We inform you that the personal data of our clients are processed in accordance with the principles of transparency, purpose limitation, data minimization, accuracy, integrity and confidentiality, and in compliance with other obligations and guarantees established by EU Regulation.
- Data controller: STEFA INVEST SRL, with CIF RO19114243, registered in Romania, 69 A Malu Rosu street Ploiesti, PrahovaTelephone: +40 (0) 723 279 128, email: firstname.lastname@example.org
- Purpose of processing: We process your information in order to provide you with the services you request, to send you messages regarding purchased or similar products and to carry out invoicing.
- Origin and category of data processed: The personal data that we process is the identification information that you provide through the registration form on our site.
- Storage time: The data provided will be kept for as long as the contractual relationship lasts or for the necessary number of years to comply with our legal obligations.
- Legitimacy: We only process your data if we have your express and informed consent, and always in accordance with the purposes described.
- Recipients: The data that you provide will not be transferred to third parties, except in cases where there is a legal obligation to do so.
To carry out certain necessary functions for the provision of the service, however, your data may be processed by third parties who act as data processors and are contractually required to comply with their legal obligations to keep information confidential and secret.
- International transfers: You are informed that the Company contracts out the management of some functions that are necessary for the provision of the service to data processors located outside the EU and that these guarantee an adequate level of personal data protection.
- Rights: You hold the following rights over your personal data:
– Right to request access to personal data.
– Right to request correction or deletion.
– Right to request restriction of processing or to object to processing.
– Right to data portability.
To exercise your rights, you can notify us by email at email@example.com, specifying the right you wish to exercise.
- Who is the data controller of your data?
- For what purpose do we process your data and under what legitimacy?
- What categories of data do we process and where do we obtain that data?
- Who are the recipients of your data and how do we store it?
- What are your rights and how can you exercise them?
1. WHO IS THE DATA CONTROLLER OF YOUR DATA?
The Data Controller is the company STEFA INVEST SRL, with CIF RO19114243, registered in Romania, 69 A Malu Rosu street Ploiesti, PrahovaTelephone: +40 (0) 723 279 128, email: firstname.lastname@example.org
2. FOR WHAT PURPOSE DO WE PROCESS YOUR DATA AND UNDER WHAT LEGITIMACY?
The information that you provide through the website or application may vary depending on the services you request or the actions that you expressly authorize us to carry out. Generally speaking, we can process your data for the following purposes:
- To provide you with pleasure boat rental services, register you as a Customer and manage the contractual relationship that we have with you.
- To send you messages regarding contracted or similar services by email. If you do not wish to receive these messages, you can, at any time, decline receipt by replying to the email you receive or contacting our customer service department. The legitimizing basis of this purpose is the contractual relationship between you, the Customer, and us, the Company, and the consent you provide.
- To invoice for our service.
3. WHAT CATEGORIES OF DATA DO WE PROCESS AND WHERE DO WE OBTAIN THAT DATA?
The personal data that we process is the identification information that you directly provide either through the registration form on our website or through other means, such as enquiries made to our email address.
The personal data that is processed includes the following specific categories:
- Identification information: First name and surname, address, email address, telephone number, passport or recognized identity document number and information.
- Payment information: Credit/debit card details or other payment information.
- Location: If you use location-based functions and have location services enabled in your computer or mobile settings, your real-time geographical location and your IP address, as well as Wi-Fi hotspot and telephone relay antenna locations.
The Company does not, under any circumstances, accept liability for the use of false, inaccurate, incomplete or out-of-date information provided by the Customer.
4. WHO ARE THE RECIPIENTS OF YOUR DATA AND HOW DO WE STORE IT?
4.1. Recipients: The data that you provide will not be transferred to any third parties, except to public authorities, judges, the courts or the police, in the event that we are legally required to do so.
4.2. Data processors: To carry out certain necessary functions for the provision of the Company’s services, your data may be processed by third parties who act as data processors and are contractually required to comply with their legal obligations to keep information confidential and secret.
4.3. International transfers: While the data that we collect about you is usually stored within the European Economic Area (EEA), it may also be transferred and processed in a country outside the EEA using the cloud storage model. You are informed that any transfer to a location outside the EEA is only made to companies that belong to the EU-US Privacy Shield, which guarantees an adequate level of personal data protection.
4.4. Categories: The categories of recipients that may process your data for the purposes indicated and according to the legitimising basis are the following:
||TYPE OF DATA
|Public authorities, judges, the courts, the police
||Compliance with a legal obligation
|Hosting and cloud storage services
||Management of the contractual relationship
|Postal, distribution and messaging services
||Management of the contractual relationship
5. WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
5.1. Rights. Our data protection regulations grant you a series of rights in relation to the processing of your data when you contract our services. These can be summarized as follows:
- Right of access: To find out what data of yours we are processing.
- Right of correction: To request the correction of any of your data that is inaccurate or untrue.
- Right of deletion: To request the deletion of your data when processing is no longer necessary.
- Right of restriction: To restrict the future processing of your data.
- Right of objection: To decline receipt of commercial communications.
- Right of portability: To enable you to receive your personal data in a commonly used, structured and machine-readable format so that it can be transferred, copied or transmitted to another data controller.
5.2. Right of withdrawal of consent. You can withdraw the consent that you have provided by notifying us by email at email@example.com.