Privacy Policy
PERSONAL DATA PROCESSING (hereinafter referred to as “Policy”)
The purpose of this Policy is to explain the type of personal data collected, how they are processed, the rights of data subjects, their retention time and other information related to the processing of personal data. Data protection is a priority for the management of MADALINAFIT S.R.L. with professional headquarters in Bucharest, sector 1, Intrarea PECETEI no. 4A, bl.4, sc. 3, et. 4, ap.110, having the unique identification code 43013756. Navigation on the pages of our site is possible without any declaration of personal data. However, for certain specific situations such as completing a quiz, a questionnaire or participating in a contest, data subjects may collect and process certain personal data. If the processing of personal data is necessary and there is no statutory basis for this processing, we undertake to obtain the consent of the data subject. The processing of personal data – such as name, surname, address, e-mail address, telephone number of a data subject – will be performed each time in accordance with the provisions of Regulation no. 679 of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (“Regulation”) and in accordance with specific data protection regulations countries where MADALINAFIT S.R.L. operates. Through this Policy, we wish to inform the general public about the nature, extent, and purpose for which we collect and process personal data. In addition, the data subjects are also informed about the rights they enjoy, rights regulated by the Regulation. As an operator, MADALINAFIT S.R.L. has implemented numerous technical and organizational measures to ensure the complete protection of personal data.
Definitions
This Policy is based on all applicable laws regarding the protection of personal data. The policy must be comprehensible both to the general public and to customers and business partners. To ensure this, we will explain the terminology used. In this Policy we will use the following terms:
Personal data or Personal data refers to any information that makes it possible to identify a natural person (data subject).
Target person – represents an identified or identifiable natural person. An “identifiable” natural person is a person who can be identified, directly or indirectly, including by reference to an identification number or to one or more factors characteristic of his physical, physiological, mental, economic, cultural or social identity,
Processing – means performing any operation or set of operations on personal data, with or without automatic means, such as collection, registration, organization, storage, adaptation or modification, retrieval, consultation, use, disclosure (by transmission, dissemination or placement otherwise available), alignment or combination, blocking, deletion or destruction.
Restriction of processing – refers to the marking of personal data processed in order to limit their processing in the future,
Pseudonymization – is the processing of personal data in such a way that personal data can no longer be attributed to a data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organizational measures to ensure the fact that personal data are not attributed to an identified or identifiable natural person,
Operator or operator responsible for processing – is a natural or legal person, public authority, agency or other body that, alone or with the help of third parties, determines the purposes or means of processing personal data; where the purposes and means of processing are determined by Union or Member State law, the operator or the specific criteria for its designation may be provided by Union or Member State law,
Recipient – is a natural or legal person, public authority, agency or other body, to which personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in a particular investigation in accordance with Union or Member State legislation will not be seen as addressees; the processing of such data by public authorities shall be in accordance with the rules applicable to data protection in accordance for processing purposes.
Third party – is a natural or legal person, public authority, agency or other body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data,
Consent – the consent of the data subject is any indication given freely, specific, informed and clear that the data subject provides through a statement or a clear affirmative action, signifying the agreement for the processing of his personal data.
Name and address of the operator MADALINAFIT S.R.L.
MADALINAFIT S.R.L. with professional headquarters in Bucharest, sector 1, Intrarea PECETEI no. 4A, bl.4, sc. 3, et. 4, ap.110, CUI: 43013756, Email: gains@madalinafit.com, Website: www.madalinafit.com
Cookies
MADALINAFIT S.R.L. web pages use Cookies. Cookies are text files that are stored on a computer through the internet browser. Many sites and servers use cookies. Many cookies contain a code called a cookie. By using cookies, MADALINAFIT S.R.L. may provide site users with several easy-to-use services that would not be possible without setting cookies. With the help of a cookie, the information and offers on the site can be optimized considering the user.
Newsletter subscription
The madalinafit.com website offers users the opportunity to subscribe to the newsletter. MADALINAFIT S.R.L. informs his clients and business partners regularly through a newsletter about the company’s offers. The newsletter can be received by the data subject only if (1) the data subject has a valid email address and (2) if the data subject registers to receive the newsletter. A confirmation email will be sent to the email address registered by the data subject for the first time in order to send the newsletter, for legal reasons, through the double opt-in procedure. This confirmation email is used to prove that the owner of the email address is authorized to receive the newsletter. During the newsletter subscription, we store the IP address of the computer system assigned by the internet service provider (ISP) and used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary to understand the possible inappropriate uses of the email address of a targeted person at a later date, and therefore serves the purpose of legal protection. The personal data collected as part of the registration for a newsletter will only be used to send the newsletter. In addition, those who subscribe to the newsletter will be informed by email, as long as this is necessary for the newsletter service or for a registration in question, as this may be the case in the event of changes to the newsletter offer, or in the eventuality of a change of technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. Newsletter subscriptions may be terminated by the data subject at any time. The consent to store personal data, given by the data subject for receiving the newsletter, can be revoked at any time. There is a link in each newsletter to unsubscribe.
Possibility of contact through the website
The MADALINAFIT S.R.L. website contains information that allows a short electronic contact with our company, as well as direct communication with us, by including a general email address. If a data subject contacts us by email or through the contact form, the personal data transmitted by him voluntarily are stored automatically. Such personal data, voluntarily transmitted by a data subject to the controller, are stored for the purpose of processing and contacting the data subject.
Periodical deletion and blocking of personal data
MADALINAFIT S.R.L. will process and store personal data of the data subject only for the period necessary to fulfill its storage purpose, or for the period provided by the European legislator or by other applicable laws. If the purpose of storage is not applicable, or if the storage period provided by the applicable legislation in force expires, personal data are deleted, in accordance with legal requirements.
The rights of the data subject
The right of access of the data subject. In order to exercise the right of access, the data subject may at any time contact MADALINAFIT S.R.L. with a request in this regard to obtain a report of the data with personal character;
The right of rectification. Each data subject has the right to obtain the rectification of personal data when they are incorrect or have undergone certain changes or need to be completed.
The right to delete. Each data subject has the right to request the deletion of personal data as follows: i) when the data are no longer necessary for the purpose for which they were collected or processed, ii) the data subject withdraws his consent on the basis of which the processing takes place, iii) the data subject objects to processing in accordance with Article 21 (1) of the Regulation and there are no legal grounds for processing, or the data subject objects to processing in accordance with Article 21 (2) of the Regulation, iv) personal data have been illegally processed or a legal provision in force requires their deletion.
The right to restrict processing. Each data subject has the right to obtain the restriction of processing, where one of the following cases applies: i) the accuracy of personal data is challenged by the data subject, ii) the processing is illegal and the data subject opposes the deletion of personal data, but instead requests the restriction iii) MADALINAFIT S.R.L. no longer needs personal data in order to process them, but they are requested by the data subject for the unit, in order to exercise certain rights, iv) the data subject has objected to the processing in accordance with Article 21 (1) of the Regulation until the verification of whether the legitimate grounds of MADALINAFIT S.R.L. prevail over those of the data subject.
The right to data portability. Each data subject has the right to request the transfer of personal data to a third party or to the data subject himself.
The right to opposition. Each data subject has the right to object at any time, for reasons related to his / her particular situation, to the processing of personal data concerning him / her, which is based on points (e) and (f) of Article 6 (1). of the Regulation. This also applies to profile creation. MADALINAFIT S.R.L. will no longer process personal data in the event of an opposition, unless we can demonstrate convincing and legitimate grounds for processing, which override the interests, rights and freedoms of the data subject, or for establishing, exercising or defending legal rights. If MADALINAFIT S.R.L. processes personal data for direct marketing purposes, where there is prior consent, the data subject will have the right to object at any time to the processing of his personal data for such marketing. This applies to profiling to the point where it is related to such direct marketing. If the data subject objects to the processing performed by MADALINAFIT S.R.L. for direct marketing purposes, then MADALINAFIT S.R.L. will no longer process his personal data for these purposes. In addition, the data subject has the right, on grounds related to his or her particular situation, to object to the processing of his or her personal data by MADALINAFIT S.R.L. for purposes of scientific or historical research, or for statistical purposes, in accordance with Article 89 (1) of the Regulation, unless the processing is necessary for the accomplishment of a task performed in the public interest.
The right to withdraw consent. Each data subject has the right to withdraw his / her consent to the processing of personal data at any time.
The right to file a complaint to the supervisory authority – if the data subject considers that his / her legitimate rights in relation to the processing of personal data have been violated, he / she may address a complaint to the National Supervisory Authority for processing. Personal Data, based in G-ral Blvd. Gheorghe Magheru 28-30, Sector 1, postal code 010336, Bucharest, Romania.
If you wish to exercise your rights or send us a notification / request, please contact us at the contact details indicated in this Policy. MADALINAFIT S.R.L. will answer you as soon as possible but not later than 30 days. For any delays we will notify you and give you the justified reasons for the delay.
The period for which the personal data will be stored
Personal data will be kept only for the period necessary for the purpose for which they were collected. After the expiration of that period, the corresponding data are deleted. Only those personal data that are part of the documents will be kept for which the law provides for an archiving term, and at the expiration of the legal archiving term they will be destroyed.
Providing personal data as a legal or contractual requirement
Requirement to conclude a contract; The obligation of the data subject to provide personal data; the possible consequences of not fulfilling these data. We clarify that the provision of personal data is required in part by law (eg tax regulations) or may result from contractual provisions (eg information on the contractual partner). Sometimes it may be necessary to conclude a contract according to which the data subject provides us with personal data, which must be further processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him or her.
Protection of personal data
MADALINAFIT S.R.L. applies an internal framework of policies and minimum standards regarding the protection of personal data. These policies and standards are regularly updated to comply with market regulations and developments. In accordance with the legal provisions in force, we take appropriate technical and organizational measures (policies, procedures, security, etc.) precisely to ensure the confidentiality and integrity of personal data as well as to ensure the necessary framework for their processing.