Personal Data Processing
Data Privacy
As we are committed to enhancing the performance of our services, S.C. EUROPEAN FOOD S.A. establishes technical and organizational measures to ensure the security and confidentiality of personal data, with the obligation to manage this data securely and solely for the specified purposes, as provided by users. Additionally, we reserve the right to periodically update our privacy policy in accordance with the applicable laws in Romania and to make it freely available to the public. It should be noted that transmitting information or photos/videos via our website or email address implies S.C. EUROPEAN FOOD S.A.’s access to this information. In this case, S.C. EUROPEAN FOOD S.A. will not be obligated to pay any compensation that the sender or any third party might claim. Disclosure to third parties will be made in accordance with the provisions of this document.
Contact Information
S.C. EUROPEAN FOOD S.A., RO12457015, J05/892/1999, Păntășești village, no. 41, Drăgănești commune, Bihor county.
Phone: +40 259 407 203
Email: marketing@europeanfood.ro
Website: www.europeanfood.ro
Terms
- Personal data means any information regarding an identified or identifiable natural person (“data subject“); an identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;
- Processing means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction; Personal data intended for processing are:
- Processed in good faith and in accordance with the legal provisions in force;
- Collected for specified, explicit, and legitimate purposes, and further processing of the data for statistical or other purposes will not be considered incompatible with the original purposes of collection if it is carried out in compliance with legal provisions, including those concerning notification to the supervisory authority;
- Adequate, relevant, and not excessive in relation to the purposes for which they are collected and subsequently processed;
- Accurate and, where necessary, kept up to date.
- Restriction of processing means marking stored personal data with the aim of limiting their processing in the future;
- Profiling means any form of automated processing of personal data consisting of using personal data to evaluate certain personal aspects relating to a natural person, especially to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements;
- Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of processing personal data;
- Processor means a natural or legal person, public authority, agency, or another body which processes personal data on behalf of the controller;
- Recipient means a natural or legal person, public authority, agency, or another body to whom the personal data are disclosed, whether a third party or not.
- Third party means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and the persons who, under the direct authority of the controller or processor, are authorized to process personal data;
- Consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, through a statement or by a clear affirmative action, agrees to the processing of personal data relating to him or her;
- Personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed;
- Representative means a natural or legal person appointed in writing by the controller or processor to represent the controller or processor regarding their obligations;
- Supervisory authority means an independent public authority established by the Romanian state;
- International organization means an organization and its subordinate bodies governed by public international law, or any other body that is established by or under an agreement between two or more countries.
- Anonymous data refers to data which, due to its origin or specific processing, cannot be linked to an identified or identifiable person.
What Personal Data Do We Collect and From Whom?
We process the personal data received from you. We inform you that we will collect the following personal data:
- Directly: name and surname, email address, telephone number, received from you by phone, via email, or through the contact form in the “Contact” section of the website www.europeanfood.ro
- Indirectly/Involuntarily: IP Address – when you visit our site or when you send a message to our email address or through the contact form in the “Contact” section of the site, your IP address is recorded. Operating system, browser, site activity – this information may be processed through the use of cookies.
At the same time, we inform you that when you send a message to our email address or through the contact form on the site, you understand that you are expressing your explicit and unequivocal consent for the use of personal data for the purpose of being contacted and receiving a response to your message.
The data collected are limited to what is strictly necessary in relation to the purposes for which they are processed, in compliance with legal measures for data security and confidentiality.
We do not collect and process special personal data that reveal racial or ethnic origin, political opinions, religious beliefs or philosophical beliefs, or trade union membership, genetic data, data concerning a person’s sex life or sexual orientation.
We must inform you that you are not obliged to send/provide us with any personal data, and not providing them does not constitute a necessary requirement for navigating the site.
We inform you that S.C. EUROPEAN FOOD S.A. makes every effort to protect your data, using security methods and technologies, together with policies for the confidentiality of the data collected.
However, we must inform you that the complete security of data transmitted over the internet cannot be guaranteed 100%, there being a risk that the data may be seen and used by unauthorized third parties. We cannot be held responsible for such vulnerabilities of systems that are not under our control. Any transmission of data is done at your own risk.
Purpose of Processing
We process personal data for:
- Handling requests, questions, or complaints made by users/visitors by phone, via email, or through the contact form in the “Contact” section of the website www.europeanfood.ro
If S.C. EUROPEAN FOOD S.A. intends to further process the personal data for a purpose other than that for which they were collected, it will inform you, before processing, about the purpose of this processing and will request your consent.
Transfer of Personal Data
S.C. EUROPEAN FOOD S.A. processes your personal data within Romania and does not intend to transfer these personal data to a third country or an international organization.
Recipients of Personal Data
The recipients of personal data may include, as applicable:
- The individual (data subject) who provided the data or their representatives;
- Employees of S.C. EUROPEAN FOOD S.A. who have access to your data for the purpose of performing their duties, strictly within their professional and service competencies;
- Companies within the same group as S.C. EUROPEAN FOOD S.A., its legal representatives/authorized agents;
- Providers of communication and IT services;
- Central and local public institutions/authorities, courts, police, prosecutor’s offices, etc. S.C. EUROPEAN FOOD S.A. does not provide the data collected from users to third parties without the express and prior consent of the users.
Period of Processing Personal Data
Data are stored and archived throughout the duration of our activities (S.C. EUROPEAN FOOD S.A.), until you or your legal representative exercise the right to object/to delete, unless we have a legal obligation to continue storing your data in accordance with the GDPR Regulation. Thus, you have the right to request the deletion of your data or certain data at any time during our activities.
To exercise your rights, you may submit a written request, signed and dated, to the attention of the Data Protection Officer, at the email address marketing@europeanfood.ro or by mail/courier to the following correspondence address: Teatrului Street, No. 7, Oradea, Bihor County. If necessary, S.C. EUROPEAN FOOD S.A. may ask you to provide additional information to verify the identity of the person submitting the request (Art. 12, para. (6) of the GDPR Regulation).
We will not charge a fee for processing your request unless the requests are manifestly unfounded or excessive, particularly because of their repetitive nature. In such cases, we are entitled to:
- Either charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the requested actions; We will inform you of any fee that would apply before processing your request.
- Or refuse to comply with the request. We commit to responding to any request that does not negatively affect the rights and freedoms of other data subjects, within one month of its receipt, except in cases where the requests are complex or multiple, in which case we will respond within a maximum of two months.
Any illegal attempt to access or request another user’s personal data through any means can be considered an attempt at fraud and may lead to criminal investigation against the requester.
Your Rights
In accordance with Regulation (EU) No. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, also known as the GDPR, this document informs you of your rights:
- The Right to Be Informed: This document regarding the processing of personal data provides the information you are entitled to receive.
- The Right of Access to Data: You have the right to request:
- Confirmation whether your personal data is being processed;
- Access to a copy of these data (provided it does not adversely affect the rights and freedoms of others);
- Other information about your personal data, such as: what data we have, how we use it, to whom we disclose/communicate it, whether we transfer it abroad, how we protect it, how long we keep it, what rights you have, how you can make a complaint, and where we got your data from.
- The Right to Rectification: You can request that we correct or complete your inaccurate or incomplete personal data. We may verify the accuracy of the data before rectifying it.
- The Right to Erasure of Data: You can exercise your right to have your data deleted only in certain situations:
-
- The data are no longer necessary for the purposes for which they were collected;
- You have withdrawn your consent (if processing was based on consent) and there is no other legal ground for processing;
- The data have been unlawfully processed;
- You exercise a legal right to object;
- There is a legal obligation to delete.
We are not obligated to comply with your request to erase your personal data if processing is necessary:
- To comply with a legal obligation;
- For the establishment, exercise, or defense of legal claims.
- The Right to Restriction of Processing: You can request that we restrict the processing of your personal data, but only in certain cases where:
- You contest the accuracy of the data (see the right to rectification), for a period enabling us to verify their accuracy;
- The data are no longer needed for the purposes for which they were collected, but you require them for the establishment, exercise, or defense of legal claims;
- You have objected to processing, pending the verification whether our legitimate grounds override yours.
Following a restriction request, your data can still be used:
- With your consent;
- For the establishment, exercise, or protection of legal claims;
- To protect the rights of another natural or legal person.
The controller will communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. Upon request, we can inform you about those recipients.
- The Right to Data Portability: You have the right to request that your data be transferred directly to another data controller, in a structured, commonly used, and machine-readable format, where technically feasible.
- The Right to Object: You can object to the processing of your personal data on the basis of the legitimate interest of the Controller, if you believe that your fundamental rights and freedoms outweigh this interest.
- The Right Not to be Subject to a Decision Based Solely on Automated Processing, Including Profiling: You can request not to be subject to a decision based solely on automated processing, including profiling, when such a decision:
- Has legal effects concerning you;
- Similarly significantly affects you.
This right does not apply if the decision:
- Is necessary for entering into, or performance of, a contract with you;
- Is authorized by law and there are adequate safeguards for your rights and freedoms;
- Is based on your explicit consent.
- The Right to Withdraw Consent: You have the right to withdraw your consent at any time, if processing was based on consent, without affecting the lawfulness of processing based on consent before its withdrawal, and we will proceed accordingly, unless there is a legal reason or legitimate interest not to do so.
- The Right to Lodge a Complaint with the National Supervisory Authority for Personal Data Processing and to seek judicial remedy if you believe that the processing of data violates the provisions of the Regulation. For any clarification regarding how we process your data, please contact us directly to resolve this issue.
Contact details for the National Supervisory Authority for Personal Data Processing: G-ral. Gheorghe Magheru Blvd. 28-30, Sector 1, postal code 010336, Bucharest, Romania, Tel: +40.318.059.211, +40.318.059.212; Fax: +40.318.059.602 or email: anspdcp@dataprotection.ro