Effective Date: 24th of May, 2018
NTT DATA Romania S.A. (“Company” or “we”), which can be contacted at the email address: firstname.lastname@example.org wants to inform you about how we collect, use and disclose personal data from and about you, through this website ("Website") and all its associated mobile sites (collectively, the “Company Services”), in compliance with all applicable data protection laws and regulations.
2. WHAT TYPE OF PERSONAL DATA DO WE COLLECT ABOUT YOU?
The Company collects (1) registration data, (2) data that you have volountarily shared with the Company, (3) activity data collected when you access and interact with the Website or the Company Service and (4) More in particular, the Company collects the following data from and about you:
1. Registration data: none, as we currently do not have a registration form.
2. Data that you have volountarily shared with the Company: we might collect your personal data (such as name surname, email, organization and phone number) if you submit a request through the contact form made availalbe to you via Website.
When the information collected from or about you does not identify you as a specific person, directly or indirectly, we may use that information for any purpose or share it with third parties, to the extent permitted by applicable data protection laws and regulations.
We do not collect:
• Special categories of personal data: we ask that you do not send us, and you do not disclose, any information included in a special category of personal data (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Website, the Company Services or otherwise.
3. HOW DO WE COLLECT YOUR PERSONAL DATA?
We process the personal data we collect from and about you to:
a) Allow you to use the Website and, as the case may be, provide you with the Company Services that best suit you;
b) measure and improve those Company Services and features;
c) improve your experience on the Website and with both online and off-line Company Services by delivering content you will find relevant and interesting;
d) provide you with customer support and to respond to inquiries;
f) comply with the law or legal process; or (v) respond to requests from public and government authorities.
When the data collected from or about you does not identify you personally, we may use that information for additional purposes or share it with third parties.
4. ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?
The processing of your personal data for the purposes of:
5. HOW DO WE PROCESS YOUR PERSONAL DATA?
With regard to the above mentioned purposes, the data is processed through both electronic and manual means, and is protected through adequate security measures. With this regards, although the Company uses appropriate administrative, technical, personnel and physical measures to safeguard personal data in its possession against loss, theft and unauthorized use, disclosure or modification, it cannot guarantee that all possible cyber-risks can be excluded.
6. WHO HAS ACCESS TO YOUR PERSONAL DATA?
Third parties service providers entrusted with processing activities and duly appointed as processors when required by applicable laws, e.g. cloud service providers, other entities of the group, providers of services instrumental to or supporting the Company Services - and thus, by way of example and without limitation, companies that provide IT services, experts, consultants and lawyers - companies resulting from possible mergers, demergers, or other transformations, and
Company Affiliates, in their capacity of data controllers or data processors, a list of which Company Affiliates is available by contacting us at: email@example.com
National authorities in order to comply with applicable laws.
7. IS YOUR PERSONAL DATA TRANSFERRED ABROAD?
Your personal data may be transferred to countries within the European Economic Area (EEA), in particular in [Germany and the United Kingdom]. Some non EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards to protect your personal data and that transfer of your personal data is in compliance with the requirements and the obligations provided by applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the EU General Data Protection Regulation 2016/679 (the “GDPR").
You have the right to request a copy of the above measure or further information on your personal data by contacting the Company at the address indicated above.
8. WHAT ARE YOUR RIGHTS WITH REGARD TO YOUR PERSONAL DATA?
You have the right, at any given time, to:
a) obtain confirmation as to whether or not your personal data exist and to be informed of its content and source, verify its accuracy or request integration, update or amendments;
b) request the deletion, conversion to an anonymous form or restriction of any personal data processed in breach of the applicable law;
c) oppose its processing, in all cases, for legitimate reasons.
Also, the additional rights outlined in Section 9 below will be effective from May 25, 2018.
9. WHAT IS GOING TO HAPPEN FROM MAY 25, 2018?
From 25 May 2018, the GDPR will become effective and the following provisions will apply:
A. Retention period applying to your personal data
At the end of the retention period your personal data will be either cancelled, anonymized or aggregated.
For more details, refer to the Data Retention Policy which is available on request at firstname.lastname@example.org
B. Additional rights
a) request to Company to limit the processing of your personal data where:
• You contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
• The processing is unlawful but you do not want us to erase the data;
• We no longer need the personal data for the purposes of the processing, but you require them for the establishment, exercise or defense of legal claims; or
• Where you have objected to processing justified on legitimate interests grounds pending verification as to whether the Company has compelling legitimate grounds to continue processing.
b) object to the processing of your personal data;
c) request the erasure of your personal data without undue delay;
d) the right to data portability (i.e. to receive an electronic copy of your personal data, if you would like to port your personal data to yourself or a different provider), when we are relying upon your consent or the fact that the processing is necessary for the provision of the Company Services and the personal data is processed by automatic means;
e) the right to lodge a complain with the relevant supervisory authority.
11. CONTACT US