Terms and Conditions
The company Talent Reserve, as Data Controller, ensures that the processing of the personal data is performed according to the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data (General Data Protection Regulation – hereinafter referred to as ”GDPR”), of the law for the application of the GDPR provisions and/or of any other decisions the National Supervisory Authority For Personal Data Processing (ANSPDCP) may issue regarding the protection of the personal data.
In this information, you will find concrete answers about the way in which your personal data are collected, stored and processed. If you have any question or doubt regarding the presented aspects, you can send us your questions to the e-mail address email@example.com or to the contact details provided below:
The definition of “personal data” according to the provisions of the Regulation: absolutely any information that can be used to identify or contact a person is now considered personal data.
Who has the right of processing the personal data?
The company Talent Reserve s.r.l., with registered office in Bucharest Bucharest, Str. Rîmnicu Vîlcea nr. 26, bl.15B, sc.1, et.8, ap.48, sector 3, registered with the Trade Registry Office attached to the Bucharest Court under no. J40/9642/18.08.2014, Fiscal Registration Code 33490510, having bank account RO62OTPV114000880497RO01, opened at OTP Bank – Obor Branch, e-mail firstname.lastname@example.org, represented by Administrator, RUSU OXANA as Data Controller, through its employees and partners.
Areas of activity of the company:
- Recruitment / Head hunting
- Assessment (software skills, career development, potential)
- Drawing up and tracking development plans for the employees
- Retention / engagement programs for the employees
- Recruitment specialized workshops (different for human resources specialists and managers)
- Organizational interventions (human resources audit, action plans, implementation support)
What data and for what purpose do we process them?
- Contact details: name and surname, e-mail, phone, address or other social-media specific contact details for:
- managing the registration to seminaries / workshops
- communications for e-mail marketing purposes
- administrative communications regarding the organization of seminaries / workshops
- We collect the invoicing data (CNP) only with the view to complying with the legal provisions regarding the issuing of proforma and fiscal invoices;
- Photo-video images taken during the organization of the trainings / workshops / other events and only for media purposes. Their publication will be made only with the prior consent of the persons that appear in the images and the images can be withdrawn from the public domain upon the express request of the person.
How do you process the data?
The data will be processed only if there is a legitimate interest, an explicit consent or we have a legal obligation.
We process the data we receive from you for:
- invoicing using the internal application, Smart Bill
- administrative information through the Outlook web email, the MiniCRM platform and the Facebook platform
When you post comments, the wordpress platform retains the e-mail address in order to notify on e-mail when you receive an answer or in order to send an answer via e-mail in case you send us a question.
The data collected can be processed for purposes of legitimate interest in order to create statistics that allow us to develop new products, to meet at the highest possible standards the expectations of the customers or those of the potential customers.
In what situations do we collect and process your data?
- when you make a purchase through the web interface, phone, e-mail or through the Facebook platform or other social-media platforms (LinkedIn)
- when you browse the website through the strictly necessary cookies
- when you communicate with us through the online chat application
- when you benefit from free services: documents, webinars
- when you take part in online or offline events, with or without a fee
- when we send marketing communication (via e-mail or phone)
From whom and how do we collect your personal data?
- the data is collected directly from you: through phone, e-mails, Facebook platform, LinkedIn, through the web forms (registration forms or newsletter subscription), following the meetings and exchange of contact details (business card)
- the data is collected directly and indirectly through your equipment and devices depending on the privacy settings or on the browser preferences: resolution, location, IP or through the strictly necessary cookies for the legitimate interest (for instance Google Analytics, Facebook Pixel Code)
- the data is collected indirectly the moment in which someone else (a legal or natural person) registers you to a course
Which are our legal bases for the processing of your personal data?
If you are a customer or a potential customer, we have the obligation of managing, in safe conditions and only for the specified purposes, your personal data you provide about you:
- in order to offer you our services: to be able to register to a training / workshop / e-leaning (online) / other events
- in order to communicate for various purposes, such as finding out your opinions about our services, informing you about new offers, solving various complaints from you or in order to offer you personalized services, in due time, in electronic format
- in certain situations we can request some personal data from you in accordance with some legal obligations
- in order to send you information through newsletters, in electronic format. For this, we ask for your consent and e-mail address, expressly, or for you to give your automatic consent for your subscription to the newsletter through the website and we have our legitimate interest as basis for the processing. You can withdraw your consent at any time thus expressing your option not to receive our newsletter in the future, by clicking “Unsubscribe” when you receive the information from us.
The place where your personal data is processed
The processing of the personal data is performed only for legitimate purposes, at our headquarters.
The transfer of personal data to other recipients
We mention that we work with external suppliers that offer sufficient warranties of credibility and legality in order for them to be able to process this data.
Some of your personal data is sent and can be processed by external suppliers with whom we have a contractual relationship in order to offer you our services (free of charge or for a fee) as it follows, only for the purposes mentioned above in the following categories:
- accounting services (invoicing) and legal services (name and surname, e-mail address, PNC)
- courier/postal services: name, surname, e-mail address, phone number, address;
- SMS sending services: phone number;
- newsletter services: e-mail address, name, surname, phone number;
- e-mail services (SMT): e-mail address, name and surname;
- online statistics services (Google Analytics and Facebook Pixel Code): actions on website, the duration of a visit, visited pages, purchases, IP). These services do not collect personal data such as name and surname, the applications store and process only actions.
- commenting services: name and e-mail address;
- site hosting services.
The list of the external suppliers can be consulted at the Collector’s headquarters and it will be updated every time changes occur.
Duration of the processing and storage of your personal data
We intend to store your personal data for a short period of time, but there are situations in which the legislation in force requires for the storage of some sets of data for longer periods of time and for this period we use feasible solutions such as their archiving.
The personal data will be stored and kept as it follows:
- the personal data necessary for the organization of the trainings will be stored until the consent for the processing of the personal data is withdrawn by the natural person;
- the personal data which can be found in any supporting documents that represent the basis for the records in the financial accounting is kept in the Provider’s archive for 5 years, according to the provisions of the Accounting Law;
- the storage of the data obtained through the video surveillance system is kept for 30 days from the date of the recording.
After the expiry of the above terms, the personal data is deleted and/or destroyed from the records/database.
Which are your rights?
- The right to information: the right of receiving information about the processing of the personal data. The observance of this right is achieved by this information;
- The right of access: the right of obtaining a confirmation that we process or not personal data concerning him or her and, if so, access to the respective data and information about the data processing;
- The right of correction: the right of obtaining, without any unjustified delays, the correction of the incorrect data concerning him or her or the completion of the personal data that is incomplete;
- The right of deleting the data: the right of obtaining, without any unjustified delays, the deletion of the personal data concerning him or her, but not at any time, but only in any of the following situations foreseen by GDPR, as it follows:
- the personal data is no longer necessary for the purposes for which the data was collected or processed;
- the withdrawal of the consent given for data processing for the mentioned purposes;
- the personal data was processed illegally by the Collector;
- The right of restricting the processing: the right of obtaining the restriction of the personal data processing in any of the following situations foreseen by GDPR, as it follows:
- the natural person disputes the exactness of the data we process. The processing will be restricted for a period which will allow us to verify the exactness of the data;
- the processing of the personal data by us is illegal and the natural person does not want the deletion of the personal data, but he or her requests the restriction of the usage by us;
- the collector does not need the personal data anymore and the natural person requests it for the ascertainment, exercise or defence of a right in court;
- the natural person opposes to the processing according to point (7) below. In this situation, the processing will be restricted for the interval in which it is verified whether the Provider’s legitimate right prevails over those of the natural person;
- The right to data portability: the right of receiving the personal data concerning him or her and which was provided, in a structured format, commonly used and which can be read automatically and the right of sending this data to another collector, when the technical means allow it. The natural person has this right only when the processing is based on his or her consent or when the processing is performed by automatic means.
- The right of opposition: the right of opposing, for reasons related to the particular situation in which he or she finds himself or herself, to the processing performed by the Collector having as legal grounds his legitimate interest.
- The right of not representing the subject of a decision taken exclusively on the automatic processing, including the creation of profiles (any automatic processing that uses the personal data for the assessment of some personal aspects, such as personal preferences etc.), which produces legal effects that concern the natural person or which affects the natural person in a similar way in a significant manner.
- The right to lodge a complaint: the right of lodging a complaint with the National Supervisory Authority For Personal Data Processing (ANSPDCP) if he or she wishes to defend the rights and to request the remediation of the situation, in the event the Collector breaches the protection of the personal data processing.
In order to exercise the above rights, the natural person can send a written request (1) by e-mail to email@example.com; (2) by mail/courier or by personal submission to the following address: Company Talent Reserve, Bucharest, str. Rîmnicu Vîlcea nr.26, bl.15B, sc.1, et.8, ap.48, sector 3. After receiving the request, the Collector will come back to the natural person with an answer, free of charge and without any unjustified delays, within maximum one month from the receipt of the request.
Securing the processing of personal data
The Collector guarantees the maintenance and processing of the personal data in complete safety, by implementing some security policies regarding the circuit of the documents that contain personal data as well as by allowing access to the service providers:
- the documents that contain personal data exist in physical format at the Collector’s headquarters and they are preserved in complete safety, in a locked metallic cabinet, without the risk that any unauthorized persons have access to them;
- the electronic documents are stored on the hosting provider’s server with secured and limited access (by ID and password) only for the persons authorized to make / sign / process them;
- the collector will implement proper and reasonable technical and organisational measures in order to protect the Personal Data against loss, improper use or unauthorized access, transfer, alternation or destruction of the personal data and, also, the collector will maintain the confidentiality of all the personal data received in the conditions set out in this document.
For any questions, requests for clarification, uncertainties regarding the information included in this document, the natural person can contact, at any time, the Responsible for the protection of personal data, appointed by the Collector and who has the following contact details: e-mail: firstname.lastname@example.org.
We are committed to treating your requests with the utmost attention and you can ask any questions in order to receive an answer as soon as possible.
This confidentiality policy enters into force on May 25, 2018 and will be updated depending on the legislative amendments.