Ensuring the right to personal data protection is a fundamental commitment of RINF TECH and therefore we devote all our resources and make every effort to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR“), as well as with any other applicable legislation. One of the key principles of this legal framework is transparency and we want you to be fully informed, so we have prepared this document to show you how we collect, use, transfer and protect your personal data when you interact with us either through our website or by means of the applications available on your mobile phone.
We reserve the right to periodically update and modify this Privacy Policy so that you always have access to and are aware of any changes to the way we process your personal data, as well as any other changes to the legal requirements. In the event of any such change, we will display on our website the updated version of our Privacy Policy, and therefore it is advisable to periodically check the contents of this Privacy Policy.
RINF TECH is the trade name of RINF OUTSOURCING SOLUTIONS SRL, a Romanian legal entity, with its registered office in Green Court Bucharest, 4 Gara Herastrau Street, Building B, 3rd Floor, District 2, with registration number with the Trade Register J40/1436/01.02.2006, unique tax registration number RO18334380 (hereinafter referred to as “RINF TECH” or “us“). For the purposes of the data protection law, we are a controller when we process your personal data.
You can share your views and we are willing to provide any additional information you need with regard to the processing of your data. If you find yourself in this situation, you can contact the RINF TECH Data Protection to the e-mail address data-protection@rinftech.com or by mail or courier to the address Green Court Bucharest, 4 Gara Herastrau Street, Building B, 3rd Floor, District 2, Bucharest, Romania – with the mention: to the attention of the RINF TECH Data Protection.
Please note that we do not want to collect or process data related to minors who are under the age of 16.
We use your relevant personal data in order to prepare and provide the services requested from us.
For instance, in drafting the relevant agreement, we may have to rely on your personal data of relevance for your case.
We rely in this case on the performance of our agreement as grounds for processing.
We use your contact details in order to communicate with you with respect to your requests and any other relevant business-related matters.
Contact details
We also rely in this case on the performance of our agreement as grounds for processing.
We may process some of your data in the context of providing the services based on legal obligations or obligations imposed upon RINF TECH by the applicable legislation (e.g. accountancy).
The categories of data processed in the context of our relationship with you are your name, e-mail, phone, fax, address, as well as other personal data you may provide directly to us, as needed to fulfill these purposes.
In such case, the grounds for processing is the legal obligation.
We use your relevant personal data in order to prepare and provide the services requested from us.
For instance, in drafting the relevant service agreement, we may have to rely on your personal data (e.g. name, email address, phone number).
We rely in this case on the legitimate interest in providing our services according to our area of activity and managing the relationship with our clients.
We use your contact details in order to communicate with you with respect to your requests and any other relevant business-related matters.
Contact details
We also rely in this case on the legitimate interest in providing our services according to our area of activity.
We may process some of your data in the context of providing the services based on legal obligations or obligations imposed upon applicable legislation.
The categories of data processed in the context of our relationship with you are your name, e-mail, phone, as well as other personal data you may provide directly to us, as needed to fulfill these purposes.
In such case, the grounds for processing is the legal obligation.
We use your personal data in order to carry out the recruitment process, to evaluate and manage your application, to determine if your application is suitable for a position within RINF TECH, including in relation to our internship program.
If you are not selected for the position for which you applied / for which we initially evaluated your application, we will consider your personal data in future recruitment processes, for other positions within RINF TECH similar to those for which you have initially applied / for which we initially assessed your application, but only if you do not object to such processing of your personal data, exercising your right to object according to the information in this Privacy Policy.
In all cases, we will also process your personal data to document how we carried out the recruitment process.
This section is supplemented by specific information that may be adopted and communicated by RINF TECH to applicants for certain positions within the RINF TECH.
The categories of data processed in the context of our relationship with you are or may be:
The volume and nature of the categories of personal data that we will process during the recruitment process may be different, depending on the position within the RINF TECH for which you applied or for which we reviewed your application.
In such case, the grounds for the processing is the legitimate interest of RINF TECH which consists in taking the necessary steps to fill the available positions within RINF TECH and to document how we conducted the recruitment process.
If you were selected to hold a position within RINF TECH, in order to complete the necessary formalities for initiating the contractual relationship with you, we will process your personal data based on the agreement that will be signed with you.
We use your personal data in order to ensure the security of our premises, assets and personnel.
The categories of data processed in this context are your name as well as other personal data you may provide directly to us.
In this case, we base our data processing on the legitimate interest of RINF TECH, namely the protection of such premises, assets and personnel.
We intend to keep your personal data for the duration of the service agreement, as well as afterwards, according to our internal policies and the applicable legal obligations.
In case the data are not collected in the context of an IT service agreement, such data will be kept for as long as necessary in order to attain the purpose of the envisaged data collection (e.g.: 50 years for data included in the personnel file; 3 years for data of unselected applicants who have applied for a position or for an internship, for subsequent recruitment processes, but only in the absence of applicants’ objection to such processing; 3 years for documenting how the recruiting processes were carried out).
As the case may be, we may transmit or provide access to certain personal data to the following categories of recipients:
If we have a legal obligation or if it becomes necessary to defend our legitimate interest, we may also disclose certain personal data to public authorities.
We do ensure that access to your data by third-party private law entities is done in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them.
We currently store and process personal data in European Union.
In this regard, we will always take the necessary measures to ensure that any international transfer of personal data is carefully managed so that your rights and interests are always protected. The transfers to service providers and other third parties will always be protected by contractual commitments and, where appropriate, by other safeguards, such as standard contractual clauses issued by the European Commission.
You can contact us at any time, using the contact information above to find out more about the countries where we transfer your data, as well as the safeguards we have implemented with regard to these transfers.
We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures, according to the industry standards.
We keep your personal data on secure servers using state-of-the-art encryption algorithms and ensuring storage redundancy.
Despite the measures taken to protect your personal data, we mention that sending information on the Internet in general as well as through other public networks is not entirely secure, with the risk that data may be seen and used by unauthorized third parties. We cannot be responsible for such vulnerabilities of systems that are under our control.
The General Data Protection Regulation recognizes a series of rights with respect to your personal data. Which are these? You can ask for access to your data, you can ask us to correct any mistakes in our files and / or you can oppose the processing of your personal data. You can also exercise your right to file a complaint with the competent supervisory authorities or to appeal to the courts. Where applicable, you also have the right to request the deletion of your personal data, the right to restrict data processing, and the right to data portability.
You can get more information about these rights by consulting the table below.
In order to exercise your rights, you can contact us using the contact details listed above. If you want to exercise your rights, it is important to keep in mind the following:
We take seriously the confidentiality of all records that contain personal data. We reserve the right to verify your identity by requesting additional information to confirm your identity.
We will not charge you a fee for you to exercise any rights with respect to your personal data unless your request for access to information is groundless, repetitive or excessive, in which case we will charge an amount for such circumstances. Of course, you will be informed in advance of any applicable fees before resolving your request.
We propose to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made more requests, in which case we will respond within a maximum of two months. We will let you know if we will need more than a month. We may ask whether you can send us more details about your request. This will help us to act faster and shorten the response time for your request.
We do not have to respond to a request if it would adversely affect the rights and freedoms of other data subjects.
You can ask us:
You may ask us to rectify or complete your personal data if it is inaccurate or incomplete.
We may try to verify the accuracy of the data before correcting it.
You may ask us to delete your personal data, but only if:
We have no obligation to comply with the request to delete your personal data if processing of such data is required:
There are other circumstances in which we are not obliged to comply with your request for data deletion, but the two situations mentioned above are the most probable circumstances in which we may decline this request.
You can ask us to restrict the processing of personal data, but only if:
We may continue to use your personal information as a result of a restriction request, if that is the case:
You may require us to provide your personal data in a structured format that is currently in use and that can be read automatically, or you may request that it be “ported” directly to another data controller, but in each case only if:
You may oppose at any time, for reasons related to your particular situation, the processing of your personal data under our legitimate interest if you believe that your fundamental rights and freedoms prevail over this interest.
You can also oppose any time the processing of your data for direct marketing (including profile creation) without any reason, in which case we will cease this processing as soon as possible.
You can ask that you are not made the subject of a decision based solely on automatic processing, but only when the decision that is taken:
This right does not apply if the decision reached as a result of the automatic decision making:
You have the right to file a complaint with the supervisory authority regarding the processing of your personal data. The contact details of the data protection supervisory authority in Romania are as follows:
The National Supervisory Authority for Personal Data Processing
Address: B-dul G-ral. Gheorghe Magheru no. 28-30, 1st district, postal code 010336, Bucharest, Romania
Telephone: +40.318.059.211 or +40.318.059.212;
E-mail: anspdcp@dataprotection.ro
Without affecting your right to contact the Surveillance Supervisory Authority at any time, we ask that in such a case to also contact us beforehand and we promise that we will do our best to resolve any issues amicably.
We remind you that you can contact the RINF TECH Data Protection at any time by submitting a request using any of the following communication channels:
Copyright © 2023 rinf.tech. All Rights Reserved.
