office@fereastrakomfort.ro +40 734 882 526

Contact

Data Protection

SECURITY POLICY REGARDING THE PROCESSING OF PERSONAL DATA
Applicable legislation:

The European Parliament and the Council adopted, on April 27, 2016, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/ CE (General Data Protection Regulation – RGPD).

Regulation (EU) 2016/679 was published in the Official Journal of the Union L119 of 4 May 2016, and its provisions will be directly applicable in all member states of the European Union, starting from 25 May 2018.

Regulation (EU) 2016/679 imposes a unique set of rules on the protection of personal data, replacing Directive 95/46/EC and, implicitly, the provisions of Law no. 677/2001.

SC. ROMKOMFORT TRADING SRL with office in Calea Smîrdan, Nr. 11 – A, Galati, Romania, 800700, registered at the Galați Trade Register under no. J17/82/2020 , having unique registration code RO 25924341, processes personal data for legitimate purposes, in compliance with the applicable legislation on the protection of personal data and in accordance with this personal data processing policy.

The processing of personal data is carried out under conditions that ensure security, confidentiality and respect for the rights of the persons concerned.

Accessing the website of SC. ROMKOMFORT TRADING SRL. or by submitting the CV/Application form online, in electronic format or in physical format at the work point of SC. ROMKOMFORT TRADING SRL. (hereinafter referred to as “OPERATOR”), all users agree to comply with this personal data processing policy and the legislation in force.

SC. ROMKOMFORT TRADING SRL. undertakes to maintain the confidentiality of personal data provided through the website http://www.romkomfort.ro/. If you do not want your data to be collected, please do not provide it to us.

We will further present to you what kind of data can be collected by SC. ROMKOMFORT TRADING SRL., how they are protected and used and how they can be disclosed.

At the same time, this policy aims to establish rules of conduct to ensure the highest level of protection of personal data processed by SC. DEKAEM CREWING SRL. and applies to the collection, use, disclosure and protection of the personal information you provide to us. Therefore, please read the paragraphs below to learn as much as possible about the security policy regarding the processing of SC’s personal data. ROMKOMFORT TRADING SRL.

The personal data processing policy establishes the technical and organizational measures necessary to fulfill the obligations related to the security and control of both computer and manual systems, in order to ensure the confidentiality of data and information as well as to protect personal data against accidental or illegal destruction , loss, modification, disclosure or unauthorized access, within the current activity performed by SC. ROMKOMFORT TRADING SRL employees.

Employees of SC. ROMKOMFORT TRADING SRL. (users), who have access to the database of personal information, have signed a written agreement on the confidentiality of the processed data. Users access personal data only for the performance of service duties.

Access to the company is audio-video monitored and equipped with an alarm system, and personal data is stored electronically in secure files. Information on paper is kept in special files, to which only company employees who have signed a confidentiality agreement regarding the processed data have access.

By security requirements we mean a complex of technical, IT, organizational, logistical measures, procedures and security policies to ensure a high level of security of the data we hold about you.

According to the legislation in force SC. ROMKOMFORT TRADING SRL. has the obligation to manage in safe conditions and only for the specified purposes the personal data that you provide us about yourself, a member of your family or a third party.

We inform you that the data you decide to provide us are “personal data” according to the provisions of Regulation (EU) 2016/679 and by completing these data you express your express and unequivocal agreement that any personal data, as well as any information provided by you, to be stored, processed and used by SC. ROMKOMFORT TRADING SRL

SC. ROMKOMFORT TRADING SRL. processes the personal data provided by you for the purpose of selecting and placing personnel for employment in the territory of the European Union.

We offer the possibility of registering your CV/ C.V. – Application form in our database, in person at the company’s office or online at www.dkm.ro. After registering in our database, SC. ROMKOMFORT TRADING SRL. will collect your personal data, necessary for the development of the company’s activity according to CAEN code 7810 – “Activities of labor placement agencies”, with which it is registered at the Trade Register on 25.05.2011. You are obliged to provide personal data as they are necessary for their processing in order to identify a job.

SC. ROMKOMFORT TRADING SRL. request the following personal data in order to process them for the purpose of identifying a job:

first and last name, date of birth, home address, postal code, citizenship,
identity card, passport
phone number, date/period when you can start the service, e-mail address,
qualification held on inland waters, qualification held on the river Rhine,
professional training, diplomas, studies, courses, certificates,
known foreign languages, professional experience – at least the last three years,
name and telephone number of the person to call in case of emergency,
degree of kinship, the person who can be called in case of emergency.

Your refusal to provide the above information determines the impossibility of finding a job according to the job offers received from the European Union.

Continuing to access the website equates to your consent to the processing of personal data for the above purpose. In case you no longer want to SC. ROMKOMFORT TRADING SRL. to process your personal data, please send a written, dated and signed request to SC. ROMKOMFORT TRADING SRL.

When you access the website www.dkm.ro, non-personal data (internet browser, number of visits, pages accessed) are automatically recorded (but not part of your registration on the website). This information is used to measure access to the site and to improve its content. Your data will not be transmitted to a third party.

We review our data collection, storage and processing practices to ensure that we process, collect and store only that data necessary to provide our services. We take the necessary measures as far as possible to ensure that the personal data we process is correct, complete and current, but we depend on you to provide us with updated data or to correct personal data where necessary. If some of the data about you is incorrect, incomplete or inaccurate, please inform us as soon as possible. The information registered in our database is used by SC. ROMKOMFORT TRADING SRL. and are communicated only to the following recipients:

SC’s contractual partners. ROMKOMFORT TRADING SRL. – which acts as an “intermediary” on behalf of SC. ROMKOMFORT TRADING SRL. ;
to the shipowner/potential shipowner of the person in question – representing the “beneficiary” directly from the service agreement,
the travel agency, in order to purchase plane tickets,
to the insurance brokerage company, in order to issue the travel insurance policy abroad
to the insurance brokerage company, in order to issue the insurance policy for the risk of non-payment of salaries of seafaring personnel on board ships under the Romanian or foreign flag
Romanian Naval Authorities

Your data will be transferred to countries in the European Union, in order to be employed in the jobs provided in the job offers communicated by the contractual partners of SC. ROMKOMFORT TRADING SRL. – this can only be done with your express and unequivocal consent.

We will inform you about any additions or changes also on this page dedicated to data protection. SC. ROMKOMFORT TRADING SRL. reserves the right to revise and update this policy at any time without notice or prior acceptance of users.

We mention that in order to determine the period for which the data will be processed, we take into account the contractual duration until the expiration of the contractual obligations and the archiving terms.

Your rights

The right of access means that you have the right to obtain a confirmation from us whether or not we are processing your personal data and, if so, access to the respective data and to information regarding the manner in which the data are processed. SC. ROMKOMFORT TRADING SRL. is obliged to communicate the requested information within 20 working days from the date of receipt of the request.

The right to data portability refers to the right to receive personal data in a structured, commonly used and automatically readable format and to the right to have these data transmitted directly to another operator/company, if this is feasible from technical point of view.

The right to opposition represents the right to oppose the processing of personal data when the processing is necessary for the performance of a task that serves a public interest or when it considers a legitimate interest of SC. ROMKOMFORT TRADING SRL.

The right to rectification refers to the correction, without undue delay, of inaccurate personal data. The rectification will be communicated to each recipient to whom the data were sent, except in the case where this proves impossible or involves disproportionate efforts.

The right to data deletion (“the right to be forgotten”) means that you have the right to request that we delete your personal data, without undue delay, if one of the following reasons applies: they are no longer necessary for the fulfillment the purposes for which they were collected or processed; you withdraw your consent and there is no other legal basis for processing; you oppose the processing and there are no legitimate reasons that prevail; personal data were processed illegally; personal data must be deleted to comply with a legal obligation; personal data were collected in connection with the provision of information society services. SC. ROMKOMFORT TRADING SRL. is obliged to delete your personal data within 24 hours from the date of receipt of the request.

The right to restrict processing can be exercised if the person disputes the accuracy of the data, for a period that allows us to verify the correctness of the data; the processing is illegal, and the person opposes the deletion of personal data, requesting (through a written request) the restriction instead; in case SC. ROMKOMFORT TRADING SRL. he no longer needs the personal data for the purpose of processing, but the person requests them for establishing, exercising or defending a right in court; if the person has objected to the processing for the time interval in which it is checked whether the legitimate rights of the operator prevail over those of the respective person. SC. ROMKOMFORT TRADING SRL. is obliged to restrict your personal data within 24 hours from the date of receipt of the request.

All these rights can be exercised through a written request, signed and dated, sent to our office: Calea Smîrdan, Nr. 11 – A, Galati, Romania, 800700

The personal data you provide to SC. ROMKOMFORT TRADING SRL. are collected and processed by it only with your express consent.

If you do not want to provide us with your personal data, please tick NO in the registration form. Your refusal determines the impossibility of being able to offer you our services.

The web pages of SC. ROMKOMFORT TRADING SRL. may contain links to other internet pages. SC. ROMKOMFORT TRADING SRL. is not responsible for the security practices or the content of other internet pages.

If you have concerns or questions related to the processing of personal data, you can contact:

PERSONAL DATA PROTECTION OFFICER WITHIN SC. ROMKOMFORT TRADING SRL.

Laura MOISESCU

Phone number: + 40 784022655

Email: protectiadatelordkm@gmail.com

Complaints regarding the processing of personal data can be addressed to:

of the National Supervisory Authority for the Processing of Personal Data

G-ral Blvd. Gheorghe Magheru 28-30 Sector 1, postal code 010336 Bucharest, Romania

anspdcp@dataprotection.ro

+40 318 059 211

+40 318 059 212

http://www.dataprotection.ro/index.jsp?page=contact

Definitions used in the Personal Data Processing Policy

“personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more many specific elements, specific to his physical, physiological, genetic, psychological, economic, cultural or social identity;

“processing” means any operation or set of operations performed on personal data or sets of personal data, with or without the use of automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, extract, consult, use, disclose by transmission, disseminate or otherwise make available, align or combine, restrict, delete or destroy;

“restriction of processing” means the marking of stored personal data in order to limit their future processing;

“data record system” means any structured set of personal data accessible according to specific criteria, whether centralized, decentralized or distributed according to functional or geographical criteria;

“operator” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data; when the purposes and means of processing are established by Union law or domestic law, the operator or the specific criteria for its designation may be provided for in Union law or domestic law;

“person authorized by the operator” means the natural or legal person, public authority, agency or other body that processes personal data on behalf of the operator;

“recipient” means the natural or legal person, public authority, agency or other body to whom (to whom) personal data is disclosed, whether or not it is a third party. However, public authorities to whom personal data may be communicated in the context of a specific investigation in accordance with Union or national law are not considered recipients; the processing of this data by the respective public authorities complies with the applicable data protection rules, in accordance with the purposes of the processing;

“third party” means a natural or legal person, public authority, agency or body other than the data subject, the operator, the person authorized by the operator and the persons who, under the direct authority of the operator or the person authorized by the operator, are authorized to process data with personal character;

“consent” of the data subject means any manifestation of the data subject’s free, specific, informed and unambiguous will by which he accepts, by an unequivocal statement or action, that personal data concerning him be processed;

“personal data breach” means a security breach that results in the accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data transmitted, stored, or otherwise processed, or unauthorized access to them;

“cross-border processing” means
(a) either the processing of personal data that takes place in the context of the activities of the offices in several Member States of an operator or a person authorized by the operator on the territory of the Union, if the operator or the person authorized by the operator has offices in at least two Member States ; or

(b) either the processing of personal data that takes place in the context of the activities of a single seat of an operator or a person authorized by the operator in the territory of the Union, but which significantly affects or is likely to significantly affect data subjects from at least two member states;

Principles of personal data processing:

(1) Personal data are:

(a) processed lawfully, fairly and transparently to the data subject (“legality, fairness and transparency”);

(b) collected for specific, explicit and legitimate purposes and not further processed in a way incompatible with these purposes; further processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered incompatible with the original purposes (“purpose limitations”);

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”);

(d) accurate and, where necessary, kept up to date; all necessary steps must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is deleted or rectified without delay (“accuracy”);

(e) kept in a form that allows the identification of the data subjects for a period that does not exceed the period necessary to fulfill the purposes for which the data are processed; personal data can be stored for longer periods to the extent that they will be processed exclusively for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes, subject to the implementation of technical measures and organizationally appropriate provided in this regulation in order to guarantee the rights and freedoms of the data subject (“storage-related limitations”);

(f) processed in a way that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by taking appropriate technical or organizational measures (“integrity and confidentiality”).

Legality of processing

(1) Processing is legal only if and to the extent that at least one of the following conditions applies:

(a) the data subject has given his consent to the processing of his personal data for one or more specific purposes;

(b) the processing is necessary for the execution of a contract to which the data subject is a party or to take steps at the data subject’s request before the conclusion of a contract;

Consent Conditions

The data subject has the right to withdraw his consent at any time. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent before its withdrawal. Before consent is given, the data subject is informed of this. Withdrawing consent is as simple as giving it.

The rights of the data subject

Transparency of information, communications and ways of exercising the rights of the data subject

The operator takes appropriate measures to provide the data subject with any information referred to in articles 13 and 14 (information to be provided when the data is obtained from the data subject or from other sources) and any communications under articles 15-22 (the right of access to own data, the right to rectification, the right to deletion, the right to restrict processing, the right to data portability, the right to opposition, the right to notify rectification, deletion of data or opposition to automatic processing including the creation of profiles) and 34 regarding processing, in a concise form , transparent, understandable and easily accessible, using clear and simple language, especially for any information specifically addressed to a child.

The operator provides the data subject with information regarding the actions taken following a request pursuant to articles 15-22, (the right of access to own data, the right to rectification, the right to deletion, the right to restrict processing, the right to data portability, the right to opposition, the right to notify the rectification, deletion of data or opposition to automatic processing, including the creation of profiles), without undue delay and in any case within one month at most from the receipt of the request. This period may be extended by two months when necessary, taking into account the complexity and number of applications.

Information and access to personal data

Information to be provided where personal data is collected from the data subject

(1) If personal data relating to a data subject are collected from him, the operator, at the time of obtaining this personal data, provides the data subject with all the following information:

(a) the identity and contact details of the operator and, as the case may be, of his representative;

(b) the contact details of the Data Protection Officer, as applicable;

(c) the purposes for which the personal data are processed, as well as the legal basis of the processing;

(d) if the processing is necessary for the purpose of the legitimate interests pursued by the operator or a third party, which are concretely the legitimate interests pursued by the operator or a third party;

(e) recipients or categories of recipients of personal data;

(f) if applicable, the controller’s intention to transfer personal data to a third country or international organization and the existence or absence of a Commission decision on adequacy or, in the case of transfers based on adequate safeguards, a reference to the safeguards adequate or appropriate and to the means of obtaining a copy thereof, if they have been made available.

(2) In addition to the information mentioned in paragraph (1), when personal data is obtained, the operator provides the data subject with the following additional information necessary to ensure fair and transparent processing:

(a) the period for which the personal data will be stored or, if this is not possible, the criteria used to establish this period;

(b) the existence of the right to request from the operator, with regard to the personal data relating to the data subject, access to them, their rectification or deletion or restriction of processing or the right to oppose processing, as well as the right to data portability ;

(c) when the processing is based on the consent of the data subject, the existence of the right to withdraw the consent at any time, without affecting the legality of the processing carried out on the basis of the consent before its withdrawal;

(d) the right to lodge a complaint with a supervisory authority;

(e) whether the provision of personal data represents a legal or contractual obligation or an obligation necessary for the conclusion of a contract, as well as whether the data subject is obliged to provide this personal data and what are the possible consequences of non-compliance with this obligation;

(f) the existence of an automated decision-making process including the creation of profiles, as well as, at least in the respective cases, relevant information on the logic used and on the importance and expected consequences of such processing for the data subject.

(3) If the operator intends to subsequently process the personal data for a purpose other than that for which they were collected, the operator shall provide the data subject, before this further processing, with information regarding the respective secondary purpose and any additional information relevant, in accordance with paragraph (2).

(4) Paragraphs (1), (2) and (3) do not apply if and to the extent that the data subject already possesses the respective information.