Aspendos considers ensuring the right to the protection of personal data as a fundamental commitment of Aspendos
We will therefore dedicate all possible resources and efforts to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), as well as any other applicable legislation. As one of the key principles of this legal framework is transparency, this document serves to inform you about how we collect, use, transfer and protect your personal data when you interact with us about our products and services. , including through our website.
Who we are and how you can contact us
SC ART EVOSOCIETY SRL is a Romanian legal entity, having its registered office in Sasar, str 1 Decembrie Nr. 94, with serial number in the Trade Register J24/609/2017 unique fiscal registration code 37447181 (hereinafter “new”). For the purposes of data protection legislation, we are the operator and processor when we process your personal data.
As we are always open to hearing your views, as well as providing you with any additional information you may need regarding the processing of your data, we encourage you to contact Aspendos Data Protection Staff at email@example.com
What categories of personal data do we process
We generally collect your personal data directly from you so that you have control over the type of information you provide to us. By way of example, we receive information from you as follows:
When you create an account, respectively use the aspendos.eu site, send us your name and surname, e-mail address and telephone number;
When you fill in the contact form – by sending an email or calling the valid phone numbers – send us your name and surname and e-mail address.
When using Aspendos Social Media pages. You can view the privacy policies of Facebook and Google, respectively, using the following links:https://www.facebook.com/about/privacyhttps://policies.google.com/privacy
We may also collect and further process certain information about your behavior while visiting our website, in order to personalize your online experience and provide you with offers tailored to your profile. We invite you to learn more. details in this regard by consulting the section on the purposes of processing below.
On our website we may store and collect information in cookies and similar technologies, according to the Cookies Policy.
We do not collect or otherwise process sensitive data, included in the General Data Protection Regulation in special categories of personal data. We also do not want to collect or process data on minors under the age of 16.
What are the purposes and grounds of processing
We will use your personal data for the following purposes:
- For the provision of services offered by Aspendos for your benefit:
This general purpose may include, as appropriate, the following:
Processing all your requests
The processing of your data for these purposes is in most cases necessary for the conclusion and execution of a contract between Aspendos and you. Certain processing subject to these purposes is also required by applicable law, including tax and accounting law.
- To improve our services
We always want to offer you the best experience. For this, we may collect and use certain information related to your behavior as a Customer, we may invite you to complete satisfaction questionnaires subsequent to the completion of services or we may conduct, directly or with the help of partners, studies and market research.
We base these activities on our legitimate interest in doing business, always making sure that your fundamental rights and freedoms are not affected.
- For marketing
In certain situations, we may base our marketing activities on our legitimate interest in promoting and developing our business. In any case where we use information about you for our legitimate interest, we take care and take all necessary measures to ensure that your fundamental rights and freedoms are not affected. However, you can ask us at any time, by the means described above, to stop the processing of your personal data for marketing purposes, and we will process your request as soon as possible.
- To defend our legitimate interests
There may be situations in which we use or transmit information to protect our rights and business. These may include:
Measures to protect the website and users of the Aspendos platform against cyber attacks:
Measures to prevent and detect fraudulent attempts, including the transmission of information to the competent public authorities;
Measures to manage various other risks.
The general basis of these types of processing is our legitimate interest in defending our commercial activity, it being understood that we ensure that all the measures we take guarantee a balance between our interests and your fundamental rights and freedoms.
Also, in certain cases we base the processing on legal provisions such as the obligation to ensure the protection of goods and values provided by the applicable legislation in this matter.
As long as we keep your personal data
As a general rule, we will store your personal data as long as you have an account on the Aspendos platform. You may request us to delete certain information or close your account at any time, and we will respond to such requests, subject to the retention of certain information, including after closing the account, where applicable law or our legitimate interests so require.
If you do not have an account in the Aspendos platform, the general rule is to keep the information related to the services performed for a period of 5 years from the end of the service intervention. As with the previous situation, we may retain certain data after the expiry of this period, in accordance with applicable law or our legitimate interests.
To whom we transmit your personal data
Where applicable, we may transmit or provide access to certain personal data of yours to the following categories of recipients:
companies within the same group of companies as Aspendos;
service operation partners;
producers with whom we are in authorized service contractual relations
courier service providers;
payment / banking service providers;
marketing / telemarketing service providers;
market research service providers;
other companies with which we can develop joint programs to offer our goods and services on the market.
If we have a legal obligation, or if it is necessary to defend a legitimate interest, we may also disclose certain personal data to public authorities.
We ensure that access to your data by third parties under private law is made in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them.
In which countries do we transfer your personal data
We currently store and process your personal data in Romania.
However, from time to time, we may transfer certain of your personal data to entities located outside Romania. These entities may be located in the European Union or outside the Union, including in countries for which the European Commission has not recognized an adequate level of protection of personal data.
We will always take steps to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests. Transfers to service providers and other third parties will always be protected by contractual commitments and, where appropriate, other guarantees, such as standard contractual clauses issued by the European Commission or certification schemes, such as the Privacy Shield for the protection of personal data. transferred from within the EU to the United States.
You can contact us at any time, using the contact details set out above, to find out more about the countries in which we transfer your data, as well as the guarantees we have put in place regarding these transfers.
How we protect the security of your personal data
We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures, according to industry standards.
We keep your personal data on secure servers ensuring storage redundancy.
Despite the measures taken to protect your personal data, we warn you that the transmission of information via the Internet, in general, or through other public networks, is not completely secure, there is a risk that the data may be seen and used by third parties. unauthorized. We cannot be held responsible for such vulnerabilities in systems that are beyond our control.
What rights do you have?
The General Data Protection Regulation gives you a number of rights in relation to your personal data. You may request access to your data, correct any errors in our files and / or object to the processing of your personal data. You may also exercise your right to complain to the competent supervisory authority or to go to court. Where applicable, you may also have the right to request the deletion of your personal data, the right to restrict the processing of your data and the right to data portability.
More information about each of these rights can be obtained by consulting the table below.
In order to exercise your rights, you can contact us using the contact details set out above. Please note the following if you wish to exercise these rights:
Identity. We take seriously the confidentiality of all records that contain personal data. For this reason, please send us your requests regarding such registrations using the e-mail address related to the Aspendos account or, as the case may be, the e-mail address communicated in the service request in order to extend the warranty. Otherwise, we reserve the right to verify your identity by requesting additional information for the purpose of confirming your identity.
Fees. We will not charge you any fees or charges to exercise any right in respect of your personal data, unless your request for access to information is unfounded, unfounded in accordance with the criteria provided, and is repetitive. or excessive, in which case we will charge an amount to cover any costs that are involved in carrying out and successfully completing its procedure. We will inform you of any fees applied before resolving your application.
Third party rights. We must not comply with a request if it would adversely affect the rights and freedoms of other data subjects.
Access You can ask us:
to confirm if we process your personal data;
provide you with a copy of this data;
to provide you with other information about your personal data, such as the data we have, what we use it for, to whom we disclose it, if we transfer it abroad and how we protect it, how long we keep it, what rights you have, how you can make a complaint, from where we obtained the data, to the extent that the information has not already been provided to you by this information.
Rectification You may ask us to rectify or complete your inaccurate or incomplete personal data. We may try to verify the accuracy of the data before rectifying it.
Deleting Data You may ask us to delete your personal data only if:
they are no longer necessary for the purposes for which they were collected; or
you withdrew your consent (if the data processing was based on consent); or
exercise a legal right to oppose; or
they were processed illegally; or
we have a legal obligation in this regard.
We are not obligated to comply with your request to delete personal data if the processing of your personal data is necessary:
for compliance with a legal obligation; or
for the establishment, exercise or defense of a right in court;
There are certain other circumstances in which we are not required to comply, we honor your request to delete the data, although these are the two most likely circumstances in which we may refuse this request.
You must ensure that, before exercising this right, you make sure that you have all the documents related to the service interventions performed by Aspendos on your products.
If you do not do this before exercising your right to delete, you will lose all these documents and Aspendos will therefore be unable to make them available to you because the process of deleting data is an irreversible process. .
You can ask us to restrict the processing of personal data, but only if:
their accuracy is contested (see rectification section) to allow us to verify their accuracy; or
processing is illegal, but you do not want the data to be deleted; or
they are no longer necessary for the purposes for which they were collected, but you need them to ascertain, exercise or defend a right in court; or
you have exercised your right to object, and the verification of whether our rights prevail is ongoing.
We may continue to use your personal data following a request for a restriction if:
we have your consent; or
to establish, exercise or ensure the defense of a right in court; or
to protect the rights of another natural or legal person.
You can ask us to provide you with personal data in a structured, commonly used and automatically readable format, or you can request that it be “ported” directly to another data controller, but in each case only if:
processing is based on your consent or the conclusion or execution of a contract with you; and
processing is done by automatic means.
Opposition You may object at any time, for reasons related to your particular situation, to the processing of your personal data under our legitimate interest, if you consider that your fundamental rights and freedoms prevail over this interest. You may also object at any time to the processing of your data for direct marketing purposes (including profiling), without giving any reason, in which case we will cease processing as soon as possible.
You can request not to be subject to a decision based solely on automatic processing, but only when that decision:
produces legal effects on you; or
it affects you in a similar way and to a significant extent.
This right shall not apply where the decision reached following the automatic decision-making:
we are required to enter into or enter into a contract with you;
is authorized by law and there are adequate guarantees for your rights and freedoms; or
is based on your explicit consent.
Complaints You have the right to lodge a complaint with the supervisory authority regarding the processing of your personal data. In Romania, the contact details of the data protection supervisory authority are the following: National Authority for the Supervision of Personal Data Processing
B-dul G-ral. Gheorghe Magheru no. 28-30, Sector 1, postal code 010336, Bucharest, Romania
Phone: +40.318.059.211 or +40.318.059.212;
Without prejudice to your right to contact the supervisory authority at any time, please contact us in advance, and we promise that we will make every effort to resolve any issue amicably.
This policy sets out how we process any personal data we collect from you or that you provide to us through our website and social media sites. We confirm that we will keep your information secure and comply fully with all applicable Romania Data Protection legislation and regulations. Please read the following carefully to understand what happens to personal data that you choose to provide to us, or that we collect from you when you visit our sites. By submitting information you are accepting and consenting to the practices described in this policy.
Types of information we may collect from you
We may collect, store and use the following kinds of personal information about individuals who visit and use our website and social media sites:
Information you supply to us. You may supply us with information about you by filling in forms on our website or social media. This includes information you provide when you submit a contact/inquiry form. The information you give us may include but is not limited to, your name, address, e-mail address, and phone number.
How we may use the information we collect
We use the information in the following ways:
Information you supply to us. We will use this information:
- to provide you with information and/or services that you request from us;
- To contact you to provide the information requested.
Disclosure of your information
Any information you provide to us will either be emailed directly to us or may be stored on a secure server.
We do not rent, sell or share personal information about you with other people or non-affiliated companies.
We will use all reasonable efforts to ensure that your personal data is not disclosed to regional/national institutions and authorities unless required by law or other regulations.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
Your rights – access to your personal data
You have the right to ensure that your personal data is being processed lawfully (“Subject Access Right”). Your subject access right can be exercised in accordance with data protection laws and regulations. Any subject access request must be made in writing to [insert contact details]. We will provide your personal data to you within the statutory time frames. To enable us to trace any of your personal data that we may be holding, we may need to request further information from you. If you complain about how we have used your information, you have the right to complain to the Information Commissioner’s Office (ICO).