Definitions
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
“Processing” means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union law or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Processor” means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
In accordance with the provisions of the General Data Protection Regulation (GDPR) and Law No. 190/2018 for its implementation into Romanian legislation, the Service Provider and the Client commit to comply with all legal obligations regarding the collection, processing, and protection of personal data. This includes ensuring that data is processed in a secure, transparent manner and in compliance with the rights of data subjects, including the right to rectification, data portability, restriction of processing, objection, and erasure of personal data.
The Client – as the controller, acknowledges and accepts the responsibility of protecting personal data stored and processed on its devices, in accordance with the requirements of the General Data Protection Regulation (GDPR) and applicable Romanian legislation. This includes the obligation to ensure the integrity and confidentiality of the data through technical and organizational measures.
The Provider – Unserver Business Solutions S.R.L., as the processor, acknowledges that, for the purpose of providing the requested services, it may be necessary to access and process personal data provided by the Client. The Provider commits to accessing this data solely to fulfill contractual obligations and to provide the agreed services, fully respecting the confidentiality and integrity of this information. The Provider undertakes to implement appropriate technical and organizational measures to prevent unauthorized access, misuse, or disclosure of personal data.
Data Retention Period
Personal data will be retained as long as necessary to fulfill contractual purposes.
Transfer of Data Outside the EU
If personal data is transferred outside the EU, the Provider will ensure appropriate protection measures are in place, in accordance with GDPR regulations.
Data Breach Notification Procedure
In the event of a data security breach, the Provider will notify without delay both the competent authority and the data subjects, in accordance with the procedures established by the GDPR.
By accepting this document, the controller expresses agreement with the content of this document, including the operations of accessing/processing data from devices by the processor.
Legislation
The General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, known as the GDPR (General Data Protection Regulation), is directly applicable in all EU member states, including Romania.
Useful links:
https://commission.europa.eu/law/law-topic/data-protection/data-protection-eu_ro
https://www.dataprotection.ro/?page=legislatie_primara&lang=ro