In line with Article 24 GDPR (EU) 2016/679, taking into account the nature, scope, context and purposes of processing as well as the risks to the rights and freedoms of natural persons, Uzina de Electronice Bobina SRL have implemented appropriate technical and organisational measures to ensure pursuance to the General Data Protection Regulation (GDPR). This policy stands as the cornerstone to Uzina de Electronice Bobina SRL’s compliance with the GDPR and is reviewed and updated accordingly.
This Policy that provides data subjects with information on how Uzina de Electronice Bobina SRL collects personal data, what they do with it and with whom it may be shared. This privacy notice has been drafted in compliance with the requirements of the General Data Protection Regulation, Regulation (EU) 2016/679, (the GDPR) and on the basis of the Information Commissioner’s Code of Practice on ‘Privacy notices, transparency and control’ and the Article 29 European Commission Guidelines on transparency under the GDPR.
We ask that you read this privacy notice carefully as we would like to inform you that your privacy on the internet is of crucial importance to us and it also contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
Who we are
Uzina de Electronice Bobina SRL (“Uzina de Electronice Bobina SRL”, “us”, “our” or “we”) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
The personal information we collect and use
Data Controllers and Contracting Parties
Regardless of whether you reside inside or outside the “Designated Countries”, Uzina de Electronice Bobina SRL will be the controller of your personal data provided to, or collected by or for, or processed in connection with our services and regulated activities.
Whether information has to be provided by you, and if so why
The provision of “Your Data” (please see next paragraph) is required from you to enable us to provide our services. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.
Information collected by us
In the course of your registration as a client or filling any other form on our Website, subscribing to our services, news or offers, marketing communications or posting material, the following information about you (“Your Data”) will be collected and stored for administrative, service related and/or legal purposes.
We will limit the collection of personal information to what is necessary to administer our business and carry out our regulated activities in an effort to provide you with superior service.
Information that you provide to us directly:
• Personal information, such as names, addresses, personal registration number, national identification number, passport number and e-mail addresses etc (“Personal Information”).
However, the meaning of data ‘provided to’ Uzina de Electronice Bobina SRL is not limited to this. It is also personal data resulting from observation of your activities (eg where using a device or service).
This may include:
• history of website usage or search activities, details of your visits to our Website including, communication data
• traffic and location data; or
• communications between you and Uzina de Electronice Bobina SRL via Live Chat, email, or telephone call.
• website traffic pattern information, including IP addresses, operating system and browser type, for system administration and to report aggregate information to our advertisers. This kind of information is only used in masked or aggregated form, which means that the individual user will not be recognisable. These data do not identify any individual.
Your e-mail address may be used by Uzina de Electronice Bobina SRL in relation to its products and services (including any marketing campaigns related to these products or services). If you do not wish to receive such marketing material and marketing communications, you can opt-out at any time by clicking on ‘unsubscribe’ or by sending an email stating so to email@example.com.
The type of data collected and purpose of collection
The type of data we collect along with the purpose for collection is listed below:
Personal data type:
Personal information name and address
To meet our regulatory obligations
Personal data type:
Contact information (email address and phone number)
In order to send you correspondence in relation to the services provided and to fulfill our regulatory and compliance obligations
How we use your personal information
We use information held about you in the following ways:
• to ensure that the content in our website is presented to you in the most effective manner and to improve the content of our website.
• to communicate with you and contact you and to provide you with products and services that you request from us or, where you have consented to be contacted, for products and services that we feel may be of interest to you;
• managing and administering the products and services provided to you;
• keeping you updated as a client in relation to changes to our services and relevant matters;
• provide, improve, test, and monitor the effectiveness of our Services.
• develop and test new products and features.
• monitor metrics such as total number of visitors, traffic, and demographic patterns.
• diagnose or fix technology problems.
• to carry out our obligations arising from any contracts entered between you and us.
• we may also use your data, or permit selected third parties and our processors to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by email.
• to notify you about updates to the website.
• to send out newsletters or information about other opportunities that we believe will be of interest to you. We will only send this to you if you have indicated that you wish to receive such information and we will respect your wish not to do so if you communicate such wish to us. You can opt-out from receiving marketing communications at any time if you do not
• wish to receive such marketing material by clicking on ‘unsubscribe’ or by sending an email stating so to firstname.lastname@example.org.
• to promote safety and security. We use the information we have to help verify accounts and activity, and to promote safety and security on our regulated services, such as by investigating suspicious activity or violations of our terms or policies. We work hard to protect your account using teams of IT specialists, automated systems, and advanced technology such as encryption.
Who we share your personal information with?
We will not rent or sell your information to third parties outside Uzina de Electronice Bobina SRL (or the group of companies of which Uzina de Electronice Bobina SRL is a part) without your consent. We also impose strict restrictions on how our processors can use and disclose the data we provide. Here are the types of third parties we share information with:
• Service providers and other partners: We transfer information to service providers (processors), and other partners who globally support our business, such as providing technical infrastructure services, trading platforms analysing how our Services are used such as measuring the effectiveness of ads and services, providing client service and support, client on-boarding, client identity verification, including PEPs and sanctions, conducting marketing communications and design, services related to our website management, services related to software and business development services.
We may need to transfer personal data to recipients outside the European Union; these activities can include dealings with foreign public entities (only when necessary and under request), the outsourcing of services to external providers located outside the EU and/or processing the data outside the EU (e.g. cloud computing, client identity verification and individuals from outside the EEA accessing to our web-services), see paragraph Transfer of your information out of the EEA).
• Measurement and Analytics Services: Partners who use our analytics services like Google Analytics (Non-Personally Identifiable Information Only). We do not share information that personally identifies you (personally identifiable information is information like name or email address that can by itself be used to contact you or identifies who you are) with advertising, measurement or analytics partners.
Uzina de Electronice Bobina SRL does extensive due diligence before choosing processors assuring that they provide sufficient safeguards, in particular in terms of expert knowledge, data governance, data security, cyber resilience, reliability and resources to implement technical and organisational measures which will meet the requirements of this General Personal Data Regulation, including for the security of processing.
We routinely share your personal data with our processor Uzina de Electronice Bobina SRL Europe Ltd, which makes it possible to operate our company, where processing is to be carried out on behalf of the controller (us). Our processor provides sufficient safeguards to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of General Personal Data Regulation and ensure the protection of the rights of the data subject.
The adherence of the processor to a SLA Contract is used as an element to demonstrate compliance with the obligations of the controller.
The carrying-out of processing by our processor it is governed by a contract or other legal act under Union or Member State law, binding the processor to the controller (Uzina de Electronice Bobina SRL).
This data sharing with our processor enables us to proceed with our regulated activities and duties to KYC in order to meet our regulatory obligations relating to assess the appropriateness of our products and services, provide support to clients, etc. Some of those third party recipients (processors) may be based outside the European Economic Area; if the third party recipient is located outside the EU/EEA in a country not ensuring an adequate level of data protection, the transfer will only be completed if a written agreement has been entered into between Uzina de Electronice Bobina SRL and the third party. The written agreement shall be based on the Standard Contractual Clauses approved by the European Commission (and any updated versions). — for further information including on how we safeguard your personal data when these cases occur, see paragraph ‘Transfer of your information out of the EEA’.
We will share personal information with law enforcement or other authorities if required by applicable law.
For more information about cookies and how we use them, please read our Cookies Policy.
How our global services operate
Transfer of your information out of the EEA
Information collected within the European Economic Area (“EEA”) may, for example, be transferred to countries outside of the EEA for the purposes described in this policy and relying on the lawful basis of contractual necessity and compliance with our legal obligations.
We and our processors when data is transferred outside the EEA utilise standard contract clauses approved by the European Commission and we adopt other means under European Union law and may obtain your consent to legitimise data transfers from the EEA to and other countries.
How do we respond to legal requests or prevent harm?
We access, preserve and share your information with regulators, law enforcement or others by request:
• We can respond to legal requests when we have a good-faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognised standards.
• When we have a good-faith belief it is necessary to: detect, prevent and address fraud, unauthorised use of the services or products, violations of our terms or policies, or other harmful or illegal activity; to protect ourselves (including our rights, property or Products), you or others, including as part of investigations or regulatory inquiries; or to prevent death or imminent bodily harm. For example, if relevant, we provide information to and receive information from third-parties about the reliability of your account to prevent fraud, abuse and other harmful activity on and off our Products.
Information we receive about you (including financial transaction as data related to deposits and withdrawals) can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations.
Under the General Data Protection Regulation you have a number of important rights. In summary, those include rights to:
• fair processing of information and transparency over how we use your use personal information,
• The right to access personal data: via a Subject Access Request. Your request should be made in writing to email@example.com. We may ask you for proof of identity before providing you with the data. There is usually no charge for such requests, however in limited circumstances we may be able to charge an administrative fee (and we will inform you in response to your request if that is the case).
• The right to request that your personal data is corrected if it is found to be inaccurate: require us to correct any mistakes in your information which we hold.
• The right to request that your personal data is erased where it is no longer necessary. In some circumstances this right may not apply e.g. if there is some other compelling reason for us to keep or process your data (and we will inform you in response to your request if that is the case)
• Right to data portability: to receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party (another controller) in certain situations.
• The right to withdraw consent to processing at any time, where relevant i.e. where we are relying on your consent to process the data and not another legal reason for processing.
• The right to object at any time to processing of personal information concerning you for direct marketing.
• The right not to be subject to a decision which is based solely on automated processing, including profiling which produces legal effects concerning them or similarly significant affects them
• The right to object in certain other situations to our continued processing of your personal information.
• otherwise restrict our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the www.dataprotection.ro
If you would like to exercise any of those rights, please:
email, call or write to us at firstname.lastname@example.org
let us have enough information to identify you (eg name, phone number, email address),
let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
let us know the information to which your request relates
If you would like to unsubscribe from any emailing or any marketing communications you can also click on the ‘unsubscribe’ button at the bottom of the email or by sending an email to email@example.com stating so.
Legal basis for processing personal data
Reasons we can collect and use your personal information: Lawful basis for processing
Under EU data protection law, there must be a lawful basis for all processing of personal data (unless an exemption or derogation applies). We rely on:
• Contractual necessity
Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract to conduct regulated activities, when processing is necessary for the entry into, or performance of contract with the data subject or in order to take steps at this or her request prior to the entry into a contract.
• Compliance with legal obligations
Processing is necessary for compliance with our legal obligation. Uzina de Electronice Bobina SRL has the necessity for compliance with a legal obligation.
• Legitimate interest
Data will only be processed where it is necessary for the purposes of the legitimate interests pursued by Uzina de Electronice Bobina SRL, and these interests or fundamental rights are not overridden by the interests, rights and freedoms of the data subject and that the processing would not cause unwarranted harm. For instance, it is a legitimate interest of Uzina de Electronice Bobina SRL to process personal data on data subjects in order to expand the business, develop new business relations prevention of fraud, maintaining the security of our systems if/when necessary, enhancing, modifying or improving our services. The data subject must be given information on the specific legitimate interest if a processing is based on this provision.
Keeping your personal information secure
Your Data is stored and kept confidential according to the legislation on protection of personal data and processing thereof applicable in the jurisdiction in which Uzina de Electronice Bobina SRL with which you have signed up is located.
We have appropriate security measures in place to prevent personal information from being accidentally lost, misused, modification, disclosure or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How long your personal information will be kept
You can close your account any time, but for audit trail purposes, Uzina de Electronice Bobina SRL shall hold personal data for a period of at least five years after closing the account in order for us to comply with our record keeping obligations under the Money Laundering Regulations 2017.
At the end of that period, we will delete all personal data relating to you, unless a legal requirement requires them to keep the data for a prolonged period of time, or Data Subject has expressly consented to their data being held for an extended period of time.
What happens in the event of a change of control
How to complain
We hope that our Data Protection Officer, client support or compliance team can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in the Data Protection Act (the ‘Act’) was enacted in 2003 (Act No. 9 of 2003) with the aim of protecting the fundamental privacy rights of individuals against the use of data concerning them without their informed consent. The Act will come into operation on such date as the Minister notifies in the official Gazette.
As of May 2015, the Act has not yet come into operation. In the European Union (or European Economic Area) in the country (member state) where you work, normally live or where any alleged infringement of data protection laws occurred.
How to contact us
If you wish to contact us with any queries, concerns or complaints, you can email us at firstname.lastname@example.org
Uzina de Electronice Bobina SRL shall comply with both the GDPR and national data protection legislation.
If applicable national legislation requires a higher level of protection for personal data than such policies/guidelines, such stricter requirements are to be complied with. If Uzina de Electronice Bobina SRL policies/guidelines are stricter than the local legislation, our policies/guidelines must be complied with.
Changes to this privacy notice
This privacy notice was published on August 2018 and last updated on Augst 2018.
Do you need extra help?
If you would like this notice in another format (for example: audio, large print, braille) please contact us (see ‘How to contact us’ above).