At RINF OUTSOURCING SOLUTIONS SRL (a limited liability Romanian company headquartered in Bucharest, Sector 2, at no. 4C Gara Herăstrău street, Building B, 3rd floor 3, registered with the Trade Registry under no. J40/1436/2006, sole registration code 18334380), we (“Rinf” or “we”/”us”) are very committed to protecting personal data. When visiting our website, one of your rights as data subject (or “you”) is that you be informed when your personal data is processed (collected, used, stored) by us. You also have the right to know the details and purpose of such processing.
Some of the services offered on our website require the processing personal data; where we decide what data how and why personal data is processed, we are a data controller. This policy applies to the processing operations carried out in the European Union with respect to our website www.rinftech.com (the “Website”), where Rinf acts as data controller. In specific cases, links are available to direct you also to the specific information about the processing contained in other relevant privacy notices we issued.
Personal data is any information relating to an identified or identifiable living person. We present herein what personal data we collect through our Website, how we use such data and the manner in which data subjects can exercise their rights with respect to our operations of personal data processing.
Also, we’ve listed in this policy the purposes for which we collect and process the personal data; in case we will reuse personal data for other purposes than the ones envisaged upon collection, such purposes shall be prior communicated to the data subject, as per the relevant legal provisions.
For ease of reference, the details of personal data processing are presented in this policy depending on the purpose for which the processing is carried out. Please refer to the section you are interested into.
We have made transparently available on the Careers section of our Website, the necessary aspects of personal data processing activities we carry out with during our recruitment process. In case you are applying online on our Website (i.e. the Careers section of the Website) for an open position, please refer to the details about why and how personal data is collected and processed, provided in here [LINK]. The same provisions are relevant for the processing activities for the applications we receive from applicants opting for other application route (e.g. sending CV by e-mail).
Categories of data processed and purposes. In case you decide to contact us at any of the e-mail addresses indicated in the Contact section or in the Get in touch section on our Website, we shall process only the personal data you sent that we need in order to analyse and answer to your query; usually this involves the processing of the following personal data categories: your name (as appearing on screen), e-mail contact, position, telephone number and the contents of your communication (insofar as the latter qualify as personal data). We do not request and are not interested in collecting other personal data for establishing and/or further developing our communication. Nevertheless, if you pro-actively and freely decide to send us more personal data for any reason, such data shall be considered by us irrelevant for our communication or excessive for such communication (e.g. race or ethnic origin; religious or philosophical beliefs; political opinions; trade union membership; genetic data; physical or mental health; sexual life or sexual orientation; biometric data; criminal records) and we have no intention of processing such data.
In case you select in your interaction with our relationship management system/tool “Ada” to apply for a job at Rinf, you will be redirected to the Careers page on our Website, where the data processing shall take place according to the provisions detailed here [LINK].
If you choose the route for “I have a cool idea and I need your expertise”, our preliminary interaction on the Website (e.g. through our relationship management system/tool “Ada”) may lead to you providing us your name and e-mail. We shall process this data only for completing the conversation and only as long as we are engaged in the conversation. In case you send to us your e-mail address, a Rinf user may use the details only to contact you directly for further interaction; depending on such further interaction (e.g. we engage in a common project, we employ you, etc.), additional specific personal data processing activities may take place, your personal data strictly necessary for completing the purpose being thus used by Rinf team, for example, to learn more about an applicant, potential client/opportunity they have an interest in, developing our services portfolio; or for providing information to you about us and our range of services; or for identifying clients with similar needs, etc.).
Legal basis for processing. In this case, the legal basis for our processing is our legitimate interest to answer to initiation of contact made by the data subject and we always aim to balance the potential impact on a data subject and the data subject’s rights and interests under data protection laws: we will not process personal data for activities where our interests are overridden by data subject’s fundamental rights and interests. Should our communication as per the above lead to initiation of a recruitment process, we may also base our processing on other legal basis, i.e. a candidate’s consent (please refer to the details provided here [LINK]).
Data retention. We will retain personal data processed as per this section for as long as it is necessary for the purposes set out above (e.g. as long as we have a correspondence, or need to keep a record of such correspondence/contact). We do not keep your personal information for longer than necessary for the purposes for which we collected it.
Social Media icons
Please be aware that each social media network/channel has their own policy for the personal data processing taking place when you access their sites; we cannot offer an endorsement for such policies and if you have any concerns about social media use of your personal data, you should read their privacy policies carefully before engaging with their services.
Also, social media may occasionally be unavailable and we accept no responsibility for lack of service due to such downtime
Security of processing
We put in place measures (such as policies, procedures and training sessions covering data protection, confidentiality and security) to guarantee that your data is kept up-to-date and processed securely. We regularly review the appropriateness of the measures we have in place to keep the data we hold secure.
Our information security management system relating to confidential data is independently certified as complying with the requirements of ISO 27001: 2013.
Personal data disclosure/sharing
We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality and security standards.
We are part of a group of firms and we use third parties (located outside the country where Rinf is located) to help us run our business; personal data under European Union ("EU") law may be transferred outside EU and to countries that do not have laws that provide specific protection for personal data. Nevertheless, we deploy steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EU are made in accordance with applicable law. Where we transfer personal data a country outside the EU that the European Commission has not established as providing an adequate level of protection for personal data, transfers will be covered by contractual framework which covers the EU requirements for the transfer of personal data outside the EU.
We may share your personal data if it is necessary and proportionate and for lawful, specific purposes, with:
● Other group entities for which we provide business contacts in the Contact section of the Website.
● Third party entities that provide various support services to us (e.g. IT, website hosting and management, security and storage services) and only to the extent necessary for such service provision;
● Law enforcement or other government and regulatory institutions or to other third parties as required by, and in accordance with, applicable law and legal procedures;
● Auditors/consultants and other professional advisers;
● In case we receive formal requests from authorities/relevant bodies to disclose personal data, we will only complete such requests where we are permitted to do so in accordance with applicable laws.
We will never disclose your personal data for direct marketing purposes, or host mailings on behalf of third parties.
Rights of data subjects
Access to personal data: You have a right of access to personal data held by us as a data controller; please address in this respect to [LINK].
Update/amendment of personal data: To update the personal data you provided to us, you may send an email at email@example.com or a letter to Bucharest, Sector 2, at no. 4C Gara Herăstrău street, Building B, 3rd floor 3. Based on your new (updated) information, when reasonably practically possible we will make necessary amendments (if appropriate) if you let us know the personal data processed by us is no longer correct/accurate.
Right to restrict or object to our processing: Data subjects enjoy the legal right to restrict or object to the processing of personal data at any time, on reasonable grounds relating to each particular situation, unless the processing is required under the law; the
exercise of this right prevents us from further processing of that personal data, unless we can demonstrate compelling legitimate grounds for further processing or for setting, exercise or defence of legal claims.
Withdrawal of consent: Where consent is the legal basis for processing, data subjects have the right to withdraw consent at any time, please let us know at firstname.lastname@example.org.
Other rights in relation to our data processing: If you want to exercise your right to erasure/deletion or the right to data portability provided under the law, please send us an email at email@example.com.
Complaints: If you want to complain about our use of personal data, please send an email detailing your complaint at firstname.lastname@example.org and we will further investigate. Nevertheless, you have the right to make a complaint with the National Supervisory Authority for Personal Data Processing in Romania; details on their procedure are at www.dataprotection.ro.
Personal data responsible
Address: Bucharest, Sector 2, at no. 4C Gara Herăstrău street, Building B, 3rd floor 3