Upon termination of these relations, personal information and data will be archived for a period of 10 years. After this period, your personal data will be destroyed in accordance with Law 16/1996 on National Archives.
Also, should you no longer want to receive newsletters, promotional materials, marketing communications, commercial offers or any other relevant information about our products and services, certSIGN will no longer process your data for this purpose.
7. Transmission of personal data for achieving the processing purposes of certSIGN
Your personal data may be disclosed to: data subjects, auditors, the supervisory body under the law applicable to the service provided, public authorities and institutions under public law obligations, lawyers to represent us in the event of a dispute or for consultancy, bailiffs for contractual communications or enforcement of any court decisions, debt collection companies, CERTSIGN contractual partners (courier companies, suppliers, subcontractors, consultants and technical experts, etc.) for concluding and conducting contracts, to banks for claims mortgages and / or for obtaining financing and / or grant instruments, to insurance companies for obtaining guarantee instruments, to CERTSIGN affiliates and in any other situations justified with your prior notice, but only but only for the purpose of fulfilling the purposes mentioned above and pursuing with priority the protection of your rights.
8. Transfer of personal data outside the European Union
certSIGN does not transfer your personal data outside the European Union.
9. Rights of Data Subjects
The rights you benefit from in accordance with the provisions of EU Regulation 2016/679 are:
In order to exercise your rights over personal data, you can contact the Department of Personal Data Protection of CERTSIGN using the following contact details:
Should you submit a request regarding your rights over the processing of personal data, you will receive a reply as soon as possible, within 30 days, under the provisions of GDPR.