General policy on the protection of personal data
Effective from: 25.05.2018
Date of last update: 15.05.2018
We take care of your personal data
Protecting the information you provide is extremely important to us. Here are some things you need to know about the information we collect, the purpose for which we collect it, how we use it, and with whom we share it. If you have any questions, do not hesitate to contact us at the e-mail address protectiadatelor@apan.ro or at the postal address APAN SRL, Brăila, Şos DN 22B, km 4, postal code 810550.
If we know some information about you, we can provide you with better personalized services. Protecting your personal data is our priority.
Through this Personal Data Protection Policy (hereinafter referred to as the “GDPR Policy”), we want to ensure that you have access to adequate information about the collection and processing of your personal data, including information about your personal data. to whom we have the obligation to inform you, as provided by the regulations in force regarding the protection of personal data, including the GDPR Regulation No. 2016/679 The General Data Protection Regulation (“GDPR”).
When using and processing personal data, APAN SRL strictly complies with the legal provisions in force regarding data protection. The right to use personal data and anonymous data belongs to APAN SRL within the limits provided by law, in compliance with the rights of data subjects described below.
This data protection statement applies only to the activities, operations performed, sites and subdomains related to APAN SRL, but not to activities or sites controlled or operated by third parties. Please check the data protection statements of web pages controlled or operated by third parties, as these web pages are not under our control and APAN SRL does not assume responsibility for their content and their data protection measures.
This GDPR Policy may be supplemented by other information provided by us, as well as other terms and conditions that apply to this website or to which you have given your consent by interacting with us.
Your recommendations are always welcome.
1. Why do we collect your data?
The use of your personal data allows us to improve the services we offer, it helps us to be able to process you.
requests faster and better manage your relationship with you.
Here are some ways you can use the information you provide:
To ensure that we and / or our partners can contact you easily
To provide you with the information you have requested
To send you relevant information about our products and services
To measure the performance of our advertising campaigns
To measure the performance of our sales and after-sales services
Subject to your prior consent, we may also use your personal data to:
Send personalized ads about our vehicles, products, and services
Provide personalized customer experiences
Conduct customer satisfaction surveys
Send invitations to attend events
The data you provide helps us to make sure that if we send you a communication, it is relevant to you.
2. What kind of personal data do we collect?
Any information we have about you is most likely provided by you - for example, you have completed a Test drive form.
You can access the data collected about you at any time, namely:
Personal information (name, address, email, phone)
Application type
Origin of the request
Purchase / holding / use data (machine model, products and services required)
Browsing data on our sites
3. Special processing data processing
Monitoring methods within APAN SRL
A. Video surveillance:
It aims to ensure the security and protection of persons, goods and values, real estate and facilities of APAN SRL, to prevent and combat the commission of crimes, as well as the enclosures affected by them, and / or the realization of legitimate interests, provided that their rights are not harmed. fundamental freedoms or the interests of data subjects.
The processing covers any image that allows the direct or indirect identification of individuals;
Video surveillance cameras are located in visible places and are properly signaled;
The processing of Employee Data by means of video surveillance (eg cashier, treasury, safes) is permitted for the fulfillment of express legal obligations (ensuring the security and protection of property including the prevention and combating of crimes) or on the basis of a legitimate interest, respecting the rights employees, in particular their prior information.
B. Ensuring the security of the information system and electronic communications within APAN SRL:
It aims to protect confidential information, the security of computer systems, the prevention and / or detection of fraud, to prevent the leakage of information containing personal data by the method of excluding unauthorized access to it;
preventing the destruction, modification, copying, unauthorized blocking of personal data in telecommunications networks and information resources; compliance with the regulatory framework for the use of information systems and personal data processing programs; ensuring the complete, complete, truthful nature of personal data in telecommunications networks and information resources; maintaining the possibilities of managing the process of processing and storing personal data, as well as the protection of reputation. It also aims to monitor the evolution of threats to IT systems and especially the risks of a logistical nature (intrusion, blocking of services, etc.); The processing concerns only the traffic data and the access / transmission data of the correspondence;
However, the access / monitoring of content data is performed only in duly justified exceptional circumstances as well as in cases determined by the need to comply with legal provisions;
Employees will be informed when they are hired, as well as whenever necessary, about how to use the internet and e-mail connection, as well as the applicable exceptions.
C. Monitoring of cars owned by APAN SRL / used by APAN SRL / provided by APAN SRL to third parties:
It aims at car security (security and protection of property). The data that can be processed in this case are: the details of the vehicle, the planned route, the data regarding the incident (date, time, place of the accident).
D. Physical access control within APAN SRL of employees:
It aims to ensure access control within APAN SRL and the data obtained from this processing will not be used for other subsequent purposes.
The processing time of these monitoring data within APAN SRL
For the purposes mentioned in points A, B, C and D, APAN SRL will process the Data during the relationship with the Data Subject or during the period imposed by the legal provisions and documented in the Archival Nomenclature and the operational procedures applicable to each department.
After the conclusion of the Data Processing operations, for the purposes for which they were collected, they will be archived by APAN SRL for the time provided in the internal normative documents, subsequently, at the end of the storage term, being destroyed as specified in the procedure. applicable.
4. How long will we store your data?
The table below shows the maximum periods during which we will store your data. After this period, your data will be securely deleted.
Purpose |
Storage period |
Managing the pre-contractual relationship with customers |
5 years |
Sending relevant vehicle and service information, measuring the performance of promotional campaigns, sales and after-sales services |
5 years for customers , 3 years for prospects |
Sending personalized ads for vehicles, products, and services, and providing personalized customer experiences |
5 years for customers , 3 years for prospects |
Conduct customer satisfaction surveys |
3 years after the end of the survey |
5. Who else can we give access to your personal data?
We may share some of your personal information with some of our partners in order to improve our services. We contractually and operationally ensure that they are as committed as we are to the protection of personal data and information.
Our direct partners
Our partners use your data to provide you with better services. These could include handling special requests, personalized offers and your information - such as a new model available for Test Drive or the submission and submission of after-sales service offers.
Service providers
We provide your data to companies that provide services on our behalf. These include:
website hosing services
e-mail services
marketing
raffle sponsorships
contests & promotions
auditing services
customer orders
data analysis
customer service
customer satisfaction studies and research
All of these companies have strict obligations to protect your data.
Affiliates of the APAN group of companies
We may share information with other APAN Group companies or direct partners and transfer it to a third party in the event of a merger or reorganization with your prior notice.
Reasons for compliance and security
We may disclose your personal data to public and government authorities for reasons of national security, law enforcement or other reasons of public importance. When the law allows, we will inform you before such a transfer.
We may also disclose personal information if we determine in good faith that the disclosure is necessary to protect our rights, to resolve legal disputes, to comply with our terms and conditions, to investigate fraud, or to protect our users.
Data transfer to the European Economic Area
In the case of the transfer of personal data to the European Economic Area (EEA), the entities in the APAN group and our partners pay particular attention to the way the data is processed, implementing the clauses of the EU model with the EEA entity. In case of such transfers to the EEA, you can obtain a copy of the clauses of the EU model by sending your request to the e-mail address protectiadatelor@apan.ro or to the postal address Brăila, Road DN 22B, km 4, code postal 810550.
6. What are your rights?
You have a number of rights in accordance with applicable data protection regulations. Some rights are quite complex and include derogations, which is why it is recommended to read the relevant legislation as well as the directives issued by the competent authorities to get full explanations about these rights. Otherwise, you can find a summary of your rights in the section below.
1. The right to access data. You have the right to obtain confirmation that your personal data is or is not processed by us. In addition, you have the right to obtain more detailed information regarding stored personal data and processing by us and, in certain circumstances, you have the right to obtain a copy of this personal data.
2. The right to rectification of data. You have the right to request the rectification of incorrect personal data and, taking into account the purpose for which they are processed, to request the completion of missing personal data.
3. The right to erasure of data. In some cases, you have the right to have your personal data deleted without undue delay. These circumstances include:
when personal data are no longer needed in relation to the purposes for which they were collected or processed;
when you withdraw your consent for consent-based processing;
when the processing is for direct marketing purposes;
when personal data has been processed without complying with applicable law. However, there are some general exceptions to the right to delete data. These general derogations include cases where processing is required:
for the exercise of the right to freedom of expression and information;
for the fulfillment of legal obligations or;
for establishing, exercising and defending legal claims.
4. The right to restrict processing. In some cases, you have the right to restrict the processing of your personal data. Where processing has been restricted, we may continue to store your personal data. Otherwise, we will only process them when:
we have your consent;
are necessary for the establishment, exercise or defense of legal claims;
are necessary to protect the rights of another natural or legal person;
for important reasons of public interest.
5. The right to data portability. To the extent that the legal framework for processing is your consent. And this processing is performed by automated means, you have the right to obtain your personal data in a structured format, commonly used and compatible with generic reading devices. However, this right does not apply where its exercise would adversely affect the rights and freedoms of others.
6. The right to object. You have the right to object to the processing of your personal data for reasons specific to your individual situation, but only to the extent that the legal basis for the processing is that the processing is necessary:
to carry out an action in the public interest or in the exercise of any official authority vested in it, or;
for the purpose of the legitimate interests pursued by us or by a third party entity. In such a case, we will cease the processing of personal data, unless we can demonstrate compelling legitimate reasons for processing that take precedence over your interests, rights and freedoms, or when the processing is intended to establish, exercise and defend legal claims.
You also have the right to object to our processing of your personal data for direct marketing purposes. If you raise such an objection, we will stop processing your personal data for this purpose.
7. The right to withdraw consent. To the extent that the legal basis for the processing of the data arises from your consent, you have the right to withdraw from that consent at any time. If you withdraw your consent, we will stop processing your personal data, unless and until further processing is permitted or required in accordance with applicable data protection regulations or other laws; and regulations that apply in this context. Withdrawal of your consent will not in any way affect the legal basis on which the processing was performed prior to the withdrawal of consent. If you refrain from providing the necessary consents or withdraw from such consents later, this may result in you no longer being able to benefit from some of the services we provide.
8. The right to lodge a complaint with the Data Protection Supervisor. You have the right to file a complaint with your local data protection authority at any time. The data protection supervisory authority in Romania is:
National Authority for the Supervision of Personal Data Processing
Address: Bld. General Gheorghe Magheru 28-30, 010336, Bucharest, Romania
Phone: +40318059211
Website: http://www.dataprotection.ro/
We do our best to ensure that we protect your personal data, to inform you of how we process your personal data, and to comply with applicable data protection regulations.
If you have any concerns about the processing and protection of your personal data or about the information we have provided to you, we encourage you to notify us so that we can improve your services. Please also contact us without hesitation when you want to exercise your rights.
Please contact us using the contact details listed at the beginning of the document.
Please also provide us with the information relevant to the processing of your request, including your full name and email address, so that we can identify you. We will respond to your request without undue delay.
You can withdraw at any time from a consent to receive newsletters, etc. and you can unsubscribe from an email list by following the instructions in any email or communication we receive from you.
You can access your personal data or request that it be deleted or modified at any time. You can also request to receive your personal data in a standard format.
You can object to your data being processed or requesting a restriction on its use.
To make a request or a complaint, you can contact our data protection officer, at the e-mail address protectiadatelor@apan.ro or at the postal address Brăila, Sos DN 22B, km 4, postal code 810550.
Finally, if you feel it is necessary, you have the right to lodge a complaint with the competent data protection authority.