privacy

DATE	06.06.2019
ELABORATED	DPO– Adela Nuta
VERIFIED	RMI – Raluca Stipiuc
APPROVED	General Manager – Antonino Bicchieri

PERSONAL DATA PROTECTION POLICY – PPD

The new European Union law on the protection of personal data, GDPR (“General Data Protection Regulation”) entered into force on May 25, 2016, but will begin to take effect as of May 25, 2018. This law is the biggest change in personal data protection over the last 20 years and has objectives that go far beyond the mere protection of the private space.

The protection of your personal data is important to us, therefore we pay special attention to protecting the privacy of the people who submit us personal data to process a request, and those whose personal data have been provided to us by a third party or accessed from another source in accordance with Regulation (EU) 2016/679 of the European Parliament and Council from April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”).

Please pay special attention to reading the following Policy (hereinafter referred to as “PPD”) to understand how your information will be treated (“personal data”).

PPD explains the practices of Fire Credit S.R.L. (hereinafter referred to as “Fire Credit”), regarding the application of GDPR provisions, as well as the rights you receive in relation to how your information is processed by Fire Credit.

The processing of personal data by Fire Credit will always be done in accordance with the GDPR provisions as well as with the personal data protection regulations specific to each country in which Credit Credit operates.

By PPD, Fire Credit wishes to inform the data subjects about the nature of the personal data we collect and process, as well as about the purposes of the processing. In addition, the data subjects are informed via the PPD about their rights.

WHO ARE WE?

We are Fire Credit S.R.L., a company with its registered office in Iași, str. Sf. Lazăr no. 66A, 8^th floor, offices 1,2,4,5,6, Iași county, Trade Register number J22/1955/2011 and unique registration code 29273858. Our main field of activity, “Activities of collection agencies and credit bureaus”, according to NACE code 8291, and our legal representatives are the administrators: BICCHIERI ANTONINO, SCRIPNICIUC MARIUS DUMITRU and DANA CIUBOTARIU.

OFFICER IN CHARGE OF PERSONAL DATA PROTECTION (DPO)

Fire Credit, as operator, appointed Mrs. Nuță Adela, as officer in charge of personal data protection (hereinafter referred to as “DPO”), having the obligation to verify the compliance with GDPR provisions in the data processing operations performed by the operator and to represent the operator in relation to the data subjects and the Supervisory Authority.

The Persons concerned have the opportunity to address the DPO directly at any time on any matter related to this PPD using the contact details below:

DPO name: Nuță Adela

DPO e-mail: adela.nuta@jantea-law.ro

Tel. DPO: 0766753560

DPO mailing address: Bucharest, district 1, 9 Transilvaniei street.

WHAT ARE PERSONAL DATA?

“Personal data” means any piece of information or information that can identify you directly (for example, your name) or indirectly (for example, by pseudonymous data such as a unique identifier). This means that personal information includes things such as the email address, home, mobile phone.

WHAT DOES PERSONAL DATA PROCESSING MEAN?

“Processing” means any operation or set of operations performed on personal data or on sets of personal data with or without the use of automated means such as collecting, recording, organizing, structuring, storing, adapting or modifying, extracting, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

WHICH OF YOUR PERSONAL DATA DO WE PROCESS?

Your personal data to be processed is as follows: surname, name, e-mail address, phone number, employer, position, department.

PERSONAL DATA OPERATOR

The personal data operator (hereinafter referred to as the “operator”) is Fire Credit.

PRINCIPLES ON DATA PROCESSING

Fire Credit undertakes to comply with the principles of personal data protection (hereinafter referred to as the “Principles”) set out in the GDPR to ensure that all data are:

1. Processed in a fair, legal and transparent manner;
2. Collected for specified, explicit and legitimate purposes;
3. Adequate, relevant and limited in relation to the purposes for which they are processed;
4. Correct and updated;
5. Kept in a form which makes it impossible to identify the data subjects longer than is necessary in relation to the purpose of the processing;
6. Processed in accordance with the rights of the data subject in a manner that ensures adequate processing security so that the data are complete, confidential and available.

GROUNDS AND PURPOSES OF PERSONAL DATA PROCESSING

1. For the purpose of concluding and executing contracts – According to art. 6 par. 1 lit. b) from GDPR, personal data may be processed for the purpose of concluding or executing the contract. In order to be able to offer you our products and services, we need to process the personal data that you hold.
2. For the purpose of fulfilling legal obligations – According to art. 6 par. 1 lit. c) GDPR, personal data for the purpose of fulfilling legal obligations may be processed. We request a series of personal data, including, in some cases, the Personal Code, in order to fulfill our obligations imposed by tax authorities on invoicing and reporting to tax authorities.
3. For marketing purposes – According to art. 6 par. 1 lit. a) GDPR, personal data may be processed if the data subject has given his/her consent to the processing of his or her personal data for one or more specific purposes. Thus, in some situations, your personal data will be used to send you marketing messages, offers, news, future campaigns, invitations to various events

PROCESSING OF OTHER DATA YOU PROVIDE TO US

Fire Credit will use the information you provide through direct or indirect transmission or public disclosure in electronic or material form solely for the purpose of processing your request or contacting you or sending you offers, news, future campaigns, invitations to events held in connection with Fire Credit, only when we have your express consent.

By providing any personal data in the ways described above you understand and agree that your data will be processed in accordance with the PPD provisions of Fire Credit.

Please be advised that in order to be able to process your requests, it is possible that under certain circumstances we will be required to disclose your data to partners with which Fire Credit collaborates and/or to other third-party service providers of Fire Credit.

DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES

Personal Data processed by Fire Credit may be disclosed and/or transferred to third parties only in the case of your express consent to do so, unless there is a legal/contractual obligation for Fire Credit to proceed in this manner.

Please be advised that it is possible under certain circumstances to disclose your personal data to partners with whom Fire Credit collaborates and/or to other third-party service providers of Fire Credit.

DATA STORAGE PERIOD

Fire Credit may keep the processed data for different periods of time deemed reasonable for the purposes indicated above. We only retain your data for the period necessary to achieve the purpose for which we hold the data, to meet your needs or to fulfill our obligations under the law.

In order to know how long your data can be stored, we use the following criteria:

1. If you contact us for an inquiry, we keep your personal data for as long as your inquiries are processed, but no more than 2 years after the last mail sent;
2. If you have given your consent for marketing, we retain your personal data until you unsubscribe or ask us to delete it or after a period of inactivity (without active interaction with our marks) defined in accordance with local regulations and guidelines. In this regard, please note that the data stored in our databases for the purpose of direct marketing communications are deleted from the database records after 2 years from the last interaction with you;

THE RIGHTS OF THE DATA SUBJECTS

Under the GDPR, you have a series of rights with respect to the personal data that Fire Credit processes:

1. The right of access to processed data – You have the right to access the personal data we hold. The first information will be provided without any charge. If you will need copies of the information already provided, we may charge a reasonable fee, taking into account the administrative costs of providing the information. The manifestly unreasonable, excessive or repeated requests may not be answered.
2. The right to modify data – You may request that your data be modified if inaccurate or obsolete and/or filled in if incomplete. If you have an account, it can be easier to correct your own data using the “My Account” feature.
3. The right to delete data (“the right to be forgotten”) – In some cases, you have the right to obtain the deletion or destruction of your data. This is not an absolute right, because sometimes we may be forced to keep your data for legal reasons.
4. The right to restrict the processing – You may request that you limit the processing of your data. This means that your data processing is limited so we can keep the data, but not use or process it. This right applies in the specific circumstances provided for in the General Data Protection Regulation, ie:
– the accuracy of the data is contested by the data subject (ie you) for a period that allows the Operator (ie Fire Credit) to verify the accuracy of the data;
– the processing is illegal and the data subject (ie you) opposes the deletion of the data and requests the restriction of their use;
– the operator (ie, Fire Credit) no longer needs data for processing, but they are required by the data subject (ie you) for the establishment, exercise or defense of legal claims;
– the data subject (ie you) raised objections against the processing based on legitimate reasons on the part of the Operator (in this case Fire Credit) in order to verify that the Operator’s legitimate reasons (Fire Credit) exceed those of the data subject (ie you).

5. The right to data portability – You may move, copy or transfer the data you are interested in from our database to another. This applies only to the data you have provided when the processing is based on your consent or contract and is implemented by automated means.
6. The right of opposition – You may oppose at any time the processing of your data when such processing is based on a legitimate interest.
7. The right to withdraw consent at any time – You may withdraw your consent to the processing of your data when such processing is based on consent. The withdrawal of the consent does not affect the lawfulness of processing on the basis of consent prior to its withdrawal.
8. The right to file a complaint with the competent supervisory authority – You have the right to complain to the data protection authority of your country of residence or domicile to challenge the data protection practices offered by Fire Credit.
9. The right to oppose the processing of your data for direct marketing purposes – You may unsubscribe from or opt out of our direct marketing communication at any time. It’s easier to do so by clicking the “unsubscribe” link in any email or communication we send you.
10. The right to oppose the processing of your data by us when conducting actions in the public interest or in our legitimate interests or that of a third party – You may at any time oppose the processing of your data when such processing is based on a legitimate interest.

You may exercise any of these rights with respect to the personal data that Fire Credit processes by submitting a simple request to the Fire Credit DPO. In such a situation, it is very possible to request proof of your identity.

LEGAL REQUESTS

We access, keep and provide your information to regulatory authorities, law enforcement or other entities:

1. In response to a legal request, when we believe in good faith that the law requires us to do so. We may also respond to legal claims when we consider in good faith that the response required by the laws of that jurisdiction affects users in that jurisdiction and complies with internationally recognized standards.
2. When we believe in good faith that it is necessary to: detect, prevent and respond to acts of fraud, unauthorized use of any material belonging to us, violations of our terms or policies or other harmful or unlawful activities, to protect us (including our rights, property or materials), yourself and others, including within investigations or inquiries by regulatory authorities, or to prevent imminent death or injury.

The information we receive about you may be accessed and stored for a longer period of time when you are subject to a legal, justice matter, governmental inquiry or investigation into possible violations of our terms or policies, or in other cases to prevent damage.

RELATIONS WITH OTHER OPERATORS

Depending on the context, we may find ourselves in the situation of the absolute need to provide information at a higher level, both globally and internally or externally, to our partners and to those with whom we transfer GDPR data in the virtue of providing the most professional services possible. Information controlled by Fire Credit may be transferred, transmitted or stored and processed in the EU or in countries other than the country where you live for the purposes described in this policy. These data transfers are necessary to deliver the highest level of service and to continue to provide you with our best professional content. We use standard contractual clauses approved by the European Commission, and we rely on the appropriateness of the European Commission’s decisions concerning certain countries, as the case may be, for the transfers of EEA data to the United States and other countries.

PROCESSING SECURITY

Fire Credit has adopted technical and organizational data processing measures, updated in accordance with GDPR requirements, to protect your personal data against any unauthorized access, misuse or disclosure, unauthorized modification, accidental destruction or loss. All Fire Credit employees and collaborators, as well as any third parties acting in the name and on behalf of Fire Credit, are required to respect the confidentiality of your information and the GDPR requirements, in accordance with the PPD provisions.

UPDATING THE PERSONAL DATA PROTECTION AND PROCESSING POLICY

Please note that this Policy may be subject to periodic content changes by updating the Fire Credit site.

How will we let you know about the changes made to this Policy?

We will notify you before making any changes to this Policy and will give you the opportunity to review the revised PPD before choosing to continue using our materials.

Please do not continue to use the Fire Credit site if you do not agree to such changes. We also recommend that you check this page for any updates.

The PPD terms are interpreted according to the applicable legislation.

CONTACT

If you have any questions or concerns about how we treat and use your personal data or wish to exercise any of your rights, please contact us by accessing our DPO’s contact details.

UPDATES

Item no.	Summary of update	Edition and revision	Data
1.	Initial conclusion of the document	I.0	22.05.2018
2.	Change of FireCredit’s Administrator	I.1	06.06.2019
3.
4.

Fire Credit, present for the second time in a row at the Annual National Conference of ALB, as an official partner

Posted: December 7, 2017

On November 21 2017, Fire Credit participated at the Annual National Conference of ALB Romania, the 13th [ ... ]

0 comments

Dan Fiterman, the owner of Arcadia, met with CEO of Fire Credit

Posted: October 27, 2017

On Friday 13 October 2017, Mr. Dan Fiterman, general manager of hospitals and medical centers network, Ar [ ... ]

0 comments

The new Italian ambassador visit Iasi

Posted: October 13, 2017

The Italian Ambassador to Romania, His Excellency Marco Giungi made first official visit to Iasi for tw [ ... ]

0 comments