SERV CONT INTEGRAL SRL is committed to protecting your privacy. Contact us at office@accountinghrworld.ro if you have any questions or problems regarding the use of your personal data and we will be happy to help.
By using our services, you consent to the processing of your personal data as described in this privacy policy.
Definitions
Personal data – any information regarding an identified or identifiable natural person;
Processing – any operation or set of operations performed on personal data or sets of personal data;
Data subject – natural persons whose personal data are processed;
Child – a natural person under the age of 18;
Principles of data protection
We undertake to follow the following principles of protection and processing of personal data:
- Processing is legal, fair, transparent. Our processing activities have legal grounds. We always consider your rights before processing personal data. We will provide you with processing information upon request;
- Processing is limited in purpose. Our processing activities correspond to the purpose for which the personal data was collected;
- Processing is done with minimal data. We collect and process only the minimum amount of personal data necessary for any purpose;
- Processing is unlimited. However, we will not store personal data unless necessary;
- We will do our best to ensure the accuracy of the data;
- We will do our best to ensure data integrity and confidentiality.
The rights of data subjects
The data subject has the following rights:
- The right to information – which means you need to know if your personal data is being processed; what data is collected, where it is obtained and why and by whom it is processed.
- Right of access – meaning you have the right to access data collected from/about you. This includes your right to request and obtain a copy of your personal data collected.
- The right to update/rectification – which means you have the right to request the rectification or deletion of your personal data, which is inaccurate or incomplete.
- The right to erasure – meaning that in certain circumstances you can ask for your personal data to be deleted from our records.
- The right to restrict processing – i.e. where certain conditions apply, you have the right to restrict the processing of your personal data.
- The right to object to processing – i.e. in certain cases you have the right to object to the processing of your personal data, for example in the case of direct marketing.
- The right to object to automatic processing – meaning you have the right to object to automatic processing, including profiling; and not be the subject of a decision based solely on automated processing. This right can be exercised whenever there is a result of profiling that produces legal effects that affect or significantly affect you.
- The right to data portability – you have the right to obtain your personal data in an appropriate format or, if possible, as a direct transfer from one processor to another.
- The right to complain – where we refuse your request under the Access Rights, we will give you a reason why we are doing so. If you are not satisfied with the way your request has been handled, please contact us.
- The right to help from the supervisory authority – which means you have the right to help from a supervisory authority and the right to other remedies, such as seeking compensation in court.
- The right to withdraw consent – you have the right to withdraw any consent given to the processing of your personal data.
What personal data we collect
Personal data is collected through the contact forms that are made available to you.
These are: name, surname, e-mail address, telephone number, as well as other personal data necessary to carry out the activity for which you have given your consent to be processed.
How we use your personal data
We use your personal data to:
- managing commercial relations, in order to conclude contracts for the provision of services;
- performance of an obligation under law or contract;
- in the company’s internal reports and statistics.
Based on the conclusion of a contract or the fulfillment of contractual obligations, we will process your personal data for the following purposes:
- to identify you;
- to provide you with a service or offer you a product;
- to communicate with you either for sales or billing purposes;
- in the company’s internal reports and statistics.
With your consent we will process your personal data for the following purposes:
- to send you newsletters and/or offers in various marketing campaigns;
- for other purposes for which we have requested your consent;
We process your personal data to fulfill obligations arising from the law and/or to use your personal data for the options provided by law. We save information about you as long as necessary for accounting purposes or other obligations arising from legal deadlines, or until the express request to delete this data.
We process personal data until we receive a request to do so from you. We will inform you of any further processing and purposes.
Who else has access to personal data
We will not disclose your personal data to third parties or public institutions unless we are legally required to do so. We may disclose your personal data to third parties if you have given us your consent or if there are other legal reasons for doing so.
How we keep your data secure
We do our best to keep your personal data safe. We use secure protocols for communication and data transfer (such as HTTPS). We use anonymization and pseudonymization where appropriate. We monitor our systems for possible vulnerabilities and attacks.
Although we try our best, we cannot guarantee the security of information. However, we undertake to notify the competent authorities of data protection breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist the authorities if breaches occur.
Technology
SERV CONT INTEGRAL SRL regularly updates all software applications used to defend known attack surfaces, at all levels (tools used by colleagues, server operating systems, virtualization layer, guest operating system, application).
We apply a redundant and scalable infrastructure that has no single point of failure that would cause service to stop.
Automatic and encrypted data is stored daily in another data center so that, in the event of an emergency, data can be restored.
We follow adopted industry solutions such as the Open Web Application Security Project (OWASP) and the Cloud Security Alliance Cloud Controls Matrix (CCM).
Protection against access
Physical access to the infrastructure is extremely limited. In all cases proper identification is required.
Network security
Data storage servers are separated from the outside by multi-level firewalls. Only servers dedicated to load balancing have an Internet connection. Application servers and data storage servers operate on separate internal networks, the connection between them is ensured by a firewall – on an intermediate level of load balancing.
Clear data/test/integration test/dev environments run on different networks.
Stored data is protected by alarm against intrusion and phishing attack. Unused services, protocols and software will be removed. All our softwares work from minimal bases, install only the necessary softwares. The efficiency of internal procedures and rules is controlled by external security audit.
Policy towards minors
We do not intend to knowingly collect information from minors. We do not target minors as potential beneficiaries of our services.
Contact information
SERV CONT INTEGRAL SRL
Email: office@accountinghrworld.ro
Supervisory Authority
The National Authority for the Supervision of the Processing of Personal Data
Website: http://www.dataprotection.ro/
Email: anspdcp@dataprotection.ro
Phone: +40 21 252 5599
Update: 29-04-2024