SC GAVELLA COM SRL will respect the confidentiality of the identity of any person accessing our website. To the extent that users will be asked to provide any information regarding their personal data, users will do so voluntarily by accepting the PERSONAL DATA PROTECTION AND PRIVACY POLICY and any other notices contained in this site. SC GAVELLA COM SRL will take all necessary measures to protect the security of the information provided voluntarily by the users and will not communicate this information to any other entity, natural or legal person, except in situations where disclosure is permitted/enforced by the site, in order to fulfill orders and deliver products.
Access to and use of this site by users are governed by applicable Romanian law.
Any complaint or dispute arising out of or in connection with the use of this site, its content or the materials presented will also be governed by the Romanian legislation in force and submitted for resolution to the competent courts of Romania, if their resolution is not possible by amicable means.
The terms and conditions of use of this site may be changed at any time without prior notice. You agree to re-read this section of the site on a regular basis, and your access to this section is subject to the following terms and conditions. continued use of this site will constitute evidence that you have agreed to these changes.
If you have any questions about these mentions please contact us at +40 751 097 607
SC GAVELLA COM SRL is committed to protecting and respecting the confidentiality of your data. personal data in accordance with the legal provisions applicable in this field. In this respect, this section includes your information. on how your data is processed. and the rights you have as a Data Subject in relation to your information. personal data we hold.
This section sets out how your information may be used, processed and stored. personal data that was obtained directly from you.
SC GAVELLA COM SRL will protect the confidentiality of the identity of any user accessing the website, in compliance with the requirements in the field of data protection, namely those provided for by the General Data Protection Regulation 2016/679/EU on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“Regulation”), applicable from 25 May 2018.
To the extent that users will be asked to provide any information regarding their personal data, users will do so voluntarily by accepting the terms and conditions of this site and any other content contained herein.
According to the requirements of Regulation 2016/679/EU on the protection of individuals with regard to the processing of personal data and on the free movement of such data applicable as of 25 May 2018, we are obliged to manage securely and only for the specified purposes, the personal data you provide to us through the website, our services or in connection with our activity, in accordance with the provisions of the Regulation.
According to Article 4 of the Regulation:
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
“Processing” means any operation or set of operations performed on personal data or on sets of personal data with or without the use of automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Data operator” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
“Person empowered by the operator” means the natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller;
“Targeted person” (directly or indirectly) means a person identified or identifiable by means of an identifier, such as a name, an identification number, location data, an online identifier, or one or more specific elements of his/her physical, physiological, genetic, mental, economic, cultural or social identity, regardless of the source of the data (mobile equipment, software, IP addresses, cookies, etc.);
“Pseudonymisation” means the processing of personal data in such a way that they cannot be attributed to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;
“Destinatar” means the natural or legal person, public authority, agency or other body to whom personal data is disclosed, whether or not it is a third party;
“Part three” means a natural or legal person, public authority, agency or body other than the data subject, the controller, the person authorised by the controller and persons who, under the direct authority of the controller or the person authorised by the controller, are authorised to process personal data;
“Consimtamant” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which the data subject signifies his or her unambiguous consent to the processing of personal data relating to him or her by means of a statement or an action.
The controller must have in mind the processing of data for specifically determined purposes and ensure that the purposes of processing do not contravene the applicable legal rules, i.e. that the purposes of processing are lawful.
Personal data submitted through the site and personal data we have collected from you or from third parties or public sources will be used for the purposes specified in this Privacy Policy. Depending on the relationship we have or wish to have with you, we may use your personal data for the following purposes on the legal grounds set out in Article 6 para. (1) Regulation and presented below:
– The consent you give, according to Art. 6 para. (1) lit. a) of the Regulation, when the Controller does not rely on any other legal basis, but on your consent to the processing of personal data, which may be withdrawn at any time.
– Compliance with a mandatory legal requirement laid down in EU or national law (e.g. providing personal data to various authorities).
– The processing is necessary for the fulfilment of the stated purposes of the website – pursuant to Art. 6 para. (1) lit. b) of the Regulation, in the sense that data may be processed which are necessary to take steps for the performance by the Operator of the obligations undertaken towards the data subject by virtue of the purpose for which the site was created, in accordance with the Terms and Conditions and any other information existing on the site;
– The fulfilment of a task serving a public interest (provided for in EU or national legislation);
– Legitimate interests of the Controller – whenever the Controller relies on this legal basis to process your data, the interests of the Controller will be assessed to ensure that they do not override your rights.
4.1. The types of information we can collect are the following:
– first and last name;
– address;
– CNP or ID card series and number;
– e-mail address;
– telephone;
-data on payments made (for example, but not limited to card data, etc.);
-any other data necessary for the fulfilment of orders, the delivery of products and the conduct of business relations;
4.2. The source from which the personal data originate:
The data that the Operator processes is the data that you provide to us. you have communicated to them directly and/or indirectly and which are necessary for the fulfilment of the above purposes
4.3. The recipient or categories of recipients to whom personal data are disclosed:
The operator can send you your data. with third parties in order to fulfil its legal and/or contractual obligations.
4.4. Storage period of personal data:
The controller may keep the data for as long as necessary to fulfil the purpose for which it was provided/collected or, as the case may be, for as long as the law provides for the obligation to keep such data or for as long as the consent of the data subject exists.
Each data subject may contact the Operator at any time, free of charge, with a notification in order to exercise the following rights provided by the Regulation:
(1) Right to be informed – You have the right to access your information by sending a request to the Operator’s e-mail address if you wish to access the personal information that the Operator holds about you (right of access, Article 15 of the Regulation);
(2) Right to rectification – If the information that the Operator holds about you is not correct, the Operator may rectify it. are inaccurate or incomplete, you have the right to request their correction. If this data has been transmitted to a third party with your consent. or for legal reasons, then the Operator will also have to ask them to rectify the data (right of access, Article 16 of the Regulation);
(3) Right to erasure – The operator aims to process and store your data. only as long as necessary. In certain circumstances, you have the right to request the Operator to delete your data. personal data it holds. If you feel that the Operator is keeping data longer than necessary, contact the Operator to check if your contract has been terminated. If this has ceased, there may still be legal grounds for processing your data. personal data (right of erasure, Article 17 of the Regulation).
(4) Right to restrict data processing -In certain circumstances you have the right to request the Controller to restrict the way your data is processed. This means that the Controller is allowed to store the data, but not to process it further (right to restrict processing, Article 18 of the Regulation),
(5) Right to data portability – According to the Regulation you have the right to receive personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format and you have the right to transmit this data to another controller, without hindrance from the controller to whom the personal data was provided, if:
1. the processing is based on consent pursuant to Article 6(1)(1)(b) of Directive 95/46/EC. (a) or Article 9(2)(a) (a) or on a contract pursuant to Article 6(1)(a) of this Directive. (b);
2. processing is carried out by automatic means (right to data portability, Article 20 of the Regulation).
(6) Right to object – At any time, you have the right to object, pursuant to Article 21 of the Regulation, to processing pursuant to Article 6(1)(a) of the Regulation. (e) or (f) or Article 6(1) of personal data relating to you, including profiling on the basis of those provisions. In this case, the Operator will no longer process your personal data, unless the Operator demonstrates that it has legitimate and compelling reasons justifying the processing which override your interests, rights and freedoms.
(7) Right to withdraw consent – If you have given your consent to the processing of your data, but later change your mind, you have the right to withdraw your consent at any time and the Controller must stop processing your data (right to withdraw consent, Article 7 of the Regulation).
(8) Right to complain to the supervisory authority – If you feel that the Controller has not responded to your request to resolve a specific problem, you have the right to complain to the National Supervisory Authority for Personal Data Processing (right to lodge a complaint with a supervisory authority, Article 77 of the Regulation).
The Operator takes all necessary steps to apply appropriate safeguards to protect the confidentiality and security of your personal data during transfer and to use it only in accordance with your relationship with the Operator and the practices described in this Privacy Policy. The Operator minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.
We can also disclose your data. personal:
– to the extent that we are required to do so by law;
– to establish, exercise or defend legal rights (including providing information to others for the purpose of preventing fraud).
Third party websites
This website may include hyperlinks and details of third party websites. We have no control over and are not responsible for the privacy policies and practices of third parties.
A data security breach occurs when the data for which the Controller is responsible suffers a security incident that accidentally or unlawfully results in the compromise of the confidentiality, availability or integrity of personal data, such as the unauthorized destruction, loss, alteration or disclosure of personal data.
Such security incidents can occur, for example, as a result of cyber attacks, but also when equipment (such as a laptop phone, etc.) on which personal data is stored is lost, or when an e-mail is mistakenly sent containing personal data to someone other than the intended recipient.
Any employee who becomes aware of a security incident that may lead to the damage of personal data must immediately notify the management of the Operator who, together with the IT manager, will analyze the incident, then establish and implement the necessary measures to eliminate the consequences of the incident.
In the event that the breach is likely to present a risk to the rights and freedoms of individuals, the Controller is obliged to notify the National Supervisory Authority for Personal Data Processing within 72 hours of becoming aware of the breach.
If the breach of data security presents a high risk to affected individuals, then all affected individuals must be informed (unless effective technical and organisational safeguards or other measures have been put in place to ensure that the risk is no longer likely to materialise).
We can also disclose your data. personal:
– to the extent that we are required to do so by law;
– to establish, exercise or defend legal rights (including providing information to others for the purpose of preventing fraud).
Third party websites
This website may include hyperlinks and details of third party websites. We have no control over and are not responsible for the privacy policies and practices of third parties.
This data protection section is designed to inform you about the processing of your data. personal data and your rights. on this processing in accordance with the General Data Protection Regulation and applicable national law.
If you have questions about your information. If you wish to exercise your personal rights or if you have any questions or complaints, please contact us by sending an e-mail to secretariatgavella@gmail.com.
Also, in order to update or correct your data. personal, please contact us in any of the ways indicated above.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". | |
cookielawinfo-checkbox-functional | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". | |
cookielawinfo-checkbox-necessary | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". | |
cookielawinfo-checkbox-others | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. | |
cookielawinfo-checkbox-performance | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". | |
viewed_cookie_policy | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |