SUCIU POPA is committed to safeguarding and respecting your privacy.
SUCIU POPA is the data controller of any personal data provided to us when you visit our website or request a service from us.
This notice explains the principles according to which we may process any personal data we collect from you, or that you provide to us, in connection with your visit tothis website and your rights in relation to that information.
Scope of the website
The website www.suciupopa.ro presents general information about SUCIU POPA, our services and our team. This website is not addressed only to SUCIU POPA clients or affiliates. Therefore, we may receive and collect information from you, even if you are not contractually related to SUCIU POPA. We may use your personal data that you send us via e-mail in order to respond to a specific enquiry sent by you.
Personal data means any information relating to an identifiable person. The processing of personal data shall always be in line with the General Data Protection Regulation (GDPR).
Contact details of the data controller
Data controller for the purposes of the General Data Protection Regulation (GDPR) is:
SUCIU POPA T: +40 374 494 944 F: +40 374 094 490 E-mail: email@example.com Website: http://www.suciupopa.ro/contact/
The data we collect
We do not collect personally identifiable data about you - such as your name, address, telephone number, fax number, e-mail address, etc. – unless you choose to email us directly and provide us with your personal data.
We do automatically collect certain non-personally identifiable data when you visit our website – such as the browser types and versions used, the operating system used, the website from which an accessing system reaches our website, the date and time of access to the Internet website, an IP address, the Internet service provider of the accessing system, and any other similar data and information that may be used for customizing the display of our website on your device or in the event of attacks on our information technology systems.
How we normally use data about you
We use non-personally identifiable data to analyze website usage (such as aggregated information on the pages visited by our users), which allows us to improve the design and content of our website. In using the non-personally identifiable data, we don not draw any conclusion about the visitors of our website.
In the ordinary course of business, we may use personal data you provide via e-mail information related to our mandate. If you are not a client of SUCIU POPA, we may use your personal data that you send us via e-mail in order to respond to a specific enquiry sent by you.
We may also use the e-mail addresses in our database for marketing and informative newsletters. Such will be sent along with a clear and easy opt-out option for the recipient.
We will not contact you about other matters, unless you specifically request it, nor will we share, rent, or sell your personal data outside SUCIU POPA, except where we have your approval or where that is necessary to fulfil our obligations to you.
If you are interested in applying for a job at SUCIU POPA and choose to submit resume information by e-mail, we will use it only for the internal application review process. Please direct all job applications to firstname.lastname@example.org and not to other e-mail addresses available on the website.
However, it is possible, though unlikely, that we might be forced to disclose personal data in response to legal process or when we believe in good faith that the law requires it, for example, in response to a court order, subpoena or a law enforcement agency’s request.
Collection of data by third-party websites
We cannot identify you personally in this way.
For detailed information about cookies and how they are used on our website, see our Cookies Policy.
You have the ability to accept or decline cookies by clicking the right option on the pop-up window that is automatically displayed when you visit our website or by modifying the settings in your browser.
Our commitment to security
We take reasonable steps to hold information securely in electronic or physical form and to prevent unauthorised access, modification or disclosure.
Our information security policy is sustained by security standards, processes and procedures and we store information in access-controlled premises or in electronic databases requiring logins and passwords.
We require our third-party data storage providers to comply with appropriate information security industry standards. All partners and staff and third-party providers with access to confidential information are subject to confidentiality obligations.
Where consent is required, it is a freely given, specific, informed and unambiguous indication of the user’s wishes. The user must provide an active indication that they agree to the processing of their personal data. The user has the right to withdraw consent at any time and must be informed of this right.
Rights of the user
a) Right of confirmation
Each user has the right to obtain from SUCIU POPA the confirmation as to whether the personal data concerning them is being processed.
b) Right of access
Each user has the right to obtain from SUCIU POPA free information about their personal data stored at any time and a copy of this information, upon request.
c) Right of rectification
Each user has the right to obtain from SUCIU POPA the rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, the user has the right to have incomplete personal data completed, if not already complete.
d) Right to erasure (“right be forgotten”)
Each user has the right to erasure of personal data concerning them, and SUCIU POPA has the obligation to erase personal data where one of the following applies, as long as the processing is not necessary: the data are no longer needed for their original purpose (and no new lawful purpose exists); the user withdraws consent to the processing and there are no other lawful grounds for the processing; the user objects to the processing and there are no overriding legitimate grounds for the processing; the personal data has been unlawfully processed; erasure is necessary for compliance with EU law or the domestic law.
e) Right of restriction of processing
The user has the right to obtain from SUCIU POPA restriction of processing where one of the following applies: the accuracy of the data is contested (and only for as long as it takes to verify that accuracy); the processing is unlawful and the user requests restriction (as opposed to exercising the right to erasure); SUCIU POPA no longer needs the data for their original purpose, but the data are still required by SUCIU POPA to establish, exercise or defend legal rights; or if verification of overriding grounds is pending, in the context of an erasure request.
f) Right to data portability
The user has the right to receive a copy of their personal data in a structured, commonly used, machine-readable format that supports re-use; to transfer their personal data from SUCIU POPA to another controller; to store their personal data for further personal use on a private device; and to have their personal data transmitted directly between controllers without hindrance.
g) Right to object to processing
Each user has the right to object, on grounds relating to their particular situation, to the processing of personal data, where the basis for that processing is either: public interest; or legitimate interests of SUCIU POPA.
SUCIU POPA shall no longer process the personal data in the event of the objection, unless we can demonstrate legitimate grounds for the processing which override the interests of the user, or for the establishment, exercise or defence of legal claims.
If SUCIU POPA processes personal data for direct marketing purposes, the user has the right to object at any time to processing of personal data concerning them for such marketing. If the user objects to the processing for direct marketing purposes, SUCIU POPA will no longer process the personal data for these purposes.
h) Right to withdraw data protection consent
Each user has the right to withdraw their consent to processing of their personal data at any time.
Legal basis for the processing
There are several reasons why we hold, process and share individuals’ personal data. Under data protection laws, the lawful reasons for processing personal data include:
Below, you may find a non-exhaustive list of purposes for which we process your data, under each legitimate reason.
In some cases, we need to process data to ensure that we are complying with our legal obligations. For example, we need to keep records of our mandates and clients in accordance with the prerequisites of the legal profession in Romania. Statutory reporting requirements are included within this section. As is disclosing information to third parties such as the courts or the police where we are legally obliged to do so.
We have a legitimate interest in processing personal data that we have obtained from you. This includes use of the e-mail addresses in our database for marketing and informative newsletters. Such will be sent along with a clear and easy opt-out option for the recipient.
Using your personal data for our legitimate interest also allows us to:
Please refer to email@example.com if you consider that there is something about your particular situation which makes you want to object to processing on this ground.
Only in limited circumstances, we may approach you for your written consent to allow us to process certain data. For instance, your consent is required in order for us to place cookies on your device.
Routine erasure of personal data
SUCIU POPA shall process and store the personal data of users only for the period necessary to achieve the purpose of processing or storage, or as long as other legislators in laws or regulations to which SUCIU POPA is subject to requires. For the retention period of each type of specific personal data you may be concerned about, please send your queries to firstname.lastname@example.org.
Existence of automated decision-making
We do not use automated decision-making or profiling. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person.
Revisions to our Privacy Notice
We review this Privacy Notice regularly and reserve the right to revise it or any part of it from time to time to reflect changes in the law or technology practices. Please review the notice periodically for changes.
We encourage you to read this Privacy Notice carefully, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information. Please send any questions regarding this notice to email@example.com.