Privacy policy

1. Introduction

This Privacy Policy informs you of the data we collect from you when you use our website. In collecting this information, we act as a personal data controller and by law we are obliged to provide you with information about us, purpose and manner in which we use your data, and your rights over the data you collect.

2. Other Services

Our policies do not cover apps and websites of third parties which you can reach by accessing the links on our website. This is beyond our control. We encourage you to acquaint yourself with the Confidentiality policy and the Cookies policy on any website and/or app before giving your personal data.

3. Who Are We?

SII IT&C Services ( Trademark : SII România) is a member of Group SII France with a management board, registered in Romania J40/19949/2004, RO 17003044, with its principal office at ONE Cotroceni Park Office – 44, Sergent Nutu Ion street, unit A+B, 5th floor, district 5, Bucharest (access through no. 1, Progresului street)

4. Our Commitment

The protection of your personal data is very important to us. That is why we are committed to complying with the European and National Laws in force related to personal data protection, especially Regulation (EU) 679/2016, also known as GDPR, as well as the following principles:

Loyalty, equity and transparency

We process your data legally and fairly. We are always transparent with the information we use, and you are always informed accordingly.

You are in charge

In accordance with the limits of the law, we give you the chance to examine modify and erase the personal data you have shared with us and the chance to exercise your other rights.

Data integrity and limitation of purpose

We use the data only for the purposes described at the time of collection or for new purposes compatible with the original ones. In all cases, our purposes comply with applicable law. We take reasonable steps to ensure that personal data is accurate, complete and up-to-date.

Security

We constantly implement reasonable security and encryption measures to protect your data the best way possible. However, please note that no website, application or internet connection is completely secure.

5. Questions and demands

If you have any questions or concerns regarding the processing of your data or if you wish to exercise your legal rights in relation to the data or you are concerned about the way we handle any confidentiality issue, you can write to us at e-mail: gdpr@siiromania.ro or dpo@siiromania.ro.

6. Your Data

6.1 Data Collected When You Use Our Website

Most frequently, we will use your personal data in the following circumstances:

Visitors

The use of our website does not require the provision of personal data. Personal data is only raised if you actively seek our contact via email or if you apply to one of our open positions. We collect standard internet log information and details of our website visitor behavior patterns and any information collected and stored in cookies as listed in the sections below. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting either of our websites. We will not associate any data gathered from this site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Job applicants

If you apply for a job position on our website, you consent to sending us:

Your Name, E-mail, Phone, Your Comments
Your CV document.

Also, if you apply for one of our internship programs , you consent to sending us:

Your Name, Age, Studies, University, E-mail, Phone, Location, Your Comments
Your CV document.

The information from these forms will be used by our Recruitment department at SII Romania only for further recruitment purposes and only after the applicant has given his consent regarding the processing of personal data. The data and documents you enter and upload are processed directly in our application management system. The entry and upload of the data takes place via a secured https connection.

We will use the information collected to consider you for the job opening that you specify. We may also use this information to contact you regarding other job opportunities, both opportunities advertised on this site and opportunities advertised on a website of one of our affiliates.

In case we may use a third party service provider to assist us with some features of our site, our service provider will receive your information on our behalf and will not be permitted to use it for any other purpose. The data provided is internally processed in order to address your request and will not be passed to a third party without you explicit consent.
For applications by e-mail we transfer your submitted data and documents to the applicant management system or directly to our Recruitment department. We will use your received phone number, e-mail address and address to contact you with questions and concerns regarding your application.

If your application is interesting for vacancies, we store your application data for a maximum of 2 years in our applicant pool. Should we have any further interest in the storage of your data, we will contact you in advance again. Otherwise, the data will be deleted automatically after 2 years without any separate notification. If you do not wish to be included in our application pool, please indicate this in the cover letter.
In every moment, you can express your willingness to be forgotten, to rectify or access data, to restrict processing, to withdraw consent or to be kept informed about the processing of your data. You can have your application profile deleted from our application management system at any time. Please contact gdpr@siiromania.ro or dpo@siiromania.ro for this.

Clients

In order to provide services, deliver goods and make payments based on relevant contracts, we may process personal data such as identification data, contact details, banking data. This processing is based on the execution of a contract to which the clients are part of or a legal obligation encumbered upon us.

We may process your personal data so that we can provide you with information about goods or services that we consider to be of interest to you. If you are a current customer, we will contact you by e-mail or SMS only with information about goods and services similar to those that were the subject of an earlier contract or negotiation, unless you have opted previously. If you are a new customer, we will contact you by electronic means only if we have your agreement.

We will not share your personal data with third parties for marketing purposes without your explicit agreement thereof. We may also use your personal information and provide you with relevant content to measure or understand the effectiveness of the advertising we offer and to provide relevant advertising, to make suggestions and recommendations about products or services that might interest you.

Confidentiality of Minors’ Data

The company does not knowingly collect personal identification data from minors on its Websites. If a parent or guardian is aware that one of his children has provided the Company with their personal data, they must immediately inform the Company. If the Company discovers that a person under the age of 16 has provided personal data, the Company will destroy this information from its servers immediately.

6.2 How We Use the Information when You Access and Use Our Website

When you access our website to search for our products and services and to visualise information which we provide to you, we (called Cookies First Party) as well as third parties (called Cookies Third Party)use Cookies to allow the operation of the website, to collect useful information on the visitors and to offer a better experience to use our website.
Some of the Cookies we use are strictly necessary so that our website functions at optimal parameters.

The Cookies we use:

Necessary Cookies – These cookies are indispensable for visiting our websites and using certain parts of the websites. For instance, they allow you to navigate between the different parts of the website, and fill in forms. If you refuse these cookies, certain parts of the website will not work, or will not work optimally.
Session Cookies – They get automatically deleted once you have left our website. Other Cookies get saved by your computer until you delete them. These Cookies help us recognize your IP when you next visit our website. You can configure your browser in such way that you get notified when Cookies are been activated and you can decide whether or not you accept them in general or on a case by case basis and / or whether you want these deleted after closing your browser. Note though that the functionality of our website may be impaired if Cookies are fully suppressed.
Functional Cookies – Functional Cookies are Cookies that make it easier for our websites to work, make them more pleasant for visitors, and ensure that you have a more personalized browsing experience. For example, these Cookies can remember your language choice and customer segment. Also, we can use these Cookies to memorise information which you fill in on various pages, so that it is not necessary to fill in the data several times.
Google Cookies – This website uses Google Analytics , a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “Cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the Cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States and Europe. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage. Google may also transfer this information to third parties when required to do so by law, or where such third parties process the information on Google’s behalf, including this website’s publisher. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies without affecting the way in which you visit our website. Detailed information on Google Analytics and personal data protection (including the way in which you can control the information sent to Google) can be found at: https://policies.google.com/privacy/partners. In order to stop the monitoring by this Cookie type, you can install an add-in on your web browser (http://tools.google.com/dlpage/gaoptout), by selecting the appropriate settings on your browser. Detailed information on Google Analytics and personal data protection (including the way in which you can control the information set to Google) can be found at: https://policies.google.com/privacy/partners.
Social Media Cookies – Our website contains plugins for the social platforms: Facebook, LinkedIn and Twitter. These are marked with each platform’s logo on our website. These cookies make it possible for users connected to social media networks to share and directly appreciate the special content on our website. When visiting our website, the plugin offers the option to automatically link your browser with the social media platforms’ servers. This way, the social media platforms are notified that your IP has visited our website. If you click on the “Share” button while logged in your Facebook, LinkedIn or Twitter account, you can link the content of our website with your profile. Through this, Facebook, LinkedIn or Twitter can correlate your visit with your user account. Note though that the provider of this website has no knowledge about the content or the use of the transmitted data by social media platforms. These social media networks can also collect your personal data for their own purposes. SII Romania has no influence on the way in which these social media networks use your personal data. More on the cookies for social media can be accessed at: https://www.facebook.com/policies/cookies/, https://www.linkedin.com/legal/cookie-policy, https://help.twitter.com/en/rules-and-policies/twitter-cookies, https://help.instagram.com/519522125107875.

6.3 How to Reject and Delete Cookies

You do not have to accept cookies and you can reject or block the use of cookies and delete all cookies currently stored on your computer or mobile device. You can do this via the voting button or find out more details regarding your particular browser by clicking “help” on your browser’s menu, or by visiting: www.allaboutcookies.org.

Moreover, if you do not want your browser to keep your work, you can browse the web privately in incognito mode. Thus, the browser will not save your browsing history, cookies, and site data or information entered into the forms. The existing cookies in your regular browser are not shared with such a browsing session. In addition, any cookies that are created then are automatically deleted. You can learn more about how incognito works by visiting https://support.google.com/chrome/answer/95464?co=GENIE.Platform%3DDesktop&hl=en_US.

6.4 When You Send an Application on Our Website

When you submit an applicantion on our site, we ask for your name, phone number and e-mail address.
We use this information to effectively respond to your request. We may send you an email several times after you submited the request, to make sure that we have responded to your question and to improve the experience of using our website.

Your request is stored and processed on secure servers. SII Romania uses advanced security methods and technologies, as well as strict employee policies and work processes, including periodic security audits of personal data collected and processed in accordance with the legal provisions in force.

We do not use the information you provide to take automated decisions that may affect you.
We keep emails coming from requests for two years, after which they are safely archived and kept for five years, afterwards we delete them. CRM records are kept for three years after your last contact with you.

6.5 Why Do We Collect this Data?

We may process your personal data if:

we have to execute a contract that we have concluded with you;
we must comply with a legal obligation (for example, the applicable laws on labor relations, accounting, auditing, monitoring of equal opportunities);
is necessary for our legitimate interests (or those of a third party) and your interests (e.g. for detecting and preventing fraud or for providing IT security and networks), unless your fundamental rights prevail over these interest;
it is necessary to protect your vital interests (or the vital interests of others) and / or where it serves the public interest or the official purposes.

We process your personal information:

for various technical, administrative and operational reasons, such as ensuring that content is presented in the most efficient way for you and your device / device;
to improve our Websites, including their functionality;
to manage the content of our Websites;
for internal operations, including debugging, data analysis, testing, statistics and research purposes;
for advertising and marketing, including for specific marketing purposes, so we offer you personalized content that might be of interest to you;
as part of our efforts to keep our Websites safe.

If you are a visitor to our sites or you interact with any of our pages on social networks, then we may use your personal data for the following purposes:

Improve the experience on our website . In order to take into account the preferences you have expressed in previous browsing sessions, to adapt our website to the device you are using, to solve the problems you might encounter when accessing, we process data like : IP address; Cookie identifiers; other online identifiers; Unique device identifier (Unique Universal ID – UUID) date and time of website access; visit history; web request; the device on which you access the website; type of Internet browser and browser language; Event information on your device (for example, errors) information about the hardware settings of your device; information about where you are when you access our website, the function and / or the company you are part of.
Knowing the opinions you communicate to us . Also, when: you post a comment under one of our posts on social networks, tap the Like button, reshare our post or send us a message on one of our pages, we will mainly process your data that you have submitted to us (username, profile photo, action you’ve taken – like/ other reaction or other content of your comment).

Sometimes, we will process your personal data only based on your consent. In these cases, we will separately request your consent in a transparent manner when providing your personal data. Subsequently, you will be able to withdraw your consent and / or request the deletion of your personal data at any time via the email address gdpr@siiromania.ro or dpo@siiromania.ro. However, withdrawal of consent will not affect the legality of any processing that took place prior to its withdrawal.

If we request personal data to comply with legal or contractual obligations, the provision of such personal data is mandatory. This means that if such personal data is not provided, we will not be able to manage contractual relationships or comply with our obligations. In all other cases, the provision of personal data is optional and you are under no obligation to provide them.

We may also process your personal data, such as your identification, position, company, contact details, and address of residence, in order to exercise our rights or claims against you in the future. This processing is based on our legitimate interest, and we need to exercise our rights in the event of possible litigation.

6.6 How Do We Share Your Information with Others?

We do not sell your personal data to third parties. We also do not disseminate information collected from Cookies to third parties. Within the Company, only a limited number of team members, such as sales, recruitment and IT departments, have access to your personal data on a need-to-know basis. These staff members are subject to confidentiality obligations with respect to personal data. Appropriate technical and organizational measures are taken to protect personal data. Members of the Company have the right to manage their personal data only at the indications and under the Company’s instructions.

Personal data may be communicated to governmental authorities and / or law enforcement agencies if required by applicable law or if necessary for the exercise of our rights, including conditions of use, or for the protection of our legitimate interests (including legitimate interests of third parties) in accordance with the applicable laws.

Your personal data may also be disclosed to third parties, including:

service providers that offer administrative, professional, and technical support to the Company for IT support, security and commercial resources;
business partners, suppliers and subcontractors for the performance of all the contracts we conclude with you;

The company may also disclose personal data to external consultants (e.g. lawyers, accountants, auditors) only if necessary.
In some cases, we may disclose personal data to our Affiliated Companies on a need-to-know basis. We have implemented appropriate safeguard in relation to our affiliates to secure this disclosure of personal data. Your personal data we collect is stored in secure locations in the European Union (“EU”) and in the European Economic Area (“EEA”). You can find out more details by visiting https://products.office.com/en-us/where-is-your-data-located?geo=Europe#Europe.

We will ensure, within reasonable limits, that your data do not leave the European Economic Area, but as we transfer data to non-EEA countries, we will ensure in all cases that transfers are legitimate based on your explicit consent or otherwise on legal basis. We may also transmit the data to other parties with your consent or your instructions.

6.7 Which is the Legal Ground for Processing?

The processing is necessary:

To respond to your requests
To provide you with various services, including customer service issues
To send you notifications about current services, about new services or promotions we have and about the opportunities you can benefit from
To let you know about new features or improvements to our services
To inform you of the employment or career opportunities you are interested in
To make sure that our site and our services work in an efficient way for you
To keep our site safe and secure
To measure and understand the efficiency of advertising and promotion
In the cases required by law

6.8 How Long Do We Store the Data?

We store personal data only for the time required to meet the goals. If your application is an opportunity to fill in the vacant positions, we will store your application data for up to 2 years in our Candidate Database. If we have an interest in storing your data after this deadline, we will contact you in advance. Otherwise, your data will be deleted automatically after 2 years without any special notice. If you do not wish to be included in our Candidate Database, please indicate this in the Letter of Intent.

We keep emails coming from requests for two years, after which they are safely archived and kept for five years until we delete them. CRM records are kept for three years from the last contact. The information gathered from cookies and the use of the Google Analytics tool is stored for 50 months.

7. Data Security

You are in charge of maintaining the confidentiality of all means of authentication (e.g. passwords) used by you to access our Websites. Data transmission over the Internet is not entirely secure. While we will do our best to protect your data, we cannot guarantee the security of your data transmitted on our Websites; any transmission is at your own risk. Once we receive your data, we will use strict security procedures and methods to try to prevent unauthorized access.

8. Which Are Your Rights?

Your rights as per GDPR are the following:

The right to withdraw consent
The right to be informed on the processing of your data
The right of access of the data
The right to rectification of inaccurate or incomplete data
The right to erasure („right to be forgotten”)
The right to restrict processing
The right to sent your data to another controller
The right to object to data processing
The right to not be the object of a decision exclusively based on automatic processing, including profiling
The right to address to the court
The right to file a complaint to the supervisory authority.

Please remember that :

You can withdraw your agreement at any moment (e.g. for direct marketing following the unsubscription instructions of every email or electronic message).
If you exercise your rights, we can do so by sending a written request, signed and dated to the email address: gdpr@siiromania.ro or dpo@siiromania.ro.
The rights mentioned above are not absolute. There are exceptions, so each request received will be analysed so that we can decide whether it is founded or not. To the extent that the application is well founded, we will facilitate the exercise of your rights and we will inform you. If the claim is unfounded, we will reject it, but we will inform you of the reasons for the refusal and the rights to file a complaint with the Surveillance Authority and / or take it to a court of law.
We will try to respond to the request within 30 days. However, the deadline may be extended depending on various aspects, such as the complexity of the application, the large number of requests received or the failure to identify you within a proper time limit.
If we fail to identify you, and you do not provide us with additional information to identify you, we are not required to comply with the request.

9. Questions, Demands and Exercising Rights

If you have any questions or concerns regarding the processing of your information, if you wish to exercise your legal rights or if you have any other privacy concerns, you can contact us using the information below.

Our contact information:
Name: SII IT & C SERVICES SRL
Address: ONE Cotroceni Park Office – 44, Sergent Nutu Ion street, unit A+B, 5th floor, district 5, Bucharest (access through no. 1, Progresului street)
Phone number: 021 320 2310 (available between): 09:00-18:00 Mondays to Fridays
Email address: gdpr@siiromania.ro
Website: www.siiromania.ro

Also, the contact data of our officer in charge of data protection:

E-mail address: dpo@siiromania.ro

Please do not disclose sensitive personal data (for example, information about racial or ethnic origin, political opinions, religious or other beliefs, health or membership of a union), social security numbers or information related to a criminal record when you contact us.

10. Updates of This Confidentiality Policy

We regularly review and if necessary, update this policy periodically when changes occur.
Please consult this Policy periodically to inform yourself of any changes we have made. Any changes we make to our Privacy Policy in the future will be posted on this page.

General information note related to personal data processing within SII Romania

The purpose of this document is to make clear what data we process, in what way and for what purpose, as per the applicable laws in force, including Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). We respect your privacy and never sell lists or email addresses. Being fully aware that the personal information belongs to you, we do our best to store and process it securely. We do not provide information to third party without informing you beforehand.

Listed below the data that we do process related to you, irrespective of your client/ job status:

client/partner – natural person,
representative of a client / partner- legal person
applicant of an offer or person contacting us for other purposes (for example in relation to various claims, requests or job applications
visitor of our headquarters
former/current or possible employees or interns
visitor to our website etc.

This General Information Note has the following table of content:

Definitions / terms;
The categories of personal data;
The purposes for which we process personal data;
Grounds that justify our processing of personal data;
The persons to whom we may divulge the data;
The period for which we store any data;
The consequences of refusing to provide us with personal data relating to you;
Your rights and information regarding their exercise;
Our contact details;
Changes to this information note.

1. DEFINITIONS. TERMS

Supervisory Authority for Personal Data Processing: Independent public authority which has, in accordance with the law, duties referring to the surveillance of rightful enforcement of data protection. In Romania, this supervisory authority is the National Supervisory Authority for Personal Data Processing (ANSPDCP).
Personal data: Any information relating to an identified / identifiable individual, especially by reference to an identification element, such as: name, identification number, localization data, online identifying factor, one or multiple elements specific to their own physical, physiological, genetic, psychic, economic cultural or social identity of that person (such as name and surname; residence or domicile, email address, phone number, Personal identification number (CNP); accessed medical services (Sensitive data); diagnosis set (Sensitive data); genetic data (Sensitive data) biometric data (Sensitive data); geolocation data. Personal data categories related to you, which we process, are described below (Sensitive data)
Special personal data (Sensitive personal data/ sensitive data): Data with personal information revealing e.g. the race or ethnic origin, the political opinions, religion or philosophic convictions, or union membership; genetic data; biometric data for the sole identification of a natural person; data about health or sexual life or sexual orientation of a natural person.
Data Controller: Any natural or legal person that determines the purposes and means of processing personal data. According to the law, the liability for complying with the personal data law belongs to the Controller. In relation to you, we are the controller and you are the subject.
Data Processor: A Data Processor processes the data on behalf of the Data Controller, not including the controller’s employees.
Data Subject: Natural person to which certain personal data refer (“belong”). For us (controller), you are the data subject.
Processing of Personal Data: Any operation performed on personal data or on sets of personal data, including automated means, such as creation, collection, storage, use, view, transmission, dissemination or making available by any other means, alignment or combining, restriction, deletion or destruction of that personal data/ personal data sets. These are mere examples. In practice, the processing means any personal data operation, either by automated or manual means.
Third Party State: A state outside the European Union and the European Economic Area.

2. CATEGORIES OF DATA. PURPOSE. GROUNDS

2.1 Members (representatives, employees, collaborators and so on) of our clients/ contractual partners – legal persons ]

We can process your data for:

Maintaining the contract relation with the company you are part of. In order to be able to collaborate with the company you are part of (including the ability to communicate with you in order to solve possible problems that your company or SII ROMANIA might encounter in relation to the contract between them), we shall need to process your personal data. In this case, we shall base our processing on our legitimate interests in order to enforce the contracts that we concluded in good conditions.

We shall mainly process the following data which refer to you: first and last name, position, company, phone number and email address.

Marketing communication. In order to send you communications and offers related to our products, services and promotions, it is necessary to process your personal data. In this case, the processing of the personal data shall be based on your consent to receive such notices from us or, if applicable, on our legitimate interests, if following our analysis, we reached the conclusion that our legitimate interests must prevail.

We will mainly process the following data related to you: last and first name, phone number and email address.

2.2 Members (representatives, employees, collaborators and so on) of our current or potential clients SII Romania

We can process personal data related to you for:

Supply of our services. We will use your data to sent you an offer (upon your request), in order to conclude and sign the contract with the Company that you are part of and in order to make sure that we provide you the requested services. In this case, we shall base our processing on the need to conclude and/ or execute the contract with the Company with which you are associated.

We will mainly process your identification data (first and last name, position, email address and phone number).

Solving your requests. We will use your data in order to answer to possible requests, demands or any other questions you will send us.

In this case, the ground of processing will be the conclusion and execution of the agreement with you or, if applicable, your agreement. We will mainly use your first and last name, your contact data (email address, phone number) and the information from the request that you will send us.

Marketing communication. In order to send you communications and offers related to our products, services and promotions (from our initiative), it is necessary to process your personal data. In this case, the processing of data will be grounded on your agreement.

We will mainly process the following personal data related to you: first and last name, email address and phone number.

2.3. Members of public authority

We will use your personal information to fulfil our legal obligations, such as responding to requests from authorities, keeping registers provided by law, and other similar events.
For example, we will have to keep the name, surname, authority you are part of and your signature in the control records that the law requires us to keep. Also, if you submit a request for information from your authority / employer, we will process your data (first and last name, position, employer) in order to respond.

2.4. Job/ internship candidates at SII ROMANIA

It is possible that we process your personal data during any recruitment process. In order to be able to analyse your application, we need to process the data included therein. This data will usually include your first and last name, contact details (phone number and e-mail address), professional experience, education, and any other information you will find in your CV and other documents that we might request from you or you sent it to us voluntarily.
In these cases, we will base your data processing on the conclusion / execution of the employment contract, internship, etc.

If we ask you to submit referral letters to us, we will process personal data related to the opinion of the persons who made those recommendations about you. In these cases, the source of your personal data will be those people. Also, in this case, we will process personal data of the persons who made these letters (based on their agreement) and related to other identified/ identifiable persons mentioned in these documents (based on our legitimate interests).

2.5. If you are a visitor of our headquarters or other facilities of ours

Then it is likely that we use your personal data to ensure the security of people and corporate entities. On our premises we have video surveillance cameras (CCTV – closed circuit television) to ensure the security of our employees, of other people in those rooms and of our assets. So, we will process images (video images) with you for 30 days after that they will be deleted. In all cases, we have indicated the places where these cameras are located by means of information plates, in accordance with the law. Data processing for this purpose is based on our legitimate interest for ensuring the security of people and objects in our premises.

After the analysis of the identified risks of: armed assault, stealing goods, attempted fraudulent intrusion, vandalism attack, terrorist attack, and explosive malicious attack, we found out that in order to achieve the intended aim of ensuring the physical security of our employees, of other people in our areas and our assets, no other types / measures taken have proven their effectiveness.

2.6. If you are a visitor of our websites or you interacted with any of our social media pages

Then it is likely that we used your personal data for the following purposes:

Improving the experience on our website. In order to take into account the preferences you have expressed in previous browsing sessions, we adapt our website to the device you are using to solve the problems you might encounter when accessing. We process data like: IP address; cookie identifiers; other online identifiers; Unique device identifier (Unique Universal ID – UUID) date and time of website access; visit history; web request; the device on which you access the website; type of Internet browser and browser language; event information on your device (for example, errors), information about the hardware settings of your device; information about where you are when you access our website, your position, and / or the company you are part of.

For more information on the way in which we use the Cookies technology and other similar technologies, please access our dedicated policies for the website’s confidentiality at https://www.siiromania.ro/politica-de-confidentialitate-site/ and on the use of cookies at https://www.siiromania.ro/politica-de-cookies/.

The basis for processing will often be our consent or our legitimate interest.

Knowing the opinions which you communicate to us. Also, when post a comment under one of our posts on social networks, press the Like button, redistribute our post or send us a message on one of our pages, we will mainly process your data that you have sent us (username, position, company, profile photo, action you have taken: – like / other reaction or the content of your comment).

In these cases, we shall base our processing on your consent.

Management of our communication and IT systems and their protection. We can process your data for: management of our communication systems, management of our IT security; security audits on our IT networks; protection of data and systems against attacks and any other similar virtual actions.

For this purpose, we will mainly process data on, for example: IP address; other online identifiers; Unique device identifier (Unique Universal ID – UUID) date and time of website access; visit history; the device on which you access the website; type of Internet browser and browser language; information about where you are when you access our website; your position, the company you are part of, your behaviour in relation to certain pages on our website, public information on social networks etc. In this case, we will base our processing on our legitimate interests or, as the case may be, the fulfilment of our legal obligations.

2.7. In general, irrespective of your job position:

We can also process your data for the following purposes:

Settlement of your requests. We will use your data to respond to any requests, demands, complaints, or any other questions you may have.

We will mainly use your last and first name, your contact details (email address, telephone number) and information contained in the request you are sending us.

In this case, the basis of the processing will be the execution of the contract with you (if any) or, as the case may be, your consent, in the following areas:

Answer to the requests of authorities or the processing of data in other cases in which the law forces us. Sometimes we may have a legal obligation to communicate your data to certain authorities, store your data over a certain period, or otherwise process your data. In this case, the basis of the processing will be the fulfilment of our legal duty.
Protecting our rights and interests or those of other persons. We may process your data for ascertaining, exercising or defending our rights or interests or other persons before courts of law, bailiffs, notaries, other public authorities, arbitration tribunals, mediators or other public bodies; or lawyers, consultants (such as auditors, experts or specialists) or other natural or legal persons, whether public or private, who are involved in those disputes. In this situation, we will process your personal data, as appropriate, on the basis of the fulfilment of our legal obligations or our legitimate interests.
Prevention of frauds. We are interested in our activity being carried out in a legally binding manner. That is why we can process your data (such as by transmitting this data to our consultants in various fields – auditors, lawyers, etc. or by accessing this data). In such cases, processing will be justified by our legitimate interests in preventing fraud and other unlawfulness in our business, or, as the case may be, by our legal obligations to ensure the lawfulness of our operations (such as obligations imposed by legislation in the field of money laundering prevention)

2.8. On third party data

In case you send us personal data about other people (i.e. your representatives, your family members, your dependents, etc.), you have to make sure that you have informed them about it and that you have directed them to this information on how SII ROMANIA processes personal data.
We will inform those persons rightfully on the way in which we process personal data, when and if applicable.

3. WITH WHOM WE SHARE YOUR PERSONAL DATA

As a rule, we will not disclose your data to other individuals or businesses. We are trying to limit data access to people outside the company. However, in some cases, we may have to disclose your data, as described below. We may disclose your data, by compliance with applicable law, to business partners or other third parties, such as companies that are looking for staff.We may divulge your data to other companies or individuals, such as: natural or legal persons acting as agents empowered for us in various areas (such as document filing, document destruction, or data storage, payment services, various services we can outsource, such as human resources, legal field), other people, courts, authorities. In such cases, we will disclose the data for legit reasons related to our activity, such as the provision of services, the assurance of our ability to secure the documents, the reduction of our activity, the discovery, defence and exercise of our rights or interests or of another person.

We could also share your data with business partners as a result of a joint effort to offer a product or service. As stated above, in some cases we may have a legal obligation to disclose the data to public authorities or other natural or legal persons. We may share data with other parties with your consent or your instructions. We are continually making reasonable efforts to ensure that these third parties have implemented appropriate safeguards and security measures in accordance with the purpose for which we have transmitted the data and in order to respect your rights.

We will ensure, within reasonable limits, that your data does not leave the European Economic Area, but as we transfer data to non-EEA countries, we will ensure in all cases that transfers are legitimate based on your explicit consent or have other legal ground.

4. HOW LONG WILL WE STORE YOUR DATA

We will store your data in accordance with our personal data storage policy, which assigns a storage period according to the purpose of the processing and the data category processed. These periods are based on legal provisions (especially in the field of personal data protection), also obligations to store certain data, the applicable prescription terms, the recommended practices in the area and the purposes of our activity.

In general:

We store personal data only for the time required to meet our goals, but no more than 10 years after the termination of the contract or from the last interaction with us. If your application is an opportunity to fill in vacant positions, we will store your application data for up to 2 years in our Candidate Database. If we have an interest in storing your data after that deadline, we’ll contact you beforehand. Otherwise, your data will be deleted automatically after 2 years without any special notice. If you do not wish to be included in our Candidate Database, please indicate this in the Letter of Intent. If we start the recruitment process but we do not hire you, we do not keep your personal data unless you agree. Otherwise, it is deleted / destroyed or converted into anonymous data.

After completing the recruitment process, under the conditions described above, personal data will be destroyed or deleted from computer systems or converted to anonymous data for scientific, historical or statistical research purposes. Please note that in certain situations specifically governed by law, we store the data for the period required by law, such as the payrolls for 50 years and the employment contracts for 75 years.

We keep emails with requests for two years, after which they are safely archived and kept for five more years and then deleted. CRM records are kept for three years after your last contact with you.

5. CONSEQUENCES OF SITUATION IN WHICH YOU DO NOT PROVIDE US WITH YOUR DATA

In most cases, you are under no obligation to provide us with your personal data. Yet, if you do not provide the required data, we will not be able, for example, to conclude or negotiate a contract with you, provide our services, access all the functionality on our website, respond to complaints, or requests or to send you communications about our services and promotions that may be of interest to you.

6. NONEXISTENCE OF AN AUTOMATIC DECISION- MAKING PROCESS

We do not take decisions exclusively based on the automatic processing of your data (including profiling), that would produce legal effects related to you or that would affect you similarly in a significant measure.

7. YOUR RIGHTS AND EXERCISING METHOD

You have the following rights:

The right of access. You have the right to access your data which we process or control or make copies thereof; you also have the right to obtain new information on the nature, processing and disclosure of such data.
The right to rectification. You have the right to rectify the inaccuracy of your data which we process or control.
The right to erasure („right to be forgotten”). You have the right to obtain from us the erasure of your data which we process or control.
The right to restrict processing. You have the right to restrict the processing of your data which we process or control.
The right to object. You have the right to object to the processing of your data by us or on our behalf.
The right to data portability. You have the right to get the transfer to another operator of your data which we process or control.
The right to withdraw consent. In cases in which we process your data based on our consent, you have the right to withdraw your consent; you can do that at any moment, at least as easy as when you gave us the initial agreement; withdrawal of the consent will not affect the legal character of processing your data which we achieved before the withdrawal.
The right to file a complaint to the supervisory authority. You have the right to file a complaint at the supervisory authority in relation to the processing of the data by us or in our name. In Romania, this authority is the National Supervisory Authority for Personal Data Processing (ANSPDCP).

The rights mentioned hereabove are not absolute:

There are exceptions, so each request received will be analysed so that we can decide whether it is founded or not. To the extent that the application is well founded, we will facilitate the exercise of your rights and we will inform you. If the claim is unfounded, we will reject it, but we will inform you of the reasons for the refusal and the rights to file a complaint with the Surveillance Authority and / or take it to a court of law.
We will try to respond to the request within 30 days. However, the deadline may be extended depending on various aspects, such as the complexity of the application, the large number of requests received or the failure to identify you within a proper time limit.
If we fail to identify you, and you do not provide us with additional information to identify you, we are not required to comply with the request.

How can you exercise your rights
In order to exercise one or multiple rights or in order to ask any question about any of these rights or any provision from tis notification or any aspect of us processing your personal data, please use the contact details from the below section OUR CONTACT DETAILS.

8. OUR CONTACT DETAILS

You can contact us by using the information below.