We consider personal data protection to be a fundamental commitment of Materom, therefor we will dedicate all necessary resources and efforts to manage your data in full compliance with the Regulations (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), as well as any other laws applicable on Romania’s territory. As one of the essential principles of this legal framework represents transparency, we have prepared this document through which we inform you upon the way we collect, use, transfer and protect your personal data when you interract with our products and services, including through our website or offer requests.
Who are we and how can you contact us?
Materom is the commercial brand of SC MATEROM SRL., a Romanian company established on 800 Viilor Street, Cristesti, Mures County, registration number J26/165/1998, unique financial registration code RO10302235 (further referred to as “Materom” or “we“). Regarding the data protection legislation, we are an operator when we process your personal data.
As we are always open to know your opinion, as well as to provide you with any extra information that you may need, related to the processing of your data, we encourage you to contact the Materom data protection Responsible by email: firstname.lastname@example.org or by mail or messenger at the address 800 Viilor Street, Cristesti, Mures County – with the mention: for the attention of the Materom data protection Responsible.
What type of personal data do we process?
Generally, we collect your personal data directly from you, through the contact page: First and last name, email, phone number, your message, so that you have control over the type of information that you offer us.
We may also consequently collect and process certain information regarding your behavior during your visit of our website, in order to customize the online experience and give you offers adapted to your profile. We invite you to find out more by consulting the section below, regarding the purposes of the process below.
We do not collect and we do not process in any other way sensitive data, included by the GDPR in special personal data categories. Also, we do not wish to collect or process data belonging to minors that have not reached the age of 16.
What is the purpose and justification of the data process?
We are going to use your personal data for the following purposes:
In any situation in which we use information related to you for a legal interest of ours, we are mindful and take all the necessary precautions so that your fundamental rights and liberties would not be affected. However, you may request any time, through the means described above, that we stop processing your personal data, and we shall fulfill your request to provide Materom services in your favor.
This general scope may include, depending on the situation, the following:
To improve our services
We continuously wish to try and deliver the best online presentation about us. For this, we may collect and use certain information related to your behavior as a visitor or future recruit if you apply on our website.
To protect our legal interests
There may be situations in which we shall use or transmit information in order to protect our rights and our commercial activity. These may include:
- Protection measures for the website and the users of the materom.ro platform against cyber attacks;
- Prevention and detection measures against fraud attempts, including transmitting some information to the enabled public authorities;
- Measures to manage various other risks.
The legal basis for this type of data processing is our rightful interest to protect our commercial activity, meaning we make sure that all the measures we take ensure a balance between our interests and your fundamental rights and liberties.
Also, in some cases we base the processing of data on legal directives, such as our obligation to ensure the protection of goods and valuables specified by the applied legislation in this field.
For how long do we keep your personal data?
You may request any time that we delete certain information and we shall comply to such requests, under the reservation of keeping some information, in the situations in which the applicable legislation or our legal interests demand it.
To whom do we transmit your personal data?
Depending on the situation, we may transmit or give access to certain personal data to the following types of receivers:
If it is our legal obligation or if it is necessary to protect a legal interest, we may as well disclose some personal data to the public authorities.
We make sure that the access to your data by third party private right legal entities is made in compliance with the legal provisions regarding data protection and information privacy, on the basis of some agreements closed with them.
In what countries do we transfer your personal data?
For the time being, we store and process your personal data in Romania.
However, it is possible to transfer some of your personal data to entities within the European Union, or outside the Union, including in countries that the European Cmmission did not acknowledge an adequate personal data protection level.
We shall always take measures to ensure that any international personal data transfer is thoroughly handled with the purpose to protect your rights and interests. The transfers to service providers and other third parties will always be protected through contract agreements and, depending on the case, through warranties, such as standard contract clauses issued by the European Commission or the certification schema.
You may contact us any time, using the contact details mentioned above, to find out more information about the countries we transfer your data to, as well as the guarantees that we applied related to these transfers.
How do we ensure the security of your personal data?
We commit to ensure the security of the personal data by implementing appropriate technical and organizational measures, according to the industry standards.
The transmission of your personal data is made using the latest encryption algorithms (TLS 1.2) and we store it on secure servers, thus ensuring data redundancy.
Despite the measures take to ensure the protection of your personal data, we want to point out the fact that transmitting information over the Internet, in general, or through other public networks, is not completely safe, and there is always a risk that your data will be viewed and used by unauthorized third parties. We are not responsible for such vulnerabilities of some systems that are not under our control.
What are your rights?
The GDPR acknowledges several rights regarding your personal data. You may request access to your data, the correction of any errors in your files and/or you may decline the processing of your personal data. Also, you may exercise the right to submit complaints to the competent surveillance authority, or to address your complaints to the justice system. Depending on the case, you may benefit from the right to request the deletion of your personal data, the right to restrict the processing of your data and the right to transfer your data.
Find out more about each of these rights by consulting the table below.
In order to exercise your rights, you may contact us using the contact details presented above. Please keep in mind the following details if you wish to exercise these rights:
Identity. We take it seriousely when it comes to the provacy of all the records that contain personal data. For this reason, we ask you to transmit your requests regarding these records using the email associated to the materom.ro account. Otherwise, we reserve the right to check your identity by requesting extra information with the purpose of confirming your identity.
Fees. We shall not charge any tax to exercise any of your rights regarding your personal data, except for the case in which your information access request is unfounded, repetitive or excessive, in which case we shall charge a reasonable sum for such circumstances. We shall inform you about any fees before resolving your request.
Response time. We want to respond to any valid requests within a period of maximum one month, with the exception of the case in which this is particularly complicated or if you have made several other requests, in which case we shall respond in maximum two months. We shall notice you if we need more than a month. We might ask you to tell us exactly what you want or what concerns you. This will help us act more quickly and shorten the response time for your request.
Third party rights. We do not have to respect a request if it will negatively affect the rights and liberties of other persons.
|Access||You may request us:
|Correction||You may ask us to correct or complete your personal data that is inexact or incomplete.
It is possible that we will check the reliability of the data before correcting them.
|You may ask us to delete your personal data, but only if:
We do not have the obligation to comply to your request to delete your personal data if processing your personal data is necessary:
There are certain other circumstances when we are not obliged to respect your request to delete the data, even though these two are the most probable circumstances in which we would decline your request.
|Restricting data processing||You may ask us to restrict the personal data, but only if:
We may use your personal data as a result of a restriction request, in case which:
|Data migration||You may request us to give you access to the personal data in a structured format, used currently and which may be read automatically, or you may request that it should be “migrated” directly to another data operator but in each case, only if:
|Decline||You may decline the processing of your personal data at any moment, for reasons related to your particular situation, based on our rightful interest, in case you consider that your fundamental rights and liberties prevail compared to this interest.
You may also oppose any time to the processing of your data for marketing purposes (including profit gain), without giving any reason, in which case we shall stop this processing as soon as possible.
|Taking automated decisions||You may request that you are no object of a decision based on automatic processing, but only when that decision:
This right does not apply in case the decision taken as a result of automatic decision-making:
|Complaints||You have the right to file a complaint to the surveillance authority, regarding the processing of your personal data. In Romania, the contact details of the surveillance authority for data protection are:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, cod poștal 010336, București, Romania
Phone: +40.318.059.211 or +40.318.059.212;
Without affecting your right to contact at any moment the surveillance authority, we’d like to ask you to contact us beforehand, and we promise to put all necessary effort to solve any problem in a friendly manner.
- We remind you that you may contact at any moment the Data Protection Responsible by sending your request in any of the following ways:
– by email at email@example.com or by mail or courier at the address: Loc.: Cristești, Str. Viilor nr. 800, Jud. Mures – with the following mention: in the attention of the Data Protection Responsible.