In the following rows you will find everything you need to know about processing your personal data as a user of the rivamamaia.ro site – what data we collect, what we do with your rights, and how you can contact us with any questions related to GDPR and the protection of your data. This document includes the personal data processing policy.
Content of information:
- Who are we?
- What are personal data?
- What personal data do we collect?
- Data provided by you directly
- Your personal data protection rights and the new GDPR Regulation.
- What we do with your data, who has access to it, which third-party companies we work with and who have access to your data (the purpose for which this information comes to third parties, restrictions) and the transfer of data outside the European Union.
- How we protect and what security measures we have implemented to protect your personal information.
- How can you contact us?
Who are we?
Sc Plaza Events, with headquarters in CONSTANTA, STR. PESCARILOR, NR.26, LOT 1, CAMERA 2, BL. MZ11, ET. P
What are personal data?
As explained in the GDPR Regulation, “personal data” means any information about an identified or identifiable individual (“the data subject”). An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or one or more specific elements of his physical, physiological, genetic, psychic, economic, cultural or social identity.
There is no list of personal data, and GDPR does not require states to make such a list simply because a date can become in a given personal context, and in another context it is simply a information without value of personal data.
Here are a few examples of personal data: name, address, email (including name.name email@example.com), identity data, location, IP, cookie, ID, picture (picture or cctv shooting of a person or group of people).
What personal data do I collect?
At the site rivamamaia.ro we collect:
- Anonymous traffic and audience data
- Interaction with your inbox messages (view, click within newsletters);
- Interaction with various links, images, banners, boxes, videos from our site;
- The information provided by you, directly in the case of subscriptions, in case of subscriptions to events, buying a certain service offered by us, voluntarily offering the data for the contests.
- Rivamamaia.com collects information from you in three ways – directly from the traffic reports registered by the servers hosting the site rivamamaia.ro and through cookies.
Data provided by you directly
You, as a user, can provide us with direct data through the registration forms on our site – to subscribe to participate in an event, to purchase a service.
Forms include the following fields – username, surname, email address, password (encryption, and we do not have access to your password / passwords). Your phone may be required for events or services that require immediate direct contact with you. The address can be requested if you purchase a service and are a mandatory field on the tax invoices issued (address processing is done for legal purposes on the accounting basis for filing tax returns requested by authorities in Romania).
We use this data to allow you access to your account on our site or our sites or our services. The legal basis is the contract in which you are a party with us each time you access any of our sites by accepting the Terms and Conditions for the provision of these services.
Your personal data protection rights and the new GDPR Regulation.
Right to information – art. 13 and 14 GDPR. It enables the data subjects to know, from the time they are collected, how the data will be used, to whom they will be disclosed or transferred, what rights the data subjects have on the processed data, etc.
Right of access to data – art. 15 GDPR. Allows you to obtain from us a confirmation that personal data concerning you are processed or not, and, if so, access to that data and other useful information.
Right to delete data – art. 17 GDPR. It allows you to obtain from us the deletion of personal data that concerns you. There are, however, exceptions to this rule, such as the idea that some data are processed to give the public the right to information, are processed for statistical purposes or archive, are processed to fulfill a legal obligation or we process them for establishing or defending a right in court.
Right to rectification of data – art. 16 GDPR. It allows you to obtain from us the rectification or completion of inaccurate personal data that concerns you.
Right to Restrict Data – Art. 18 GDPR. It is a temporary right. In some situations, between the moment when, for example, we make the decision to delete certain data (we no longer need personal data for processing) and the actual deletion of the data, you are sending us a request that you oppose deletion, motivating the fact that you need these data to find, exercise or defend a right in court. As a result of such a request, we will “freeze / block” the data by stopping processing it.
Right to data portability – art. 20 GDPR. You have the right to receive personal data concerning you and that you have provided to the operator (who processes them under a contract or on your consent, by automatic means) in a structured format that is currently used and which can be automatically read and you have the right to transmit this data to another operator without any obstacles on our part. In other words, your personal data will be provided to you in a structured format so that you can decide whether to download them or, on the contrary, send them to another operator.
Right to opposition – art. 21 GDPR. You have the right to oppose, for example, the processing of your personal data when it is processed for direct marketing purposes. Remember that you have the opportunity to request the list of newsletters you subscribe to and you can unsubscribe from each email from us.
The right not to be the subject of a decision based solely on automatic processing, including the creation of profiles, which produces legal effects affecting the data subject or significantly affects him or her.
The right to lodge a complaint with the National Supervisory Authority for Personal Data Processing. Avenue G-ral. Gheorghe Magheru 28-30, Sector1, codpoştal 010336, Bucharest, Romania, + 40.318.059.211 / + 40.318.059.212, firstname.lastname@example.org.
What we do with your data, who has access to them, which third-party companies we work with and who have access to your data (the purpose for which this information comes to third parties, restrictions)
We use personal data provided by users to provide a high quality service to display our sites and all their functionality correctly on all the devices on which they are accessed (for this reason we use anonymized data). Following your consent, we provide you with communications from our collaborators and customers carefully thought out and chosen based on your profile, respecting the standards set by the associations that regulate good online advertising practices. We use your data on a legal basis in accordance with applicable law if you choose to buy any of our services. We use your data to organize your participation in our events (transmission of relevant information, program, good event communications, confirmation of participation).
Your personal data is internally managed (general site databases, subscriptions databases, event participant databases, customer base buyers of our paid services – eg WSPRO, internal CRMs, billing system) for the provision of our services and the legal basis for the situations governed by the tax code in force. Domestic databases have access to authorized employees who have received the necessary training to comply with database security, technical departments, marketing, or accountancy departments.
Third parties who have access to your personal data are divided into several categories. You will find below those categories and the basis for the transfer. Access to third parties (less to authorities or institutions) is governed by a contract that includes provisions on personal data protection and compliance with the new GDPR Regulation.
empowered – those companies that provide us with products and services – media agencies and advertisers on our sites; the market research agencies we use for our own rivamamaia.ro analysis purposes; companies that help us technically provide you with high quality services (for monitoring, analysis, marketing). Employees are also considered as information or telecommunication providers.
Third parties providing accounting, legal services, public authorities and institutions, auditors and other external consultants who may need access to information or data to provide their services.
How we protect and what security measures we have implemented to protect your personal information
At rivamamaia.ro we have a team of professionals and suppliers with experience in protecting our servers. In this regard, we have accomplished all the necessary steps to have the highest level of security – secure and accredited server hosting, access procedures, antivirus and attack detection.
At rivamamaia.ro we have implemented secure procedures to protect your organizational and technical data, including password encryption, anonymization of information used on our site’s functionalities, SSL certificates.
How can you contact us?
You may contact us with questions about the protection of your personal data and any request for the exercise of your rights under the Rights section using the following ways:
By email at email@example.com
By courier or post to Mamaia Boulevard, Mamaia Resort, Sud Casino
By phone at 0742. 709,709
Our complete data:
SC Plaza Events Srl
Headquarters: CONSTANTA, STR. PESCARILOR, NR.26, LOT 1, CAMERA 2, BL. MZ11, ET. P
Nr. Registration of the Trade Register: J13 / 1460/2012
The legal term in which you can receive a response from us is 30 calendar days.