The issue of data protection and confidentiality is a topic we take very seriously, and we follow the applicable national and European data protection regulations.
Thank you for your interest in this website owned by Coderdox (hereinafter referred to as “SSIMA”). Coderdox S.R.L., a Romanian legal entity, organized and existing under the laws of Romania, having its registered office located in Bucharest, registered with the Trade Registry under no. J40/9/04.01.2016, having sole registration code 35371982, duly represented by Elena Ovreiu, in his/hers capacity as Administrator, acts as a data controller with respect to your personal data processing operations (hereinafter referred to as “SSIMA” or “the Controller”).
We take data protection and privacy issues very seriously and comply with the applicable national and European data protection regulations. Therefore, we would like to inform you with this declaration about data protection measures and which data we store and how we use this data.
WHAT KIND OF DATA IS COLLECTED AND HOW IS IT USED?
Data collection by this website
Whenever a user accesses the website, the user’s internet browser automatically transfers the following data to SSIMA’s web server for technical reasons:
- IP address of the requesting computer
- date and time of access
- name and URL of the retrieved file
- transferred data volume
- access status (file transferred, file not found etc.)
- identification data of the browser and operating system used
- name of the provider of user’s internet access
- website from which access is made
The data ascribed above is collected, processed and used for enabling the use of the website (connection setup), system security and technical administration of the network infrastructure. A comparison with other databases or a transfer to third parties, also in excerpts, does only take place after an anonymization of the IP address of the accessing computer.
The legal basis for processing the data provided above is Art. 6 para. 1 letter f GDPR.
The Controller also processed the following categories of personal data for entering into and performance of the participation agreement that shall be signed between the participants and SSIMA:
- name and surname;
- Social security number (CNP)
- Professional or educational affiliation
- Educational and/or professional status/title
- mailling address;
The legal basis for processing the personal data detailed above is represented by Art. 6 para. 1 letter b GDPR.
The data collected as part of the voluntary entries under “Apply” at the respective event application forms, will be used and processed exclusively for processing the enquiry and to carry out the services you may have requested.
SSIMA will also collect the participants’ image, if they express their explicit consent, with respect to the photographies and videos that will be taken during the event and further posted on SSIMA’s website.
Use of Google Analytics
The legal basis for processing is Art. 6 para. 1 f GDPR, whereby SSIMA’s authorization arises from the fact that, on the one hand, SSIMA has an interest in evaluating the website data for purposes of website optimization and, on the other hand, a concerned person can reasonably foresee at the time when the personal data is collected and in view of the circumstances under which it is carried out (in particular the above-mentioned measures) that it will possibly be processed for this purpose.
IS OTHER PERSONAL DATA COLLECTED AND PROCESSED?
We collect and process your personal data only if you request certain services and we need your personal data for this purpose or if you have voluntarily given us your express consent. The legal basis for processing is Art. 6 Para. 1 a GDPR and Art. 6 Para. 1 b GDPR.
You can do this, for example, by completing an application form or sending us an email, ordering products or services, submitting inquiries to us, requesting materials or registering. Unless otherwise required by law, we will only use your personal data for the purposes for which you have given your consent.
For special services such as newsletters, sweepstakes, etc. the respective special data protection provisions apply.
WILL MY DATA BE TRANSFERRED TO THIRD PARTIES, E.G. AUTHORITIES?
SSIMA and its affiliated organizations/persons and third party partners, receive your data that are required to fulfil our contractual and legal obligations. Some data must be disclosed under strict contractual and legal requirements:
Due to legal obligation:
In certain cases, we are required by law to transfer data to a requesting public authority, in order to fulfil our obligations related to the employment, fiscal, criminal law related matters or other obligations that may be bound to SSIMA .
In these cases the legal basis for processing is represented by Art. 6 para. c GDPR.
To external service providers for data processing:
When service providers get access to our customers’ personal data, this usually takes place in the course of so-called order processing of personal data. In this case, SSIMA remains responsible for the protection of your personal data – in addition, the processor can also be responsible, if the contractual relationship is qualified as one of controller-processor. In this case, the service provider works strictly in accordance with our instructions, which we ensure by means of strict contractual regulations, technical and organizational measures and supplementary controls.
SSIMA works with service suppliers as processors. These are companies and service providers for IT services (e.g. for technical-administrative tasks and for usage analysis), telecommunications, consulting and advisory services as well as sales and marketing.
The data protection regulations for instruction-bound order processing of personal data are complied with.
To affiliated parties/persons outside Romania?
If data are transferred abroad, they are based within the EU or the EEA or in a country which, according to the decision of the EU Commission, has an appropriate level of data protection. In the case of data transfers to affiliated persons domiciled in other countries, SSIMA ensures by way of guarantees that the data-importing affiliated person has been obligated to an appropriate level of data protection.
Beyond this, we do not transfer data to third parties unless you have given your express consent, the transfer is obviously necessary for the provision of an offer or service requested by you or this is provided for by law. We also do not intend to transfer your data beyond this to a third country or international organization.
HOW LONG WILL MY DATA BE STORED?
We store personal data as long as it is legally necessary or necessary for the provision of the service requested by you, or in case of personal data processing based on your consent, until you withdraw your consent.
WHAT RIGHTS DO I HAVE WITH RESPECT TO MY PERSONAL DATA PROCESSING?
Pursuant to the applicable data protection legislation, you have the right to be informed with respect to the processing of your personal data, the right of access to your personal data, the right to rectification, erasure or restriction of the processing of your data in accordance with data protection regulations, a right to object to the processing, the right not to be subject to a decision based solely on automated processing, including profiling, as well as a right to data portability. You also have the right to lodge a complaint to the national supervisory authority.
CAN I WITHDAW MY CONSENT TO THE USE OF MY DATA?
You have the right to withdraw your consent to the use of your data at any time, for the personal data processed based on the legal basis of consent. Just send an email to firstname.lastname@example.org or send a letter to the following address:
Coderdox SRL, Str. Caramidarii de Jos, nr. 3, bloc 75, cam 1, etaj 8, Sector 4, BUCURESTI, 040407
The data processing performed based on your consent is legal until the time of withdrawal.
For the consent given with respect to the participants’ image, you can withdraw your consent by unticking the checkbox provided at the application process.
WHO IS MY CONTACT PERSON IF I HAVE A QUESTION ABOUT DATA PROTECTION?
If you have any questions or comments, please feel free to contact the Data Protection Officer of SSIMA (Coderdox SRL) at any time:
Data Protection Officer
+4 733 539 092
HOW LONG IS THIS DATA PRIVACY DECLARATION VALID?
This data privacy declaration is up-to-date and dates from May 18, 2019. We reserve the right to amend the data privacy declaration at any time with effect for the future, in particular to adapt it to a further development of the website or the implementation of new technologies, as to the date of last update shall be displayed.