THE OFFICIAL TEXT IS THE ROMANIAN VERSION OF THIS WEBPAGE.
THIS PAGE MAY CONTAIN TRANSLATION POWERED BY OTHER THIRD-PARTY SERVICES, SUCH AS GOOGLE TRANSLATE.
ANY DISCREPANCIES OR DIFFERENCES CREATED IN THE TRANSLATION ARE NOT BINDING AND HAVE NO LEGAL EFFECT FOR COMPLIANCE OR ENFORCEMENT PURPOSES.
IF ANY QUESTIONS ARISE RELATED TO THE ACCURACY OF THE INFORMATION CONTAINED IN THE TRANSLATED WEBSITE, REFER TO THE ROMANIAN LANGUAGE VERSION OF THE WEBSITE WHICH IS THE OFFICIAL VERSION.
Our personal data processing policy
We recommend that you read this Data Protection Notice in its entirety to ensure that you are fully informed.
Please note, this site is not intended for children, and we do not knowingly process personal data about children.
The date of the last update is 28.02.2023.
Who we are and how you can contact us
SC TamoGlass Perfect S.R.L., with registered office in 5 Giurgiului Road, Hall Panouri Mari – Atelier C2, Office no. 1, Jilava, ROMANIA, registered at the National Trade Registry Office under no. J23/1500 of 2014, fiscal code no. RO33194302, hereinafter also referred to as “TGP” or “we”, in the sense of the legislation on the protection of personal data, is the operator when it processes your personal data collected through our website cerapixel.com, using social networks or offline.
For more information or to exercise your rights, you can contact us by email at email@example.com or by a written request, dated and signed, at the postal address 5 Giurgiului Road, Hall Panouri Mari – Atelier C2, Office no. 1, Jilava, ROMANIA, to the attention of the Data Protection Officer.
Regardless of the form of communication you choose, please identify yourself as completely as possible. We reserve the right to request additional information to confirm your identity.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Data Protection Legislation
Any applicable laws regarding the processing of personal data, including but not limited to the GDPR and any national laws, regulations and secondary implementing legislation.
It means any information relating to an identified or identifiable natural person.
The person concerned
The identified or identifiable natural person whose personal data is processed.
Identifiable natural person
Is a person who can be identified, directly or indirectly, in particular by reference to an identification element, such as a name, an identification number, location data, an online identifier, or to one or more specific elements, inherent to his physical, physiological, genetic, psychological, economic, cultural or social identity.
It means the natural or legal person, public authority, agency, or other body that, alone or together with others, determines the purposes and means of processing personal data; when the purposes and means of processing are established by Union law or domestic law, the operator or the specific criteria for its designation may be provided for in Union law or domestic law.
It means any manifestation of the data subject’s free, specific, informed, and unambiguous will by which he accepts, through a statement or an unequivocal action, that the personal data concerning him be processed.
It means any operation or set of operations performed on personal data or sets of personal data, with or without the use of automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.
Breach of personal data security
Means a breach of security that results, accidentally or unlawfully, in the destruction, loss, alteration, or unauthorized disclosure of personal data transmitted, stored, or otherwise processed, or in unauthorized access to it.
They are provided by their devices, applications, tools, and protocols, such as IP addresses, cookie identifiers or other identifiers. They can leave traces that, especially when combined with unique identifiers and other information received by servers, can be used to create profiles of natural persons and to identify them.
They are small text files placed on the user’s device by the website when it is visited or certain functions are used.
Categories of persons concerned
– To our contractual partners (such as customers, suppliers, providers, executors, legal representatives of companies, etc.) who interact physically with our representatives or online through our website, our social media accounts and our social media advertisements, search engines and partner sites.
– Any other identified or identifiable natural persons whose personal data is processed through any legal method of collection, such as, but not limited to, the personnel who visit our premises regardless of the purpose of the visit, the persons who addresses for various requests, suggestions, complaints, etc.
Data Collected, Methods of Collection and Sources of Collection
We generally collect personal data directly from you, so you have control over the type of information you give us.
Data we process, collected directly from you, for example,
by physically interacting with us or using phone, email, online contact forms, social networks, direct messages, comments, advertisements, surveys or any other form of correspondence,
through written documents that you provide us such as: filling out forms, submitting applications, copies of documents, certificates, powers of attorney, CV, diplomas, reports, professional certificates, etc.,
Examples of data that we process:
name and surname, signature, age, gender, date of birth, place of birth, Personal Identification Number, ID series and number, marital status, education, length of service, residential address, delivery/invoicing address, telephone number, email, payment information (including card details), marketing preferences (if you agree to us sharing your details with our partners) etc.
By browsing the cerapixel.com website, through social networks, search engines, or partner websites, we can collect the following information:
Internet Protocol (IP) address used to access our website, device type and brand, operating system and platform, browser version, time zone setting, the information you have viewed and searched for on the website, marketing information relating to habits, preferences, behavior, etc.
We use profiles to offer you products that are tailored to your interests. The profile creation process will only be used based on your consent.
We do not process sensitive data, included by the General Data Protection Regulation in special categories of personal data.
We do not knowingly process data of persons under the age of 18.
We do not provide services that include automated decision-making without human intervention.
Purposes of personal data processing
We process your personal data only to the extent permitted or required by applicable law.
The purposes for which we process the data, by way of example, are:
– for the provision of services for your benefit
Promoting our products and services, making commercial offers, concluding and developing a contract with you, ensuring the delivery, return or warranty of a product, etc.
– to comply with a legal obligation
Applicable laws in accounting, taxation, labor relations, physical security, etc.
– to fulfill our legitimate interests or the legitimate interests of a third party or your interests
Ensuring the security of premises, personnel, and IT systems, fraud detection and prevention, testing, research, statistics, data analysis, troubleshooting, etc.
– for the performance of a task that serves a public interest or for official purposes.
The legal basis for the processing of personal data
We process your data based on the following legal grounds:
- Based on the consent you have expressed in specific situations (for example: contacting for marketing purposes, keeping data for a period additional to that required by national legislation, etc.).
- For the conclusion or performance of a contract (for example sales-purchase contracts, collaboration contracts, supply contracts, etc.).
- To fulfill our legitimate interests, in the context of carrying out our object of activity, to improve the services offered, to optimize internal workflows, to resolve investigations or any other petitions/complaints/requests, etc.
- To comply with legal obligations (for example applicable laws in accounting, taxation, labor relations, etc.).
How long we keep personal data
We will keep your data for the minimum period necessary to fulfill the purposes of data collection, for the period required by national law, and for the period necessary to exercise our and others’ legitimate rights.
We will stop processing personal data, as long as it is no longer necessary for the established purposes when the data subjects have withdrawn their consent, in situations where there are no compelling legitimate reasons for the continuation of the processing that prevail over the interests, rights, and freedoms of the individuals physical or if the personal data is not necessary for the establishment, exercise or defense of a right in court.
Technical and organizational security measures
Adequate technical and organizational measures are implemented for the protection of personal data, according to industry standards.
TGP employees as well as other authorized persons who have access to personal data have certain responsibilities to ensure that this data is collected, kept and used properly, in accordance with the provisions of the internal procedures regarding the protection of personal data.
The storage of personal data in digital format is carried out on secure terminals, with restricted access to unauthorized persons.
We note that, despite all measures taken, the transmission of information over the Internet is not completely secure and there is a risk that the data may be seen and used by unauthorized third parties. We cannot assume responsibility for system vulnerabilities beyond our control or software errors.
Access to your data
Within TGP, internal staff members, as well as staff members belonging to collaborators, are subject to the obligation of confidentiality regarding the processing of personal data and may process data only in relation to specific job responsibilities, only if they have the competence and authorization to do so.
If we are under a legal obligation or if it is necessary to defend a legitimate interest, we may disclose certain personal data to public authorities.
Your personal data is stored and processed on the territory of the European Union and the European Economic Area.
In the event that your personal data will be transferred outside the European Union or the European Economic Area, the transfer will be made pursuant to a decision of the European Commission by which it decides that the third country in question provides an adequate level of protection.
The legislation on the protection of personal data guarantees you the following rights:
Right of access
You have the right to obtain from us:
– to confirm whether or not personal data concerning you is being processed and, if so, a copy of the respective data;
– to provide you with information related to your data such as: what data we hold, the methods of data collection, the purpose of processing, to whom we disclose the data, if we transfer it abroad, how long we keep it, how we protect it, your rights and how you can make a complaint.
The right to rectification
You have the right to obtain from us, without undue delay, the rectification of inaccurate personal data concerning you. Taking into account the purposes for which the data were processed, you have the right to obtain completion of personal data that is incomplete, including by providing an additional statement.
Right to erasure (“right to be forgotten”)
You have the right to obtain from us the erasure of personal data concerning you without undue delay if one of the following reasons applies:
– the data are no longer necessary to fulfill the purposes for which they were collected or processed;
– the withdrawal of the consent on the basis on which the processing takes place and the lack of another legal basis for the processing;
– personal data were processed illegally;
– personal data must be deleted to comply with a legal obligation that falls to us under Union law or the internal law to which we are subject;
The right to delete personal data does not apply to the extent that the processing is necessary:
– to comply with a legal obligation that applies to us;
– for reasons of public interest in the field of public health;
– for establishing, exercising, or defending a right in court.
The right to restriction of processing
You have the right to obtain from us the restriction of processing if one of the following cases applies:
– you dispute the accuracy of the data, for a period that allows us to verify the accuracy of the data;
– the processing is illegal, and you object to the deletion of personal data, requesting instead the restriction of their use;
– we no longer need the personal data for the purpose of processing, but we are requesting the data for establishing, exercising, or defending a right in court; or
– you have objected to processing based on our legitimate interest, including profiling.
If processing has been restricted, personal data may, with the exception of storage, be processed only with your consent or for the establishment, exercise or defense of a right in court or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a member state.
The right to opposition
You can object, for reasons related to your particular situation, to the processing of your data on the basis of our legitimate interest or on the basis of the public interest.
You can also object to the processing of your data for direct marketing purposes, including profiling, at any time without giving any reason, in which case we will stop this processing as soon as possible.
The right to data portability
You can ask us to provide your personal data in a structured, commonly used, and machine-readable format, or request that it be transmitted directly to another data controller, only if:
– the processing is based on your consent or on the conclusion or execution of a contract with you; and
– the processing is done by automatic means.
Right to withdraw consent
The data subject has the right to withdraw his consent at any time.
The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent before its withdrawal.
The right to file a complaint
You have the right to submit a complaint, regarding the manner in which we process your personal data, to the National Authority for the Supervision of Personal Data Processing (dataprotection.ro).
The deadline for responding to requests is at most one month from the date of receipt of the request.
In the case of complex requests or a large number of requests, the deadline for responding to requests can be extended by another month, in which case the extension of the deadline for resolving the request is notified and justified within a maximum of one month from the date of receipt of the request.
Exercising your rights is free.
If the requests we receive are manifestly unfounded or excessive, in particular, due to their repetitive nature, we may:
(a) either charge a reasonable fee taking into account administrative costs for providing the information or communication or for taking the requested action;
(b) either refuse to comply with the request.