Personal Data
OPSIS-RESEARCH informs the individual to whom the personal data pertains (hereinafter referred to as the Data Subject), visitor/user of this website (hereinafter referred to as the Website), that the processing of personal data is governed by the provisions of the applicable Romanian and European legislation on personal data protection, including Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), Law no. 190/2018 for the implementation of GDPR in Romania, as well as by relevant decisions, guidelines, and regulatory acts issued by the National Supervisory Authority for Personal Data Processing (ANSPDCP).
Data Controller
The Data Controller is OPSIS-RESEARCH. Hereinafter, it will be referred to as the Data Controller.
Personal Data Collected and Processed by the Data Controller
The Data Controller ensures the lawful and legitimate collection and processing of personal data through its Website. Personal data are information that directly or indirectly identifies the Data Subject, such as name, email address, or postal address. The Data Controller keeps a record of and processes personal data provided by the Data Subjects themselves. The processing of this personal data is carried out with the consent of the Data Subjects and only to the extent necessary, depending on the purpose of processing and the time required in each case. Each time, we collect only the personal data strictly necessary to carry out the action or service requested by the Data Subject (see below “Purposes of Processing”).
Purposes of Processing
The Data Controller processes personal data for the following purposes:
-
Contacting Data Subjects who have filled in electronic forms available on the Website (e.g., contact forms) or have requested to receive updates via newsletters or other electronic communications after registering on the Website.
-
Serving and fulfilling requests electronically submitted by Data Subjects through the Website.
-
Conducting legally mandated audits.
-
Preventing, deterring, and addressing unlawful acts.
-
Improving the quality of services provided.
-
Promoting public services or government projects, provided legal requirements are fulfilled.
The Data Controller collects and processes personal data exclusively for the purposes stated above and only to the extent strictly necessary to effectively serve these purposes. The data processed are relevant, adequate, and limited to what is necessary in relation to the purposes, accurate, and kept up to date where necessary. Data are retained only as long as necessary to fulfill the purposes of collection and processing and are securely deleted thereafter unless otherwise required by law.
Personal Data of Minors
The Data Controller recognizes the importance of protecting minors’ personal data. The Website is not intended for use by minors. The Data Controller does not knowingly collect or maintain personal data from minors accessing the Website.
Nevertheless, since it is not possible to guarantee this, any minor users who submit personal data via the Website must have obtained consent from their parents or legal guardians. Adults are advised to supervise minors in their care when browsing the internet and accessing this Website.
Data Security
Personal data processing by the Data Controller is carried out in a manner that ensures confidentiality and security. The Data Controller implements all appropriate technical and organizational measures to protect data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and any other form of unlawful processing.
Despite these measures, the Data Controller cannot guarantee absolute security of data transmitted over the internet.
Recipients of the Data
Recipients of personal data include entities within the Data Controller’s organization, as well as authorized partner entities within Romania or other European Union member states, where applicable and in compliance with legal provisions.
Processors on behalf of the Data Controller
The Data Controller may engage third-party partners to process personal data on its behalf for the purposes described above.
Other Third Parties
The Data Controller may disclose personal data when required by law, judicial or regulatory decisions, or to protect the Website, including:
-
Sharing data with government agencies, judicial or prosecutorial authorities to comply with applicable laws or legal proceedings.
-
Using data to prevent fraud against Website users or to prevent loss of life or serious injury.
-
Using data to ensure the security and integrity of its systems, including prevention or mitigation of cyberattacks.
Cookies
To ensure proper Website functioning, the Data Controller stores cookies, which are small data files, on the devices of Data Subjects. For more information, please refer to the Website’s Cookies Policy.
Links to Third-Party Websites
Any links on the Website leading to third-party websites do not imply responsibility by the Data Controller for the privacy practices of those sites. Data Subjects should inform themselves about how those websites manage and protect personal data.
Right of Access and Objection
The Data Subject has the right to know whether their personal data is processed (right of access). To exercise this right, the Data Subject may contact:
OPSIS-RESEARCH
Strada Corbita 30, Parter, Bucharest, Sector 5, Romania , 51083
+40 21 30 86 278
info@opsys.ro
The Data Subject also has the right to object at any time to the processing of their personal data (right to object under Article 21 of the GDPR and applicable Romanian law) and may request actions such as correction, restriction, non-disclosure, or deletion. Objections must be sent in writing to the above contact details.
To fulfill requests, the Data Controller may require verification of the Data Subject’s identity.
Amendment of the terms of personal data protection
Because this notice and the terms of personal data protection contained herein may be amended, Data Subjects should regularly be informed about the content of this notice and check for any changes.