Privacy Policy

This Privacy Policy defines how SC CLEAN TECH INTERNATIONAL SRL collects, stores and uses your personal data when accessing or interacting with our website and where we obtain or collect your data from.

Content

  1. Summary
  2. Details about our company
  3. What information we collect when you visit our website
  4. What information we collect when you contact us
  5. How we collect information about you from third parties
  6. Disclosure and Additional Use of Your Data
  7. Duration of the processing
  8. The protection of personal data
  9. Transfer of your data outside of the European Economic Area
  10. Rights of the data subject
  11. Your right to object to data processing for certain purposes
  12. Special categories of personal data
  13. Changes to our privacy policy
  14. Child Privacy

 

  1. Summary

This section summarizes how we obtain, store and use your data. This summary is only intended to provide an overview of the privacy policy. This section is not a complete description and it is necessary to read the additional sections in this document for further information.

  • Data controller: SC CLEAN TECH INTERNATIONAL SRL
  • How we collect or obtain data about you:

o When you provide the data (eg by contacting us)

o When you visit our website some data is collected using cookies,

o Occasionally, from third parties

  • What data we collect: name, IP, contact details, information from cookies, device information (for example, device type and web browser), information on how you use our website (what pages you access) the date / time you visited our website and what you clicked on, the geographic location from which you visit our website (based on the IP address).
  • Scope of the processing: for business and administrative purposes (specially to contact you), to improve our business and website, to analyse your use of our website, and to fulfil our legal rights and obligations.
  • Disclosure of your data to third parties: the minimum necessary for the operation of the business, compliance with legal obligations, compliance with any contractual obligation towards you.
  • Is your data sold to third parties? (in cases other than buy-out of our business / company): No.
  • Duration of storage of your data: not more than necessary, depending on our legal obligations or any other legal basis for the use of information (eg, consent, legitimate interests). You can find more information about specific data storage periods in the Section Duration of the Processing.
  • How your data is protected: by using technical and organizational solutions such as: storing information on secure servers, encrypting data transfers to and from our servers using the SSL technology, allowing access to your personal data only when needed.
  • Cookies: we use cookies on our website. For more information, please consult our Cookie Policy.
  • Transfer of your data to third countries: we will transfer your personal data outside of the European Economic Area only if we are obliged to do so by law. When we do so, we will ensure that adequate safeguards are in place, including that third parties transferring your personal data outside the European Economic Area have been self-certified as complying with the EU-US Privacy Shield.
  • Use of automatic personal data processing and profiling: we do not automatic personal data processing and profiling technologies.
  • Your rights as a data subject:
    • the right to access personal data and supplementary information and to be informed about the collection and the use of their personal data
    • the right to have inaccurate personal data rectified, or completed if it is incomplete
    • the right to erasure (to be forgotten) in certain circumstances
    • the right to restrict processing in certain circumstances
    • the right to data portability
    • the right to object to processing in certain circumstances
    • the right to withdraw consent at any time (where relevant)
    • rights in relation to automated decision making and profiling
    • the right to complain to the Information Commissioner
  • Special categories of personal data: we do not intend to collect what is usually referred to as “sensitive data”). Please do not send us sensitive information about yourself. For more information, please consult our Section Special categories of personal data.
  1. Details about our company.

The data controller regarding this website is S.C. CLEAN TECH INTERNATIONAL S.R.L., with registered office in Ciulniţa village, Ciulniţa village, Tarla 50, Parcela 461/3, Ialomiţa county, Romania, registered at the Trade Register under no. J21 / 300/2009, EUID: ROONRC.J21 / 300/2009, with unique registration code (CUI) 25890273. You can contact our data protection officer by post or by e-mail at office@cleantechint.com.

The data protection officer for the data controller is Av. Eleonora Malama. You can contact the data protection officer by post at: Slobozia, Stejarului Street, no. 12, 2nd floor, Ialomiţa County or by e-mail at av.eleonoramalama@gmail.com.

If you have any further questions about this privacy policy, please contact our data protection officer.

  1. What information we collect when you visit our website

We collect and use information from our visitors in accordance with this section and the section Disclosure and Additional Use of Your Data.

Information about the web server log

We use a third-party server to host our website – HOSTICO.RO, whose privacy policy is available here: https://hostico.ro/politica-confidentialitate/. Our web server automatically registers the IP address you use to access our website and other information about your visit, such as the pages you visit, the information you request, the date and time of the request, the source of the site access, (for example, the website or URL (link) that referred you to our website) and the version of your browser and operating system.

Our server is located in Romania.

Use of information from the web server log for IT security purposes

Our provider collects and stores server logs to ensure IT network security. This includes analyzing log files to help identify and prevent unauthorized access to our network, malicious code distribution, DDOS attacks and other cyber-attacks by detecting unusual or suspicious activity.

Other than cases when we investigate suspicious or potential criminal activity, we do not make attempts and do not allow our provider to make any attempt to identify you based on the information collected through the server logs.

Legal basis for processing: compliance with the legal obligations to which we are subject (Article 6 (1) (c) of the General Data Protection Regulation).

Legal Obligation: Registering access to our website by using server log files is a technical measure to ensure an adequate level of security to protect the personal data information gathered from our website, in accordance with Article 32 (1) of the General Data Protection Regulation.

Cookie-uri

Cookies are data files that are sent from a website to a browser to record user information for different purposes.

We use cookies on our website. For more information about cookies, please consult our Cookie Policy.

You may reject some or all the cookies we use on our website by modifying your browser settings, but by rejecting them you may affect the operation of the website or some of the features of the website. For more information about cookies, including changing your browser settings, please visit www.allaboutcookies.org or consult our Cookie Policy.

  1. What information we collect when you contact us

We collect and use information from the persons who contact us in accordance with this section and the section Disclosure and Additional Use of Your Data.

E-mail

When you send a message to the email address displayed on our website, we collect your email address and any other information you provide in that email (such as your name, phone and information contained in any signature block).

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate interest: To answer questions and messages we receive and keep records of the correspondence.

Transfer and storage of your information

We use a third-party email provider to store the emails you send us. Our email provider is MICROSOFT OUTLOOK. Its privacy policy is available here: https://privacy.microsoft.com/en-us/privacystatement

Telephone

Information about your call, such as your phone number and the date and time of your call, are processed by our telephone service provider, VODAFONE ROMANIA SA. Your privacy policy is available here: https://www.vodafone.com/privacy.

The information about your call will be stored by our telephone service provider in Romania.

When you contact us by phone, we collect your phone number and any information you provide during our conversation.

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation)

Legitimate interest: to answer questions and messages we receive and to keep track of correspondence.

Legal basis for processing: it is necessary to enter into a contract or to start the employment process in a contract at your request (Article 6 (1) (b) of the General Data Protection Regulation).

The reason we process information required for a contract: if your message regards providing goods or services or taking action upon your request before providing you with our goods and services (for example, providing information about such goods and services); we will process your information to do so).

Transfer and storage of your information

Information about your call, such as your phone number and the date and time of your call, are processed by our telephone service provider, ORANGE ROMANIA. Their privacy policy is available here: https://www.orange.ro/termeni-si-conditii/#politicaconfidentialitate.

The information about your call will be stored by our telephone service provider in Romania.

Post

If you contact us by post, we collect all the information you provide to us in any postal communications you send to us.

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation)

Legitimate interest: to answer questions and messages we receive and to keep track of correspondence.

Legal basis for processing: it is necessary to enter into a contract or to start the employment process in a contract at your request (Article 6 (1) (b) of the General Data Protection Regulation).

The reason we process information required for a contract: if your message is about providing goods or services or taking action upon your request before providing you with our goods and services (for example, providing information about such goods and services); we will process your information to do so.

  1. How we collect information about you from third parties.

This section sets out how we obtain or collect personal data information about you through third parties.

Information received from third parties

Generally, we do not receive information about you from third parties.

However, it is possible that third parties with whom we have had no prior contact provide us with information about you.

The information we obtain from third parties will generally be your name and contact details but will include any additional information about you that they provide.

Legal basis for processing: It is necessary to conclude a contract or act at your request to enter into a contract (Article 6 (1) (b) of the General Data Protection Regulation).

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate Interests: If a third party has disclosed information to us and you have not agreed to this information being disclosed, we have a legitimate interest in processing this information under certain circumstances.

For example, we have a legitimate interest in processing your information to fulfill our third-party subcontract obligations if the third party has the primary agreement with you. Our legitimate interest is the fulfillment of our obligations under our subcontract.

Similarly, third parties may transmit information about you to us if you have violated or violate any of our legal rights. In this case, we have a legitimate interest in processing this information to investigate and prosecute any such potential infringement.

If we receive information about you by mistake

If we inadvertently receive information about you from a third party and / or we do not have a legal basis for processing this information, we will delete your information.

  1. Disclosure and additional use of your data

This section sets out the circumstances in which we disclose your data to third parties and any other additional purposes for which we use your data.

Disclosure of your data to our service providers

We contract third parties to provide us with services that are necessary to run our business, which process your information on our behalf („processors”). These include the following:

  • Our telephone service providers, respectively ORANGE ROMANIA. Their privacy policy is available here: https://www.orange.ro/termeni-si-conditii/#politicaconfidentialitate
  • Our e-mail service providers, respectively MICROSOFT OUTLOOK. Their privacy policy is available here: https://privacy.microsoft.com/en-us/privacystatement
  • The IT Service Providers, respectively 3RD GEN SOLUTIONS SRL.
  • The website developers, respectively PRO SEO SOLUTIONS SRL-D.
  • The website hosting provider, respectively HOSTICO.RO. Their privacy policy is available here: https://hostico.ro/politica-confidenţialitate/.

Our service providers are located in Romania.

Legal basis for processing: legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate interest: if we share your information with these third parties in a context other than required to execute a contract (or as a result of your request to do so), we will share information with such third parties to enable us to efficiently manage our business.

Legal basis for processing: It is necessary to enter into a contract or act at your request to enter into a contract (Article 6 (1) (b) of the General Data Protection Regulation).

The reason we process information required for a contract: We may share information with our service providers to enable us to fulfill our obligations under that contract or to take the measures that you have requested before entering into a contract with you.

Disclosure of your data to other third parties.

We disclose your information to third parties in certain circumstances, as shown below.

Providing information to third parties such as Google Inc .. Google collects information by using Google Analytics on our website. Google uses this information, including IP addresses and cookie information, for many purposes, such as improving Google Analytics. Information is shared with Google on an aggregated and anonymous basis. To learn more about what information Google collects, how it uses this information, and how to control information sent to Google, please consult the following page: https://www.google.com/policies/privacy/partners/

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate Interests: Compliance with Google’s contractual obligations under Google Analytics Terms of Service (https://www.google.com/analytics/terms/us.html)

You can opt out of Google Analytics by installing the browser plugin here: https://tools.google.com/dlpage/gaoptout

Sharing your information with third parties that are either related to or associated with the operation of our business, is necessary for us. These third parties include accountants, consultants, independent contractors and insurers. Further information on each of these third parties is given below.

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate interest: Effective operation and management of our business.

Accountants

We share information with our accountants for tax purposes. For example, our accountant process tax to complete our tax returns and accounts at the end of the year.

Our accountants are located in Romania.

Consultants

Occasionally, we get advice from consultants, such as accountants, financial consultants, lawyers. We share your information with these third parties only if necessary for third parties to provide us with the relevant advice.

Our consultants are located in Romania.

Independent contractors

We use independent contractors in our business. Your information will be distributed to independent contractors only if they need it to fulfill their obligations in relation to our business.

Our independent entrepreneurs are in Romania.

Insurers

We disclose your information to our insurers if we need to do so, for example, in connection with a claim or a request we receive or in accordance with our general disclosure obligations under our insurance contract.

Our insurers are in Romania.

Group of companies

We share your information within our group of companies for internal administrative purposes, including information about customers and employees.

Legal basis for processing: It is necessary to execute a contract or to act at your request before concluding a contract (Article 6 (1) (b) of the General Data Protection Regulation).

The reason information it is needed for a contract: We need to disclose your information to other companies within our group in order to fulfil our contractual obligations towards you or to act on your request before concluding a contract, for example because of services or information that you have requested.

Disclosure and use of your data for legal reasons

Indication to a competent authority of possible criminal acts or threats to public safety.

If we suspect that criminal or potential behavior has occurred, we will need to contact a competent authority such as the police in some circumstances. This could be the case, for example, if we suspect that a fraud or a cyber-crime has been committed, or if we receive malicious threats or notifications about us to third parties.

In general, we only need to process your information for this purpose if you have been involved or affected by such an incident in one way or another.

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate interest: prevention of suspected criminal activity (such as fraud).

In connection the (potential) enforcement of our legal rights

We use your information in connection with the implementation or enforcement of our legal rights, including, for example, the exchange of information with debt collection agencies, if you fail to pay the amounts due when you are contractually bound to do so. Our legal rights may be contractual (if we have a contract with you) or non-contractual (such as our legal rights under copyright or tort).

The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate interest: to impose our legal rights and take action to defend our legal rights.

In connection with litigation or a (potential) legal procedure

We may need to use your information if we are involved in a dispute with you or a third party, for example either to resolve the dispute or as part of a mediation, arbitration or court decision or a similar process.

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate interest: Settlement of disputes and possible litigation.

For the continuous appliance of laws, regulations and other legal requirements

We will use and process your information to comply with the legal obligations to which we are subject. For example, we may need to disclose your information based on a court order or a quote if we receive one.

Legal basis for processing: Compliance with a legal obligation (Article 6 (1) (c) of the General Data Protection Regulation).

Legal Obligation: Legal obligations to disclose information that are part of Romania’s laws or whether they have been incorporated into Romania’s legal framework (for example, in the form of an international agreement that Romania has signed).

Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).

Legitimate interest: If legal obligations are part of the laws of another country and have not been integrated into Romania’s legal framework, we have a legitimate interest in complying with these obligations.

  1. Duration of storage of your data

This section determines how long we store the collected data. We have set specific storage periods wherever possible. If not possible, we have set specific criteria to determine the storage period.

Storage periods

Server logs: We store server log information for 60 days.

Correspondence: When you send a formal request or contact us for any reason by post, we keep your information if we need to respond to your requests and for the next 6 months), after which we delete your information.

If you contact us by e-mail, your messages are only stored in the email box.

Criteria for establishing storage periods

In any other circumstances, we keep your information for as long as necessary, considering the following:

  • the purpose (s) and use of your information both now and in the future (for example, if we need to continue storing that information to fulfil our obligations under a contract with you or to contact you in the future)
  • if we have a legal obligation to continue processing your information (such as any record keeping obligations imposed by law or relevant regulations);
  • if we have any legal basis to continue processing information (such as your consent);
  • how valuable your information is (both now and in the future);
  • any agreed industrial practices on the length of information storage;
  • the levels of risk, cost and responsibility involved in continuing to store information;
  • how hard it is to make sure that information can be current and accurate; and
  • any relevant surrounding circumstances (such as the nature and status of our relationship with you).
  1. The protection of personal data

We are taking take appropriate technical and organizational measures to provide you with the information and to protect it against unauthorized or unlawful use and accidental loss or destruction, including:

  • Sharing and providing access to your data to the minimum extent required, subject to confidentiality restrictions, where applicable and anonymously, whenever possible;
  • use of secure servers for storing information;
  • verifying the identity of any person requesting access to information before giving them access to information;
  • using the Secure Sockets Layer (SSL) standard to encrypt;

Sending personal data to us by email

The transmission of information on the Internet is not entirely secure and if you send us information via the Internet (via e-mail, through our website or by any other means), you are doing so entirely at your own risk.

We are be responsible for any expenses, loss of profits, damage to reputation, damages, debts or any other form of loss or damage suffered by you as a result of your decision to transmit information by such means.

  1. Transfer of your data outside of the European Economic Area

All your personal information is stored in the following EEA countries: Romania.

Your information will be transferred and stored outside the European Economic Area (EEA) under the conditions set out below. We will also transfer your information outside the EEA or to an international organization to comply with the legal obligations we are subject to (for example, compliance with a court order). If we are obliged to do so, we will ensure that there are adequate safeguards and protection is in place.

E-mail

The information you send to us via e-mail is transferred outside the EEA and stored on the servers of our e-mail service provider. Our third-party email provider is MICROSOFT OUTLOOK. You can access their privacy policy here: https://privacy.microsoft.com/en-us/privacystatement.

Country of storage: United States.

The guarantees (protections) used: MICROSOFT adhered to the principles of the framework agreements contained in the EU-US Privacy Shield and the Privacy Shield between Switzerland and the US, which represent appropriate protection measures.

  1. Your rights as data subject

Subject to certain restrictions on certain rights, you have the following rights in relation to your data, which you can exercise by sending an email to office@cleantechint.com:

  • the right to access personal data and supplementary information and to be informed about the collection and the use of your personal data
  • the right to have inaccurate personal data rectified, or completed if it is incomplete
  • the right to erasure (to be forgotten)
  • the right to restrict processing
  • the right to receive your personal data concerning him or her, which you have provided to us, in a structured, commonly used and machine-readable format (for example, a CSV file) and the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided;
  • the right to object to processing for certain purposes (for more information, see the section Your right to object to data processing for certain purposes below); and
  • the right to withdraw consent at any time in which we rely on your consent to use or process this information. Please note that if you withdraw your consent, this will not affect the lawfulness of the use and processing of your data based on your consent prior to the time you withdraw your consent.
  • the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.


In accordance with Article 77 of the General Data Protection Regulation, you also have the right to file a complaint with a supervisory authority, especially in the Member State of residence, workplace or alleged breach of general data protection Regulation.

For this purpose, the supervisory authority in Romania is: www.dataprotection.ro

Verification of your identity if you request access to your personal data

If you request access to your personal information, we are legally required to use all reasonable measures to verify your identity before doing so.

These measures are designed to protect your information and to reduce the risk of identity fraud, identity theft or unauthorized general access to your personal information.

Means of verifying your identity

If we have appropriate information about you, we verify your identity using this information.

If it is not possible to identify you based on this information or if we do not have enough information about you, we may request copies of certain documents to be able to verify your identity before your data can be accessed.

We will be able to confirm the exact information we need to verify your identity in your specific circumstances when you make such a request.

  1. Your right to object to data processing for certain purposes

You have the following rights in relation to your data which you can exercise by sending an email to office@cleantechint.com:

  • to object to the use or processing of personal data by us in order to carry out a task in the public interest or in our legitimate interest; and
  • to object to the use or processing of your data for direct marketing purposes (including any profile we engage with in relation to this direct marketing).

For more information about how to object to the use of data collected through cookies and related technologies, see the Section How to accept or reject cookies in our Cookie Policy.

  1. Specific categories of personal data

“Sensitive personal data” is information about an individual who reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

We do not knowingly or intentionally collect sensitive personal information from individuals and you should refrain from sending us sensitive personal information.

If, however, you intentionally or inadvertently reveal sensitive personal information, you will be deemed to have explicitly given us your consent to process sensitive personal information in accordance with Article 9 (2) (a) of the General Regulation on Data Protection. We will use and process your sensitive personal information for the purpose of deleting them.

  1. Changes to our privacy policy

We update and modify our privacy policy periodically.

Minor changes to our privacy policy

If we make minor changes to our privacy policy, we will update the Privacy Policy with a new effective date mentioned at the beginning of the Privacy Policy. The processing of your information will be governed by the practices set forth in the new version of the Privacy Policy as of its effective date.

Major changes to our privacy policy or to the purposes for which we process your information.

If we make major changes to our privacy policy or intend to use your data for a new purpose or for a purpose different from the purposes we originally collected information, we will notify you by e-mail (if possible) or by publishing an ad on our website.

We will provide you with information about the changes in question and about the purpose and any other relevant information before using your information for the new purpose.

Whenever necessary, we will obtain your prior consent before using your information for a purpose other than the purposes for which we originally collected it.

  1. Child privacy

Since we care about the safety and privacy of children online, we do not knowingly contact or collect information from people under the age of 18. The website is not intended to request information of any kind from people under the age of 18.

We may receive information about people who are under the age of 18 by means of fraud or deception of a third party. If we are notified about this, as soon as we verify the information when the law so requires, we shall proceed immediately to obtain the appropriate parental consent to use this information or, if we cannot obtain the consent of the parents, we shall delete the information from our servers. If you want to inform us about information collected about people under the age of 18, please do so by sending an email to office@cleantechint.com.