Personal data protection policy

The company Braga Bianca Daniela II, headquartered in Tarcau, Neamt Department, Romania registered at the Trade Register Office attached to the Neamt Tribunal no. F27 / 603 / 11.09.2020, having CUI 43038254 as a Personal Data Operator (hereinafter referred to as “the Company” or “the Operator”), complies exactly with the legal provisions in force regarding the protection of persons with regard to the processing of personal data and the free movement of such data. We undertake to process your personal data in accordance with Regulation (EU) 679/2016 (GDPR), as well as any other applicable legislation in Romania.

The company owns the “Adrem Consultant” platform, so that all the information contained in this material is related and valid in relation to the activity on the “Adrem Consultant” platform, hereinafter referred to as the SITE.

To better understand our data protection policy, please read this material. We reserve the right to periodically update and modify this Personal Data Protection Policy (the “Policy”) without your prior consent and without being subject to an individual or special notification procedure for changes. In the event of any such changes, we will post the updated version of the Personal Data Protection Policy on the site, and it is up to you to verify the contents of this Policy whenever you access the site to ensure that you are aware of the latest version.

We are at your disposal for information and by email contact@adremconsultant.com.

Article 01. Who are we?

The Braga Bianca Daniela II Company has the quality of Personal Data Operator, with its registered office in Tarcau, Neamt department , Romania registered at the Trade Register Office attached to the Neamt Tribunal under no. F27 / 603 / 11.09.2020, having CUI 43038254

We may pass on your personal data to affiliated companies and / or other partners and collaborators with whom we have established contractual relationships in order to carry out our activities and fulfill our legal obligations. The transmission of personal data to third parties takes place on the basis of a commitment of confidentiality on their part and a commitment to ensure data protection.

Article 02. What kind of personal data we collect and process

As part of our activity, on https://www.adremconsultant.com/ (hereinafter the “Site”), you send us the following information by filling in the information form (s) and contacting us:

• When browsing the site, the data collected using cookies and similar technologies used (especially the date and time of connection and / or browsing, browser type, browser language, its IP address, location data).
• The personal data we process are: name, surname, address, email address, telephone number, IP.
• We also provide on the site a special section dedicated to providing testimonials, respectively written materials accompanied or not by the photo that you upload in person on the site or through affiliated social networking sites or audio or video materials in which to expose your experience related to the services on the site and which can be used by the Operator for the purposes of advertising, marketing and publicity services of the site, including by publishing on this site, but also on other promotion channels.
• We use Google Analytics to help us understand how our customers use the site – you can read more about how Google uses your personal information here: https://www.google.com/intl/en/policies/ privacy /. You can also opt out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Please also see the section on the Cookies Policy displayed on the main page of our site.

• We will also process information regarding the contractual and commercial relationship (especially details on the course ordered) that you may establish with us, as well as banking information (bank details, card numbers, cryptogram) and transactional (transaction date). ), amount, order number).
• As part of the training, we will collect and process monitoring data for a specific training (consultation of modules, time spent, progress indicators, data for participation in webinars, survey data and test, …)
• We do not collect or process sensitive data, as defined by the GDPR. We do not want to collect or process juvenile data.

Article 03. The purpose for which we process personal data

We request and process personal data for:

• make it possible to create your account on the site and the operation of the site,
• ensuring the payment of the amounts related to the services offered on our site,
• sending newsletters, invitations, materials related to our services and information related to the events or programs we organize or promote – if you give your consent to do so,
• providing answers to complaints,
• evaluation of the services offered on the site,
• monitoring sales and customer behavior, administrative purposes, media and the like – if you give your consent,
• communication of offers of goods and / or services – if you give your consent in this regard,
• Preventing and combating fraud and means of payment and, in particular, against credit card fraud,
• Management of unpaid invoices and disputes,
• Improving the site and offers.

Article 04. Grounds for processing

The operator has the right to process personal data for the purposes presented above:

• because the processing of data is necessary to make possible the creation of the account, the operation of the site and access to the services offered on the site (conclusion of the contract for remote services), payment of costs for services and response to complaints placed, if if necessary,
• because you have given your express consent in this regard by checking the corresponding boxes.

If the processing of data is not necessary for the conclusion and execution of our legal relationships, we will not process personal data for any of the above purposes without our consent.

Article 05. Duration of storage and processing of personal data

The personal data processed are not more than is necessary to fulfill the obligations defined at the conclusion of the contract or imposed by the legislation in force. We retain and store personal data for the time strictly necessary to achieve the purposes described in this policy. After this period, they may be anonymised and kept for statistical purposes only.

 If you have not logged in to the site or have not engaged in active behavior (for example, by clicking on a link) for a period of three years, you may receive an email inviting you to log in. as soon as possible, otherwise your data will be deleted from our databases. This three-year period starts from the last active contact if you are / are no longer a customer and from the end of the subscription if you have registered for training.

The means of erasing the data shall be implemented to ensure their effective erasure as soon as the retention or archiving period necessary to achieve the specified or imposed purposes is reached.

Article 06. Data security measures

The company ensures the appropriate technical and legal measures to ensure the effective protection of personal data belonging to the persons who provide us with such data.

We are committed to keeping your personal data safe and take reasonable steps to do so, including against unauthorized access, unauthorized use, destruction, loss or alteration of your data.

We systematically train our employees on the importance of protecting personal data, we have established internal procedures in this regard and, in addition, we make every effort to ensure that our partners manage appropriate measures for the processing of personal data that may reach them within our contractual relationships.

Also, the payments made through our site, strictly for the payment of the services we provide, are made in secure conditions, according to the security policies implemented by the providers of this service: plationline.ro (www.plationline.ro )

Article 07 SUBCONTRACTING

You are informed that we may use one or more subcontractors to carry out specific processing activities.

We are committed to ensuring that any subcontractor has sufficient contractual guarantees regarding the implementation of appropriate technical and organizational measures so that the processing meets the requirements of the GDPR.

Article 08. Transmission of data to other persons

We may pass on your personal data to affiliated companies and / or other partners and collaborators with whom we have established contractual relationships in order to carry out our activities and fulfill our legal obligations, such as: specialists who post materials on the site, IT service providers, accounting services, legal services, marketing services, courier services, internet and mobile telephony services, payment processors who are authorized by us to mediate payments, specialists in the field of activity in which we operate, which we contract to provide you with the highest possible quality good of our services and other such providers.

The transmission of data to third parties takes place subject to their assumption of the confidentiality clauses we establish.

We may also transmit some of the personal data collected to the competent public authorities or institutions, when required by law or to the courts when defending ourselves in court or when required to do so by the court.

Please also see the section on the Cookie Policy displayed on the main page of our site.

Article 09. SOCIAL NETWORKS AND THIRD PARTY SITES

If you connect your account to an account in another service, such as a social network, that service may provide us with your login profile and information, as well as any other information about which you have authorized disclosure.

The site may provide links to sites, applications and services other than its own, which may be operated by third parties. In this case, we are not responsible for the processing of personal data by these third party sites, their user is invited to consult the personal data protection policies for more information.

Article 10. INDICATIONS ON A SECURITY RISK

We are committed to implementing all appropriate technical and organizational measures using physical and logistical means of security to ensure an adequate level of security regarding the risks of accidental, unauthorized or illegal access, disclosure, modification, loss or destruction of data with personal character as far as you are concerned.

If we become aware of illegal access to your personal data stored on our servers or of our service providers or of unauthorized access to the risks identified above, we undertake to:

• We will notify you of the incident as soon as possible if it meets a legal requirement,
• We examine the causes of the incident,
• We take the necessary measures to reduce the negative effects and prejudices that may result from the mentioned incident.

 The commitments defined in the above point may in no case be equated with any admission of guilt or liability for the occurrence of the incident in question.

Article 11. Transfer of personal data abroad

In the context of the operations described above, your personal data may be transferred abroad to countries in the European Union (“EU”) or the European Economic Area (“EEA”).

Thus, we inform you that any transfer made by the Operator to an EU or EEA Member State will comply with the legal provisions of the General Data Protection Regulation no. 2016/679 adopted by the European Parliament (“GDPR”).

The personal data referred to in this information note shall not be transferred to States which do not provide adequate protection with regard to the processing of personal data.

Article 12. What rights do you have in relation to the personal data you provide us

We are committed to ensuring the security of personal data by adopting appropriate technical and organizational measures, according to industry standards. The platform is aligned with GDPR requirements and uses data encryption and security technology at the level of those used by banking institutions.

We assure you and respect your rights established by the legislation in force.

Right to information – you can request information and details on personal data processing activities. We are at your disposal at the email address: contact@adremconsultant.com. We care about your right to receive clear, transparent, easy-to-understand and accessible information about how we process your data, including details of your rights in this regard and which are set out in this document.

– Right to rectification – if you find that your personal data that we process is incorrect, incomplete, inaccurate, you can rectify it or complete it by a simple request for rectification sent to the email address contact@adremconsultant.com

– The right to delete data (“right to be forgotten”) – you can obtain the deletion of data, if their processing was not legal or in other cases provided by law, Data deletion can take place in any of the following situations:

1. a) we no longer need personal data to fulfill any of the purposes for which we have previously processed them;
2. b) you withdraw your consent on the basis of which we have previously processed you and there is no other legal basis on which we can rely on future processing;
3. c) you object to the processing of data when we process the data for direct marketing purposes (including profiling for direct marketing purposes),
4. d) you object to the processing of data based on our legitimate interest and we cannot prove that we have legitimate reasons justifying the processing and prevailing over your interests, rights and freedoms;
5. e) personal data are processed against the law;
6. f) personal data must be deleted in order to comply with our legal obligations.

We will be able to reject your request to delete data if:

1. a) we must comply with legal obligations to retain data;
2. b) if the data are necessary for us to establish, exercise or defend our rights in court.

Right to a restriction on processing – you can request a restriction on processing in cases where:

1. a) challenge the accuracy of the data for a period that allows us to verify the correctness of the data;
2. b) the processing is illegal, but you oppose the deletion of personal data, instead requesting the restriction;
3. c) if the Operator no longer needs the personal data for the purpose of processing, but you request them for us to establish, exercise or defend a right in court or before arbitration bodies;
4. d) if you objected to the processing, for the period of time in which it is verified whether our legitimate rights prevail over your rights.

– Right of opposition – you may object in particular to data processing which is based on our legitimate interest.

– The right to data portability – you may, under certain conditions, receive the personal data you have provided to us, in a format that can be read automatically or you can request that the data be transmitted to another operator

– The right to file a complaint – you can file a complaint regarding the way personal data is processed at the National Authority for the Supervision of Personal Data Processing (ANSPDCP). Contact data and information related to ANSPDCP can be found on the website http://www.dataprotection.ro/.

– Right of withdrawal of consent – in cases where the processing is based on your consent, you can withdraw it at any time. Withdrawal of consent will have effect only for the future, the processing carried out prior to the withdrawal remaining valid.

– The right not to be subject to additional automatic or profiling decisions related to automatic decisions: you can request and obtain human intervention on that processing or you can express your own point of view on this type of processing

You can exercise these rights, either individually or cumulatively, very easily, by simply sending a request by email to contact@adremconsultant.com

Article 13. Contact details of the data protection officer

You can write to us at the email address contact@adremconsultant.com for the attention of Mrs. Braga Bianca, phone: +40749074864

Article 14. Minors data

We do not want to collect or process data on minors under the age of 18. Please do not create an account on our site and provide us with any information in case you are under 18 years of age.

The company reserves the right to change the Data Protection Policy at any time, without prior notice, by posting the updated version on the site. You are required to read the Terms and Conditions, Data Protection Policy and Cookies policy whenever you access the Site.

Article 15. APPLICABLE LAW AND LANGUAGE

This GDPR policy is governed by Romanian law. It is written in Romanian. If they are translated into one or more languages, only the Romanian text will prevail in the event of a dispute. Temporary or permanent non-application of one or more clauses shall not constitute a waiver of the other clauses thereof which shall continue to have effect.