Personal Data Policy

Who we are?

Omeron Technologies S.R.L. is a Romanian legal person, registered office in Mihăești, Vâlcea county, registered with the Trade Register under no. J38/331/2012, Tax Identification Code 30395360. Hereinbelow, any of the terms “Omeron”, “The Undersigned”, or “We/Us” shall designate the same legal entity duly established and acting in accordance with Romanian laws.

The purpose of this document

By virtue of the Notification herein, and, pursuant to the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, also known as GDPR, we bring to your attention the following information concerning the processing of personal data acquired through your interaction with us, globally referred to as Personal Data Policy.

Who are we addressing? Who does it apply to?

These rules apply to our contractual partners, as well as to our suppliers, resellers, customers, and visitors of our websites www.omeron.co, www.otti.omeron.co, as well as visitors of all the micro websites owned and/or operated by us and/or on our behalf, to all users of our goods and services, regardless of their tangible or non-tangible, free, paid or subsidized nature, users of possible mobile applications developed by us or on our behalf, candidates prospecting the labor market, individuals who are part of an internship, and all our visitors, regardless of the physical or virtual nature of their visit.

Unsure which rules apply to you?

Should you not fit into any of the herein above mentioned categories, but would still like to know the specific rules that apply to your particular situation, please write to us at oc.noremo@rpdg, and we shall make sure we do everything reasonably possible and within our power to reply to your request within 30 days of receipt of such said information request.

When do we collect and process personal data

We collect and process your personal data when you come into contact with us, by using our services or our products, developed by us or on our behalf, by e-mail, telephone, or other means of communication. In such ways we may collect information whenever you subscribe to a service we supply, participate in dialogues on a forum that we host, interact with us through social media networks, request trading insights, prospect the labor market by sending CVs to us, or to our partners to whom you provide permission to share such information with us, whenever you take part in studies or other research projects along with us, or report issues concerning the goods or services we offer.

Our business partners’ personal data situation

We use your personal data for the delivery of goods and the supply of services, or for the making of payments based on the agreements that we have concluded. As part of such processing, we process data regarding identity, contact details, banking data, address, and VAT code for persons who are registered for VAT purposes.

This type of processing is based either on incumbent legal obligations, or on the performance of a contract in which you are a Party, or is based on our legitimate interests.

We sometimes process personal data of the representatives of the legal persons we interact with as part of our current activity, and such data is processed for the performance of contracts, or based on our legitimate interests. Due to your role as contractual partner, we may, occasionally, provide you with communications of commercial nature, making sure that such communications contemplate goods and services similar to the ones you have previously contracted on behalf of the legal person that you represent. Should you, however, no longer with to receive such communications, please write to us at oc.noremo@rpdg and we shall make sure you no longer receive them.

Our users’ and customers’ personal data situation

For the purpose pf providing goods and services, we shall process personal data including identity, address, banking data, and contact details. Such processing in based on the performance of a contract, or is necessary for compliance with legal obligations incumbent on us. If you became our customer prior to entry into force of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, we shall contact you exclusively with the same type of communications previously dispatched concerning goods and services similar to the ones that have been the subject of previous communications.

If you became our customer following entry into force of Regulation (EU) 2016/679, we shall contact you through electronic means only if you have given your prior consent, and only for the purposes for which such consent has been given. Your data shall not be shared with any third parties for marketing purposes, unless, prior to sharing, you have expressed your explicit consent for such sharing.

We may process your personal data in order to measure or understand the impact of certain goods or services, or certain functions or options of our services and goods, so we may, thus, provide you with goods and services that are more relevant to you. In addition, we may also measure the efficiency of the advertising that we carry out for our goods and services. All types of data processing involving our customers also apply to our users, who benefit from free or subsidized goods or services, provisionally or permanently.

Should you require further information on the personal data that we process, please write to us at oc.noremo@rpdg, and we shall make sure we do everything within our power to reply to you as soon as possible, and, in any case, within no more than 30 days, with the exceptions provided under Regulation (EU) 2016/679.

Automated profiling and decision-making

We hereby notify you that no automated profiles are created and no automated decisions are made concerning yourself, based on your personal data. All decisions concerning yourself are made individually, by an authorized representative of our company.

Other types of data

We do not collect, nor do we intend to collect in the future, or process sensitive personal data related to you. Such type of data include data regarding your political opinions, your religion, your racial or ethnic origin, philosophical beliefs, health or sex life, or sexual orientation. Exception to the herein previously mentioned are the situations in which such collection and processing would be possible due to the fact that:

  • such data are relevant to a particular purpose for which we process such personal data, such as participation in a research project;
  • the law mandates us to do so;
  • you have given us your distinct and express consent prior to the collection and processing of your personal data.

Minors’ personal data

We do not intentionally or knowingly collect, through our web pages, or our applications, personal data belonging to natural persons who have not turned 16 (sixteen) years of age at the time of collection. Should you, in your capacity of legal representative of such a person, be aware of such said collection, you are under the obligation to immediately notify our company by e-mail, by writing to us at oc.noremo@rpdg, or by sending us a notification at the address of our premises as mentioned hereinabove.

Should we find that we own personal data of an individual who was not 16 (sixteen) years of age at the time of collection, we shall immediately destroy such data, unless such data have been obtained in pursuance of the law, with the explicit and informed consent of the legal representative of the person whose data are to be collected and processed for the purposes established in the notification.

Data relating to criminal convictions and offences

We do not collect personal data on criminal convictions and offences or related security measures Exceptions shall make the situations where such obligation would be mandated by law, such as the ones related to certain professions or specific roles. In such situations we shall do everything reasonably possible and within our power to ensure that your rights are always observed and your sensitive personal data are stored and processed pursuant to the applicable rules.

Unsolicited transmission of your personal data to us

Please do not voluntarily send us any personal data, and in particular, data relating to your political opinions, religion, racial or ethnic origin, philosophical beliefs, health, sex life, or sexual orientation. Should be receive such unsolicited data, we shall do everything in our power to immediately erase them, maintaining their privacy as far as possible until their actual erasure from our systems, except for situations where we effectively believe that there are legitimate interests of the undersigned in keeping and/or processing the said data. If you have made such data public through a website or public communication platform that we own or that operates on our behalf, we reserve the right to erase such data only if the law mandates otherwise, or if we do not wish to keep them.

What personal data do we collect through our web pages?

By visiting our website(s), we, or our service suppliers, such as Google Analytics, automatically collect from you the following data:

  • technical data, such as the Internet Protocol address (IP) used to connect your computer to the Internet;
  • connection details, browser type and version, time zone settings, browser extensions (plug-in) types and versions;
  • operating system and platform;
  • type of device and mobile device brand;
  • geo-location data.

This data can be collected and processed on our behalf through third-party cookies. You can find further information concerning this aspect at https://www.omeron.co/en/cookie-policy.

The following type of data is also collected:

  • data concerning your visits, which can include, for instance, complete uniform resource locators (URLs), click-sequences to, through and from our websites (including time and date), information or products that you have viewed or searched for (including top read articles, top categories accessed, page response times, download errors, duration of visits on certain pages (including average time spent on some pages, viewing of particular content or videos), average time spent within an app, and the number of views from such apps, the number of pages viewed on our websites, information relating to the interaction with the pages (such as scrolling, clicks and mouse rollovers), methods used to navigate the page;
  • data regarding the users’ behavior.

Last but not least, we mention that we shall collect any and all phone numbers used to call us, or e-mail address used to contact our company’s representatives.

The sale of personal data

Your personal data that we collect is not sold to any third party entities, whilst taking all measures we deem necessary to protect such data in the most adequate manner that we deem appropriate.

Who has access to your data?

Please be informed that, within our company, access to your personal data is allowed only to particular employees from relevant divisions, such as IT, Legal or Sales, and who have access to the said data only “On a need to know basis”, being subject to privacy obligation as regards personal data, managing such data strictly in pursuance of the instructions provided by our company and in relation to labor duties.

For how long are your data stored?

Your personal data shall only be stored for the time strictly required for the performance of contracts, or pursuant to legal obligations, such as accounting data.

Should we store your data for a period of time longer than the one established by law or incumbent from the performance of a contract, we shall proceed to the anonymization of the data in order to remove all risks concerning your personal data.

How do we protect your personal data?

We take the organizational security measures that we deem appropriate in relation to the risks we have identified concerning the personal data that we collect and process in order to minimize any such identified risks. We use professionally secured solutions of cloud computing, as well as antivirus and firewall solutions. We protect electronically stored data through encryption, employing measures such as data-on-rest encryption and credential-based access.

Following reception of your data, we use strict procedures and advanced security characteristics to try to prevent unauthorized access.

Your responsibility

We do everything in our power, in relation to the standards and best practices of the industry, and in observance of the applicable law, to protect your personal data; however, despite such efforts, we cannot guarantee the security of your data submitted through our web pages or the applications we develop; any personal data submission shall be made at your own risk.

The responsibility to maintain confidentiality of all authentication means (such as, passwords) you use to access parts of our websites and services shall be borne by you entirely.

Please, do not save your access data in your browser. They can be accessed/used by unauthorized persons. Submission of personal data over the internet is not completely safe.

The situations wherein we obtain personal data from third parties

In some cases, we obtain your personal data (such as name, address, e-mail address, and phone number, age, date of birth, and gender, studies, qualifications, work experience, volunteering experience, etc.) from third parties, such as business partners, technical services or payment and delivery subcontractors, workforce recruiting agencies, analysis services providers, market research service suppliers, and information agencies concerning credits. As such, we may obtain your personal data from a workforce recruiting agency, if you have allowed it. It is also possible that, when you visit or create a user account, regardless of its free, paid or subsidized nature, on one of the sites, microsites, apps or other software products that we develop, we collect and process such personal data, as is the case when you use the services of a partner that uses the services that we provide under the OTTI brand.

Last but not least, your personal data can be obtained through transfer from a third party social communication supplier, if you voluntarily opt to register via such a third party social communication platform.

If your data have been acquired from a third party, and you wish to learn further information on this (including the data categories, purpose of processing and legal grounds for it), please write to us at oc.noremo@rpdg, and we undertake to supply such information to you as soon as possible, and under no circumstances, within no more than 30 days, with the exception of the situations allowed by the provisions of the Regulation.

Legal grounds for our processing of your personal data

We process your data pursuant to several grounds, respectively:

  • an incumbent legal obligation resulting from the laws currently or subsequently applicable to our operations;
  • the conclusion of an agreement between you and us, as well as the performance and termination of a contract;
  • our legitimate interests to promote our goods and/or services, as well as our global image as legally established entity;
  • your given consent regarding the processing of your personal data for marketing/advertising activities, as well as other types of processing for which your express consent is incumbent on us.

The provision and withdrawal of your consent

Should you, after previously having expressed your consent on particular data processing, through the interaction with us or one of our partners, and our processing of such personal data, no longer agree to this, it is enough for you to withdraw your consent, at any time, and we shall cease to process the said data, except for the situations wherein the processing of such data is allowed or required by law.

The withdrawal of your consent should be as easy as your provision of it.

Nevertheless, it is important for you to know that any processing performed prior to the withdrawal of your consent is legal, and the withdrawal of you consent shall not impact its legality.

Other situations where we may process your personal data

We may process your personal data, as well as you identification data, contact details, address, or residence data, in order to resolve situations involving our filing a complaint against you, as well as in other situations wherein such data is necessary in order to protect our rights, processing being, thus, based on our legitimate interests.

Situations where the provision of your personal data is required

When the provisions of your personal data is grounded on a legal obligation or is pursuant to the performance of a contract, the provision of the said data is required. In lack of such provision, please be advised that we shall be unable to manage any type of contractual relationships, and we shall be unable to comply with our legal obligations.

In all other cases where the provision of certain personal data is optional, you have the right to provide such data, as well as to withdraw your given consent for their processing, at any time, without any adverse legal implications for you.

Whom do we disclose, and under what terms, your personal data to?

Your personal data can be disclosed to third parties that perform services for us, such as traffic analysis services or search engines. When providing personal data to advertising agencies, we shall make sure that the data is anonymized and aggregated so they may not be associated with any identifiable person. Your personal data may also be disclosed to various service providers contracted by us – such as solicitors, accountants, auditors –, as the case may be, always ensuring, through specific agreements, that the said external suppliers observe the same standards as we do when collecting and processing your personal data.

The personal data that we collect from you can be shared with the public authorities when we are so mandated by law.

We may also share such data with public authorities when this is required for the protection of our legitimate interests, or for the protection of the interests of a third party, when this obligation is incumbent on us, regardless of its mandated or willingly assumed nature.

Least but foremost, we may share your personal data with public authorities in order to exercise our rights under the law.

We may share personal data with affiliates as part of certain transactions, including the ones that contemplate a change of control, restructuring, or sale of active sales.

We make sure that the same rules that we follow are followed by all our affiliates when collecting and processing your personal data, so that your rights regarding personal data are always observed.

Where do we store your personal data?

All the data that we collect are stored within the European Union and the European Economic Area.

Certain information collected by third party services suppliers of our company, such as Google, may be transferred outside the European Economic Area.

Your personal data can be transferred and stored at a site outside the European Union and the European Economic Area.

When your personal data are transferred from your country to another country, the laws and rules that protect your personal data in force in the country where your information are transferred to may be different (or may offer less protection) as compared to the country where you permanently or temporarily reside.

We shall do everything without our power to ensure that, when we transfer personal data to a country outside the European Union, or the European Economic Area, transfers are performed in relation to a Decision of the Commission, according to which the adequacy of data protection in the respective states has been proven, either by entities that provide appropriate security guarantees, or with whom we have concluded agreements granting you the same rights that you hold in relation to us, your rights pursuant the privacy policy herein not being adversely affected.

Which are your specific rights pursuant to the GDPR?

You have the right to access– Pursuant to this right, you may request information on the personal data that we regarding yourself. You can contact us at oc.noremo@rpdg so we may provide you, by e-mail, with a copy of your personal data that we hold.

You have the right to portability – Whenever we process your personal data by automated means based on your consent, or based on a contract, you have the right to request and obtain the transfer of a copy of your data. This copy should be in a commonly used and structured format that can be processed by automated means by you, or a third party. This right only refers to the personal data that you have provided to us.

You have the right to rectification – You may request rectification of your personal data, if the data is incorrect. As part of the possibilities under the law, you can also request the supplementing of your personal data, which we process and are incomplete.

You have the right to erasure of the data – You have the right to obtain the erasure of any personal data processed by our company, except for the data processed on the grounds of mandatory legal provisions (such as accounting data), or where our legitimate interests support it (for instance, when we engage in legal proceedings against you).

You have the right to oppose processing, based on legitimate interests – You can oppose processing of your personal data, based on your legitimate interests. Under such conditions, we shall not continue to process your personal data unless we can prove a legitimate reason for processing, reason that takes precedence over your rights and interests, or based on certain legal procedures.

You have the right to oppose direct e-mailing – You have the right to oppose direct e-mailing, including profile analysis carried out for purposes of study or analysis development, or the like.

To unsubscribe from the information received, we make available the following means:

  • you can follow the instructions included in every e-mail on edited electronic publications, found in the footer, using the unsubscribe button/link;
  • you can submit such a request oc.noremo@rpdg.

You have the right to restrict processing – Pursuant to this right, you can require us to restrict processing of your personal data under the following assumptions:

  • if you oppose processing based on you legitimate interests, we shall restrict the processing of such data until confirmation of the legitimate interests;
  • if you claim that your personal data are incorrect, we shall restrict all processing of the said data pending verification of their accuracy;
  • if you deem the processing of your personal data illegal, you can oppose their erasure and request restriction of the usage of your personal data;
  • if the undersigned no longer needs your personal data, but they are needed to defend your rights in court.

How can you exercise your rights?

We afford particular attention to the protection of personal data, which is why we employ personnel dedicated to customer assistance services, who manage your requests regarding your rights mentioned hereinabove. Our personnel is always available for you oc.noremo@rpdg.

Moreover, we have contracted professional services, supplied by a third party, to avoid any conflict of interests, in order to exercise our duties as Data Protection Officer.

The right to address the Supervisory Authority

Should you consider that we process your personal data inappropriately, please contact us.

However, whenever you so desire, you have the right to file a complaint with the National Supervisory Authority for Personal Data Processing.

You may exercise these rights, either individually, or globally, very easily, by simply submitting a request to our business unit situated in 2nd Floor, Calea Cisnădiei No 50, 550376, Sibiu, Romania.

Updating of current Policy

As we wish to implement the best means to protect your personal data, we may sometimes update this Policy so that it conform to the best practices on the matter. You shall always find the latest version of this Policy on our website.