Privacy Policy - ACTIV PROPERTY SERVICES

SECURITY POLICY REGARDING THE PROCESSING OF PERSONAL DATA WITHIN PROPERTY SERVICES SRL

Protecting the safety and security of your data is extremely important for ACTIV PROPERTY SERVICES SRL, a Romanian commercial company registered with the Trade Registry under no. J40/20624/2006, Bucharest, CIF RO 19738131, with work point in Str. Carol Davila No. 34, 4th floor, Sector 5, Bucharest; work point in str. Gheorghe Lazar no. 24, Fructus Plaza, 5th floor, Timisoara and the registered office in Str. General Athanasius Demosthenes no. 35A, Sector 5, Bucharest, bank account no. RO96 BACX 0000 0002 8750 3000, opened at UniCredit Tiriac Bank, Panduri, share capital 1000 Ron, phone 021/ 408 03 00, fax: 021/ 408 03 01, therefore the activities carried out by the company are in accordance with the applicable legislation regarding data safety and security protection.

The purpose of this Personal Data Processing Security Policy (hereinafter referred to as "Security Policy") is to establish the appropriate technical and organizational measures and the responsibilities of ACTIV PROPERTY SERVICES SRL employees with personal data processing duties, to fulfill the obligations regarding the guarantee and protection of the fundamental rights and freedoms of natural persons, especially the right to intimate, family and private life, regarding the processing of personal data.

By accessing the website www.spatii-de-birouri.ro , all users agree to comply with the terms of use and the legislation in force.

In accordance with the legal provisions for the protection of individuals regarding the processing of personal data and the free circulation of such data, ACTIV PROPERTY SERVICES SRL processes personal data, in compliance with the principles mentioned below, for legitimate purposes, for marketing and bidding purposes , as well as for carrying out real estate brokerage activities, evaluations of movable and immovable properties, as well as for property management.  

The processing of personal data is carried out by mixed means (manual and automatic), in compliance with legal requirements and under conditions that ensure security, confidentiality and respect for the rights of the persons concerned.

ACTIV PROPERTY SERVICES SRL certifies that it meets the minimum security requirements for personal data and is subject to the following general rules regarding the processing of personal data:

  • personal data are processed in good faith and in accordance with the legal provisions in force;
  • personal data are collected only for specific, explicit and legitimate purposes, and subsequent processing will not be incompatible with these purposes;
  • the personal data that are the subject of processing are adequate, relevant and not excessive in relation to the purpose for which they are collected;
  • the personal data that are the subject of processing are accurate and, if necessary, updated;
  • personal data are not stored for a longer period than is necessary to achieve the purposes for which they were collected;
  • personal data are processed in accordance with the rights of the data subject provided by law;
  • the necessary measures will be taken so that inaccurate or incomplete data from the point of view of the purpose for which they are collected and for which they will be processed, are deleted or rectified; appropriate technical and organizational measures will be taken to protect personal data against accidental or illegal destruction, loss, modification, disclosure or unauthorized access;
  • personal data may not be transferred to a country or territory outside the EU and EEA, only in the conditions where that country or territory ensures an adequate level of protection for the protection of the rights and freedoms of the data subject with regard to the processing of personal data ;

Activ Property Services SRL uses security methods and technologies, together with policies applied to employees and work procedures, including control and audit, to protect personal data collected according to the legal provisions in force.

1. PRINCIPLES OF PERSONAL DATA PROCESSING

Personal data are processed by ACTIV PROPERTY SERVICES SRL in good faith and in accordance with the legal provisions in force.

Personal data are collected by ACTIV PROPERTY SERVICES SRL for well-defined, explicit and legitimate purposes, and subsequent processing will not be incompatible with these purposes.

Personal data are adequate, relevant and not excessive in relation to the purpose for which they are collected and subsequently processed.

Personal data are not stored by ACTIV PROPERTY SERVICES SRL for a longer period than is necessary to achieve the purposes for which they were collected or to comply with legal requirements.

ACTIV PROPERTY SERVICES SRL has taken appropriate technical and organizational measures to protect personal data against accidental or illegal destruction, loss, modification, disclosure, unauthorized access or any other form of illegal processing, as well as regarding the deletion or rectification of inaccurate data or incomplete from the point of view of the purpose for which they are collected and for which they will be subsequently processed.

Any processing of personal data is done for well-defined, explicit and legitimate purposes, adequate, pertinent and not excessive in relation to the purpose for which they are collected and subsequently processed;

By using the telecommunications services to access our website ( www.spatii-de-birouri.ro ), your communication data (for example the internet protocol address or usage data, for example the information from the beginning, from the end and the extension of each access, as well as the telecommunications information you have accessed are technically generated and can relate intelligibly to personal data.

To the extent that there is any need for compilation, the collection, processing and use of your communication or usage data will be carried out in accordance with the applicable legal framework regarding the protection of personal data.

When you access the website www.spatii-de-birouri.ro , we can use certain data to monitor the degree of attractiveness of our internet pages and implicitly to improve the site's performance and content.

When you view the website www.spatii-de-birouri.ro , with your consent, we can store some data on your computer in the form of "cookies", to automatically recognize this computer on the next visit.

These cookies can help us in several ways, for example by allowing us to identify a service or a type of betting or a specific preference, to better meet your interests or to store a possible password or user to stop wasting time with registration every time you access our website.

If you do not want to receive cookies, please configure your internet browser so that you delete everything that means cookies from the central unit of the computer, block them or receive a warning before a cookie is saved.

2. Categories of data and the purpose of using personal data

The personal data referred to in this Security Policy include identification elements such as name and surname, gender, date and place of birth, age, citizenship, telephone/fax, home address/residence, e-mail address , personal numerical code, series and number of the identity document/passport, job, profession, professional training – diplomas – studies, bank data or other such, which serve to identify you or the persons who represent you or whom you represent.

Thus, we may collect and process the following personal data:

  • Identity and contact data, including your name, address, telephone number, date of birth and other personal data relating to your preferences relevant to our services;
  • Financial and payment data, including your bank account and other data necessary to process payments and prevent fraud;
  • Business information, including information provided in the course of the contractual relationship or provided voluntarily by you or your organization;
  • Profile and usage data, including your preferences in receiving marketing information from us, your communication preferences and information about how you use our website;
  • Technical data, including information collected during your visits to our website, Internet Protocol (IP) address, browser type and version, device type, time zone setting and other details about your visit to our website and resources that you access;
  • Curriculum vitae information: We may collect, retain and use your contact details and other information contained in your curriculum vitae and cover letter, as well as any references provided or obtained for the purposes of application processing and general recruitment and selection and employment purposes ;

3. The types of information we collect

We collect your personal information when you provide it to us. "Personal Information" means any information that can be used to identify you. We may automatically collect certain information when you use, access or interact with our Site. We may collect information from other sources, such as social media platforms that may share information about how you interact with our social media content.

4. How do we collect your personal data?

The circumstances in which we may collect personal data about you include:

  • when you or your company request a commercial offer from us or our customers or use any of our services;
  • when we send you a request for an offer, you request it from a client of our company;
  • when you contact us or we contact you by telephone, email or other electronic means or in writing or when you directly provide us with other information, including in conversations with our consultants and staff;
  • when you or your organization browse, fill out a form or make a request or otherwise interact with our website or other online platforms;
  • when you participate in social events organized by our company for various clients;
  • for recruitment and selection.

ACTIV PROPERTY SERVICES SRL will collect, use, process and provide the personal data provided by you for purposes such as advertising, marketing and publicity, statistics, the organization of seminars, other events (including delegations, conferences and fairs), for issuing any financial-accounting documents , concluding contracts or other necessary documents in the activity of ACTIV PROPERTY SERVICES SRL

Personal data are intended for use by ACTIV PROPERTY SERVICES SRL and are collected through persons designated for this purpose. Part of this data can be communicated to contractual partners or third parties related to the activity of the company ACTIV PROPERTY SERVICES SRL

The collection and processing of personal data of minors by ACTIV PROPERTY SERVICES SRL will only be done with the explicit consent of parents or other legal representatives.

5. Execution of backups

The computer system performs a back-up of the databases at certain time intervals, automatically, for a possible data recovery, in case of loss, destruction or dysfunction of the computer systems.

The company establishes the time interval at which backup copies of personal databases, as well as programs used for automated processing, will be executed. The users who run these backups are appointed by the operator, in a limited number. Backups are stored in a safe box with restricted access, located in a different room from the one where the backup is performed.

6. Processing of personal data

We may process your personal data in relation to any of the above purposes on one or more of the following legal grounds:

  • because it is necessary for us to do so in order to fulfill our contractual obligations or other agreement;
  • to comply with our legal obligations, as well as to maintain records;
  • because our legitimate or contractual interests or those of a third party beneficiary of your personal data make the processing necessary, provided that these interests are not overridden by your interests or fundamental rights and freedoms;
  • because you have expressly given us your consent to process your personal data in this way.

We will provide you with marketing and promotional information only after, where you have legally requested this, you have opted-in to receive these communications and we have given you the opportunity to opt-out at any time.

We will not use your personal data to make automated decisions that affect or create profiles other than those described above.

7.Disclosure of your personal data

We may share your personal data:

  • with third parties, including certain customers or service providers related to the services provided by our company, such as real estate agents, real estate developers, potential tenants, buyers, banks, bailiffs, consultants, experts or any other specialists;
  • if we have collected your personal data in the course of providing services to any of our customers, we may disclose it to that customer and, if permitted by law, to other persons for the purpose of providing those services;
  • with tax authorities, courts, law enforcement authorities, regulators, government officials or lawyers or any other parties, where reasonably necessary to establish, exercise or defend a legal or equitable claim or for the purpose of a lawsuit of alternative dispute resolution.

8. Security of your personal data

We have implemented appropriate security measures to prevent the accidental loss of your personal data, unauthorized use or access, modification or disclosure of your personal data.

We have also put procedures in place to deal with a suspected personal data breach and will notify you and any applicable regulatory authority of a breach of law where we are legally required to do so so.

9. Computers and access terminals

Computers and other access terminals are installed in lockable access-controlled rooms. If computers are open and not acted upon for a given period, set by the operator, the work session is automatically closed.

Users are trained so that databases with personal information are closed, in cases where they are open, if unauthorized persons are around.

The servers hosting the databases can only be accessed in a controlled manner based on access rights.

10. Access files  

The company takes measures so that any access to the personal database is recorded in an access file (called a log for automatic processing) or in a register for manual processing of personal data, established by the operator.

The information recorded in the access file or register will be:

  • identification code (user name for manual personal databases);
  • the name of the accessed file (file);
  • the number of registrations made;
  • type of access;
  • the code of the operation performed or the program used;
  • date of access (year, month, day);
  • time (hour, minute, second).

For automatic processing, this information will be stored in a general access file or in separate files for each user.

The operator is obliged to keep the access files for at least 5 or 10 years, to be used as evidence in case of investigations. If the investigations are prolonged, these files will be retained until the investigations and any related actions are completed.

The access files must make it possible for the operator or the authorized person to identify the persons who have accessed personal data without a specific reason, in order to apply sanctions or notify the competent bodies.

11. Telecommunications systems

ACTIV PROPERTY SERVICES SRL, through authorized users, periodically controls authentication and access types to detect malfunctions in the use of telecommunications systems. Only strictly necessary personal data will be transmitted through the telecommunications systems.

12. Staff training  

Users who have access to personal databases are instructed on the provisions of Law no. 677/2001, to the minimum security requirements for the processing of personal data provided by Order no. 52/2002, regarding the provisions of the IT security policy of ACTIV PROPERTY SERVICES SRL, as well as regarding the importance of maintaining their confidentiality and the risks involved in the processing of personal data.

Users who have access to personal data will be warned by messages that will appear on the monitors during the activity. Users are required to close their work session when they leave their workplace.

13. Use of computers

To maintain the security of personal data processing (especially against computer viruses) ACTIV PROPERTY SERVICES SRL has taken the following measures:

  • prohibited users from using software from unsafe sources;
  • users do not have administrator rights on computers, therefore they cannot install software programs without notifying the department that provides technical support;
  • licensed software is used;
  • users have been trained on the Security Policy and the other general operating policies, including the danger represented by computer viruses;
  • computers are protected with antivirus programs;
  • the user's activity is monitored and his access to printers is restricted

14. Data printing

The printing of personal data will be done only by designated users and only for the purpose specified in these rules and only for the company's activity.

15. Updating personal data about you.

If any of the personal data you have provided to us changes, for example if you change your email address or if you wish to cancel any request you have made from us or if you have become aware that we have inaccurate personal data about you, please notify us by sending an email to office@activpropertyservices.ro . We will not be liable for any losses arising from inaccurate, unauthorized, deficient or incomplete personal data that you provide to us.

16. The rights of individuals who provide us with personal data

Regarding the use of your personal data, you have the following rights:  

Transparency of information, communications and ways of exercising the rights of the data subject

ACTIV PROPERTY SERVICES SRL takes appropriate measures to provide the data subject with any information and any communications related to the processing, in a concise, transparent, intelligible and easily accessible form, using clear and simple language. The information shall be provided in writing or by other means, including, where appropriate, in electronic format. At the request of the data subject, the information may be provided verbally, provided that the identity of the data subject is proven by other means.

The right to information

(1) The data subject has the right to obtain from ACTIV PROPERTY SERVICES SRL, at least the following information, unless they are already in possession of the respective information:

(a) the identity and contact details of the operator and, as the case may be, of his representative;

(b) the contact details of the data protection officer, as applicable;

(c) the purposes for which the personal data are processed, as well as the legal basis of the processing;

(d) if the processing is done pursuant to Article 6 paragraph (1) letter (f) of Regulation 679/2016, the legitimate interests pursued by the operator or a third party;

(e) recipients or categories of recipients of personal data;

(f) if applicable, the operator's intention to transfer personal data to a third country or a

international organization and the existence or absence of a Commission decision on adequacy or, in the case of transfers referred to in Article 46 or 47 or Article 49(1) second subparagraph of Regulation 679/2016, a reference to appropriate or appropriate guarantees and to the means of obtaining a copy of them, if they have been made available.

In addition to the information mentioned in the previous paragraph, when personal data is obtained, the operator provides the data subject with the following additional information necessary to ensure fair and transparent processing:

(a) the period for which the personal data will be stored or, if this is not possible, the criteria used to establish this period;

(b) the existence of the right to request from the operator, with regard to the personal data relating to the data subject, access to them, their rectification or deletion or restriction of processing or the right to oppose processing, as well as the right to data portability ;

(c) when the processing is based on Article 6(1)(a) or Article 9(2)(a) of Regulation 679/2016, the existence of the right to withdraw consent at any time, without affecting the legality of the processing carried out on the basis of consent before its withdrawal;

(d) the right to lodge a complaint with a supervisory authority;

(e) whether the provision of personal data represents a legal or contractual obligation or an obligation necessary for the conclusion of a contract, as well as whether the data subject is obliged to provide this personal data and what are the possible consequences of non-compliance with this obligation;

(f) the existence of an automated decision-making process including the creation of profiles, referred to in Article 22 paragraphs (1) and (4) of Regulation 679/2016, as well as, at least in the respective cases, relevant information on the logic used and on the importance and consequences expected of such processing for the data subject.

(3) If the operator intends to subsequently process the personal data for a purpose other than that for which they were collected, the operator shall provide the data subject, before this further processing, with information regarding the respective secondary purpose and any additional information relevant.

(4) Paragraphs (1), (2) and (3) do not apply if and to the extent that the data subject already possesses the respective information.

Right of access:

The data subject has the right to obtain from us a confirmation as to whether or not personal data concerning him or her is being processed and, if so, access to the respective data or a copy of the personal data we hold in relation to the data subject.

There are exceptions to this right, so access can be denied. The right to obtain a copy mentioned above must not affect the rights and freedoms of others.

The right to rectification

Our aim is to keep your personal data accurate, current and complete;

The data subject has the right to obtain from the operator, without undue delay, the rectification of inaccurate personal data concerning him. Taking into account the purposes for which the data were processed, the data subject has the right to obtain the completion of personal data that are incomplete, including by providing an additional statement.

The right to data deletion ("the right to be forgotten")

In certain circumstances, you also have the right to object to the processing of your personal data and to ask us to block, delete and restrict your personal data.

The right to restriction of processing

The data subject has the right to obtain from us the restriction of processing if one of the following cases applies:

(a) the data subject contests the accuracy of the data, for a period that allows the operator to verify the accuracy of the data;

(b) the processing is unlawful and the data subject opposes the deletion of personal data, requesting instead the restriction of their use;

(c) the operator no longer needs the personal data for the purpose of processing, but the data subject requests them for establishing, exercising or defending a right in court; or

(d) the data subject objected to the processing, for the period of time in which it is verified whether the legitimate rights of the operator prevail over those of the data subject.

The right to data portability

In certain circumstances, you have the right to request that some of your personal data be provided to you or another data controller in a commonly used format.

The right to opposition

You have the right to request the deletion of your personal data when the personal data are no longer necessary for the purposes for which they were collected or when, among other things, your personal data has been unlawfully processed.  

When the processing of personal data is aimed at direct marketing, the data subject has the right to object at any time to the processing for this purpose of personal data concerning him, including the creation of profiles, to the extent that it is related to marketing directly respectively.

Automated individual decision-making, including profiling

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the data subject or similarly affects him to a significant extent.

The right to file a complaint

 If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority or seek redress through the courts.

You can exercise any of the above rights at any time by contacting office@activpropertyservices.ro '; together with proof of your identity, i.e. a copy of your identity card or passport or any other valid identification document.

Right to withdraw consent

If you have given your consent to the collection, processing and transfer of your personal data, you have the right to withdraw your consent in whole or in part. To withdraw your consent, please follow the opt-out links in any marketing message sent or contact office@activpropertyservices.ro

After we receive notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) for which you originally consented, unless there are legitimate overriding reasons for further processing that override the interests, your rights and freedoms to establish, exercise or defend legal claims.

Withdrawing consent to receive marketing communications will not affect the processing of personal data for the provision of our legal services.

17. How long we keep your personal data

We will retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including to satisfy any legal, accounting or reporting requirements and where necessary for the company to initiate any legal proceedings or to defend against legal claims until the end of the relevant retention period or until the claims in question are resolved.

In determining the appropriate retention period for personal data, we consider the value, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and can achieve those purposes by other means and applicable legal requirements.

If you want to know more about the specific retention periods of your personal data set out in our retention policy, you can contact us at office@activpropertyservices.ro

At the end of the applicable retention period, we will securely destroy your personal data in accordance with applicable laws and regulations.

18. Changes

We reserve the right to update and amend this procedure from time to time to reflect any changes to the way we process your personal data or changing legal requirements. Any changes we may make to the procedure in the future will be displayed on this web page. Check back often to see any updates or changes.

19. Contact details

Questions, comments and requests regarding this Communication are welcome and should be addressed to ACTIV PROPERTY SERVICES SRL at office@activpropertyservices.ro or by sending a request to Str. Carol Davila No. 34, floor 4, Sector 5, Bucharest or str. Gheorghe Lazar no. 24, Fructus Plaza, 5th floor, Timisoara or by fax at: 021/ 408 03 01.

Last updated May 22, 2018