Privacy Policy

The Colcear Logistics team takes your data protection seriously. The protection of your privacy with regard to the collection, processing and use of your personal data is an important concern for us, which we take very carefully into account in our business processes, while of course respecting all legal requirements.

WHAT IS PERSONAL DATA PROCESSED AND WHAT DATA IS PROCESSED BY Colcear Logistics?

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, erasure or destruction.

Colcear Logistics Group collects the following data (for information purposes):

  • identification data: name, surname, mailing address, email address, telephone number;
  • other information resulting from processing carried out by the Company, such as:
    • electronic correspondence with the client
    • financial or banking data, data on goods or products purchased;
    • cookies, IP address, type of device used to browse websites;

WHERE IS THE PERSONAL DATA COLCEAR LOGISTICS PROCESSES OBTAINED FROM?

Colcear Logistics Group processes personal data relating to its customers, to its customers’ representatives, legally vs conventionally, as well as to the persons whose data are provided by the customers to it or to the controller on behalf of which the Company carries out the processing operations, in order to obtain a product or to carry out an operation/service. The natural persons whose personal data are processed are referred to as “Data Subjects”.

Colcear Logistics Group addresses the following target persons: own employees, customers (even after termination of the contractual relationship), potential customers, candidates wishing to join the Company.

Data is obtained directly from customers and/or a customer’s authorised representative (when filling in Colcear Logistics Group forms or documents). In addition, the Company may also obtain the above data by consulting external sources (public institutions and authorities, public registers, electronic databases, information available online or authorised third parties).

FOR WHAT PURPOSES DOES COLCEAR LOGISTICS PROCESS PERSONAL DATA?

The purposes for which the Company processes personal data are:

  • providing services through all available channels (physical locations, telephone, etc.);
  • carrying out economic, financial and/or administrative management activities in Colcear Logistics Group;
  • centralising operations and maintaining an internal database in which information on data subjects is stored for use by Colcear Logistics Group departments and structures in their activities;
  • contacting clients/other data subjects via the media in order to inform/notify them about the services contracted;
  • providing support services for enquiries at Colcear Logistics Group’s physical locations as well as via communication means (telephone);
  • creating or analysing profiles of employees or customers;
  • conducting internal analysis (including statistical analysis) of both products/services and customer portfolio;
  • archiving both physical and electronic documents;
  • resolving disputes, investigations or any other petitions/complaints/applications to which the Company is a party;
  • management of communication and IT systems (carrying out security audits, issuing reports to the competent institutions, repairing a system error);
  • for the fulfilment of legal obligations (preparation of salary documents, reporting to the entitled public institutions).

ON WHAT GROUNDS DOES COLCEAR LOGISTICS PROCESS PERSONAL DATA?

Colcear Logistics Group processes personal data for the purposes mentioned above on the following grounds:

  • for the performance of a contract to which the data subject is a party (provision of services/products), to make pre-contractual arrangements at the request of the data subject or to provide the data subject with information about products and services offered by the Company;
  • on the basis of a legal obligation incumbent on Colcear Logistics Group (e.g. identification and prevention of fraud, reporting of medical conditions and patient status);
  • based on the legitimate interest of the Company (e.g. centralisation of operations, operation of an internal database, carrying out day-to-day operations for the conduct of business, development and improvement of services, ensuring a high level of security both at the level of IT systems and at the level of physical locations, in particular in terms of detecting and minimising risks that may affect Colcear Logistics Group);
  • based on the Client’s explicit consent.

WHAT ARE THE CONSEQUENCES OF REFUSING TO DISCLOSE PERSONAL DATA?

The processing of personal data requested by Colcear Logistics Group through forms/other communication channels is obligatory unless the processing is based solely on the consent of the data subject. In this case, the data subject will be informed that the provision of the data, i.e. the consent, is optional. In other cases, refusal will make it impossible for the Company to provide services or products.

WHO ARE THE RECIPIENTS OF THE PERSONAL DATA PROCESSED BY COLCEAR LOGISTICS?

Data recipients can be:

  • service providers: IT services (maintenance, software development), physical/electronic archiving, courier;
  • service providers with whom we have contractual relationships;
  • accommodation and road transport service providers from Romania, EU and non-EU countries;
  • accounting service providers, lawyers, authorities or courts;
  • central and/or local public authorities;
  • any relevant person, agency or court in Romania or elsewhere – to the extent necessary to establish, exercise or defend a right of ours in court.
  • natural or legal persons acting as agents for Colcear Logistics in various fields (e.g. payment services, archiving or document destruction services, etc.) from anywhere in the world, whom we will require to comply with the requirements of legislation protecting your rights – they perform certain services for us;
  • our partners, with whom we have contractual relationships.

TO WHOM AND UNDER WHAT CONDITIONS WE WILL TRANSFER YOUR DATA. TO A THIRD COUNTRY OR INTERNATIONAL ORGANISATION.

As a result of the activities provided by Colcear Logistics Group it is possible that data identifying the performance of a service may be shared with contractual partners in EU countries.

HOW LONG ARE PERSONAL DATA PROCESSED AND STORED?

In order to achieve the aforementioned purposes, personal data will be processed by Colcear Logistics Group throughout the contractual relationship and after its termination, in order to comply with the applicable legal provisions in the field, including, but not limited to, archiving provisions. The information collected by cookies is stored for 26 months for analysis and reporting on website performance. It will be deleted after this period.

SECURITY OF PERSONAL DATA

We work hard to protect our customers, others whose data we process and ourselves from unauthorised access to and unauthorised modification, disclosure or destruction of the data we process. In particular, we have implemented the following technical and organisational measures to ensure the security of personal data:

  • Administrative measures

The data is processed only by persons under confidentiality agreements and only for clearly defined purposes, on the basis of grounds that are included in the GDPR regulation. We conduct regular trainings with our employees on the rules for processing personal data.

  • Controlling our service providers.

We include in our contracts with those who process data on our behalf (authorised persons) or with us (other operators – associated operators) clauses to ensure the protection of the data we process; this protection goes at least to the minimum required by law.

  • Dedicated policies.

We adopt and review our customer and other data processing practices and policies, including physical and electronic security measures, to protect our systems from unauthorized access and other potential security threats. We constantly review how we apply our own personal data protection policies and comply with data protection legislation.

  • Data minimisation.

We have ensured that the personal data we process is limited to that which is necessary, appropriate and relevant for the purposes stated in this notice.

  • Restricting access to data.

We strictly restrict access to the personal data we process to employees, collaborators and other persons who need to access it in order to process it for us. All these companies and individuals are subject to strict confidentiality obligations and we will not hesitate to hold them accountable and stop working with them if they do not treat the protection of your and other people’s data with the utmost seriousness.

  • Specific technical measures.

At Colcear Logistics Group we use technologies to ensure our customers and others that the security of their data is protected. Although we take all reasonable steps to ensure the security of your data, Colcear Logistics Group cannot guarantee that there will be no breach of security or that security systems cannot be penetrated. In the unfortunate and unlikely event that such a breach occurs, we will follow legal procedures to mitigate the effects and inform the data subjects.

WHAT ARE THE RIGHTS OF DATA SUBJECTS AND HOW CAN THEY BE EXERCISED?

The data subject has the following rights:

  • Right to information – the right to receive detailed information on the processing activities carried out by the Company as set out in this document;
  • Right of access – you can request and obtain confirmation as to whether or not your personal data is being processed by Colcear Logistics Group, and if so, you can request access to it and certain information. Upon request, the Company will also issue a copy of the personal data processed, additional copies may be charged at Colcear Logistics Group’s actual cost;
  • Right to rectification – the right to have inaccurate personal data rectified and incomplete personal data completed;
  • The right to erasure of data (“right to be forgotten”) – in situations expressly regulated by law (in particular in case of withdrawal of consent or if it is established that the processing of personal data was not lawful), the data subject may obtain the erasure of such data. Following such a request, Colcear Logistics Group may anonymise the data, depriving them of their personal nature and thus continue processing for statistical purposes;
  • The right to restrict processing – in situations expressly regulated by law (in particular if the accuracy of the data is contested for the period necessary to determine its inaccuracy or if the processing is unlawful and the data is not to be erased, only restricted);
  • The right to object – you may object at any time, for reasons relating to your particular situation, to processing based on the legitimate interest of Colcear Logistics Group (including profiling) or carried out in the exercise of a public interest or an authorisation vested in the Company;
  • Right to data portability – can receive personal data in a structured, machine-readable format or request that the data be transferred to another controller. This right is only applicable: (i) for personal data provided by the Customer, (ii) if the processing of personal data is carried out by automated means, and (iii) if the processing is based on either the performance of a contract or the consent of the data subject;
  • Right to lodge a complaint – you may lodge a complaint against the way in which Colcear Logistics Group processes your personal data with the National Supervisory Authority for Personal Data Processing;
  • Right to withdraw consent – in cases where processing is based on consent, consent may be withdrawn at any time. Withdrawal of consent will only take effect for the future, the processing carried out prior to the withdrawal will remain valid;

Additional rights related to automated decisions used in the process of providing Colcear Logistics Group services and products – where the Company makes automated decisions in relation to personal data, the data subject may (i) request and obtain human intervention with respect to the processing, (ii) express his or her point of view on the processing, and (c) challenge the decision. The customer may exercise these rights either individually or cumulatively by sending a written request, dated and signed, to the Colcear Logistics Group, Str. Hațegului 182A, 327435 Zăvoi, Caraș-Severin, Romania.

In addition, Colcear Logistics Group has appointed a Data Protection Officer (“DPO”), who can be contacted if there are any concerns regarding any aspect of personal data protection by sending a written, dated and signed request to the following contact details: Alina Stefoni, Str. Hațegului 182A, 327435 Zăvoi, Caraș-Severin, Romania, or by E-mail: office@colcear.com.

THE ABSENCE OF AN AUTOMATED DECISION-MAKING PROCESS

Our respect for your data includes giving it the human attention it needs, through our staff. Under the current conditions, as a user of our services, you will not be subject to a decision by us based solely on automated processing of your data (including profiling) that produces legal effects with respect to you or similarly affects you to any significant extent.

AMENDMENTS TO THIS INFORMATION NOTE

We may change this note from time to time. In such cases, we will inform you in advance and will not reduce the rights you have in relation to your data by any changes we may make to this notice.

WHAT THE TERMS WE HAVE USED IN THIS NOTE MEAN

  • Supervisory authority for the processing of personal data: an independent public authority which, according to the law, has powers relating to the supervision of compliance with personal data protection legislation. In Romania, this personal data processing supervisory authority is the National Authority for the Supervision of Personal Data Processing (ANSPDCP).
  • Special categories of personal data (sensitive personal data/sensitive data): personal data which: reveal racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership; genetic data; biometric data for the unique identification of a natural person; data concerning the health, sex life or sexual orientation of a natural person.
  • Collaborators: natural or legal persons who have signed a collaboration contract with us and who provide services to our clients.
  • Personal data: any information relating to an identified or identifiable natural person (“data subject”). A natural person is identifiable if he or she can be identified, directly or indirectly, in particular by reference to an identifier, e.g. name, identification number, location data, online identifier, one or more factors specific to that person’s physical, physiological, genetic, mental, economic, cultural or social identity. Thus, for example, the following are included in the notion of personal data: first and last name; home or residence address; email address; telephone number; personal identification number (CNP); established diagnosis (these are sensitive data); genetic data (these are sensitive data); biometric data (these are sensitive data); geolocation data. The categories of personal data about you that we process are listed above.
  • Controller: the natural or legal person who decides why (for what purpose) and how (by what means) personal data are processed. According to the law, the responsibility for compliance with the legislation on personal data lies primarily with the controller. In our relationship with you, we are the controller and you are the data subject.
  • Processor: any natural or legal person who processes personal data on behalf of the controller, other than employees of the controller.
  • Data subject: the natural person to whom certain personal data relate (to whom they “belong”). In relation to us (the controller), you are the data subject.
  • Processing of personal data: any operation/set of operations which is/are performed upon personal data or sets of personal data, whether or not by automatic means; for example: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of such personal data/sets of personal data. These are only examples. Basically, processing means any operation on personal data, whether by automatic or manual means.
  • Third country: a country outside the European Union and the European Economic Area.

Declaration of conformity

Colcear Logistics Group declares on its own responsibility that it has taken all the measures it deemed necessary in order to comply with the instructions of the EU Regulation 2016/679 (GDPR) on the collection, use and storage of personal data in the member countries of the European Union.

The company certifies that it adheres to the notification, opt-in, transfer, data security and integrity, access and enforcement requirements of the EU Regulation 2016/679 (GDPR) instructions on the collection, use and storage of personal data in the member countries of the European Union.

Date 15.04.2024

Yes, we’re a problem solving company.
End-to-end.

Contact us anytime to get a quote or find out more about us.

Or just give us a call. Sometimes it’s just easier!
+40 758 254 380

Contact us directly

Yes, we’re a problem solving company. Get a quotation.

  • This field is for validation purposes and should be left unchanged.