Privacy and Data Protection
Privacy and Data Protection

Data about us.

  • Legal name: SC NOVOTECH WORLD WIDE SRL
  • Registered office: str. Locotenent - Colonel Dumitru Papazoglu, nr. 96, et. 3, Bucharest
  • Registered with the Trade Register under no.: J40/15594/2019
  • Tax identification code: 41903308
  • Main activity: Agents involved in the sale of a variety of goods NACE-4619. • Data Protection Officer (DPO): Serban Oana Roxana. Phone no.: 0771 632 022, eMail contact@isave.ro

C. Novotech World Wide SRL places great emphasis on the protection of personal data and their confidentiality, therefore in this commitment to respect personal data and their privacy, we explain to all those under a contractual relations with us for the purpose of using the iSave application or those who intend to use the iSave application and especially the data subjects, what personal data SC. Novotech World Wide S.R.L. collects as well as the manner and purpose of using this data.

Definitions

Personal data.

IWithin the meaning of S.4 (1) of EU Regulation 2016/679, personal data means any information regarding the identified or identifiable natural person (“data subject”). For the purposes of the same text of law, the identifiable person ("data subject") means the person who can be identified, directly or indirectly, in particular by reference to an identifying element, such as a name, an identification number, location, an online identifier, or one or more specific elements, specific to their physical, physiological, genetic, mental, economic, cultural or social identity.

Processing of personal data.

Within the meaning of S.4 (2) of EU Regulation 2016/679, processing means any operation or set of operations performed on personal data or on personal data sets, with or without the use of automated means, such as collection, registration, organizing, structuring, storing, adapting or modifying, extracting, consulting, using, disclosing by transmission, dissemination or making available in any other way, aligning or combining, restricting, deleting or destroying

Personal data controller.

Within the meaning of S.4 (7) of EU Regulation 2016/679, the controller means the natural or legal person, public authority, agency or other body which, alone or together with others, establishes the purposes and means of personal data processing; where the purposes and means of processing are determined by Union or national law, the controller or the specific criteria for its designation may be laid down in Union or national law.

The authorized person

Within the meaning of S.4 (8) of the EU Regulation 2016/679 the person empowered by the controller means the natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.

Consent

Within the meaning of S. 4 (11) of EU Regulation 2016/679 "consent" of the data subject means any manifestation of free will, specific, informed and unambiguous of the data subject by which he/she accepts, by a declaration or by an action unequivocally, that personal data concerning him/her be processed

Genetic, biometric data, health data

Within the meaning of $.4 (13) of EU Regulation 2016/679 "genetic data” means personal data relating to the inherited or acquired genetic characteristics of a natural person, which provide unique information on the physiology or health of that person and which results in particular from an analysis of a sample of biological material collected from the person concerned

Within the meaning of S.4 (14) of EU Regulation 2016/679 “biometric data” means personal data resulting from specific processing techniques relating to the physical, physiological or behavioural characteristics of a natural person that allow or confirm the unique identification of that person, such as facial images or dactyloscopic data;

Within the meaning of S.4 (15) of EU Regulation 2016/679 “health data" means personal data related to the physical or mental health of a natural person, including the provision of healthcare services, which discloses information about his/her state of health;

Data security breach

Within the meaning of S.4 (15) of EU Regulation 2016/679 "breach of personal data security" means a breach of security that leads, accidentally or illegally, to the destruction, loss, alteration, or unauthorized disclosure of personal data transmitted, stored or otherwise processed, or to unauthorized access to it;

Personal data collected by SC. Novotech World Wide SRL

The personal data that SC. Novotech World Wide SRL asks the users of the iSave application are as follows:

Information provided directly by users:

-last name and first name - necessary for identification;

name of the company- necessary for identification;

-telephone number - necessary for communication;

-date of birth - necessary for identification and to prevent the consumption of alcoholic beverages by persons under 18 years of age.

- bank card data - necessary for making payments through the iSave application; - bank account data - necessary for making payments to vendors; - the field of activity of the traders - necessary for the presentation of its services;

- the company's registered office/operational office- necessary to present to the client users the location where the trader carries out its activity;

- the vendor's work schedule - necessary to present to the clients users the time interval in which they can purchase products or services from the merchants registered in the iSave application.

-information about the account created in the iSave application, including the username (ID), password and PIN of the application- necessary for using the application and logging in of users.

Information provided indirectly by users:

  • The IP address used by each User to connect to the Internet using their personal mobile phone. But we do NOT use your IP address to identify you or to be used for other purposes.
  • Personal mobile device information, such as own Internet connection, version and operating system, and the device type. These are required for the normal functionality of the iSave application, for updating the application and its compatibility with the device from which you are using the iSave application.
  • Data from the User's account: information on the orders made by each User, as well as the feedback and/or comments made on them by each User.
  • Data from the User's account: information on the orders made by each User, as well as the feedback and / or comments made on them by each User.
  • rowsing history, User preferences history of payments made through the iSave application.

SC

Novotech World Wide SRL will not collect from users personal data that reveal racial or ethnic origin, political opinions, religious denominations or philosophical beliefs or union membership and will not process genetic data, biometric data for the unique identification of a natural person, data on the health or sexual life or sexual orientation of an individual.

The legal basis.

Personal data provided by users voluntarily as well as those that are provided involuntarily are used in accordance with the following legal grounds:

  • user consent. (Section 6 (1) (a) of Regulation (EU) 2016/679) for activities of enrolment and use of the iSave application, direct marketing, newsletter transmission, invitations to events, etc.
  • steps at the request of the data subject before concluding a contract or for the performance of a contract (Section 6(1)(b) of Regulation (EU) 2016/679) for the purchase of services or products through the iSave application.
  • in order to fulfil a legal obligation incumbent on the controller Section 6 (1) (c) of Regulation (EU) 2016/679

The purpose for which we collect users' personal data.

The purpose is in full accordance with the legal basis of the use of these personal data, namely:

  • A. to provide our services and perform our contracts with users. Legal basis: consent, performance of contracts. S.6 (1) (a), (b) of Regulation (EU) 2016/679

    -We may use users' personal data to provide the iSave application, to allow users to create accounts (ID) and to allow users to provide feedback.

    -if you are a user, your data is required to place an order from vendors registered in the iSave application and to allow you to conclude a service agreement between you and the vendors registered in the iSave application.

    We can use user data to collect the price of the products ordered by you.

    -we can use user data to provide assistance, including to help the solving of issues regarding the functionality of the iSave application, to answer questions asked by users of the iSave application;

    We use the contact details of the users in order to inform them of the updates of the iSave application, the amendment of the Terms and conditions of use of the application, the amendment of the Privacy Policy

  • B. for the fulfilment of a legal obligation incumbent on the controller; Legal basis: S.6 (1) (c) of Regulation (EU) 2016/679.

    lit. c din Regulamentul (UE) 2016/679.

    We use users' personal data in our efforts to prevent fraud, including fraudulent payments. If false or inaccurate information is provided and fraud is identified or suspected, users' personal data may be passed on to fraud prevention agencies and may be recorded by us or them.

    - we may use the personal data of users in order to apply the Terms and Conditions of Use of the iSave application and to meet the requirements of the law, which may include disclosing the data of iSave users to the courts, prosecutor's offices/police units, public authorities or crime investigation authorities.

    we can register any requests coming from the law enforcement bodies regarding the personal data of the users.

  • C. To provide users with marketing materials. Legal basis: consent, contract performance S.6 (1) (a) of Regulation (EU) 2016/679

    We may contact you with promotional messages regarding the iSave application and the products or services offered by the vendors with which SC. Novotech World Wide SRL has concluded collaboration contracts. In order to receive these communications, it is necessary for the users of the iSave application to express, in advance, their consent to receive such communications. If the users have expressed their consent upon receipt of these commercial communications, and subsequently, in the situation when the clients no longer wish to receive these communications, SC. Novotech World Wide SRL offers customers the right to request the cessation of receipt of these communications.

  • For the reorganization or amendment of the SC. Novotech World Wide SRL activity. Legal basis: legal consent and interest, S. 6 (1) (a) and (c) of Regulation (EU) 2016/679

    I​n the event that S.C. Novotech World Wide S.R.L. is subject to a division, merger or other reorganization, it is possible that S.C. Novotech World Wide S.R.L. will have to transfer the personal data of iSave users to the company that will take over in part or in full the company S.C. Novotech World Wide S.R.L. SC Novotech World Wide SRL shall ensure that the company that will take over S.C. Novotech World Wide SRL will use the personal data of iSave users for the same purposes as those mentioned in this privacy policy, bringing to its notice this privacy policy, the obligation to comply with it and the obligation to bring to the notice of the users of the iSave application the new privacy policy if the absorbing company intends to amend this privacy policy.

Data storage period.

SC. ​Novotech World Wide S.R.L. stores personal data provided by users only for the period necessary in order to fulfil the purposes for which the personal data of iSave application users are processed, namely only during the period when a certain person is a user of iSave application and not later than the moment when the user wishes to disable the user account and/or to terminate the contractual relationship with S.C. Novotech World Wide S.R.L. in order to use iSave application. In the situation where S.C. Novotech World Wide S.R.L. issues a fiscal invoice to a certain user, the personal data mentioned in the respective invoice will be stored for a period of 10 years starting from the end of the financial year during which they were drawn up. This requirement is imposed by order no. 2634/2015 regarding the financial accounting documents. In accordance with this normative act, the receipts will be kept for a period of 5 years starting from the end of the financial year during which they were drawn up.

Thus, when disabling the user accounts S.C. Novotech World Wide S.R.L. will delete as soon as possible the data of the user who disabled his/her account, except for the financial and accounting data that must be kept by S.C. Novotech World Wide S.R.L. for the period provided in the financial accounting legislation.

Data transfer.

SC. ​​Novotech World Wide S.R.L. will not disclose the data of iSave users to third parties in order to be used for their own purposes, without the express and prior consent of iSave users.

However, it is possible for S.C. Novotech World Wide S.R.L. to transmit the personal data of the users of the iSave application, but this transmission is made exclusively for the purpose of using the application, brokering the relations between the users-clients and the vendor users and for the purpose of making payments. In these situations, it is possible for S.C. Novotech World Wide S.R.L. to disclose the personal data of users to other companies in a contractual relationship with S.C. Novotech World Wide S.R.L. and which offers S.C. Novotech World Wide S.R.L, certain services, such as the companies that deal with the maintenance of the iSave application, the companies that offer invoicing services, the financial institutions that offer electronic payment services or the companies that send e-mails on our behalf

These entities are carefully selected to ensure that they meet the specific requirements for the protection of personal data. These entities have a limited ability to use your information for purposes other than providing us services.

Personal data provided by users, containing identification data may be used in commercial communications or responses to requests sent by users, and in case of legitimate requests, will be transmitted to state authorities or other parties with the consent or instructions of users.

Users' rights

Considering that Novotech Wilde Wide S.R.L. puts great emphasis on respecting the rights of users regarding their personal data, in what follows we intend to present in detail all the rights you enjoy as users of the iSave application.

The protection of individuals with regard to the processing of personal data is a fundamental right. Section 1 (1) of the Charter of Fundamental Rights of the European Union ("the Charter") and Section 1 (1) of the Treaty on the Functioning of the European Union (T EU) provide for the right of everyone to the protection of personal data.

According to the legal provisions, the data subject enjoys the following rights:

-According to S.10 of EU Regulation 2016/679, the data subject has the right to transparency of the processing of personal data.

-According to S.13 of EU Regulation 2016/679, the data subject has the right to information and access to personal data. Pursuant to this right, the data subject has the right to receive information about the identity and contact details of the controller, the category of personal data, the purpose for which the personal data are taken over, the legal basis, the period for which the personal data are used, the right to file a complaint with the supervisory authority www.dataprotection.ro. All this information has been expressly presented in the previous sections of this Privacy Policy.

-According to S.16 of EU Regulation 2016/679 the right to rectification of personal data according to which the data subject has the right to obtain from the controller, without undue delay, the rectification of inaccurate personal data concerning him/her. Taking into account the purposes for which the data were processed, the data subject has the right to obtain the supplementing of personal data which is incomplete, including by providing an additional statement.

-According to S.17 of EU Regulation 2016/679 the right to erasure of personal data, according to which the data subject has the right to obtain from the controller the erasure of personal data concerning him/her, without undue delay, and the controller has the obligation to erase personal data without undue delay if, for example, one of the following reasons exists: - personal data are no longer necessary for the purposes for which they were collected or processed; - the data subject withdraws the consent on the basis of which the processing takes place in accordance with Section 1 (a) and there is no other legal basis for the processing;

-According to S.18 of EU Regulation 2016/679 the right to the deletion of personal data (the right to be forgotten), according to which the data subject has the right to obtain from the controller the restriction of processing if one of the following cases applies: the data subject disputes the accuracy of the data, for a period which allows the controller to verify the accuracy of the data; (b) the processing is illegal and the data subject objects to the deletion of personal data, requesting in return that the use thereof be restricted; (c) the controller no longer needs the personal data for the purpose of processing, but the data subject requests it in order to establish, enforce or defend a right in court; or (d) the data subject has objected to the processing in accordance with Section 21 (1), for the time interval in which it is checked whether the legitimate rights of the controller prevail over those of the data subject

According to S.19 of EU Regulation 2016/679, S.C. Novotech World Wide S.R.L. will communicate to each recipient to whom personal data have been disclosed any rectification or deletion of personal data or restriction of processing carried out in accordance with Section 1, Section 17 (1) and Section 1, unless this proves impossible or involves disproportionate effort. S.C. Novotech World Wide S.R.L. shall inform the data subject about the respective recipients if the data subject so requests.

-According to S.20 of EU Regulation 2016/679, the data subject has the right to receive personal data concerning him or her which he/she provided to the controller in a structured, commonly used and automatically readable format and has the right to transmit these data to another controller, without hindrance on the part of the controller to whom the personal data were provided, if: (a) the processing is based on consent pursuant to Section 1 (a) or Section 9 (2) (a) or on a contract pursuant to Section 6 (1) (b);

-According to S.21 of EU Regulation 2016/679, At any time, the data subject has the right to object, for reasons related to his or her particular situation, to the processing of personal data concerning him or her under Section 1 (1), including to the creation of profiles based on those provisions. The controller will no longer process personal data, unless the controller demonstrates that it has legitimate and compelling reasons justifying the processing and prevailing over the interests, rights and freedoms of the data subject or that the purpose is to establish, enforce or defend a right in court.

- Pursuant to (2) of 5.21 of EU Regulation 2016/679 when the processing of personal data is for the purpose of direct marketing, the data subject has the right to object at any time to the processing of personal data concerning him/her for this purpose, including to the creation of profiles, to the extent to which it relates to that direct marketing.

AThus, users can enforce these rights, at any time, by writing to S.C. Novotech World Wide S.R.L. through the means provided by the iSave application.

Security of personal data.

SC. Novotech World Wide S.R.L. makes considerable efforts to ensure the most adequate security of the personal data of the iSave application users, and in this respect, S.C. Novotech World Wide S.R.L. and in accordance with S.32 of EU Regulation 2016/679 will:

-pseudonymize and encrypt personal data;

-perform a process for testing, evaluation and periodic assessment of the effe echnical and organizational measures to ensure the security of personal data processing

- restore the availability of personal data and access to it in a timely manner in the event of a physical or technical incident.

- make efforts to ensure the confidentiality, integrity, availability and continuous resilience of processing systems and services;

I, the undersigned BADII ELENA-IRINA, a sworn interpreter and translator for the ENGLISH and SPANISH languages, according to authorisation no. 17039 of 19.12.2008, issued by the Romanian Ministry of Justice, do hereby certify that this is a true and accurate translation from ROMANIAN into ENGLISH of the text that was presented to me, that such text was translated in full, without omissions, and that its content and meaning were not altered in the translation.

Date of last update: 01.10.2020