Data protection policy GDPR
General information about the use of personal data
The personal data that have been given by the users of our site are used strictly for the aim they have been collected for. Contact details are given so that we can respond to your requests.
According to the EU Regulation No 679/2016 about the protection of private people as far as the processing of personal data and its free circulation is concerned, this having been applied in all the member states of the European Union since 25 May 2018, it is necessary that the obligations and rights of all the parties are understood, these being either a supervisor or an operator, an employee, user or beneficiary.
Personal data means any kind of information that helps a person to be identified directly or indirectly, through reference to various factors such as features of his physical, economic, psychological, cultural or social identity.
The processing of personal data is the assembly of operations that are done in relation with personal data such as: collecting, registration, storage, consultancy and usage, disclosure to third parties by transmitting, blocking, deleting or destroying them.
Consent refers to any manifestation of free will that is specific, informed and free of ambiguity, through which the person concerned accepts in form of a declaration or a clear affirmative action, that personal data concerning him/her are processed.
Ways of collecting and processing personal data
S.C. Timural Group Ltd as owner/administrator ensures the users of the site that every personal data given when accessing or completing the forms on this site will be kept safely, using secure methods and techniques, as well as internal policies that apply to all employees in order to serve the protection of collected personal data, and they will not be transmitted/disclosed to third parties unless the laws permit it.
All data are collected through an SSL certified security channel, this way the exposure is limited and others don’t have access to the transmitted data. They are electronically stored in the accounting, invoicing and managing application, in the online shop and e-mails, and they are printed on the documents. The people who have access to this information are the ones who process the documents, our employees, the administrators, managers, technical and administrative directors, the employees who manage the e-commerce platform, the online payment processors, the delivery and carrier companies, all of them being subjects to contracts that guarantee the confidentiality of the data.
We use hosting services on base of a contract that guarantees that the supplier handles the stored data with confidentiality. These data will be stored and processed only on the territory of the EU, they will not be resold or offered to third parties.
We have implemented rules and regulations about accessing the system that processes that personal data. These data will be held secret and the access to them will be limited to our employees or our partners on base of a confidentiality contract and strictly for the purpose of executing our contract.
The storage period of the personal data is determined by the minimum period requested by the law referring to the storage of these documents or they will be deleted if the client requires it.
Referring to the processing of personal data, the rights of the individuals concerned are:
the right to be informed by the operator that their data has been collected at the moment that this happens, what will happen to them, to what purpose they are processed, to whom they could be divulged and the consequences of the refusal to supply data.
The right to free access to their data, upon request, once a year, in order to get the confirmation of the operator that the data are still processed or not by the latter one. The operator is obliged, in case it processes personal data that concerns the person who requests is, to communicate to him in an intelligible form
information about the purpose of the processing, the actual data that are managed and the recipients to whom they are divulged
Information about the source of the data and functioning principles of the mechanism that enables the automatic processing of the data that refers to the individual concerned
information about the existence of the right to intervene, to oppose actions referring to personal data and the circumstances when they can be applied
information about the possibility to consult the registry of all the personal data processes, to file a complaint to the supervising authority and to address the law court to attack the operator’s decisions
All the above information can be requested by the individual concerned through a written request that is signed, specifying the address he/she requires the data to be sent to, either through electronic mail, either through a correspondence service that ensures that the package will be handed personally to him/her
The operator is obliged to communicate the requested information within 15 days from the reception of the written request, taking into consideration the solicitor’s options
The right to request rectification, updating, blocking and anonymisation or deletion of the data that are not agreeable, more precisely, they are incomplete or non-accurate.
The right to oppose at any moment the fact that the data that concerns him/her to be processed for marketing purposes, in the name of the operator or a third party, or to be divulged to a third party with this purpose.
The right to request and to obtain the withdrawal and the cancelling of decisions that imply judicial effects concerning him/her, adopted on base of a personal data processing
The right to transfer personal data from one service supplier to another one
The right to address the competent authorities in case the operator has violated his/her rights regarding the processing of personal data and they can complain about disrespecting the rights guaranteed by the actual legislation
The rights of users within the framework of GDPR regulations:
We recommend the users to look into the rights regarding the access to the collected data, the right to rectification, the right for the data to be deleted (the right to be forgotten), the right to restrict the processing, the right for the portability of the data and the right to opponency, articles 12-12 from the GDPR regulations, accessible here: http://www.privacy-regulation.eu
Please access and read the page concerning the Terms and Conditions of this site!