• Privacy policy information.

FIMPLAST IMPEX S.R.L. (hereinafter referred to as “the Company”) is in line with Regulation (EU) 2016/679 of the European Parliament and Council on the protection of individuals with regard to the processing of personal data and to the free movement of such data and to the repealing of Directive 95/46 / EC applicable from 25th of May 2018. As all European Regulation, it applies directly and equally to all Member States of the European Union, in order to both strengthen and unify the online security policies but also to better protect the data of all European citizens. Respect for privacy and protection of personal data are fundamental principles that our organization has understood to give due importance and attention because without their understanding, awareness and implementation, the current activity of the company will not be able to comply with the requirements of the aforementioned European Regulation. One of the fundamental principles of this Regulation is transparency, and through this General Privacy Policy we want to inform you about how we collect, use, transfer and protect your personal data. We reserve the right to periodically update, revise, and amend this General Privacy Policy. In the event of any changes, we will display the updated and revised version of the General Privacy Policy on our site.
This Policy applies to:
•  Headquarters and offices belonging to FIMPLAST IMPEX S.R.L.
•  All departments and staff belonging to FIMPLAST IMPEX S.R.L.
•  All contractors, suppliers and other people working on behalf of FIMPLAST IMPEX S.R.L.
This General Privacy Policy refers to the personal data of customers, suppliers, other people who contact us and who visit us and their representatives, potential collaborators and coworkers and applies to the data collected through our website www.fimplast. ro, as well as all other personal data that we collect by e-mail, contact forms.

1. GENERAL INFORMATION:

I.1. Who we are and how you can contact us:
FIMPLAST IMPEX S.R.L. (hereinafter referred to as “the Company”) is a legal entity of Romanian nationality, having its headquarter in Ploiesti, No. 141 Valeni Street, Prahova County, registered at the Trade Register attached to the Prahova Court under number J29 / 1510/1996 and having the Unique Identification Code RO 8974048. For the purposes of data protection legislation, we have the status of OPERATOR when we process your personal data. In order for the data of the physical entities to be securely processed , we have made every effort to implement reasonable measures to protect their personal information. As we are always interested in finding out your opinions, as well as providing you with any additional information you may need regarding the processing of your data, we inform you that you can contact us at the e-mail address: office@fimplast.ro or directly by a request registered at our registry office or sent by post or courier to our headquarters in Ploiesti, No. 141 Valeni Street, Prahova County - with the following indication: in the attention of the Registry Department – Customer Service.

I.2. Regulation Terms:
• Operator - the entity - in this case - FIMPLAST IMPEX S.R.L., or any other legal person, public authority, agency or non-governmental organization, which processes or establishes the purposes and means of processing personal data;
• Personal data - any information about an identified or identifiable physical entity ; an identifiable person is a person who can be identified - directly or indirectly, by reference to an identifying element: name / surname, address, personal numeric code, e-mail, telephone, income, biometric data, image, IP address or by reference to medical, genetic data, data on ethical or racial origin, political, religious, philosophical, cultural beliefs or trade union membership;
• Data subject - any physical entity whose personal data may be or are processed by the controller;

I.3. The purpose of the General Privacy Policy:
When the physical entity enters into a relationship of any kind with us, he entrusts his information to us. The purpose of this General Privacy Policy is to explain to the individuals concerned what data we process, why we process it and what we do with it - as an operator. We take privacy seriously and do not transmit or ever sell personal data of any kind, be it to our patients, lists or e-mail addresses. Being fully aware that personal information belongs to each individual, we do our best to store it securely and process it carefully. We do not provide information to third parties without first informing the physical entities. This information is important. We hope they are carefully understood.
This General Privacy Policy does not cover other third-party applications and sites that people may contact by accessing the links on our site. This is beyond our control. We encourage everyone to review the Privacy Policy on any site and / or application before providing personal data. This General Privacy Policy also covers the process of recruiting and selecting candidates for the positions offered by the company (eg - the company obtains personal data as a result of requesting the completion of a form from of application or by submitting a CV - by e-mail mail). The company informs the applicants of the personal data that will be collected, the purpose for which they are collected and how they will be used, in close connection with the existence of the Privacy Policy specific to recruitment formulated by the company’s privacy policy).According to the law, the individual beneficiary of our services or the person in a relationship with us of any kind, is a "targeted person", more specifically, an identified or identifiable physical entity. In order to be completely transparent about data processing and to allow it to easily exercise its rights at any time, we have implemented measures to facilitate communication between us, the data controller and the data subject. If you are under the age of 16, you will need the consent of your parents or guardian before providing us with any personal information for the purpose of registration or other online activities. If you are unsure of the information you see on this site, please ask your parents or guardians for help. Any processing of personal data of juveniles will be carried out only in accordance with the law.

I.4. The commitment of FIMPLAST IMPEX S.R.L. :
The protection of the personal information of physical entities is very important to us. That is why we are committed to complying with the new Regulation (EU) 2016/679, the applicable national legislation, but also the following principles:
• Legitimacy, impartiality and transparency: We process personal data legally and correctly. We are always transparent about the information we use, and the physical entity is properly informed.
• The control belongs to the physical entity concerned: Within the limits of the law, we offer him the possibility to examine, modify, delete personal data that he shared with us and to exercise his other rights.
• Data integrity and purpose restraint: We use the data only for the purposes described at the time of collection or for new purposes compatible with the original ones. In all cases, our purposes are compatible with the law. We take reasonable steps to ensure that our personal data is accurate, complete and up to date.
• Security:
We have implemented reasonable security and encryption measures to protect our information as best we can. However, it should be noted that no website, no application and no internet connection is completely secure.

2. THE RIGHTS OF THE PERSON CONCERNED IN THE LIGHT OF THE NEW REGULATION:
- The right to withdraw consent where the processing is done on the basis of consent;
- The right to be informed about the processing of your data;
- The right of access to data;
- The right to rectify inaccurate or incomplete data;
- The right of erasure ("the right to be forgotten");
- The right to restrict processing;
- The right to transmit the data we have about the physical entity to another operator;
- The right to oppose to the data processing;
- The right not to be subject to a decision based exclusively on automatic processing, including profiling;
- The right to go to court;
- The right to lodge a complaint with the Supervisory Authority.

3. CATEGORIES OF PERSONAL DATA. PURPOSES AND GROUNDS FOR PROCESSING:

In the context of your interaction with FIMPLAST IMPEX S.R.L., you as a physical entity - and within the meaning of the Regulation - the physical entity concerned, you may be subject to the data processing activities we carry out.
FIMPLAST IMPEX S.R.L. may request and / or collect information from you voluntarily when:

3.1. You may request assistance or provide us with comments, suggestions or questions regarding our site, our activities and / or services, and the processing of your personal data. In this case, we use the contact details to communicate with you about your requests. The purpose of the processing in this case is to analyze your requests and provide answers to them.

3.2 We may take over some of your data in the context of the provision of services and products based on obligations imposed by law (for example, the obligation to comply with tax laws). In this case, the basis of the processing is the fulfillment of a legal obligation.

3.3. THE CATEGORIES OF PERSONAL DATA PROCESSED IN THE CONTEXT OF OUR RELATIONSHIP WITH YOU ARE:
a) In the situation where you are, collaborators or potential collaborators, representatives of our suppliers; the personal data we process is: your name and surname, e-mail address, telephone number.
b) If you are a customer of our company, the personal data we process are: name, surname, address, e-mail and telephone number.

3.4 If you apply for a job at FIMPLAST IMPEX S.R.L.
We use the personal data contained in the CVs we receive to assess the qualifications of applicants for a position within our company. In this case, we rely on the steps taken to conclude and implement a contract. The categories of data processed in the context of our relationship with you are your name, e-mail address, telephone number, address, personal data included in resumes, details of education and training, professional qualifications, and other data with personal information that you can provide directly.

3.5. If you are a visitor to our headquarters or office:
We use your personal data to ensure the security of our premises, property and staff. For this purpose we have installed rooms that are located in a visible place and are accompanied by signs. Surveilance camera have been designed to minimize the impact on individual privacy, and we conduct regular assessments to ensure that their use remains justified. The recorded images will be kept for as long as necessary just in case an incident is to be discovered and for the further investigation of such an incident. In view of this, all entries are deleted after one month period. Except for the competent authorities, the images will not be provided to third parties. In this case, the data processing is based on the legitimate interest of FIMPLAST IMPEX S.R.L. namely the protection of these spaces, goods and people. The categories of data processed in this context are your name, images (obtained as mentioned above) and other personal data that you may provide to us directly.

3.6. If you are a visitor to our website:
We use the personal data we collect from you when you visit our website www.fimplast.ro, to process and answer your questions submitted through the forms available online, as well as to send newsletters, a service to which you have previously subscribed, while visiting our site. We base this data processing activity on our legitimate interest in providing the requested information in connection with our business, services and products. The data categories processed in this context are your name, email address, and phone number. We also use your personal data to monitor traffic and improve our site content. We rely on our legitimate interest in this data processing activity to ensure the proper functioning of our website and to improve it. A cookie usage policy is also available on the website.

4. WHY FIMPLAST IMPEX S.R.L. COLLECTS THESE DATA:

We collect the information of physical entities for specific and legitimate purposes as described above in this General Privacy Policy, which include, but are not limited to, respectively:
- To be able to communicate with the candidates for the positions offered by the company;
- To make the right decision when hiring them;
- In order to conclude and execute an employment contract according to the specialization / qualification of the candidates;
- In order to conclude or execute / modify a contract between the physical entities and the company;
- To answer questions and requests from subjects;
- To offer and improve the services and products offered by the company;
- To diagnose or remedy technical problems;
- To defend the company against cyber attacks;
- To comply with the company's legislation;
- To establish or claim a right in court;
When the data is requested directly from you, FIMPLAST IMPEX S.R.L., asks you to provide all the categories of personal data that we request for the purposes mentioned above, because otherwise we will not be able to carry out our activity.
If you supply FIMPLAST IMPEX S.R.L. the personal data of other entities, please communicate them prior to this disclosure the way in which FIMPLAST IMPEX S.R.L. intends to process personal data as described in this general privacy policy.

5. DATA STORAGE UNDER FIMPLAST IMPEX S.R.L.

Your personal data is stored for the period necessary to comply with the various legal obligations of FIMPLAST IMPEX S.R.L. It should be noted that under certain expressly regulated situations, we store the data for the period required by law. At the same time, if the data is not collected in the context of an agreement, such data will be kept for as long as it is necessary for the purpose of collecting the intended data or any other longer period required by law, a record keeping regulation or public authorities. Immediately after the end of the applicable archiving period, the data must be:
Imediat după încheierea perioadei de arhivare aplicabile, datele trebuie să fie:
a) safely deleted or destroyed; or
b) transferred to an archive (unless prohibited by law or regulation on record keeping).
Personal data collected and used to subscribe to our newsletter will be deleted immediately if you unsubscribe from our newsletter service.
After the end of the period, the personal data of the subjects will be destroyed or deleted from the computer systems or transformed into anonymous data for use in scientific, historical or statistical research.

6. SHARING YOUR INFORMATION WITH THIRD PARTIES:

FIMPLAST IMPEX S.R.L. will not disclose data obtained from physical entities to other third parties without the prior express and separate consent of the physical entity. The company approves that the personal data obtained is stored securely or is destroyed, meaning that we inform the physical entities that there are data processing agreements with the software provider (s) through which they in turn have assured the company that they comply with GDPR.
FIMPLAST IMPEX S.R.L. may disclose the data of the physical entities concerned, in compliance with applicable law, to business partners or other third parties, such as their own substitutions. We make constant efforts to ensure that these third parties have implemented appropriate protection and security measures. We have contractual terms with these third parties so that your data is protected. We will inform the entities about the identity of these companies each time before we communicate such data or within a reasonable time and we will make sure that any transfer is legitimate, based on their consent or other legal basis. For example, we may provide personal data to other companies, such as IT or telecommunications service providers, accounting, legal services, and other third parties with whom we have a contractual relationship. These third parties are carefully selected so that this data is processed only for the purposes we indicate. The company may also share the data of targeted individuals with business partners as a result of a joint effort to provide a product or service. Although unlikely, the company could sell the business or part of the business in the future, which will include the transfer of this data. The data may be transmitted to other parties with the consent or instructions of the data subject. Personal information may also be provided to the prosecutor's office, the police, the courts and other competent state bodies, on the basis and within the limits of the legal provisions and as a result of expressly formulated requests. Within reasonable limits, the company will ensure that the data of the physical entities do not leave the European Economic Area, but to the extent that it transfers data to non-EEA countries, it will in all cases ensure that the transfers are legitimate, based on the explicit consent of the entity or any other legal basis.

7. FIMPLAST IMPEX S.R.L. informs any physical entity concerned that:

- You may withdraw your consent to the processing of sensitive data and / or direct marketing at any time by following the unsubscribe instructions in each email or other electronic message;
- If he wishes to exercise his rights, he can do so by registering a written request, which is submitted to the headquarters / office of FIMPLAST IMPEX S.R.L. or by a written request sent to the e-mail address: office@fimplast.ro;
- The rights listed above are not absolute. There are exceptions, so each request received will be analyzed so that it can be decided whether it is well-founded or not. To the extent that the request is substantiated, the company will facilitate the exercise of rights. If the request is unfounded, it will reject it, but will inform the people concerned of the reasons for the refusal and of their rights to lodge a complaint with the Supervisory Authority and to go to court;
- The company will try to respond to your request within 30 days. However, the deadline may be extended depending on various issues, such as the complexity of the request, the large number of requests received, or the inability to identify yourself in a timely manner;
- If, despite its best efforts, the company fails to identify the data subject and it does not provide additional information to identify it, the company will not be obliged to comply with the request.

8. REQUESTS AND EXERCISE OF RIGHTS:

In the event that you wish to exercise any of the rights listed above in this General Privacy Policy, make comments or obtain additional information or clarification regarding the processing of your personal data, if you have any questions or concerns regarding the processing of your personal dataor you wish to exercise your legal rights or have any other concerns regarding the confidentiality of your data, please contact FIMPLAST IMPEX SRL through the person designated for this purpose, respectively Mr./Ms. Dima Monica to the e-mail address: monica.dima@fimplast.ro to ensure that FIMPLAST IMPEX S.R.L. meets all GDPR requirements.
The answer to all requests will be sent to you in the shortest possible time, which will not exceed one month from the receipt of the request, with the possibility of extending the duration by a maximum of 2 months if we are talking about a complex or high volume processing of such requests. All requests can be submitted in person or sent by post / courier to our headquarters in Ploiesti, No. 141 Valeni Street, Prahova County, or by e-mail to the e-mail address: office@fimplast.ro

At the same time, it is good to know that the National Authority for the Supervision of Personal Data Processing ("ANSPDCP") operates in Romania and that you have the right to file a complaint when you consider that your rights have been violated by accessing the website www. dataprotection.ro.