Information note on the personal data’s protection.
1. We, MAX BET SRL, headquartered in Bucharest, str. Baratiei, no. 31, Sector 3, postal code 030195, registered at the Trade Register under the number J 40/6809/2002, CUI: RO 14786022, we are firmly committed to protect your personal data.
2. For further information on the processing of personal data, as well as for any communication or incident related to the personal data’s protection, contact the personal data protection officer using the e-mail address [...], telephone [...] or directly at our headquarters.
3. We process personal data for our legal obligations’ fulfillment, the conclusion of legal acts and the execution of our contractual obligations, information requested or initiated by us, invitations to events and organization, recruitment and evaluation of employees and collaborators, finding, exercising or defending a right in court, maintaining contact with the persons who contact us on their own initiative or during the initiation or performance of contractual relations or involving expressions of will, as well as to honor promises made and commitments made. Given that we are the subject to legal obligations and fair practices, we keep records that do not relate to personal data, but may contain personal data, so they are subject to the same penalties for protection.
4. The legal basis for data processing is Regulation 2016/679 / EU and subsequent legislation (see here https://www.dataprotection.ro/?page=legislatie_primara&lang=en), Law no. 31/1990 and the subsequent legislation (see here https://www.onrc.ro/index.php/ro/legislatie), GEO no. 77/2009 and subsequent legislation (see here http://onjn.gov.ro/legislatie-2/), as well as other specific legal grounds, such as those relating to the security of property and persons.
5. We only process the personal data necessary for the purposes of processing, respecting the principle of minimizing access. Given the legal provisions that strictly regulate our activity and the reports we must make, we collect the following categories of data: first name, last name, signature, telephone, e-mail, address, serial number and identity card, CNP, IP address, as well as other related data necessary for the normal conduct of our business and the fulfillment of our legal and contractual obligations. We also process data that allows the unique identification of a person, which are made public, by the presence in places with public access and for reasons related to a major public interest, such as the safety of people and property, with the provision of appropriate measures and specific to the protection of the fundamental rights and interests of data subjects. If it is necessary for the data to be used for a purpose other than that for which they were collected, we will provide the data subjects, prior to this further processing, with information on that secondary purpose and any relevant additional information.
6. We communicate personal data to the bodies that control our activity, as well as to the institutions and bodies to which we have the obligation to make reports. We also communicate data to our partners, only if and to the extent necessary to fulfill their obligations, we are technically, organizationally and contractually concerned that they also adequately protect the data. The data is also accessible to our staff who have tasks that require data processing, only if and to the extent necessary for the performance of their duties and only after appropriate training on data protection.
7. We do not make cross-border transfers of personal data.
8. The processing of data by us does not involve an automated decision-making process, but each processing is analyzed by an employee who exercises his duties in strict accordance with legal provisions and internal regulations.
9. The period of data storage on the medium of current use is limited to a maximum of 2 years after the expiration of the current use’s term , to which are added the procedural terms of legal action and, subsequently, according to the legal provisions on archiving, which are provisions public. The period of data storage in the regime of preservation in the general correspondence register is limited to its duration and, subsequently, according to the legal provisions on archiving, which are public policy provisions.
10. The data we process comes from our interaction with suppliers and contractual partners, customers and the public who visit our publicly accessible spaces.
11. We pay full attention to the personal data protection, which we collect, process, use and delete in strict accordance with legal provisions. Our organizational and technical procedures regarding the personal data protection are structured in order to ensure the confidentiality and security of personal data. We have implemented appropriate technical and organizational measures to maintain an acceptable level of risk, including, inter alia, as appropriate: pseudonymization and encryption of personal data, ability to ensure confidentiality, integrity, availability and ongoing resilience of processing systems and services, the ability to restore the availability of personal data and access to them in a timely manner in the event of a physical or technical incident, the existence of a process for testing, evaluating and regularly assessing the effectiveness of technical or organizational measures to ensure security processing. All measures implemented are based on a documented risk analysis on the protection of the rights and freedoms of data subjects.
12. You have the right to request access to our data, rectification or deletion of them or restriction of processing, as well as the right to object to the processing, in accordance with the law. You also have the right to data portability and the right to withdraw your consent when the processing was carried out on the basis of your consent, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
14. You have the right to file a complaint with the National Authority for the Supervision of Personal Data Processing. If you have any doubts or suggestions regarding your personal data, please contact the data protection officer, taking into account the contact method indicated at the beginning of this information note.