Official Schwing-Stetter representative
in Romania
Data Protection
General presentation
Data protection is of the highest priority for us. The use of our website is possible without indicating personal data; however, if the processing of personal data is necessary and there is no legal basis for such processing, we generally request the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address or telephone number of the person concerned, must always be in accordance with the General Regulation on data protection and in accordance with the specific regulations of each country on data protection. Through this data protection policy, we want to inform the general public about the nature and purpose of the personal data we collect, use and process. in addition, the data subjects are informed, through this data protection declaration, of the rights to which they are entitled.
as a data controller, (see the definition below), we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, data transmissions based on the Internet may, in principle, have security gaps, so absolute protection may not be guaranteed.
Name and address of the Operator/Controller
The controller within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws applicable in the member states of the European Union and other provisions related to data protection can be contacted here:
NAME: TUBLOROM SRL
ADDRESS Str. Poppy no. 1
POSTAL CODE: 077046.
COUNTRY: Romania.
PHONE: 0740.233.353
CONTACT EMAIL: office@tublorom.ro
Definitions
This data protection declaration is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration must be legible and easy to understand both for the general public and for our clients and business partners. To ensure this, we would first like to explain the terminology used.
In this data protection declaration, we use the following terms:
a.) Personal data
Personal data means any information relating to an identified or identifiable natural person ("data subject"). Identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier or one or more specific physical, genetic factors , mental, economic, cultural or social of that natural person.
b) Data Subject
The data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for processing.
c) Processing
Processing, processing, storage, adaptation or modification, retrieval, consultation, use, processing, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.
d) Restriction of processing
Restriction of processing is the marking of personal data stored in order to limit their processing in the future.
e) Profiling
Profiling means any form of automatic processing of personal data that consists in the use of personal data to evaluate certain personal aspects related to a natural person, in particular to analyze or predict aspects of the natural person's performance at work, the economic situation , health, personal preferences, interests, reliability, behavior, location or movements.
f) Pseudonym
Pseudonymization is the processing of personal data in such a way that personal data can no longer be assigned to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for processing
The controller or controller responsible for processing is the natural or legal person, public authority, agency or other body that, alone or jointly with others, establishes the purposes and means of personal data processing; if the purpose and means of such processing are determined by the legislation of the Union or the Member State, the operator or the specific criteria for its appointment may be provided by the legislation of the Union or the Member State.
h) Processor
The processor is a natural or legal person, a public authority, an agency or another body that processes personal data on behalf of the operator.
i) Recipient
The beneficiary is a natural or legal person, a public authority, an agency or another body, to whom the personal data is disclosed, regardless of whether it is a third party or not. However, public authorities that may receive personal data within a specific investigation in accordance with the legislation of the Union or the Member States are not considered recipients; the processing of this data by the respective public authorities must be in accordance with the applicable data protection rules in accordance with the purposes of the processing.
j) Tert
The third party is a natural or legal person, a public authority, an agency or a body other than the data subject, controller, processor and persons who, under the direct authority of the operator or the processor, are authorized to process personal data._cc781905- 5cde-3194-bb3b-136bad5cf58d_
k) Consent
The data subject's consent is any specific, informed and unambiguous indication of the data subject's wishes by which he, through a statement or through a clear affirmative action, accepts the processing of personal data concerning him._cc781905-5cde-3194-bb3b -136bad5cf58d_
Cookie
Our website uses cookies. Cookies are text files that are stored in a computer system through an Internet browser.
Many Internet sites and servers use cookies. Many cookies contain a cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which Internet pages and servers can be assigned to the Internet browser in which the cookie was stored. This allows the Internet sites and servers visited to differentiate the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.
By using cookies, we can offer users of this site more easy-to-use services that would not be possible without setting cookies.
By means of a cookie, the information and offers on our website can be optimized according to the user. Cookies allow us, as previously mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. The user of the website that uses cookies, e.g. they do not have to enter access data every time the site is accessed, because it is taken over by the website, and the cookie is thus stored in the user's computer system. Another example is the cookie of a shopping basket in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart by means of a cookie module.
The person concerned can, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used and can thus definitively refuse the setting of cookies. in addition, the cookies already set can be deleted at any time through an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the internet browser used, not all functions of our website can be used in full.
Collection of data and general information
Our website collects a series of data and general information when a data subject or an automated system requests the website. These data and general information are stored in server log files. Collected can be (1) the browser types and versions used, (2) the operating system used by the access system, (3) the website from which an access system reaches our site (so-called referrals ) (5) date and time of access to the website, (6) Internet protocol address (IP address), (7) Internet service provider of the access system and (8) any other similar data and information that may be used in the case of attacks on our information technology systems.
When we use this data and general information, we do not draw any conclusions about the person concerned. Rather, this information is necessary to: (1) correctly provide the content of our website, (2) optimize the content of our website, as well as its advertising; (3) ensure the long-term viability of our information technology systems, and (4) provide law enforcement authorities with information necessary for criminal prosecution in the event of a cyber attack. Therefore, we statistically analyze the data and information collected anonymously, with the aim of increasing the security of our company's data and data and to ensure an optimal level of protection of the personal data we process. The anonymous data of the server log files is stored separately from all personal data provided by a data subject.
The rights of the data subject.
a) The right of confirmation
Each data subject has the right granted by the European legislator to obtain from the operator a confirmation regarding the fact that the personal data concerning him or her are not being processed. If a data subject wishes to exercise this right of confirmation, he or she may, at any time, contact any employee of the operator.
b) Right of access
Each data subject has the right granted by the European legislator to obtain from the operator free information about his personal data stored at any time and a copy of this information. in addition, European directives and regulations grant access to the following information:
- the purposes of the processing, the categories of personal data concerned, the recipients or the categories of recipients whose personal data have been or will be disclosed, especially recipients from third countries or international organizations, when possible, the stipulated period for which the data with personal character will be stored or, if not possible, the criteria used to determine that period;
- the existence of the right to request the rectification or deletion of personal data from the operator or the restriction of the processing of personal data relating to the person concerned or to oppose such processing, the existence of the right to file a complaint with a supervisory authority, in case which personal data are not collected from the data subject, any information available regarding their source, the existence of an automatic decision-making process, mentioned in Article 22 paragraphs (1) and (4) of the GDPR and, at least in those cases, significant information regarding the logic involved, as well as the expected consequences of such processing for the data subject.
In addition, the data subject has the right to obtain information regarding the transfer of personal data to a third country or to an international organization. in this case, the person concerned has the right to be informed about the corresponding guarantees regarding the transfer.
If a data subject wishes to avail himself of this right of access, he or she may, at any time, contact any employee of the operator.
c.) The right to rectification
Each data subject has the right granted by the European legislator to obtain from the operator, without undue delay, the rectification of inaccurate personal data concerning him. taking into account the purposes of the processing, the data subject has the right to complete incomplete personal data, including by providing an additional declaration.
If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the operator.
d.) Right to erasure (Right to be forgotten)
Each data subject has the right granted by the European legislator to obtain from the operator the deletion of personal data concerning him without undue delay, and the operator has the obligation to delete personal data without delay if one of the following reasons applies apply, as long as processing is not necessary:
Personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed. The data subject withdraws the consent on which the processing is based in accordance with Article 6 paragraph (1) letter (a) of the GDPR or point (a) of Article 9 paragraph (2) of the GDPR and if there is no other legal reason for the processing . The data subject objects to the processing pursuant to Article 21 paragraph (1) of the GDPR and there are no legitimate imperative reasons for the processing or the data subject is subject to processing in accordance with Article 21 paragraph (2) of the GDPR. Personal data were processed illegally. Personal data must be deleted in order to comply with a legal obligation under the law of the Union or of the member state to which the controller is subject. The personal data were collected in connection with the offer of informational society services mentioned in Article 8 paragraph (1) of the GDPR.
If one of the reasons mentioned above applies and a data subject wishes to request the deletion of personal data stored by us, he or she may, at any time, contact any employee of the operator. An employee must immediately ensure that the erasure request is complied with immediately.
If the operator has made the personal data public and is obliged, in accordance with Article 17 paragraph (1), to delete the personal data, the operator, taking into account the available technology and implementation costs, takes reasonable measures, including technical measures, the controllers that process personal data that the data subject has requested the deletion by these controllers of any links, copying or replication of these personal data, to the extent that the processing is not necessary. An employee will arrange the necessary measures in individual cases.
e) The right to restrict processing
Each data subject has the right granted by the European legislator to obtain from the operator the restriction of processing if one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period that allows the controller to verify the accuracy of the personal data. The processing is illegal, and the data subject opposes the deletion of personal data and requests the limitation instead, the controller no longer needs the personal data for the purpose of processing, but they are requested by the data subject to establish, exercise or defend the requirements legal. The data subject has objected to the processing in accordance with Article 21 paragraph (1) of the GDPR pending verification of whether the legitimate reasons of the operator overlap with those of the data subject. in the event that one of the previously mentioned conditions is met and the data subject wishes to request the restriction of the processing of stored personal data, he or she may contact any employee of the operator at any time. The employee will arrange the restriction of the processing.
f.) The right to data portability
Each data subject has the right granted by the European legislator, to receive the personal data that have been provided to a controller, in a structured, commonly used and legible format. He has the right to transmit this data to another controller without being prevented by the operator to whom the personal data were provided, as long as the processing is based on the consent provided for in Article 6 paragraph (1) letter (a) of the GDPR or of Article 9 paragraph (2) letter (a) of the GDPR or of a contract based on Article 6 paragraph (1) letter (b) of the GDPR, and the processing is done by automatic means, as long as the processing is not necessary for the fulfillment a task performed in the public interest or in the exercise of public authority conferred on the operator.
In addition, in exercising his right to data portability in accordance with Article 20 paragraph (1) of the GDPR, the data subject has the right to transmit personal data directly from one operator to another, if this is technically feasible and when he does not do this, he negatively affects the rights and freedoms of others.
To assert the right to data portability, the data subject can contact any employee at any time.
g) The right to object
Each data subject has the right granted by the European legislator, at any time, for reasons related to his particular situation, to the processing of personal data concerning him, which is based on letter (e) or (f) ) of article 6 paragraph ( 1) from GDPR. This also applies to profiling based on these provisions.
We will no longer process personal data in the event of an objection, unless we can demonstrate compelling legitimate reasons for the processing that exceed the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims._cc781905-5cde-3194- bb3b-136bad5cf58d_
If we process personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him for such marketing. This applies to profiling insofar as it is related to such direct marketing. if the data subject objects to processing for direct marketing purposes, we will no longer process personal data for these purposes.
In addition, the data subject has the right, for reasons related to his particular situation, to oppose the processing of personal data concerning him for scientific or historical research purposes or for statistical purposes pursuant to Article 89 paragraph (1) of the GDPR, with the exception of the case where the processing is necessary for the performance of a task performed for reasons of public interest.
To exercise the right to present objections, the data subject may contact any employee. in addition, the data subject is free in the context of using the services of the information society and, without prejudice to Directive 2002/58 / EC, to use his right to formulate objections by automatic means by using the technical specifications._cc781905-5cde-3194-bb3b- 136bad5cf58d_
h.) Automation of the individual decision-making process, including profiling
Each data subject has the right granted by the European legislator not to be the subject of a decision based exclusively on automated processing, including profiling, which produces legal effects that concern him or significantly affect him, as long as decision (1) does not is necessary for the conclusion or execution of a contract between the data subject and a data operator or (2) is not authorized by the legislation of the Union or the Member State to which the controller is subject and which also provides for the adoption of appropriate measures to protect the rights and the data subject's liberties and legitimate interests or (3) is not based on the explicit consent of the data subject.
If the decision (1) is necessary for the conclusion or execution of a contract between the data subject and a data controller or (2) is based on the explicit consent of the data subject, we will implement appropriate measures to protect the rights and freedoms of the data subject and the legitimate interests of the subject, at least the right to obtain a human intervention from the operator, to express his point of view and to challenge the decision.
If the data subject wishes to exercise his or her rights regarding automatic individual decision-making, he or she may, at any time, contact any employee.
i.) The right to withdraw consent regarding data protection
Each data subject has the right granted by the European legislator to withdraw his consent regarding the processing of his personal data at any time.
If the data subject wishes to exercise his right to withdraw his consent, he can, at any time, contact any employee.
Legal basis for processing
The art. 6 (1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the execution of a contract to which the data subject is a party, as is the case, for example, when the processing operations are necessary for the supply of goods or for the provision of any other service, the processing is based on Article 6 paragraph (1) letter b GDPR. The same applies to the processing operations that are necessary to carry out pre-contractual measures, for example in the case of inquiries about our products or services. Our company is subject to a legal obligation that requires the processing of personal data, such as the fulfillment of fiscal obligations, the processing is based on art. 6 (1) lit. c GDPR. in rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor was injured in our company and the name, age, health insurance data or other vital information should be transmitted to a doctor, hospital or other third party. Then, the processing will be based on Art. 6 (1) letter d GDPR. finally, the processing operations could be based on Article 6 paragraph (1) letter f GDPR. This legal basis is used for processing operations that are not covered by any of the legal grounds mentioned above, if the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, unless these interests are removed by interests or fundamental rights and freedoms of the data subject that require protection of personal data. Such processing operations are specifically allowed because they were specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the person concerned is the client of the operator (consideration 47 of sentence 2 GDPR).
routine deletion and blocking of personal data
The data administrator processes and stores the personal data of the data subject only for the period necessary to achieve the purpose of storage or, to the extent that this is granted by the European legislator or other legislators in the laws or regulations that apply to the operator._cc781905 -5cde-3194-bb3b-136bad5cf58d_
If the storage purpose is not applicable or if a storage period stipulated by the European legislator or another competent legislator expires, personal data are usually blocked or deleted in accordance with legal requirements._cc781905-5cde-3194- bb3b-136bad5cf58d_
Legitimate interests pursued by the operator or a third party
If the processing of personal data is based on Article 6 paragraph (1) letter f GDPR, our legitimate interest is to conduct our business in favor of the well-being of all our employees and shareholders.
Period for which personal data will be stored
The criteria used to determine the storage period of personal data are the respective legal retention period. After the expiry of the respective period, the corresponding data are currently deleted, as long as they are no longer necessary for the fulfillment of the contract or the initiation of a contract.
Provision of personal data as legal or contractual requirements; Necessary requirement to conclude a contract; The obligation of the concerned person to provide personal data; The possible consequences of not fulfilling these dates
We declare that the provision of personal data is partially required by law (e.g. fiscal regulations) or may also result from contractual provisions (e.g. information regarding the contractual partner). Sometimes it may be necessary to conclude a contract according to which the data subject provides us with personal data, which must be subsequently processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him or her. Failure to provide personal data would result in the fact that the contract with the concerned person could not be concluded. before providing personal data by the data subject, the data subject must contact any employee.
The employee clarifies to the data subject whether the provision of personal data is required by law or contract or is necessary for the conclusion of the contract, if there is an obligation to provide personal data and the consequences of not authorizing the personal data given._cc781905-5cde-3194-bb3b- 136bad5cf58d_
Registration on our website
The concerned person has the possibility to register on the operator's website with the indication of personal data. What personal data is transmitted to the controller is determined by the respective input mask used for registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the operator and for its own purposes. The controller may request the transfer to one or more processors (for example, a collection service) that also use personal data for an internal purpose that can be attributed to the controller.
By registering on the website of the controller, the IP address assigned by the Internet service provider (ISP) and used by the data subject and the time of registration is also stored. The storage of this data takes place against the background of the fact that this is the only way to prevent the abusive use of our services and, if necessary, to make it possible to investigate the crimes committed. to the extent that the storage of this data is necessary to ensure the controller. These data are not transmitted to third parties unless there is a legal obligation to transmit the data or if the transfer serves the purpose of criminal prosecution.
The registration of the data subject, with the voluntary indication of personal data, aims to allow the operator to offer the content or services provided by the data subject which can only be offered to registered users due to the nature of the problem in question. Registered persons are free to change the personal data specified during registration at any time or to remove them completely from the operator's data stock.
The data controller must provide, at any time, upon request, to each data subject, information regarding the personal data stored in relation to the data subject. in addition, the data operator must correct or delete personal data at the request or indication of the data subject, insofar as there are no legal storage obligations. the entire employee of the operator is available in this sense to the person concerned as contact persons.
Subscribe to Newsletter
On our website, users have the opportunity to subscribe to our company's newsletter. The input mask used for this purpose determines what personal data is transmitted, as well as when the newsletter is ordered from the operator.
We regularly inform our clients and business partners through an informative bulletin about the company's offers. The company's newsletter can be received by the data subject only if (1) the data subject has a valid e-mail address and (2) the data subject's registration for delivery of the newsletters. A confirmation e-mail will be sent to the e-mail address registered by the data subject for the first time for the delivery of newsletters, for legal reasons, in the double opt-in procedure. This confirmation email is used to demonstrate whether the owner of the email address as the data subject is authorized to receive the newsletter.
During the registration of the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary to understand (possible) misuse of a subject's e-mail address at a later date and therefore serves the purpose of legal protection of the operator.
Personal data collected as part of a newsletter registration will only be used to send our newsletter. in addition, newsletter subscribers may be informed by e-mail as long as this is necessary for the operation of the news service or a registration in question, as this could be the case in the case of changes to the newsletter offer or the event of changing technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter can be canceled by the concerned person at any time. The agreement regarding the storage of personal data, which the data subject gave for sending the newsletter, can be revoked at any time. for the purpose of revocation of consent, a corresponding link can be found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the operator's website or communicate this to the operator in a different way.
Newsletter tracking
Our newsletters contain tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to allow log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, it is possible to see if and when an e-mail was opened by a data subject and which links in the e-mail were requested by data subjects._cc781905-5cde-3194- bb3b-136bad5cf58d_
Such personal data collected in tracking pixels contained in newsletters are stored and analyzed by the controller in order to optimize the delivery of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. The persons concerned are at any time entitled to withdraw their declaration of consent to receive newsletters.
After a revocation, these personal data will be deleted by the controller. We automatically consider withdrawal from receiving the newsletter as revocation.
The possibility to contact through our website.
Our website contains information that allows a quick electronic contact with our company, as well as direct communication with us through the contact page. If a data subject contacts the controller by e-mail or through a contact form, the personal data transmitted by the data subject are stored automatically. Such personal data voluntarily transmitted by a data subject to the data operator are stored for the purpose of processing or contacting the data subject. There is no transfer of personal data to third parties.
If you consider that our personal information processing activities do not comply with the applicable data protection legislation, you can file a complaint at:
National Supervisory Authority for the Processing of Personal Data
G-ral Blvd. Gheorghe Magheru 28-30,
Sector 1, postal code 010336, Bucharest,
Romania
www.dataprotection.ro