Version 1 from 09.02.2022
Through this document, the Controller informs you about how he collects, uses, transfers and protects your personal data when you interact with us in connection with our products and / or services, through our website.
1.2. The personal data processing activities are carried out under the responsibility of the Site Administrator, GTM Managing Services SA with headquarters in Bucharest, Nicolae Caramfil no. 71-73, ART BC 5, building A, 4th floor, sector 1, as operator.
1.3. You can contact the data protection officer by e-mail at email@example.com.
2.1. When you contact us through the contact e-mail address displayed on the site, the Administrator will process identification data such as: name, surname, e-mail, customer number, phone number. These data are provided directly by the User.
2.4. In the list below you can find more information on how to change the cookie settings for the browser you are using:
3.1. The personal data collected by the Controller are processed for purposes that include:
3.2. We process your data only for the purposes we have communicated. If we use them for other (close) purposes, additional data protection measures will be applied and will be used only with the users' consent, where this is the basis for processing.
4.1. We may share your personal data with product suppliers, business partners and other third parties in accordance with applicable law.
4.2. Such categories of recipients may be: accounting service providers, legal assistance, banks and any other business partners, when they are necessary for the performance of a contract or when there is a legitimate interest of the Site Administrator, without affecting the rights of the data subjects (Users, partner contacts, etc.) and in compliance with the necessary security measures.
4.3. We may share personal data with other partners, for data management and other parties that have a mandatory relationship with the Controller, for offering its services (e.g. email marketing campaigns, push notifications, contracts).
4.4. In case we receive a request from the competent bodies of the state through which it is imposed the disclosure of personal data of the Users, according to the law, we are obliged to comply with it.
4.5. We will also communicate to the User the data they request (if they make a request for access to the data). At the same time, we may communicate the data to another operator, at the user's request, in order to guarantee the right to data portability (to the extent that we have the obligation and according to the data portability rules applicable according to the legal provisions applicable in the technological conditions existing at the time of your request).
4.6. We may also share your data if we are subject to a company transition, for example a merger, acquisition by another company or sale of all or part of the assets.
5.1. Right to be informed. Through this personal data processing policy, users are informed about the identity and contact details of the controller, the contact details of the data protection officer, the purposes of the processing of personal data and the legal basis of the processing, the categories of recipients of personal data, the transfer to third countries or international organizations, the period of data storage, as well as the rights they have.
5.2. Right of access to data. Users have the right to obtain from us a confirmation that personal data concerning them are being processed or not and, if so, access to that data and proper information. At the request of users, we may provide a copy of the personal data subject to processing. For any other copies requested, we may charge a reasonable fee based on administrative costs. The information will be provided in an electronic format, currently used. We reserve the right not to respond to manifestly unfounded, excessive or repeated requests.
5.3. Right to rectification. The user may request the rectification of inaccurate personal data, respectively the completion of personal data that are incomplete, including by providing an additional statement. This right can be exercised directly by accessing the user account. If you encounter any difficulties, please contact us.
5.4. The right to delete the data ("the right to be forgotten"). The user may request the deletion of personal data concerning him/ her, if one of the following reasons applies:
According to the legal provisions, the obligation to delete the User's data does not apply to the extent that the processing is necessary:
This right can be exercised directly by accessing the user account. If you encounter any difficulties, please contact us.
5.5. The right to restrict the processing. The user has the right to obtain the restriction of processing if one of the following cases applies:
5.6. Right to data portability. The user has the right to receive the personal data concerning him/her that he/she has provided to the controller in a structured, commonly used and machine-readable format and has the right to transmit this data to another operator, without hindrance from the operator to whom the personal data have been provided, if:
In exercising his right to data portability, the user has the right for personal data to be transmitted directly from one operator to another where this is technically possible.
If you exercise this right, you will receive by mail a secure link containing all the data thus requested.
5.7. The right of opposition. The user has the right to oppose at any time, for well-founded and legitimate reasons related to his particular situation, as data aimed at him to be subject to processing, unless there are legal provisions to the contrary. In case of justified opposition, the processing can no longer concern the data in question.
5.8. The right not to be subject to an automated individual decision-making process. Users have the right to request and obtain the withdrawal / cancellation / reassessment of any decision that produces legal effects in respect of them, adopted exclusively on the basis of a processing of personal data, carried out by automatic means, intended to evaluate some aspects of their personality, such as professional competence, credibility, behavior or any other such aspects.
5.9. The right to appeal to justice. Without prejudice to the possibility of complaining to the supervisory authority regarding the protection of personal data, users have the right to appeal to the courts for the defense of any rights guaranteed by law, which have been violated.
If the User has suffered a prejudice as a result of a processing of personal data, carried out illegally, he may address the competent court for its repair. For any request related to the use of your personal data, you can contact us at:
We encourage you to maintain your personal settings and personal data complete and current. Our team will make every effort to solve your requests in the shortest possible time.
According to the legislation in the field of personal data protection, the deadline for response is 30 days. If, depending on the complexity of the application, we cannot implement the requested measures within a period of less than one month, this period may be extended, according to the applicable legislation, by a maximum of 60 days. In this situation, you will receive a notification within a maximum of 30 days from the sending of the request, about the reasons for the delay.
6.1. The data provided if the User contacts us directly through the "Contact" section will be used only during the existence of the services provided and strictly for the observance of the legal requirements in force (e.g., archiving terms) and for the protection of the legal rights and interests of the Administrator.
6.2. The anonymized data will be used strictly for further statistical analysis.
6.3. The controller undertakes to take all necessary measures to keep the personal data by an exact manner, completed and updated, in order to fulfill the purposes for which they were collected. Inaccurate or incomplete data will be rectified or removed.
6.4. The personal data will be kept only for the period necessary for the fulfillment of the established purpose, in compliance with the rights of the data subject provided by the legislation in force.
6.5. Following the periodical verifications, the personal data held by the operator, which no longer serve the achievement of the purpose or the fulfillment of some legal obligations, will be destroyed.
7.1. Within the site, the User may encounter links to other websites / Applications / Online platforms for his information. They may operate independently of the site and may have their own notices, statements or privacy policies. We recommend that you review them to understand how personal data can be processed in connection with those sites, as we are not responsible for the content of sites that do not belong to or are not managed by the Controller or for the use or privacy practices of those sites.
8.1. Depending on the choices made regarding the settings on different social media sites and/or in combination with the settings on the pages of the site, certain personal data may be shared with the Administrator, in connection with the social activities and profiles. When you participate in various social media forums, such as Facebook, Twitter, Yammer, Pinterest, Instagram, LinkedIn, etc., you need to be familiar with them and understand the tools offered by these sites that allow you to make choices about how you share your personal data on social media profiles.
9.1. The Administrator may store personal data on a third party server. This means that your personal data may be processed on behalf of the Controller by a co-location and server rental service provider and may be stored in different locations within the European Economic Area. The Controller resorts to organizational and contractual measures to protect your personal data and to impose similar requirements, but no less restrictive for our cloud service providers, including requirements that personal data be processed exclusively for the purposes indicated above.
10.1. We assume and take seriously our responsibility for the protection of the personal data you entrust to us. Thus, to avoid loss, misuse or unauthorized access, the Controller uses a variety of security technologies and organizational procedures to help protect personal data.
11.1. Although the site does not target children under 16 years of age, we have the obligation to comply with the laws and to seek the permission of parents or legal guardians before collecting, using or disclosing information about children.
11.2. The administrator strongly recommends that parents assume an active role in supervising their children's online activities. If you believe that we have collected personal data from persons under the age of 16, please contact us at the email address: firstname.lastname@example.org.
12.1. The services offered are constantly evolving, and the form and type of services offered may change from time to time without prior notice. For this reason, we reserve the right to change or add this privacy notice from time to time, and any content revisions will be posted on our sites or sent through a push notification via the app or email.
12.2. We will post an important notice on the privacy notice page to notify you of any material changes to this privacy notice and we will indicate at the top of the announcement the date on which the most recent update was made.
12.3. The new personal data processing policy will enter into force on the date of posting. If you do not agree to the revised notice, you must change your preferences or consider discontinuing the use of the Application.