Privacy policy
DECLARATION ON THE PROCESSING OF PERSONAL DATA
Cortex Trade & Services SRL, a legal person with registered office on Soseaua Pantelimon, Nr. 260, Bl. 46, sc.1, apt.1, Sector 2, Bucharest, with the registration number of the Trade Registry J40 / 4917/2002 and CUI RO14690032 as an operator, wishes to inform you about the processing of your personal data personally in the context of operations relating to the delivery of Cortex Trade & Services SRL services / products to clients for the purposes specified below.
By the nature and procedures of services / products provided by Cortex Trade & Services SRL ("products" or "Cortex Trade & Services SRL"), their users ("Clients" or "Users") transmit certain personal data used to provide performing according to the legal provisions and proper procedures, in optimal conditions and in the safety of the services.
Protecting the personal data of Cortex Trade & Services SRL's clients and keeping them safe is one of the important concerns of Cortex Trade & Services SRL, its partners, subcontractors involved in the provision of services.
This Privacy Statement reflects the privacy policy applied to all Cortex Trade & Services SRL service users / products so that they are informed and able to make informed decisions about how their personal data that is collected by using the service is or will be used as well as the rights they have.
PERSONAL DATA
Personal data means both non-personal data and personal data - information about an identified or identifiable individual. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifying element, including, but not limited to: (i) name, forename, address, e-mail, telephone eg fixed, mobile, fax); (ii) financial information (eg income, etc.); (iii) various information required or required by service-specific product / service-specific authorities; (iv) information resulting from video / audio monitoring if the Client visits one of the locations where the Cortex Trade & Services SRL services or products are provided or contacts the support services; (v) the signature; (vi) any other information resulting from the processing carried out by Cortex Trade & Services SRL (eg customer segmentation according to different criteria, the unique identifier generated at Cortex Trade & Services SRL for each individual customer specific information services / products offered by Cortex Trade & Services SRL, etc.) and any other information that is necessary for the activities of Cortex Trade & Services SRL; (vii) the iP or the activities performed when you browse our site or use the Cortex Trade & Services SRL applications / services).
Personal data processing means any operation or set of operations that is performed on personal data by automated or non-automatic means such as the collection, recording, organization, storage, adaptation or modification, extraction, consultation, use, disclosure to third parties by transmission, dissemination or otherwise, joining or combining, blocking, archiving, deletion, destruction, etc.
COLLECTION OF INFORMATION
Information is collected in the process of providing services / products to users or potential users. The main sources of information are: 1. Forms used for the provision of services, data provided when using the websites or applications of Cortex Trade & Services SRL, other means of communication, questionnaires that users or potential users of services accept (without being bound to accept) to supplement upon our request other documents that users or potential users provide us at our request; 2. the transactions between Cortex Trade & Services SRL and its agents / partners and between them and the users of the service; 3. external sources - to fulfill specific obligations (competent institutions, public registers, electronic databases, information available in social media and on the Internet, or third-party abilities, holders of such information, such as, but not limited to, to the following: the National Trade Register Office, the court portal in Romania administered by the Ministry of Justice, other personal data providers, etc.).
We collect the following data:
Cortex Trade & Services SRL collects personal data from its users in three ways:
- directly from the user;
- Traffic data from the user's browser
- through cookies.
Personal data collected directly
A1. When you access cortex-services.ro you place an order we can ask for your name, surname and / or e-mail address as well as other data necessary for contracting, delivery or billing.
These data are kept for a period of 3 years after the termination of the contract (this
being the general prescription period). The invoice data is kept for 10 years (where it is
legal tax obligation).
If you do not give us this data, we will be unable to honor your order.
A2. When you access our support services, we may ask you for an email address or phone number. We reserve the right to record any communication made for the cortex-services.ro assistance services in order to improve our services. These data are used, for example, for the purpose of contacting you to resolve your claim / claim.
We may also request other data that may constitute personal data only to the extent that it is necessary for these purposes.
This data is retained until your consent is revoked until your activity shows us that you are no longer interested in our communication.
B. Traffic data
When you visit a website, regardless of the device you use, you disclose certain information about yourself, such as your IP address, your visit time, where you went to our sites, the visited pages. cortex-services.ro as well as other operators, register this information for a specified period of time. cortex-services.ro uses external traffic analysis services such as Google Analytics.
These data are used exclusively by cortex-services.ro to improve our site and services, but also to ensure the security of our site:
- data provided voluntarily by customers when placing the order (name, surname, delivery address, phone number) that we use to process the order and deliver the product to the customer via the courier. In case of return, we also use the IBAN (return form);
- Navigation data (IPs), which automatically logs in when a user visits the site and is used to collect anonymous statistical information about the use of the site, in order to see the correct functioning in full security;
- cookies - per session and fixed
The purpose of collecting your data is to respond effectively and promptly to your request at all stages of the acquisition process: checking the correctness of the data you entered in the order form, checking your order, issuing the invoice for the products you ordered. As well as to be able to contact you in case you are unclear about the completion of your order.
THE PURPOSE OF PERSONAL DATA PROCESSING
The goals for which Cortex Trade & Services SRL processes personal data are:
1. identification of users / potential users via the means of communication (eg telephone, e-mail, post, internet, fixed or mobile applications that the Client accesses to use the services provided);
2. monitoring operations and services and providing support services for users / potential users;
3. creating or analyzing profiles for improving services and conducting surveys, as well as performing any other types of promotion of services and / or conducting marketing or general advertising activities;
4. analyzing the behavior of any person accessing Cortex Trade & Services SRL sites by using cookies in order to provide content (general and commercial) adapted to user preferences, retains passwords, language preferences, child protection filters, limiting ad serving frequency, etc .;
5. Performing internal analyzes (including statistical analyzes) on both services and on the portfolio of users / potential users, for providing, improving and developing services, as well as conducting market studies and analyzes on;
6. Solving any procedural and / or legal situations related to the provision of services or the interest of the company
7. archiving in both physical and electronic format documents related to the provision of services and / or correspondence with users / potential users;
8. reporting to state institutions in accordance with applicable legal regulations of Cortex Trade & Services SRL (eg regulators and legal authorities).
THEMES OF PERSONAL DATA PROCESSING
Cortex Trade & Services SRL processes your personal data for the purposes mentioned above, based on the following grounds:
1. Execution of the contract and preliminary steps for this contract (Article 6 (1) b GDPR) - for the data collected through the order form or the data received as a result of the customer service;
2. Legal Obligations (Article 6 (1) c GDPR) for billing data required;
3. Consent (art 6 (1) of the GDPR) for marketing data for site visitors (e.g. newsletter subscription, marketing cookies, etc.);
4. The legitimate interest (art 6 (1) f GDPR for the data used for marketing for the current clients (according to the art 506/2004 art 12 (2)) cortex-services.ro, the security of the own site luiss.ro (recital 49 GDPR) and the data used internally to optimize your site cortex-services.ro (and anonymized or pseudonymized, as the case may be).
IS IT OBLIGATORY TO USE DATA COMMUNICATION? WHAT ARE THE CONSEQUENCES IN CASE OF REFUGE?
The processing of personal data requested by users / potential users by Cortex Trade & Services SRL in order to provide the services is considered strictly necessary for the provision of services in accordance with the legal provisions and procedures of Cortex Trade & Services SRL. Refusal to provide such data makes it impossible for us to provide the services. The user may choose not to process his data for direct marketing purposes.
DESTINATION OF PERSONAL DATA
In order to meet the above-mentioned goals, the company may disclose data to Clients, where strictly necessary, based on the need for knowledge, to the following third-party categories:
- regulators and legal authorities
- contractual partners (eg agents of the company, auditors, consultants, etc.), some of them being also the persons empowered by the operator with the processing of personal data.
These contractual partners also carry out business activity in Romania, and they can be provided with your personal data to be used within the limits of their obligations to the company. The personal data we disclose to the persons empowered by us with their processing are limited to the minimum necessary personal data for the execution of the respective services, and at the same time we ask them not to use personal data for any other purpose.
We make every effort to ensure that all entities with which we work keep your personal data safe and secure. Also, some of them are operators who also carry out their commercial activity in Romania, such as suppliers of payment services as agents.
Some of them are third parties who do not have the role of processing personal data, but can access them in order to fulfill their obligations or to interact with the company, such as technical maintenance companies, financial auditors or service providers legal services.
The above mentioned personal data may be made available or transmitted to third parties in the following situations: (i) public authorities, auditors or institutions competent in controlling the services, activities or assets of the company, provide information based on the legal obligations incumbent on the company; (ii) to meet a legal requirement, including those relating to the provision of services, or to protect the rights and assets of our company or other entities or persons, such as courts of law; (iii) third party acquirers, to the extent that the activity of the company would (totally or partially) be transferred and the personal data to the persons concerned would be part of the assets representing the object of the transaction.
TRANSFER OF PERSONAL DATA OUTSIDE THE COUNTRY
In the context of the operations described above, Customer's personal data may be transferred to countries within the European Union ("EU") or the European Economic Area ("EEA") outside the country. We hereby inform the Clients that any transfer made by the Company to an EU or EEA Member State will comply with the legal provisions of the General Data Protection Regulation no. 2016/679 adopted by the European Parliament ("GDPR").
DURATION OF THE PROCESS
We will only store Customer's personal data for the time required to achieve the processing purposes as outlined above and in compliance with applicable legal regulations including, but not limited to, archiving provisions.
WHAT'S HAPPENING WITH PERSONAL USERS 'DATA WHEN PROCESSING STOPS
After the above mentioned processing expires and the company no longer has legal or legitimate interest in the processing of your personal data, personal data will be erased in accordance with the company's procedures, which may involve archiving, anonymization , destruction.
AUTOMATIC DECISION-MAKING PROCESS AND PROFILE CREATION
The personal data mentioned herein can be subjected to automated decision-making processes, including profile creation.
SECURITY FOR THE PROCESSING OF PERSONAL DATA
The company constantly assesses and improves the security measures implemented to ensure the processing of personal data in safe and secure conditions.
Measures taken to ensure the security of personal data
1. Users who have access to the personal information database can only access the database with their own account name and password. All users are required to keep confidentiality of the data they have access to, and each session end in the database will close the session.
2. Users access personal data only to fulfill their job responsibilities;
3. Personal data may be printed only by users authorized for this operation and only for the purposes required by applicable laws (invoices, merchandise accompanying notes, commercial contracts).
The company's headquarters is equipped with an alarm system and personal data is stored electronically in secure, password-protected files. Paper-based information is kept in special dossiers, to which only employees of the company are subject to confidentiality.
THE RIGHTS OF THE PERSON CONCERNED WITH THE PROCESSING OF PERSONAL DATA
In the context of processing the personal data of users / potential users, the person concerned has the following rights:
1. The right to information - art. 13 and 14 GDPR. Allows the data subjects to know from the time they are collected how to use those data, to whom they will be disclosed or transferred, what rights the data subjects have on the processed data, etc .;
2. Right of access to processed personal data - art. 15 GDPR. Allows the person to obtain, from Cortex Trade & Services SRL, a confirmation that personal data concerning him / her are processed or not, and, if so, access to the data and other useful information;
3. Right to rectification or deletion of data - art. 17 GDPR. Allows the person to obtain from Cortex Trade & Services SRL the deletion / rectification of personal data concerning him without undue delays. There are, however, exceptions to this rule, such as: some data are processed to give the public the right to information; data is processed for statistical or archiving purposes; data are processed to meet a legal obligation or are processed to establish or defend a right in court;
4. Right to request Restriction of Processing - 18 GDPR: You have the right to obtain restriction of processing in cases where: (i) you consider that personal data processed are inaccurate for a period of time allowing the operator to verify the accuracy of the data personal; (ii) processing is illegal, but you do not wish to delete your personal data, but restrict the use of such data; (iii) if the data controller no longer needs your personal data for the purposes mentioned above, but you need data to establish, exercise or defend a right in court; or (iv) opposed to the processing for the period of time to ascertain whether the legitimate grounds of the data controller override the rights of the data subject;
5. The right to data portability - 20 GDPR. Represents the right to receive the personal data that you have provided Cortex Trade & Services SRL in a structured, commonly used and readable form, as well as the right to transfer the data to another operator , if the processing is based on your consent or the execution of a contract and is done by automatic means;
6. The right to withdraw your consent for processing, when processing is based on consent, without affecting the legality of the processing carried out to date;
7. The right to object to the processing of personal data - art. 21 GDPR - for reasons related to your particular situation, when processing is based on legitimate interest, as well as to oppose at any time , data processing for direct marketing purposes, including profile creation;
8. The right not to be the subject of a decision based exclusively on automated processing, including the creation of profiles, which produces legal effects that affect the data subject or similarly affects it to a significant extent;
9. The right to lodge a complaint with the National Authority for the Supervision of Personal Data Processing (ANSPDCP) and the right to appeal to the competent courts.
The data protection policy is based on the following data protection principles:
- The processing of personal data will be done in a legal, correct and transparent manner;
- Collection of personal data will only be done for specified, explicit and legitimate purposes, and data will not be further processed in a manner incompatible with those purposes;
- The collection of personal data will be appropriate, relevant and limited to the information required for the purpose of the processing;
- Personal data will be accurate, and where necessary updated;
- All necessary steps shall be taken to ensure that incorrect data is erased or corrected without delay;
- Personal data will be kept in a form that allows identification of the person concerned and for a period no longer than the one in which the personal data are processed;
- All personal data will be kept confidential and stored in a manner that provides the necessary security;
- Personal data will not be shared with third parties unless it is required for the purpose of providing services under agreements;
- Individuals concerned have the right to request access to their personal data, rectification and erasure, impediment or restriction of data processing as well as data portability.
AMENDMENTS TO THIS STATEMENT ON THE PROCESSING OF PERSONAL DATA
Cortex Trade & Services SRL reserves the right to modify this Statement - Privacy Policy without prior notice, in accordance with applicable law. To the extent that this Statement will be amended, Cortex Trade & Services SRL will publish an updated version on the site. Please review the Privacy Policy Statement from time to time, either at cortex-services.ro or in the locations where services are available to stay up-to-date with the latest version.
The above mentioned rights may be exercised at any time. In order to exercise these rights, we recommend that you use the forms that can be found on the website www.cortex-services.ro or by sending a notification in electronic format to the following address: cortex.services@gmail.com or a written notice , dated and signed, at: Pantelimon Road, Nr. 260, Bl. 46, sc.1, apt.1, Sector 2, Bucharest.
