Privacy policy

STATEMENT REGARDING PERSONAL DATA PROCESSING

Personal data protection in the online environment has become a regulated necessity and mandatory. Any operator must inform the client/collaborator about the personal data processing and to guarantee these are kept secured.

Sofimat SRL with registered office in 94A, 13 Decembrie Street, 500164 Brașov, Trade Register number J08/485/2004, VAT no. RO16219580 as operator, is hereby informing you about your personal data processing and retention sent through service and product supply operations.

WHAT ARE PERSONAL DATA

– Information regarding the identified / identifiable physical person: last and first name, address, e-mail, phone, signature, financial information, information requested by authorities specific to supplying services and products, audio-video monitoring information following the visit of the customer in a location supplying services of Sofimat SRL, audio-video monitoring during technical support services, the IP, any other information necessary for conducting the activity of Sofimat SRL.
– Any action (set of actions) like collection, registration, organization, storing, adapting or modifying, extraction, consultation, use, disclosure to third parties by transmission, dissemination, annexation or combination, blocking, archiving, deltion, destruction operating on data can be deemed to pertain to personal data (directly or indirectly).

INFORMATION COLLECTION

Information collection sources:
1. When using www.sofimat.ro or applications of Sofimat SRL, filling in forms or surveys (without being mandatory) necessary for the provision of the services can be required;
2. Direct and indirect transactions between Sofimat SRL, partners and users;
3. External sources specific to public institutions.

How do we collect personal data from the www.sofimat.ro users:
– Directly;
– By using the user’s browser and the traffic data;
– By using cookies.

1. Direct collection of the personal data
A1. Placing an order (with or without creating an account) on www.sofimat.ro may involve provision of the last name, first name, address, e-mail and any other necessary data for contracting, invoicing and delivery process:
• Contract data are kept for 3 years (general prescription);
• Tax data are kept for 10 years (tax legislation);
• No orders can be fulfilled without the above-mentioned data.

A2. Within the offered support services we can ask for the phone number or the e-mail address in order to be able to contact you for solving your problem (when needed, other data can be requested, considered personal data). The conversation with www.sofimat.ro  for support purposes may be recorded.

A3. Newsletter subscription comes with the request to supply an e-mail address for personalized communication, until revocation of the consent.

A4. Payments made in our account are processed by our banking partners, and the banking information is sent to them.

2. Personal data collection using traffic data

During your visit on www.sofimat.ro from any device, you supply information like your IP address, time of the visit, location, visited pages. The external traffic analysis services (e.g. Google Analytics) are exclusively used by www.sofimat.ro for improvement of services and for providing and maintaining website security.

3. Data collection through cookies (per session and fixed)
Cookies are used for remembering passwords, language preferences, filters for protection of the underage persons, for commercial types agreed upon or their limitation.

FOR WHAT PURPOSES IS SOFIMAT PROCESSING PERSONAL DATA

Sofimat SRL is identifying (through the fixed means defined above) potential users accessing the supplied services, is monitoring operations to this end, is preparing surveys and/or profiles within the marketing activities, is preparing internal analyses specific for provided services. Sofimat SRL is also processing personal data for solving different legal issues or issues linked to service provision, and their archiving is physical and electronic. There are legally regulated institutions of the Romanian state which can request reports containing personal data.

WHAT IS THE LEGAL GROUND FOR PROCESSING PERSONAL DATA

The law defining General Data Protection Regulation was promulgated and is also effective on the
territory of Romania, as follows:
– (Art. 6(1) b GDPR) refers to personal data collection through the order form
– (Art. 6(1) c GDPR) refers to the mandatory data for issuing invoices
– (Art 6(1) a GDPR) requires obtaining the consent for the use of personal data for marketing purposes
(newsletter subscription, cookies, etc.)
– (Art 6(1) f GDPR and law 506/2004 art. 12 (2)) refer to the legitimate interest of www.sofimat.ro to secure and optimize the website (consideration no. 49 GDPR).

COMMUNICATION OF PERSONAL DATA IS MANDATORY FOR THE USER,

– and the refusal leads to the impossibility of providing the services. The user is entitled to refuse the data being processed with the purpose of using them in direct marketing.

RECIPIENTS OF THE PERSONAL DATA

We have showed above the purposes for which personal data are collected. At the same time, if really
necessary, SOFIMAT SRL can make available for the legal authorities and contract partners different personal data (limited) of the users, and the latter undertake not to use them for any other purpose (e.g. public authorities, auditors, jurists, accountants, companies of the SOFIMAT GROUP).

Based on the law no. 2016/679 (GDPR) adopted by the European Parliament, there is the possibility of TRANSFERRING PERSONAL DATA OUTSIDE THE COUNTRY.

Personal data can be stored for as long as the law stipulates, which is 3 years for contract data and 10 years for financial data. Data processing can take place until the moment the purpose for which they were collected is fulfilled and after that they have to be archived or destroyed.

MEASURES REGARDING THE SECURITY OF PERSONAL DATA PROCESSING

– Data confidentiality is mandatory, and this is why users use their own name and the password
– Any user accessing / collecting / changing personal data is recorded along with the date, time and
operation carried out
– Only authorized users are entitled to print invoices, notifications, agreements and other documents containing personal data.
The user or the possible user subject to personal data processing has the following rights:

  1. The right to be informed about data collection according to art. 13 and 14 GDPR
  2. The right to have access to processed data – art. 15 GDPR
  3. The right to request changing or deletion of data – art. 17 GDPR, with the exceptions stipulated by the law
  4. The right to request minimum processing or to refuse personal data processing – art. 18 GDPR
  5. Data transfer right to a different operator – art. 20 GDPR
  6. Withdrawal of the data processing right after initial consent
  7. Refusal of data processing for marketing purposes and profile creation
  8. When feeling wronged, the user is entitled to approach ANSPDCP or to turn to the competent court of law.

SOFIMAT SRL RESERVES THE RIGHT TO CHANGE THIS STATEMENT REGARDING PERSONAL DATA PROCESSING WITHOUT PRIOR NOTIFICATION, BY PUBLISHING THE UPDATED VERSION ON THE WEBSITE.

Any notification can be addressed in electronic format to office@sofimat.ro or in writing to 94A, 13 Decembrie Street, 500164 Brașov.

This website is using cookies in order to offer you a better experience. By continuing the navigation, you agree with their use.