Duration of keeping personal data
The personal data retention period is the longest of the following:
- For as long as is necessary to maintain the respective business relationship or to provide the products, services or information requested by the customer or which the customer is entitled to receive or have access to, or which can reasonably be expected from the part of ComputerLand Romania SRL;
- As long as necessary for the purpose for which the data was collected or for which the respective data was provided in connection with an activity or process relevant to a particular product or service;
- Any retention period necessary for the fulfillment of legal obligations, the resolution of disputes, obtaining the execution of contracts; or
- The end of the period during which litigation or investigations may arise with respect to that business relationship or other interactions with that partner.
When ComputerLand Romania SRL is a personal data operator for its own purposes, the personal data will be deleted or anonymized when it is no longer necessary for the processing purposes indicated initially or for any additional compatible purpose for which ComputerLand Romania SRL could process hereafter these data under the conditions of the law.
When ComputerLand Romania SRL is the person authorized by the operator who processes personal data for the purposes and according to the provisions of another data operator or another authorized person, it will respect the time limits agreed with the other operator or the other authorized person, unless in which the applicable legislation and regulations provide for the obligation to delete the respective data after a shorter period of time or, on the contrary, to keep it for a longer period.
Personal data protection measures
ComputerLand Romania SRL has instituted, in accordance with applicable legislation, reasonable and appropriate administrative, technical, organizational and physical security and risk management measures, so that your personal data is properly protected against destruction accidental or unlawful damage, loss or alteration, unlawful or unauthorized access, unauthorized disclosure or misuse and against all other unlawful forms of processing of your personal data in its possession.
Ensuring the security of personal data is an important component of protecting privacy. ComputerLand Romania SRL applies policies, standards and auxiliary means of security control at the level corresponding to the level of risk and the services provided. In addition, appropriate security controls are communicated to application managers and technical teams across the company to support a secure operating environment.
ComputerLand Romania SRL pays special attention to the protection of personal data and the risks associated with the processing of this data. These measures include:
Physical security measures
We lock doors and keys, control access to our facilities, leave no materials on desks and apply secure destruction methods for the media on which your personal data is stored.
Technical security measures
We use network and information security technologies, such as anti-virus and terminal protection software, intrusion detection and data loss prevention, and we monitor our systems and databases to ensure they comply with our security policies.
Organizational security measures
Breach of personal data security
ComputerLand Romania SRL takes all reasonable measures to prevent personal data security breaches. However, when they do occur, we have a process in place that allows us to react quickly, within the limits of our responsibilities. These actions correspond to the role we have in relation to the products, services or processes affected by the data security breach. In all cases, we will work with affected parties to minimize the effects, provide all notices and disclosures required by applicable law or otherwise warranted, and take steps to prevent similar breaches in the future. We systematically outline in all our contracts, both with customers and suppliers, what our responsibilities are in the event of a personal data breach.
The principles of ComputerLand Romania SRL regarding the processing of personal data
- Compliance with laws, fairness and transparency
Personal data will be collected and processed in a legal, fair and transparent manner to protect the individual rights of data subjects.
- Limitation to specified purpose
Personal data will only be collected for explicit and legitimate purposes and will not be processed in a way incompatible with the original purposes.
- Data Accuracy / Data Timeliness
Personal data will be accurate and, where necessary, constantly updated. ComputerLand Romania SRL will take all necessary measures to eliminate or rectify the inaccuracies promptly.
- Limitation to necessary data
Personal data will be adequate, relevant and limited to what is strictly necessary. Personal data will not be kept for longer than necessary.
- The rights of the subjects of personal data
ComputerLand Romania SRL respects the rights of all data subjects, including the rights regarding access to their data, the restriction of their processing or deletion and regarding their accuracy. ComputerLand Romania SRL will provide clear and unambiguous information about the manner and purpose of collecting and processing the subjects' personal data.
- Deletion of personal data
The retention period of personal data will be defined. ComputerLand Romania SRL removes personal data that are no longer necessary in relation to the purposes for which they were collected or in the event that consent is withdrawn and no other legitimate purpose for data processing applies.
- Data processing security / Data security
Personal data will be processed securely. Adequate technical and organizational measures have been taken and will be periodically reevaluated regarding data security, against unauthorized processing or alteration, against loss or destruction, as well as against disclosure and unauthorized access to personal data transmitted, stored or processed. ComputerLand Romania SRL fully ensures the integrity, availability, confidentiality and authenticity of personal data. In the event of an incident, ComputerLand Romania SRL has the ability to restore, in due time, the availability and access to personal data.
- Implicit protection of personal data
ComputerLand Romania SRL has implemented appropriate technical and organizational measures to ensure that only personal data necessary for the specified purposes are processed. The principle of implicit data protection will be followed during the development of new products.
ComputerLand Romania SRL assumes responsibility for all activities regarding the processing of personal data. ComputerLand Romania SRL demonstrates its responsibility and has the ability to demonstrate compliance.
The data subject is an identified or identifiable natural person. An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more specific elements of his physical, physiological, psychological, economic, cultural or social identity.
As a natural person concerned, you have the following rights:
- to refuse to become a data subject, i.e. to refuse to have your personal data collected and processed;
- to ask us to provide you with information about the personal data we process about you;
- to correct, update or complete your personal data that is inaccurate or incomplete;
- to delete or request the destruction of personal data concerning you;
- in certain circumstances, the right to require us to restrict the way we process your personal data;
- to withdraw any consent you have given us for the processing of personal data concerning you;
- to object to our processing of your personal data based on our or third parties' legitimate interests;
- to obtain from us the portability of your personal data that we process by automated means based on your consent or a contract you have entered into with us; and
- in the European Economic Area, the right to lodge a complaint with a supervisory authority if you are dissatisfied with the way we have handled your personal data or a question or request you have made to us regarding privacy.
ComputerLand Romania SRL complies with the legal obligation to create optimal conditions for your exercise of the above rights. For this purpose, ComputerLand Romania SRL will take reasonable measures to establish your identity and the legitimacy of your request, and may ask you to disclose any information necessary for that purpose.
The deadline for responding to legitimate requests is 1 (one) calendar month or 31 (thirty-one) calendar days (whichever period is longer).
In certain limited circumstances, it may be necessary for the response time to be extended, according to applicable law. Certain data may be retained following these requests to prevent fraud or abuse, or as required or permitted by law, including to fulfill legal obligations, as well as to establish, exercise and defend legal rights.