Terms & Conditions

Contents

Ensuring the right to personal data protection is a fundamental commitment of RINF TECH and therefore we devote all our resources and make every effort to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR“), as well as with any other applicable legislation. One of the key principles of this legal framework is transparency and we want you to be fully informed, so we have prepared this document to show you how we collect, use, transfer and protect your personal data when you interact with us either through our website or by means of the applications available on your mobile phone.

We reserve the right to periodically update and modify this Privacy Policy so that you always have access to and are aware of any changes to the way we process your personal data, as well as any other changes to the legal requirements. In the event of any such change, we will display on our website the updated version of our Privacy Policy, and therefore it is advisable to periodically check the contents of this Privacy Policy.

Who are we & how can you contact us?

RINF TECH is the trade name of RINF OUTSOURCING SOLUTIONS SRL, a Romanian legal entity, with its registered office in Green Court Bucharest, 4 Gara Herastrau Street, Building B, 3rd Floor, District 2, with registration number with the Trade Register J40/1436/01.02.2006, unique tax registration number RO18334380 (hereinafter referred to as “RINF TECH” or “us“). For the purposes of the data protection law, we are a controller when we process your personal data.

You can share your views and we are willing to provide any additional information you need with regard to the processing of your data. If you find yourself in this situation, you can contact the RINF TECH Data Protection to the e-mail address data-protection@rinftech.com or by mail or courier to the address Green Court Bucharest, 4 Gara Herastrau Street, Building B, 3rd Floor, District 2, Bucharest, Romania – with the mention: to the attention of the RINF TECH Data Protection.

Which categories of personal data do we process?

  • Generally, we collect personal data that comes directly from you and thus you control and decide which pieces of information you are willing to share. For example, when applying for a job at RINF TECH, you send us your e-mail address, your first and last name, the phone number, the city you live in, and other information specific to this context.
  • According to the Cookie policy, information on cookies or other similar technologies can be stored and collected on our website.


Please note that we do not want to collect or process data related to minors who are under the age of 16.

For what purpose do we collect & process your data

If you are a client or potential client of RINF TECH

Purposes

We use your relevant personal data in order to prepare and provide the services requested from us.

 

Categories of personal data

For instance, in drafting the relevant agreement, we may have to rely on your personal data of relevance for your case.

 

Grounds for processing

We rely in this case on the performance of our agreement as grounds for processing.

Purposes

We use your contact details in order to communicate with you with respect to your requests and any other relevant business-related matters.

 

Categories of personal data

Contact details

 

Grounds for processing

We also rely in this case on the performance of our agreement as grounds for processing.

Purposes

We may process some of your data in the context of providing the services based on legal obligations or obligations imposed upon RINF TECH by the applicable legislation (e.g. accountancy).

 

Categories of personal data

The categories of data processed in the context of our relationship with you are your name, e-mail, phone, fax, address, as well as other personal data you may provide directly to us, as needed to fulfill these purposes.

 

Grounds for processing

In such case, the grounds for processing is the legal obligation.

If you are a representative or contact person of a RINF TECH’s client or potential client

Purposes

We use your relevant personal data in order to prepare and provide the services requested from us.

 

Categories of personal data

For instance, in drafting the relevant service agreement, we may have to rely on your personal data (e.g. name, email address, phone number).

 

Grounds for processing

We rely in this case on the legitimate interest in providing our services according to our area of activity and managing the relationship with our clients.

Purposes

We use your contact details in order to communicate with you with respect to your requests and any other relevant business-related matters.

 

Categories of personal data

Contact details

 

Grounds for processing

We also rely in this case on the legitimate interest in providing our services according to our area of activity.

Purposes

We may process some of your data in the context of providing the services based on legal obligations or obligations imposed upon applicable legislation.

 

Categories of personal data

The categories of data processed in the context of our relationship with you are your name, e-mail, phone, as well as other personal data you may provide directly to us, as needed to fulfill these purposes.

 

Grounds for processing

In such case, the grounds for processing is the legal obligation.

If you are a job/internship applicant

Purposes

We use your personal data in order to carry out the recruitment process, to evaluate and manage your application, to determine if your application is suitable for a position within RINF TECH, including in relation to our internship program.

If you are not selected for the position for which you applied / for which we initially evaluated your application, we will consider your personal data in future recruitment processes, for other positions within RINF TECH similar to those for which you have initially applied / for which we initially assessed your application, but only if you do not object to such processing of your personal data, exercising your right to object according to the information in this Privacy Policy.

In all cases, we will also process your personal data to document how we carried out the recruitment process.

This section is supplemented by specific information that may be adopted and communicated by RINF TECH to applicants for certain positions within the RINF TECH.

 

Categories of personal data

The categories of data processed in the context of our relationship with you are or may be:

  1. ategories of data you provide directly to RINF TECH: your name, surname, e-mail, phone, fax, address, address, date and place of birth, education and training details, professional qualifications, professional experience, previous collaboration with other employers, , results of written and practical tests in professional examinations or certifications, recommendations, salary expectations, as well as other personal data you may provide directly to us;
  2. categories of data we process about you from third parties, including publicly available sources: name, surname, photos, professional experience, previous collaboration with other employers, information on involvement in certain professional activities, data on marital status and family life, data on social and private life, participation in conferences, and other specialized or social events, telephone, e-mail, address, data related to previous employment relationships or collaboration. These categories of personal data are or can be processed from the following sources: websites specialized in recruitment services (BestJobs, eJobs, Hipo), social platforms (Facebook, Linkedin, Instagram), references, online press, websites of former or current employers or collaborators, other sources offered by Google search tools.

The volume and nature of the categories of personal data that we will process during the recruitment process may be different, depending on the position within the RINF TECH for which you applied or for which we reviewed your application.

 

Grounds for processing

In such case, the grounds for the processing is the legitimate interest of RINF TECH which consists in taking the necessary steps to fill the available positions within RINF TECH and to document how we conducted the recruitment process.

If you were selected to hold a position within RINF TECH, in order to complete the necessary formalities for initiating the contractual relationship with you, we will process your personal data based on the agreement that will be signed with you.

If you are a visitor of our premises

Purposes

We use your personal data in order to ensure the security of our premises, assets and personnel.

 

Categories of personal data

The categories of data processed in this context are your name as well as other personal data you may provide directly to us.

 

Grounds for processing

In this case, we base our data processing on the legitimate interest of RINF TECH, namely the protection of such premises, assets and personnel.

How long do we keep your personal data?

We intend to keep your personal data for the duration of the service agreement, as well as afterwards, according to our internal policies and the applicable legal obligations.

In case the data are not collected in the context of an IT service agreement, such data will be kept for as long as necessary in order to attain the purpose of the envisaged data collection (e.g.: 50 years for data included in the personnel file; 3 years for data of unselected applicants who have applied for a position or for an internship, for subsequent recruitment processes, but only in the absence of applicants’ objection to such processing; 3 years for documenting how the recruiting processes were carried out).

Who do we send your personal data to?

As the case may be, we may transmit or provide access to certain personal data to the following categories of recipients:

  • companies within the same group of companies as RINF TECH;
  • Customers, Business Partners of RINF TECH;
  • IT service providers;

 

If we have a legal obligation or if it becomes necessary to defend our legitimate interest, we may also disclose certain personal data to public authorities.

We do ensure that access to your data by third-party private law entities is done in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them.

To which countries do we transfer your personal data?

We currently store and process personal data in European Union.

In this regard, we will always take the necessary measures to ensure that any international transfer of personal data is carefully managed so that your rights and interests are always protected. The transfers to service providers and other third parties will always be protected by contractual commitments and, where appropriate, by other safeguards, such as standard contractual clauses issued by the European Commission.

You can contact us at any time, using the contact information above to find out more about the countries where we transfer your data, as well as the safeguards we have implemented with regard to these transfers.

How do we protect your personal data security?

We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures, according to the industry standards.

We keep your personal data on secure servers using state-of-the-art encryption algorithms and ensuring storage redundancy.

Despite the measures taken to protect your personal data, we mention that sending information on the Internet in general as well as through other public networks is not entirely secure, with the risk that data may be seen and used by unauthorized third parties. We cannot be responsible for such vulnerabilities of systems that are under our control.

What are your rights?

The General Data Protection Regulation recognizes a series of rights with respect to your personal data. Which are these? You can ask for access to your data, you can ask us to correct any mistakes in our files and / or you can oppose the processing of your personal data. You can also exercise your right to file a complaint with the competent supervisory authorities or to appeal to the courts. Where applicable, you also have the right to request the deletion of your personal data, the right to restrict data processing, and the right to data portability.

You can get more information about these rights by consulting the table below.

In order to exercise your rights, you can contact us using the contact details listed above. If you want to exercise your rights, it is important to keep in mind the following:

Identity

We take seriously the confidentiality of all records that contain personal data. We reserve the right to verify your identity by requesting additional information to confirm your identity.

Fees

We will not charge you a fee for you to exercise any rights with respect to your personal data unless your request for access to information is groundless, repetitive or excessive, in which case we will charge an amount for such circumstances. Of course, you will be informed in advance of any applicable fees before resolving your request.

Response time

We propose to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made more requests, in which case we will respond within a maximum of two months. We will let you know if we will need more than a month. We may ask whether you can send us more details about your request. This will help us to act faster and shorten the response time for your request.

Rights of third parties

We do not have to respond to a request if it would adversely affect the rights and freedoms of other data subjects.

Rights concerned

Access

You can ask us:

  • to confirm that we process your personal data;
  • to provide you a copy of this data;
  • to give you other information about your personal data, such as the data we have, what we use it for, who we divulge it to, whether we transfer it abroad, and how we protect it, how long we keep it, what rights you have, how you can make a complaint, from where we obtained your data to the extent that the information has not already been provided to you by this notification.

Rectification

You may ask us to rectify or complete your personal data if it is inaccurate or incomplete.

We may try to verify the accuracy of the data before correcting it.

Data deletion

You may ask us to delete your personal data, but only if:

  • it is no longer required for the purposes for which it was collected; or
  • you have withdrawn your consent (if the data processing is based on consent); or
  • you are exercising a legal right to oppose; or
  • it has been illegally processed; or
  • there is a legal obligation in this regard.

 

We have no obligation to comply with the request to delete your personal data if processing of such data is required:

  • to comply with a legal obligation; or
  • to establish, exercise or defend a right in court;

 

There are other circumstances in which we are not obliged to comply with your request for data deletion, but the two situations mentioned above are the most probable circumstances in which we may decline this request.

Restriction of data processing

You can ask us to restrict the processing of personal data, but only if:

  • its accuracy is being contested (see the rectification section) to allow us to verify its accuracy; or
  • the processing is illegal, but you do not want the data to be deleted; or
  • it is no longer required for the purposes for which it was collected, but you need it to establish, exercise or defend a right in court; or
  • You have exercised the right to oppose and the verification of whether our rights prevail is underway.

 

We may continue to use your personal information as a result of a restriction request, if that is the case:

  • we have your consent; or
  • to establish, exercise or secure the defence of a right in court; or
  • to protect the rights of another natural or legal person.

Data portability

You may require us to provide your personal data in a structured format that is currently in use and that can be read automatically, or you may request that it be “ported” directly to another data controller, but in each case only if:

  • the processing is based on your consent or on the conclusion or performance of a contract with you; and
  • the processing is done by automatic means.

Opposition

You may oppose at any time, for reasons related to your particular situation, the processing of your personal data under our legitimate interest if you believe that your fundamental rights and freedoms prevail over this interest.

You can also oppose any time the processing of your data for direct marketing (including profile creation) without any reason, in which case we will cease this processing as soon as possible.

Making automated decisions

You can ask that you are not made the subject of a decision based solely on automatic processing, but only when the decision that is taken:

  • produces legal effects on you; or
  • affects you in a similar way and to a significant extent.

 

This right does not apply if the decision reached as a result of the automatic decision making:

  • is required to conclude or perform a contract that we have with you;
  • is authorized by law and there are adequate safeguards for your rights and freedoms; or
  • is based on your explicit consent.

Complaints

You have the right to file a complaint with the supervisory authority regarding the processing of your personal data. The contact details of the data protection supervisory authority in Romania are as follows:

The National Supervisory Authority for Personal Data Processing

Address: B-dul G-ral. Gheorghe Magheru no. 28-30, 1st district, postal code 010336, Bucharest, Romania
Telephone: +40.318.059.211 or +40.318.059.212;
E-mail: anspdcp@dataprotection.ro

Without affecting your right to contact the Surveillance Supervisory Authority at any time, we ask that in such a case to also contact us beforehand and we promise that we will do our best to resolve any issues amicably.

We remind you that you can contact the RINF TECH Data Protection at any time by submitting a request using any of the following communication channels:

  • by e-mail to the address: data-protection@rinftech.com
  • by mail or courier to the address: Green Court Bucharest, 4C Gara Herastrau Street, Building B, 3rd Floor, District 2, Bucharest, Romania- with the mention to the attention of the RINF TECH Data Protection

Looking for a technology partner?

Let’s talk.