WHO WE ARE
AMCORP INTEGRATED SERVICES SRL, with registered office Voluntari, Pipera Boulevard, No. 1/VI A, Office Space No.4, Office No.3, 6th Floor, Ilfov, registered with the Trade Register Office under number J23/2617/30.05.2017, CUI: 36392010, email: contact@amcorp.ro, telephone number 0727590830 (hereinafter referred to as the “Company” or “Platform” or “Operator”) is a personal data controller.
This policy is intended to inform data subjects about the conditions under which personal data are processed by the Platform. This policy is valid for all specific activities of the company carried out through the following websites.
The use of the services offered by the company can only be made after taking cognizance of these policies.
The Platform is not intended for minors under the age of 16 and may not be used by them.
Definitions
In this policy, the terms mentioned shall have the meanings specified below:
“Personal data of the Beneficiary/legal representative/consensual representative” – all personal data, regardless of their form or medium, which are: i) provided either by the Beneficiary or by the Beneficiary’s legal or conventional representative ii) provided, originated, made known in writing or verbally by the insurer of the motor vehicle under repair or another insurer directly involved or by public institutions/authorities/entities (police stations, public prosecutors’ offices, courts, etc.);
“Supervisory authority” – means an independent public authority established by a Member State with competence to supervise the protection of personal data in the EU in whose jurisdiction the Platform, as controller, or a person authorised by the Platform, is established and carries out the processing of personal data;
“Processing” – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automatic means, such as: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“Controller” – a legal person, as in the present case the Platform, or natural person who, alone or jointly with others, determines the purposes and means of the processing of personal data;
“Consent” of the data subject – means any freely given, specific, informed and unambiguous expression of will by the data subject by which he or she consents, by a statement or by an unambiguous action, to the processing of personal data concerning him or her;
“Breach of security of personal data” – means a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or unauthorised access to, personal data transmitted, stored or otherwise processed;
“Regulation” means Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
General provisions
As we value the confidentiality of your information, the Operator is obliged to comply with the provisions of this policy, as well as the provisions mentioned in the Regulation and the rules provided for in national law regarding the processing of personal data, their security and confidentiality.
If we change this policy, we will notify you on this page and inform you (e.g. by e-mail or via the Platform). If you do not agree with our data privacy policy or you do not agree with its changes, you can close your account by going to your account settings and selecting delete account or you can request the deletion of the posted notice and the deletion of your personal data.
Object, duration, nature, purpose, type of personal data Processed
Personal data means any data or information that helps us to identify you directly (e.g. your name, surname) or indirectly (e.g. based on the profile you create to send you personalised offers). Some information is less obvious (such as your shopping preferences and habits, your computer IP), but associated with your person, helps us to identify you and thus falls under the notion of “personal data”.
Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about your beliefs, sexual life or orientation, political opinions, trade union membership, health information, genetic or biometric data or criminal offences.
Data we receive directly from you | |
When you open an account on Platform | You can open an account on the Platform only if you provide us with the following personal data: – name, surname; – contact address; – e-mail, and – phone number The basis of the processing is the establishment and initiation of a contractual relationship. |
When you post an ad on the Platform | Every time you post an ad we will process the following data: – first and last name; – phone number; – e-mail, and The basis of the processing is the contractual relationship. |
When you make a payment related invoice services provided by by us | Every time you make a payment to us we can process the following data: – name and surname; – address; – bank account or card number; The basis of the processing is the contractual relationship. |
Promotional campaigns | For online campaigns run on Platofrma we can collect, depending on the campaign, the following data necessary for your participation: – name and surname; – e-mail address, and/or; – phone number. The basis for processing is consent. |
Accounting and reporting | We process your data (as indicated in your tax invoices) for bookkeeping purposes, for annual financial audits, and for filing tax and accounting returns with the tax authorities. The basis for the processing is the contractual relationship and legal obligation. |
Defending rights in justice | When defending our rights in court for the recovery of sums due or when protecting our interests against unjustified claims / complaints, we will process your data (provided to us by you) necessary to formulate court actions, other requests and specific documents. The basis of the processing is our legitimate interest. |
Proceedings before the authorities | Where we are obliged by law to do so, we will provide the competent authorities and institutions with the data we hold and which we have legally requested. The basis for processing is the legal obligation. |
Customer support | We will be able to process your voice from the recordings of phone calls with you to respond to your requests for assistance. We emphasize that we do not routinely review phone call recordings, but only in cases where complaints may arise about the services we provide.
The basis for the processing is our legitimate interest. |
Automatically collected data | |
Creating customer profiles for direct marketing purposes | Depending on your interactions and behaviour on the Platform, we may collect and process through our partners (e.g. Google) data to create your customer profile for the subsequent sending of personalised offers or placement of promotional ads (via Google or Faceook). For profiling purposes we may process the following data: – based on your browsing behaviour on the site e.g.: ads viewed; – based on demographic data: age, gender, city; – based on activity history and monetary value. It is important to note that you can object to profiling at any time by simply informing us. Regarding Facebook and Google ad targeting. The basis of the processing is consent. |
Data collected through cookie technology | When you visit the Platform as a visitor or log in to your customer account, we collect cookies and data obtained from your computer, phone, tablet or other device (“device”), information that we can use to identify you online (“online identifiers”), which we use for profiling purposes for direct marketing purposes: – IP address; – The internet browser you use and the version of the device’s operating system; – HHTP/HTTPS protocol data; – Duration of your visit/activity on the Platform’s website; – General location of the device (if geo-location is enabled) from which you are connecting to the Platform’s website. It is very important to know that most devices give you the option to disable geo-location services right from the device settings. “Cookies” – are files that a server sends to your device, placed on the Platform’s website or via download. The way we process cookies are detailed in the Cookie Policy, available on the Platform website. The basis of the processing is the consent you have given us, most likely via a pop-up, email or sms. It is important to note that you can withdraw your consent at any time. |
Advertising | Based on your browsing and behaviour on the Platform, monitored by cookies, we may provide you with online advertisements to some of our services that may be of interest to you or to some of the ads posted on the Platform. Based on the information about your browsing on the Platform, we may place you in an interest group with other similar customers in terms of browsing behaviour and thus deliver advertisements (banners) based on those interests. You can refuse the setting of a cookie by setting your browser to generally disable the automatic setting of cookies. You can also disable cookies for the advertising services of a browser service provider (e.g. Google) by setting your browser in such a way that the cookies of that domain are blocked. Opting out of online behavioural advertising will not stop the display of general advertisements that are not tailored to your interests. The basis of the processing is the consent you have given us, most likely via a pop-up, email or sms. It is important to note that you can withdraw your consent at any time. |
Personalised offers | We may use your email address and mobile phone number to create customer lists and then we will use the encoded data from this list to match your data (and other customers’ data in an interest group) with the data of people on Facebook to send personalised offers via this channel to your Facebook account via targeted ads. In addition, on the Platform’s website we also use Facebook’s personalized audience services created using your pixel data. With this service provided by Facebook, the Platform, with the help of Google, can identify that you have clicked on our Facebook advertisement and have been redirected to the Platform’s website. The data collected with Facebook is used exclusively to compile statistics on the success and usage of our Facebook advertising campaigns. Separately, if you like our Facebook page by giving us a “Like”, we will receive this information without using it other than to communicate with you and possibly to send you some personalized offers through your Facebook account based on personalized audiences. Temeiul prelucrarii este consimtamantul pe care ni l-ai acordat, cel mai probabil prin intermediul unui pop-up, e-mail sau sms. Este importat sa retii ca iti poti retrage consimtamantul oricand. |
Security and website maintenance | We normally use the following online identifiers to maintain and secure the Platform’s website: – IP address; – The internet browser you are using and the operating system version of the device you are connecting with; – HHTP/HTTPS protocol data; – Location of the device (if geo-location is enabled) from which you are connecting to the Platform website. This data is processed to ensure the proper functioning of the website, respectively: – the correct display of content; – the retention of your login data (when you request it); – improving the Platform’s website; – setting the device from which you log in/login to the requirements of the Platform website. – ensure the security of the website and ensure that we protect you against fraud or any IT security breaches in relation to the Platform. – to identify and remedy faults that prevent the use of our website or your customer account.
The basis of the processing is our legitimate interest for the implementation, parameterization and maintenance of the security measures of the Platform website(s). |
Data received from third parties | |
Automatically collected from sites on which they are promoted ads Real Estate | The platform has an application that periodically scans certain websites where any interested person posts ads about the intention to sell or rent real estate. This application identifies, on the basis of predetermined algorithms, whether or not an advertisement is in our database and, if not, copies it to the Platform. ONLY THE DATA MADE PUBLIC EXPRESSLY BY DVS., usually name, phone number and email address, ARE NOT COPIED. The basis of the processing is our legitimate interest to create a more detailed database. |
HOW LONG WE PROCESS YOUR DATA
The Platform processes your data for the period necessary to fulfil the purposes for which it was collected and in accordance with our personal data retention policies. In some cases, legal provisions may require or allow us to retain data for a longer period.
The retention period depends mainly on the following:
- for the period we need your data to provide our services and fulfil our obligations to you and for the purposes mentioned above in this Policy;
- if you have an open customer account on the Platform, we will retain your data for as long as this customer account is active, but no longer than 5 (five) years from the date of your last account login or last activity on the Platform; we will notify you before closing your customer account and deleting all data associated with this customer account;
- if you have consented to the processing of your data for a longer period, we will retain the data for the duration of this period, unless you withdraw your consent in the meantime;
- if you call special telephone numbers associated with advertisements and the telephone call is recorded, we may keep the record of the call for up to 1 year.
- legal or contractual obligations require us to keep your data for a certain period of time, for example periods provided by law for the defence of our rights in court (generally a period covering the statute of limitations).
If you deactivate your customer account on the Platform and expressly request us to delete it completely, the data associated with your customer account will be deleted or anonymised so that you can no longer be identified in our data record systems, unless we are obliged to keep your data for a longer period of time based on law or our legitimate interest.
In this way we will give you full control over your personal data. We will collect and process your data again if you provide it to us again on the Platform website.
For the purposes for which you have given your consent to the processing of data, highlighted in the table above, we will process your data for that purpose until you withdraw your consent to the processing for that purpose, unless we are obliged to keep this data for a longer period by law, for reporting to public authorities, or to defend our rights in court.
We inform you that we rely on your consent when we process your data to transmit to you:
- personalized offers based on online behavioral advertising;
- personalised offers based on profiling that we make for direct marketing purposes, through sms, email and push-up notifications communication channels;
- offers based on personalised audiences (on customer lists) in Facebook.
TO WHOM WE CAN DISCLOSE THE DATA
Your personal data may be transmitted to and processed by our trusted partners for the purpose of providing our services to you.
In order to deliver the services on the Platform, we will share your data with our trusted partners. We carefully select partners and suppliers who perform operations on our behalf in support of our business. We share with them only the personal data necessary to perform the specific activities we entrust to them. The data retrieved through our ad centering software will be made public on Platfroma as they are collected, in turn, from public sources.
When we outsource certain activities to our trusted partners we make all reasonable efforts to verify in advance that they ensure the protection of your data through strict data security measures and we will enter into data processing contracts with each of them. In detail, we transmit some data to third parties (our suppliers and partners) to perform functions and services necessary to operate the Platform activities, such as:
The provider who provides us with data storage services on external servers located in the EU;
the US-based provider of email communications and mail transmission services that holds the EU-US Privacy Shield certification;
Real estate agents who subscribe to the Platform for the purpose of taking over and promoting your property.
We also share your data with our partners for marketing purposes or for marketing purposes
In order to provide you with services tailored to your interests and preferences, we process certain data with some partners that help us to deliver personalized offers to you, such as: (i) processing data through the Facebook Platform to deliver personalized offers to you through targeted ads using the personalized audience feature on customer lists, or (ii) processing data to deliver personalized offers to you based on online behavioral advertising run with Google AdWords. How Facebook or Google processes your data is set out in this Data Processing Policy.
Transmission of data to public authorities and institutions or judicial bodies
We may transmit some of your personal data to the competent public authorities or institutions when required by law (e.g. fraud investigation; money laundering prevention; filing of statements, financial statements with tax authorities, etc.), or we may transmit this data to the courts when defending ourselves in court, or before other public authorities.
Access to auditors and consultants
We may pass on some of your personal data to providers of accounting, legal, human resources, auditing, banking services.
INTERNATIONAL TRANSFERS
As a rule, your data is not stored in a country located outside the European Union or the European Economic Area (“EEA”). However, some data may be transferred to our partners who help us operate the Platform’s activities and are located outside the European Union. However, with each of these partners we have made reasonable efforts to ensure that adequate data protection measures are in place.
In particular, our service provider that helps us send you information by email, although located in the US (outside the EU), holds the Privacy Shield certification in the non-HR section, thus ensuring an adequate level of data security, recognised by the European Commission.
When we send you personalized offers through targeted advertisements, we use the personalized listening feature operated by Facebook, Inc. located outside the EU/European Economic Area, which is certified according to publicly available information as required by the EU-US Privacy Shield (deemed to ensure an adequate level of protection for personal data transferred from the European Union to organizations in the United States). We also recommend that you consult Facebook’s Privacy Policy on its website.
If we also transfer your data to other partners/suppliers of the Platform located in countries that do not ensure an adequate level of protection of the data transmitted, we undertake to take all necessary measures to ensure that those partners/suppliers comply with the terms and conditions set out in this Policy. These measures may further include the implementation of data protection standards (e.g. ISO 27001), standard contractual clauses adopted by the European Union Commission, as well as systems of direct control of these mechanisms.
DATA SECURITY
The Platform has implemented appropriate security measures to prevent your personal data from being lost, accidentally used or accessed, altered or disclosed in an unauthorised way. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know that data. They will process your personal data on our instructions and are subject to confidentiality obligations.
We have implemented procedures to deal with any suspected breach of personal data and will notify you and any relevant regulatory authority of the breach where we are legally obliged to do so.
We can store your data in physical or electronic format. In some circumstances, we may anonymise your personal data (so that it is no longer associated with you) for research or statistical purposes, in which case we may use this information indefinitely without informing you.
YOUR RIGHTS
In addition to those mentioned in this policy, in certain circumstances, the data subject has certain rights under data protection laws with respect to your personal data. These include:
Right of access
You can ask us for:
- To confirm whether we are processing your personal data;
- To give you a copy of that data;
- Provide you with other information about your personal data, such as what data we hold, what we use it for, who we disclose it to, whether we transfer it overseas and how we protect it, how long we keep it, what rights you have, how you can make a complaint, where we took your data from and whether we have carried out any automated decision making or profiling, to the extent that information has not already been provided to you in this Policy.
Right of rectification
You can ask us to rectify inaccurate personal data. We may seek to verify the accuracy of the data before rectifying it.
- Right to erasure (right to be forgotten)
- You can ask us to delete your personal data, but only if:
- it is no longer necessary for the purposes for which it was collected; or
- you have withdrawn your consent (where processing was based on consent); or
- as a result of a justified right to object (see “Objection” below); or
- have been unlawfully processed; or
- a legal obligation must be complied with to which the Company is subject.
We are not obliged to respond to your request to delete your personal data if the processing of your personal data is necessary:
- to comply with a legal obligation; or
- for the establishment, exercise or defence of legal claims;
There are a few other circumstances in which we are not obliged to respond to your request for erasure, although these two are probably the most common circumstances in which we will refuse your request.
Right of restriction
You can ask us to restrict (i.e. keep without using) your personal data only when:
- their accuracy is disputed (see Rectification), to allow us to check their accuracy; or
- processing is unlawful, but you do not wish to delete it; or
- they are no longer necessary for the purposes for which they were collected, but we still need them to establish, exercise or defend legal claims; or
- you have exercised your right to object, and verification of compelling reasons is pending.
We may continue to use your personal data following a request for restriction if:
- we have your consent; or
- to establish, exercise or defend legal rights; or
- to protect the rights of another natural or legal person.
Right of portability
You can ask us to provide you with your personal data in a structured, commonly used, machine-processable format, or you can request that it be “ported” directly to another data controller, but in either case, only when:
- the processing is based on your consent or the performance of a contract with you; and
- the processing is carried out by automated means.
Right of objection
- You may object to any processing of your personal data that is legally based on “our legitimate interests”, if you believe that your fundamental rights and freedoms take precedence over our legitimate interests.
- Once you have objected, we have the opportunity to demonstrate to you that we have compelling legitimate interests that override your rights and freedoms.
The right to complain
You have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing. Please try to resolve any problems by discussing them in the first instance with us, although you have the right to contact the supervisory authority at any time.
The right to withdraw your consent
You have the right to withdraw your consent if the Platform processes personal data on the basis of your consent.
The data subject will not be charged a fee or any other fee to access your personal data (or to exercise any of your other rights). However, Platform, as the controller, may impose a reasonable fee if the request made is manifestly unfounded, repetitive or excessive. Alternatively, Platform may refuse to comply with a request received in these circumstances.
The Platform has the right to request certain information in order to confirm the identity of the data subject who made the request and to secure personal data (or to exercise any other rights). This is a security measure to ensure that personal data is not disclosed to persons who are not entitled to receive it. We may contact you to request further information regarding your request to expedite our response.
The Platform will make reasonable efforts to respond to all legitimate requests within one month. Occasionally, it may take longer than one month if the data subject’s request is very complex or the data subject has made multiple requests. In this case, the Platform will notify you and keep you informed.
Let’s keep the gap
We have appointed a data protection officer. The first point of contact for all matters arising under this Policy, including requests to exercise data subjects’ rights, is the Data Protection Department which can be contacted in the following ways:
By e-mail at contact@amcorp.ro
By post at Voluntari, Pipera Boulevard, No. 1/VI A, Office Space No.4, Office No.3, 6th Floor, Ilfov
If you have a complaint or concern about how we use your personal data, please contact us in the first instance and we will try to resolve the issue as soon as possible.
We wish you pleasant browsing!