Terms and conditions

This policy was drafted on December 2, 2020, and will be periodically reviewed and updated.

Identity and Contact Information of the Operator

DANFER SRL, with its registered office in Cluj-Napoca, registered at the Trade Register Office under no. J12/1220/2001, having the Unique Registration Code RO14192186, as the author, owner, and administrator of the website www.danfer.ro, respects the confidentiality and security of the processing of personal data of anyone accessing the website. In this regard, we make every effort to ensure that the information entered into our databases is used only for specific, explicit, and legitimate purposes.

Definitions

• A.N.S.P.D.C.P.: National Authority for the Supervision of Personal Data Processing;
• Personal data: Any information regarding an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, especially by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;
• Processing: Any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction;
• Restriction of processing: Marking personal data stored for the purpose of limiting their processing in the future;
• Controller: A natural or legal person, public authority, agency, or other body that, alone or together with others, determines the purposes and means of processing personal data; where the purposes and means of processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
• Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller;
• Recipient: A natural or legal person, public authority, agency, or another body to which personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law are not considered recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
• Consent of the data subject: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data.

Rights of Website Users

DANFER SRL, as the personal data controller, has implemented technical and organizational measures to ensure the respect of the rights of website users (data subjects under GDPR), namely:

• Right of access: The right of the data subject to obtain confirmation from the controller as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and information on how the data is processed.
• Right to data portability: The right to receive personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used, and machine-readable format and the right to transmit those data directly to another controller, where technically feasible.
• Right to object: The right of the data subject to object to the processing of personal data when the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority or based on a legitimate interest pursued by the controller. When personal data is processed for direct marketing purposes, the data subject has the right to object at any time.
• Right to rectification: The right to obtain without undue delay the rectification of inaccurate personal data. The rectification shall be communicated to each recipient to whom the data have been disclosed unless this proves impossible or involves a disproportionate effort.
• Right to erasure (“right to be forgotten”): The right of the data subject to request the erasure of personal data without undue delay in case one of the following grounds applies: the data is no longer necessary for the purposes for which it was collected or processed; the data subject withdraws consent and there is no other legal ground for processing; the data subject objects to the processing and there are no overriding legitimate grounds for the processing; the personal data has been unlawfully processed; the personal data must be erased for compliance with a legal obligation; the personal data has been collected in relation to the offer of information society services.
• Right to restriction of processing: The right to obtain restriction of processing where the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction instead; the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise, or defense of legal claims; the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.

The collection and processing of personal data obtained through the website www.danfer.ro are carried out in accordance with the provisions of Regulation No. 679/2016. For any information or requests based on the rights of data subjects under the GDPR, you can contact DANFER SRL at the email address: office@danfer.ro

Purposes and Legal Basis of Processing. Categories of Personal Data Collected and Processed by DANFER SRL

By completing any form available on the website www.danfer.ro, you expressly agree to the collection and processing of personal data by DANFER SRL, both manually and automatically, for the purpose of being contacted by DANFER SRL regarding your request, in accordance with the provisions of Regulation No. 679/2016 on the protection of individuals concerning the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR.

If you do not agree to your data being processed, you have the right and freedom not to complete the available forms and not to access the website www.danfer.ro.

When completing the forms available on www.danfer.ro, DANFER SRL will collect personal data, providing information about the purpose of collecting each personal data requested.

DANFER SRL may also receive and record information about the IP address and cookie information of the requested website on its servers. You have the option to set your internet browser to reject certain cookies. However, this will have a negative impact on your navigation on the DANFER SRL website.

For newsletter subscribers who do not wish to receive information at the email address, it is necessary to send an email to: office@danfer.ro, and your data will be deleted from our newsletter database.

Protection of Personal Data. Data Retention Period

DANFER SRL will not disclose personal data collected through the website www.danfer.ro except to authorized employees and contractors/partners who are authorized persons and need this data to process it on behalf of DANFER SRL, to provide services available on the website www.danfer.ro, or if the obligation to disclose is a legal obligation of DANFER SRL or its employees or contractors/partners.

DANFER SRL has implemented the necessary organizational and security measures to protect against unauthorized access, use, alteration, or destruction of personal data in accordance with GDPR provisions.

DANFER SRL, together with its collaborators, has taken responsibility for implementing appropriate technical and organizational measures regarding the confidentiality and security of personal data.

DANFER SRL provides access to personal data to authorized employees and contractors/partners (authorized persons) only in accordance with the stated purpose of data collection. All employees, collaborators, and service providers of DANFER SRL who come into contact with personal data must act in accordance with the principles of privacy policies and procedures and sign statements and confidentiality agreements regarding this data.

The personal data of users of the DANFER SRL website are retained for a period between 3 and 10 years (depending on the purpose of collecting personal data), and users are informed each time they provide their personal data about the exact retention period.

Changes to the Privacy Policy

If DANFER SRL deems it necessary to change the privacy rules, it will publish these modifications on this page to inform you about the types of data collected and how they are used.

If you have any questions about the privacy policy, please write to us by email at: office@danfer.ro

Information about the National Authority for the Supervision of Personal Data Processing (A.N.S.P.D.C.P.)

If you believe that your rights under Regulation No. 679/2016 have been violated, you have the possibility to address the A.N.S.P.D.C.P. by submitting a complaint.

The contact details of A.N.S.P.D.C.P. are as follows: