Privacy Policy Regarding the Processing of Personal Data
We consider ensuring the right to the protection of personal data as a fundamental commitment of Better Business Alliance, therefore, we will dedicate all the necessary resources and efforts to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), as well as with any other legislation applicable in Romania. Since one of the essential principles of this legal framework is transparency, we have prepared this document through which we wish to inform you about how we collect, use, transfer and protect your personal data when you interact with us in relation to our products and services, including through our website or through the applications available on your mobile phone.
We reserve the right to periodically update and modify this privacy policy to reflect any changes in the way we process your personal data or any changes in legal requirements. In the event of any such change, we will display the modified version of the privacy policy on our website, which is why we ask you to periodically check the content of this page.
Who are we and how can you contact us?
Better Business Alliance is the trade name of SC …………… SRL, a Romanian legal entity, with its registered office in ………………………………, with serial number in the Trade Register …………………….., unique tax registration code ………………….. (hereinafter, “Better Business Alliance” or “we”). For the purposes of data protection legislation, we are the controller when we process your personal data.
Since we are always open to hearing your opinions, as well as providing you with any additional information you may need regarding the processing of your data, we encourage you to contact the Better Business Alliance Data Protection Officer at the e-mail address contact@betterbusinessalliance.ro or by post or courier to the address …………………………. – with the mention: For the attention of the Better Business Alliance Data Protection Officer.
What categories of personal data do we process?
In general, we collect your personal data directly from you, so that you have control over the type of information you provide to us. For example, we receive information from you as follows:
When you comment or send a message to Better Business Alliance, you send us: email address, last name and/or first name, phone number;
When you fill out information request forms, you provide us with both personal data (name, email address, mobile phone number), and data about the company you represent.
You can consult the WordPress privacy policies using the following link: https://wordpress.org/about/privacy/
We may also collect and subsequently process certain information regarding your behavior while visiting our website or using the smartphone application, in order to personalize your online experience and provide you with offers tailored to your profile. We invite you to learn more about this by consulting the section on the purposes of processing below.
On our website and smartphone application we may store and collect information in cookies and similar technologies.
We do not collect or otherwise process sensitive data, included in the General Data Protection Regulation in special categories of personal data. We also do not wish to collect or process data of minors under the age of 16.
What are the purposes and grounds for processing?
We will use your personal data for the following purposes:
To provide Better Business Alliance services to you
This general purpose may include, as appropriate:
providing support services or providing answers to your questions
registration for one of the services and events organized by Better Business Alliance
The processing of your data for these purposes is in most cases necessary for the conclusion and performance of a contract between Better Business Alliance and you. Also, certain processing subsumed for these purposes is required by applicable law, including tax and accounting law.
To improve our services
We constantly want to offer you the best online browsing experience. To do this, we may collect and use certain information about your User behavior, we may invite you to complete satisfaction surveys following the completion of a visit, or we may carry out, directly or with the help of partners, studies and market research.
We base these activities on our legitimate interest, always taking care that your fundamental rights and freedoms are not affected.
For marketing
We want to keep you informed about the best offers for the products/services that interest you. In this regard, we may send you any type of message (such as: e-mail/ SMS/ telephone/ mobile push/ webpush/etc.) containing general and thematic information, information on products or events, information on offers or promotions, information on products for which you have shown interest, as well as other commercial communications such as market research and opinion polls, and we may display personalized recommendations on the website and in the smartphone application. In order to provide you with information of interest to you, we may use certain data regarding your user behavior (e.g. pages viewed). We always ensure that these processing operations are carried out in compliance with your rights and freedoms, and that decisions taken on their basis do not have legal effects on you and do not similarly affect you to a significant extent.
In most cases, we base our marketing communications on your prior consent. You can change your mind and withdraw your consent at any time by:
Accessing the unsubscribe link displayed within the messages you receive from us;
or by contacting the Better Business Alliance using the contact details described above.
In certain situations, we may base our marketing activities on our legitimate interest to promote and develop our business. In any situation where we use information about you for our legitimate interest, we take care and take all necessary measures to ensure that your fundamental rights and freedoms are not affected. However, you can ask us at any time, by the means described above, to stop processing your personal data for marketing purposes, and we will comply with your request.
To protect our legitimate interests
There may be situations where we will use or disclose information to protect our rights and business. These may include:
Website protection measures
Measures to prevent and detect fraud attempts, including the transmission of information to the competent public authorities
Measures to manage various other risks
The general basis for these types of processing is our legitimate interest in defending our activity, it being understood that we ensure that all the measures we take guarantee a balance between our interests and your fundamental rights and freedoms.
Also, in certain cases we base our processing on legal provisions such as the obligation to ensure the security of goods and values provided for by the applicable legislation in this matter.
How long do we keep your personal data?
As a general rule, we will store your personal data as long as we have a communication with you to provide you with the requested information or to answer the questions you ask us. You may at any time request that we delete certain information or unsubscribe from certain information services, and we will comply with these requests, subject to the retention of certain information including after the account is closed, in situations where applicable law or our legitimate interests require it.
To whom do we transmit your personal data?
Where appropriate, we may transmit or provide access to certain of your personal data to the following categories of recipients:
to courier service providers;
to marketing/telemarketing service providers;
to IT service providers;
to other companies with whom we may develop joint programs to market our goods and services.
If we are legally obliged to do so, or if it is necessary to defend a legitimate interest, we may also disclose certain personal data to public authorities.
We ensure that access to your data by third-party legal entities under private law is carried out in accordance with the legal provisions regarding data protection and confidentiality of information, based on contracts concluded with them.
To which countries do we transfer your personal data?
We currently store and process your personal data in Romania.
However, we may transfer some of your personal data to entities located in the European Union or outside the Union, including countries that the European Commission has not recognized as having an adequate level of protection for personal data.
We will always take steps to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests. Transfers to service providers and other third parties will always be protected by contractual commitments and, where appropriate, by other safeguards, such as standard contractual clauses issued by the European Commission or certification schemes, such as the Privacy Shield for the protection of personal data transferred from within the EU to the United States.
You can contact us at any time, using the contact details set out above, to find out more information about the countries to which we transfer your data, as well as the guarantees we have put in place regarding these transfers.
How do we protect the security of your personal data?
We are committed to ensuring the security of your personal data by implementing appropriate technical and organizational measures, in accordance with industry standards.
The transmission of your personal data is done using encryption algorithms managed by WordPress and other partner/collaborator providers.
Despite the measures taken to protect your personal data, we draw your attention to the fact that the transmission of information over the Internet, in general, or through other public networks, is not completely secure, there is a risk that the data can be seen and used by unauthorized third parties. We cannot be responsible for such vulnerabilities of systems that are not under our control.
What rights do you have?
The General Data Protection Regulation recognizes a series of rights in relation to your data. personal data. You may request access to your data, correction of any errors in our files and/or object to the processing of your personal data. You may also exercise your right to complain to the competent supervisory authority or to take legal action. Where applicable, you may also benefit from the right to request the deletion of your personal data, the right to restriction of the processing of your data and the right to data portability.
In order to exercise your rights, you may contact us using the contact details set out above. Please note the following if you wish to exercise these rights:
dentity
We take the confidentiality of all records containing personal data seriously. For this reason, please send us your requests regarding such records using your personal email address (if applicable, the one used to log in to your WordPress account). Otherwise, we reserve the right to verify your identity by requesting additional information aimed at confirming your identity.
Fees
We will not charge you a fee for exercising any of your rights regarding your personal data, unless your request for access to information is unfounded, repetitive or excessive, in which case we will charge a reasonable fee in such circumstances. We will inform you of any fees applied before resolving your request.
Response time
We aim to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made multiple requests, in which case we will respond within a maximum of two months. We will let you know if we need more than one month. You may be asked if you can tell us exactly what you want to receive or what concerns you. This will help us to act more quickly and shorten the time it takes to respond to your request.
Third party rights
We do not have to comply with a request if it would adversely affect the rights and freedoms of other data subjects.
Rights concerned:
Access
You can ask us to:
confirm whether we are processing your personal data;
provide you with a copy of that data;
provide you with further information about your data. personal data, such as the data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it, what rights you have, how you can make a complaint, where we obtained your data, to the extent that the information has not already been provided to you through this information.
Rectification
You may ask us to rectify or complete your personal data that is inaccurate or incomplete. We may try to verify the accuracy of the data before rectifying it.
Erasure of data
You may ask us to erase your personal data, but only if:
it is no longer necessary for the purposes for which it was collected; or
you have withdrawn your consent (where the processing was based on consent); or
you exercise a legal right to object; or
it has been processed unlawfully; or
we are subject to a legal obligation to do so.
We are not obliged to comply with your request to erase your personal data if the processing of your personal data is necessary:
for compliance with a legal obligation; or
for the establishment, exercise or defence of legal claims.
There are certain other circumstances in which we are not obliged to comply with your request. to delete the data, although these are the two most likely circumstances in which we would refuse this request.
Restriction of data processing
You can ask us to restrict the processing of your personal data, but only if:
its accuracy is contested (see rectification section), to allow us to verify its accuracy; or
the processing is unlawful, but you do not want the data to be deleted; or
it is no longer necessary for the purposes for which it was collected, but you need it to establish, exercise or defend legal claims; or
you have exercised your right to object and the verification of whether our rights prevail is ongoing.
We may continue to use your personal data following a request for restriction, if:
we have your consent; or
to establish, exercise or defend legal claims; or
to protect the rights of Better Business Alliance or another individual or entity.
Data portability
You can ask us to provide your personal data in a structured, commonly used and machine-readable format, or you can request that it be “ported” directly to another data controller, but in each case only if:
the processing is based on your consent or on the conclusion or performance of a contract with you; and
the processing is carried out by automated means.
Opposition
You can object at any time, on grounds relating to your particular situation, to the processing of your personal data based on our legitimate interest, if you consider that your fundamental rights and freedoms override this interest.
You can also object at any time to the processing of your data for direct marketing purposes (including profiling), without giving any reason, in which case we will cease such processing as soon as possible.
Automated decision-making
You may request not to be subject to a decision based solely on automated processing, but only where the decision:
produces legal effects concerning you; or
otherwise similarly and significantly affects you.
This right does not apply if the decision reached as a result of automated decision-making:
is necessary for us to enter into or perform a contract with you;
is authorised by law and there are appropriate safeguards for your rights and freedoms; or
is based on your explicit consent.
Complaints
You have the right to lodge a complaint with the supervisory authority regarding the processing of your personal data. In Romania, the contact details of the supervisory authority for data protection are as follows:
National Authority for the Supervision of Personal Data Processing
B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, postal code 010336, Bucharest, Romania
Telephone: +40.318.059.211 or +40.318.059.212;
Email: anspdcp@dataprotection.ro
Without prejudice to your right to contact the supervisory authority at any time, please contact us in advance, and we promise that we will make every effort to resolve any issue amicably.
We remind you that you can contact the Better Business Alliance Data Protection Officer at any time by sending your request by any of the following means:
e-mail to: contact@betterbusinessalliance.ro
post or courier to: ………………………………….