We, SHARE IT SMART SRL, are deeply committed to protecting your personal data. Safeguarding the confidentiality of your data during its collection, processing, and use is a priority for us, and we ensure all legal requirements are met in our processes. We do not share your information with third parties without notifying you. Additionally, we do not make exclusive automated decisions that could significantly impact you. This information is important..
When you enter a relationship of any kind with us, you entrust us with your personal details. This information presented herein (hereinafter referred to as “Privacy policy”) is important. We recommend that you read them carefully.
The purpose of this privacy policy is to explain what data we process (collect, use, share), how we process it, why we do so, and what your rights are concerning this data. As an operator collecting this information, we are legally obligated to provide these details.
By visiting the site, purchasing a good or service or by interacting with us through any means and/or through any communication channel (e-mail, telephone, network socialization, etc.), you agree to both this privacy policy and the use of your personal data, for advertising or marketing purposes, under the conditions described below in the dedicated sections. If you do not agree with those described in this Privacy policy, we recommend avoiding the use of the platforms.
This privacy policy does not cover the apps and websites of third parties that you may access through links on our site. These are beyond our control. We encourage you to review the privacy policy of any site or app before providing personal data.
SHARE IT SMART SRL, the personal data controller, is located at Str. Orhideelor, No. 4, Vladimirescu, Arad County, 317405, Romania. It is registered at the Trade Register under No. J2/2166/2018, with the tax code RO40318349.
You can contact us via e-mail at office@share-it-smart.com. We are responsible for processing your personal data, whether collected directly from you or from other sources.
For any data protection inquiries, please contact our Data Protection Officer at:
gdpr@share-it-smart.com .
According to the legislation, you, as the natural person receiving our services or engaged in any relationship with our company, are considered a “data subject,” meaning an identified or identifiable natural person. To ensure complete transparency about data processing and to enable you to exercise your rights at any time, we have implemented measures to facilitate communication between us, the data controller, and you, the data subject.
Thus, you can be:
Depending on the nature of the commercial relations between the parties, the Operator may have several roles from a GDPR perspective.
If the person concerned is an employee of SHARE IT SMART SRL or a direct customer, SHARE IT SMART SRL has the role of personal data operator.
If the person concerned is an employee or partner of SHARE IT SMART SRL’s B2B clients, then SHARE IT SMART SRL is the person authorized by these clients to process data through the software applications it develops for them.
In this case, the B2B partners of SHARE IT SMART SRL have the obligation to inform the data subjects about the nature of the processing of their personal data in accordance with GDPR requirements.
Protection of your personal information is very important to us. That is why we are committed to respecting European and national legislation on the protection of personal data, in particular regulation (EU) 679/2016, also known as the GDPR and the following principles:
Legality, Fairness and Transparency
We process your data legally and fairly. We are always transparent about the information we use, ensuring that you are properly informed.
Your Control Belongs to You
Within the limits of the law, we provide you with the ability to review, modify, and delete the personal data you have shared with us, as well as to exercise your other rights. For more information, please refer to sections 7, 10, and 11 of this document.
Data Integrity and Purpose Limitation
We use data only for the purposes described at the time of collection or for new purposes that are compatible with the original ones. In all cases, our objectives comply with the legislation. We take reasonable steps to ensure that personal data is accurate, complete and up-to-date.
Security
We have implemented reasonable security and encryption measures to protect your personal information to the best of our ability. However, it’s important to note that no website, app, or internet connection is completely secure.
We reserve the right to change this privacy policy at any time. All updates and changes to this policy become effective immediately upon notification, which we will provide by displaying on the website and/or sending e-mail notifications.
If you have any questions or concerns about the processing of your data, wish to exercise your legal rights regarding the data we hold, or have concerns about our handling of any privacy issues, please feel free to contact us via e-mail at: gdpr@smart-it-share.com .
“Processing” refers to any operation or series of operations performed on personal data, whether with or without automated means. These operations include collection, registration, organization, structuring, storage, adaptation, modification, extraction, consultation, use, disclosure, dissemination, provision of access, alignment, combination, restriction, deletion, or destruction of data.
8.1. What kind of information do we collect about you
When you browse our website or contact us via e-mail or any other communication channel for any purpose, you may provide us with the following personal data, which we collect directly from you or from other sources:
In addition to the information given above, we may also collect the following information, depending on certain circumstances:
If you make online purchases, certain payment information (such as card data) will be collected. However, this information will be stored by our processor partners in a manner that prevents us from accessing or reading it. We will only be notified if the purchase was successful. It includes:
If you are employed (former, current or future) by us, certain information relating to the performance of the employment contract will be collected. For example, personal data of the employee will be collected:
If you are a direct customer, an employee or partner of our customers we will process certain personal data that take into account the nature of the services offered. For example, we will be process:
8.2. Why do we collect this information?
We collect personal information for the following purposes:
8.3. What is the legal basis for processing?
We can use the following legal bases, depending on the specific case:
However, please note that if you are our customer, we may send promotional messages (direct marketing) of similar goods and services without the need for consent under art. 12 para. (3) of Law No. 506/20014, in certain specific situations legally regulated.
However, in all cases, you can oppose direct marketing and/or withdraw your consent at any time by following the unsubscribe instructions (“unsubscribe”) from each e-mail or by submitting a written request to the e-mail address office@smart-it-share.com .
When we rely on legitimate interest, we conduct a balancing test to analyze the legitimate interests involved, both ours and yours. If our interests outweigh yours, we will proceed with using the legitimate interest as the legal basis. However, if your interests outweigh ours, we will refrain from using legitimate interest. In cases where we cannot identify another appropriate legal basis, we will not engage in that particular processing activity.
Please note that obtaining consent is not compulsory and we will proceed to obtain consent from you. Only in situations where we have failed to use another legal basis.
8.4. Where do we obtain the data?
We collect more information directly from you. (for example, by filling out a form on the site). Most of the information is described above, but there may be situations where we collect data from third parties (i.e. partners, advertising platforms), such as for example, information on purchases and interests.
SHARE IT SMART SRL also processes personal data from contracts with employees, as well as from contracts with parties and other service providers.
SHARE IT SMART SRL will not collect or process personal data when providing information services to the company directly to children under the age of 16-or under a lower age-except in the case of parental consent, in accordance with applicable local law. If we find out about the accidental collection of a child’s personal data, we will immediately delete that data.
8.5. How long do we store the data?
We retain your personal data only for the duration necessary to fulfill the purposes outlined, but not exceeding 10 years following the termination of the contract or the last interaction with us. After this period, personal data will be securely destroyed or erased from our computer systems, or anonymized for use in scientific, historical, or statistical research purposes. It’s important to note that in specific cases regulated by law, we may retain data for the duration required by such regulations.
8.6. How we share your information with the others?
We may disclose your data to business partners or other third parties in compliance with applicable laws. We consistently make reasonable efforts to ensure that these third parties have implemented appropriate protection and security measures. Through contractual clauses with these third parties, we mandate the protection of your data. In such instances, we ensure that any transfer of data is legitimate, either based on your consent or another legal basis.
For example, we could provide your data to other companies, such as IT service providers or telecommunications, accounting, legal services, transport and courier service providers and other third parties with whom we have a contractual relationship. These third parties are selected with special care so that your data is not available. Processed only for the purposes that we indicate.
We may also share your data to our business partners as a result of a joint effort to provide a product or service.
Although unlikely, we could sell the business or part of the business in the future, which will include transferring your data.
We may transmit the data and other parties with your consent or according to your instructions, for example, if you exercise a request for portability.
We will also be able to provide your information and to the parquet, police, courts and other competent bodies of the State, on the basis and within the limits of the legal provisions and as a result of expressly formulated requests.
We will take reasonable measures to ensure that your personal data remains within the European Economic Area (EEA). However, if we transfer data to countries outside the EEA, we will ensure that such transfers are legitimate. This may involve obtaining your explicit consent or relying on another legal basis for the transfer.
If we have obtained your consent, or if you are already a customer of the company, we may utilize direct marketing technologies and targeted advertising based on the information collected about you. This may include factors such as your interests, preferences, purchases, age, location, and more. For instance, we may send e-mails, display advertisements within our website or on social media platforms, or place ads on third-party sites, apps, or other internet-connected devices.
9.1. What kind of data do we collect for marketing?
In order to conduct direct marketing or targeted advertising, we may use the following information:
9.2. Marketing Partners
Our marketing partners, including Facebook, Google, and other agencies, assist us in delivering targeted marketing to you based on the information they collect directly from you, with your consent. In some instances, we may even share newly collected information with them. We guarantee that all such transfers are conducted lawfully, as explained in the preceding paragraph.
Our partners may place advertisements on our services and products, depending on the data previously collected from you (interests, preferences) on other sites and/or services. Our marketing partners may also use the information collected about you. To improve the services and/or algorithms (including algorithms based on artificial intelligence). This privacy policy does not include information about how your data is processed by our partners.
9.3. How can you opt out of direct marketing?
You can oppose direct marketing and/or withdraw your consent at any time by following the unsubscribe instructions in each e-mail (“Unsubscribe”) or by submitting a request to this effect to your e-mail address office@share-it-smart.com .
To turn off interest-based advertising, please refer to our policy on the use of cookies in this regard.
According to the GDPR, your rights are:
You can withdraw your consent to the processing of your data at any time by submitting a request to this effect to the e-mail address office@share-it-smart.com. Please note, however, that in so far as we have identified another legal basis for processing your data, we will continue to process your data based on that legal basis. We have the legal possibility to use one or more grounds for processing your data.
You have the right to obtain from us a confirmation that personal data concerning you and, if so, access to that data and the information provided for in art are not processed or not. 15 para. (1) of the GDPR.
You have the right to obtain, on our part, without undue delay, the rectification of inaccurate personal data concerning you.
In the situations provided for in art. 17 from the GDPR, you have the right to request and obtain the deletion of personal data.
In the cases provided for in art. 18 from the GDPR, you have the right to request and obtain restriction of processing.
In the cases provided for in art. 20 GDPR, you have the right to request and obtain data portability.
In the cases provided for in art. 21 of the GDPR, you have the right to oppose the takeover of the data.
Please note that:
We work diligently to protect our customers, other individuals whose data we process, and ourselves from unauthorized access, modification, disclosure, or destruction of the data we handle.
In particular, we have implemented the following technical and organisational measures to ensure the security of personal data:
Dedicated Policies
We adopt and review our data processing practices and policies for our customers and others, including physical and electronic security measures, to protect unauthorized access systems and other possible threats to their security. We constantly check how we apply our personal data protection policies and comply with data protection legislation.
Minimizing Data
We have ensured that your personal data we process is limited to those that are necessary, appropriate and relevant for the purposes stated in this note.
Restricting Access to Data
We strictly restrict access to personal data that we process to employees, collaborators and other people who need to access them so that we can process them for us. All these companies and individuals are subject to strict confidentiality obligations and we will not hesitate to take them accountable and stop working with them if they do not treat the protection of your data and other Persons of utmost seriousness.
Specific Technical Measures
SHARE IT SMART SRL use technologies to ensure our customers and others that the security of their data is protected.
Control of our service providers. We introduce in contracts with those who process for us (empowered persons) or together with us (other operators – associated operators) clauses to ensure the protection of the data we process; This protection goes at least to the minimum required by the legislation.
While we take all reasonable steps to ensure the security of your data, SHARE IT SMART SRL cannot guarantee the lack of any security breach or the inability to penetrate security systems. In the unfortunate and unlikely event in which such an infringement will arise, we will follow the legal procedures for limiting the effects and informing the data subjects.
We prioritize the importance of your data by ensuring that our staff provides the necessary human attention to it. As a user of our service, you will not be subject to decisions made solely through automated processing of your data, including profiling, that significantly affect you in a legal capacity.
Supervisory authority for the processing of personal data: an independent public authority which, according to the law, has powers concerning the supervision of compliance with the protection of personal data law. In Romania, this supervisory authority for the processing of personal data is the national supervisory Authority for the processing of personal data (ANSPDCP).
Special categories of personal data (sensitive personal data/sensitive data): Personal data which: reveals racial or ethnic origin, political opinions, religious confession or philosophical beliefs or Membership of trade unions; genetic data; Biometric data for the unique identification of a natural person; Data on the health, sexual life or sexual orientation of a natural person.
Collaborators: Natural or legal persons who have concluded a cooperation agreement with us and who provide services to our customers.
Personal data: Any information relating to an identified or identifiable natural person (‘ data subject ‘). A natural person shall be identifiable if it can be identified, directly or indirectly, in particular by reference to an identification element, for example: name, identification number, location data, online identifier, one/more items physical, physiological, genetic, mental, economic, cultural or social identity of that person. Thus, for example, the following are included in the notion of personal data: name and surname; home address or residence e-mail address; phone number; the personal numeric code (CNP); established diagnosis (are sensitive data); genetic data (are sensitive data); bimoetric data (are sensitive data); geolocation data. The categories of personal data about you that we process are listed above.
Operator: The natural or legal person deciding why (for what purpose) and how (by what means) personal data is processed. According to the law, liability for compliance with the legislation on personal data rests primarily with the operator. In relation to you, we are the operator, and you are the person concerned.
Person empowered: Any natural or legal person who processes personal data on behalf of the Controller, other than the operator’s employees.
Data subject: The natural person to whom he refers (to whom ‘ they belong ‘) certain personal data. In relation to us (the operator), you are the person concerned.
Processing of personal data: Any operation/set of operations performed on personal data or on personal datasets, with or without the use of automated means; For example: collection, registration, organisation, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or making available in any other way, alignment or combination, restriction, deletion or destruction of such personal data/sets of personal data. These are just examples. In practice, processing means any operation on personal data, whether by automated or manual means.
Third State: A state outside the European Union and the European Economic area.
Declaration of Conformity
SHARE IT SMART SRL declares on its own responsibility that it has taken all measures it has deemed necessary for the purpose of complying with the requirements of Regulation EU 2016/679 (GDPR) on the collection, use and storage of personal data in European Union member countries.
SHARE IT SMART SRL certifies that it adheres to the notification, option, transfer, security and integrity requirements of data, access and implementation of the EU regulation 2016/679 (GDPR) on the collection, use and storing personal data in the member countries of the European Union.
Date – 26.06.2024
