+40 (0)316 300 010
info@issco.ro
Menu 

GDPR Policy

What data do we collect?

  • we collect and process personal data: name and surname, address, telephone, email address, car registration number; the data you provide us as contractual partners or that you provide to us by completing the forms on our web sites or by contacting us by phone, e-mail or in any other way when you communicate your resume or when you report a problem with our products or our websites;
  • special data: the personal numerical code, the serial number and the identity number when we are obliged to do so by law; and / or if you have provided your explicit consent separately.

If you voluntarily provide us with personal data (including sensitive personal data) through your interaction with our Websites or by contacting us by phone, e-mail or in any other way, at our sole discretion, and not at our request, we will delete such personal data from our systems unless we consider that processing is necessary for a legitimate purpose of the subscription.

Every time you visit our Websites, we automatically collect the following technical data, such as the Internet Protocol (IP) Address used to connect your computer to the Internet, your login information, Through the site you can apply for a vacancy. In the application process, personal data is collected from your completed form and from your resume. We process your data for evaluation purposes and for associating with vacant positions within the company. The communicated data will be stored for 6 months if work relationships are not established If you wish to be contacted about other vacancies within ISS Consult and you agree to keep your data for a longer period (24 months) you will need to give us your consent

 

Nature and purpose of the processing

We may process your personal data if:

It is necessary for performing a contract with you for the purpose of providing services, delivering goods and making payments based on contracts, we may process your personal data such as identification data, contact details, bank details and identification code tax, for persons registered for VAT purposes. This processing is based on executing a contract to which you are a party, legal obligations imposed on us, and our legitimate interest. We must comply with a legal obligation (ie comply with applicable laws, codes of conduct or guides or law enforcement and cooperation with competent authorities (including, but not limited to, tax and judicial authorities).

It is necessary for our legitimate interests (or those of a third party) and for your interests ( preventing, detecting and investigating offenses, including fraud and money laundering or terrorist financing, and analysing and managing commercial risks for ensuring IT security and networks) Including, but not limited to, the preparation and review of documents, the preparation of documentation necessary for the conclusion of a transaction, obtaining legal advice and facilitating the settlement of disputes) and / or for the protection or exercise of rights and obligations our contractual and legal; cooperation with public authorities; requesting feedback and performing analyses for statistical purposes or
for other purposes so that we can develop and improve the quality of our services.

We process your personal information for various technical reasons, such as to improve our Websites, including its functionality; to administer our Websites or of third parties if we have this contractual obligation; for internal operations, to keep our websites / products safe.

We will not share your personal data with third parties for marketing purposes without your explicit consent to that effect. In connection with your use of mobile apps created based on incoming orders, we may collect and process your personal data, such as:

  • identification data, contact details, debit or credit card information, and data on geographical location, registration number when:
  • you register to use mobile apps (including free trials) and provide us with information about you;
  • complete personal information in our applications;
  • interact with us by other means, such as by telephone, fax, SMS, email, social communication or mobile app posts;
  • you give us access to your data for the conduct of contractual relations,

This processing is based on: executing a contract our legitimate interests in verifying user account data for the services provided in the territory in which you ordinarily reside and for detecting and preventing fraud; a legal obligation that has been imposed on us;

We would like to draw your attention to the fact that you are responsible for the confidentiality and fairness of the information provided.

 

Personal data disclosed to other third parties

Within the company, only a limited number of employees have access to your personal data on a need-to-know basis. Employees have a duty to keep confidential about personal data. In this sense, technical and organisational measures have been taken to protect personal data.

We share this data with third parties, including our partners, for example, to:

  • other Contracting Parties and their banks in connection with any type of transfer of funds;
  • providers of operational services such as courier services, telecommunications, IT, payments, processing, training, storage, archiving, customer assistance investigation services;
  • any business partner, investor, transferee (current or potential) to facilitate transactions in commercial assets (which may include a merger, acquisition, debt or sale of goods);
  • professional counselors, such as auditors or lawyers, legal advisers;
  • regulatory authorities, professional bodies and/or public authorities to comply with the applicable regulations.

We will not transfer personal data outside of the European Union unless strictly necessary for the performance of the contract and only in compliance with the applicable legal provisions, applying appropriate safeguards and notifying you where appropriate.

 

 

Rights with respect to personal data

Unless the law otherwise provides, you have the following rights:

  • the right of access, namely the right to obtain confirmation from us that
  • we process your personal data and access to it and provide information about the processing mode;
  • the right to rectification, which relates to the correction, without undue delay, of inaccurate personal data and / or the completion of incomplete data;
  • the right to delete / the right to be forgotten, meaning the right to delete without undue delay the personal data collected, if such data are no longer necessary for the purposes for which they were collected and there is no other legal basis for the processing,
  • the right to restrict the processing that applies if (i) you contest the accuracy of your personal data, (ii) the processing is illegal and you object to the deletion of your personal data, requesting instead the restriction of the processing, (iii) no longer we require your personal data but you request them to find, exercise or defend a right in court, (iv) you have opposed the processing for the length of time that it is ascertained whether our legitimate interests in the processing of personal data prevail over your rights;
  • the right to oppose your processing, unless we demonstrate that we have legitimate reasons to process your data, overriding your interests, rights and freedoms, or for establishing, exercising or defending a right in court;
  • the right of portability, meaning your right to receive personal data that you have provided to us for the purposes herein, in a structured, commonly used, readable, and the right to send this data to another operator;
  • the right to file a complaint with the National Authority for the Protection of Personal Data Protection (ANSPDCP);
  • the right not to be the subject of a decision based exclusively on automated processing, including profiling, which produces legal effects on you or affects you in the same way, unless such processing is necessary for the execution of the individual employment contract or is allowed by law. Except for the right to file a complaint to ANSPDCP, as above, these rights may be exercised by sending a written request: by post, at the address in Bacau, Bd Unirii 30, 4th floor, 600192, Romania or by email, at gdpr@issco.ro.

We do not automatically process your personal data!

 

Legal basis of processing

The retention period Personal data will be retained for the time required to comply with legal obligations specific to our industry or applicable prescription terms (5 years from the termination date of the contractual relationship) or for compliance with the archiving obligations imposed by applicable law (for example, those specific to the financial and accounting field).

 

 

Security of personal data

We will make every reasonable effort to protect personal data we hold or control by establishing reasonable security measures to prevent unauthorised access, collection, use, disclosure, copying, modification or disposal, as well as other similar risks The Parties will undertake all reasonable precautions to ensure security and to prevent any unauthorized or unlawful destruction, loss, alteration, disclosure, acquisition or access to personal data. However, if the personal data provided were accessed or obtained by an unauthorized person, the Parties shall notify each other immediately of such an incident and shall cooperate in taking any action deemed necessary to mitigate any loss or damage caused by such unauthorized access.