CONFIDENTIALITY POLICY ON THE USE OF PERSONAL DATA
To whom does this Information Note apply?
This Information Note applies to the processing of personal data of:
- Our contractual partners such as suppliers, customers (“Business Partners”);
- Visitors and users of our site www.siriusbroker.ro (“Users”);
- What data do we collect about you?
We collect and process your personal data as follows:
of the information you provide to us by filling in the forms on our website: the form on the Contact page, the form for ordering an insurance policy
by correspondence with us by phone, e-mail or in any other way.
The information you provide may include the name, address, home address, e-mail address and telephone number, data about the insured asset, as well as other information, as the case may be.
Through our activity on the site, we will not collect or process sensitive personal data related to you (ie information about racial or ethnic origin, political opinions, religious confession or philosophical beliefs, health, sexual life, or sexual orientation), unless which:
- we are obliged to do so by law; and / or
- if you have given us your explicit consent separately.
If you voluntarily provide us with personal data (including sensitive personal data) through your interaction with the www.siriusbroker.ro site or by contacting us by phone, e-mail or any other means, by our own will and not at our request, we will delete such personal data from our systems unless we consider that processing is necessary for a legitimate purpose of Sirius Broker, unless you made these public data (for example, in a message forum that is visible to the public), in which case we will delete this data from www.siriusbroker.ro only if the law imposes such or if we do not want to keep them. Every time you visit www.siriusbroker.ro, we automatically collect the following data:
- technical data, for example, this may include the Internet Protocol (IP) Address used to connect your computer to the Internet, connection information, browser type and version, time zone setting, plug-in types and versions, and operating platform, device type and brand of mobile device; this data is collected and processed on our behalf through third-party cookies, and you can find more information about this at the Cookies Policy
- your visit data, for example, may include URL data, a sequence of clicks through, through and from www.siriusbroker.ro (including date and time), the information or products you have viewed or searched on the site.
If we obtain your personal data from a third party, we will provide you with all relevant information on processing as soon as possible but no later than one month after we have obtained your personal data.
- What are the purposes of processing personal data and what is the legal basis for the processing?
We can process your personal data in the following cases:
- when we need to take the necessary steps to conclude a contract with you;
- when we have to execute a contract that we have concluded with you;
- when we have to comply a legal obligation (ie the applicable laws in labor relations, accounting, audit);
- when it is necessary for our legitimate (or third party) interests and for your interests (ie to detect and prevent fraud or to ensure IT security and IT), unless your fundamental rights prevail over these interests;
- where it is necessary for the public interest or for official purposes.
We process your personal data for various technical, administrative and operational reasons, such as:
- to make sure your content is presented in the most effective way for you;
- to improve the www.siriusbroker.ro website, including its functionality;
- for managing the site www.siriusbroker.ro;
- for internal operations, including troubleshooting, data analysis, testing, research, statistics and research purposes;
- to keep the www.siriusbroker.ro site safe.
In some cases, we will process your personal data only with your consent (i.e., in the case of advertising and marketing). In these cases, we will separately request your consent in a transparent manner when providing your personal information. You may later withdraw your consent at any time by sending a request to the email@example.com e-mail address. Withdrawal of consent will not affect the lawfulness of the processing that took place before its withdrawal.
When requesting personal data to comply with legal or contractual obligations, the provision of such personal data by you is required. This means that if such personal data is not provided, we will not be able to manage the contractual relationship or comply with the legal obligations imposed on us. In all other cases, the provision of personal data is optional and you are not required to provide it.
We may process your personal data, such as identification data, contact details and address of residence, for the purpose of the possible exercise of our rights or claims against you in the future. This processing is based on our legitimate interest, and we need to exercise our rights in the event of possible litigation.
Specifically, we will use your personal information as follows:
Users and customers:
For the purpose of providing services, delivering goods and making payments based on relevant contracts, we may process your personal data, such as identification data, contact details, bank details.
This processing is based on
- Performing a contract to which Users (especially Customers) are part of, or
- A legal obligation imposed on us.
The purposes of the processing are:
- To obtain financial offers from insurance companies;
- To be able to subsequently issue the insurance policy for which we have been asked to bid on behalf of the insurer;
- To be able to issue certain documents related to insurance policies on behalf of the insurer (ie receipts of insurance premiums)
- Advising policyholders on maturity rates;
- Collection and settlement of premium rates with insurance companies;
- Advice to customers upon expiration of insurance policies and transmission of insurance policy renewal offers
We may process your personal data so that we can provide you with information about goods or services that we believe you are interested in.
If you are a new customer, we will contact you electronically only if we have your prior consent. If you do not want us to use your data in this way, check the appropriate box in the form by which we collect your contact form.
We will not send your personal data to third parties for marketing purposes without your explicit consent to this effect.
For the purpose of providing services, delivering goods and making payments based on relevant contracts, we may process your personal data, such as identification data, business contact details, bank details and tax identification code, for persons registered in VAT purposes.
This processing is based on:
- executing a contract to which you, as a Business Partner, are a party;
- legal obligations imposed on us;
- our legitimate interest.
In some cases, we process personal data such as the names and contact details of Employees or Contractors of the Trading Partners for the purposes of communications relating to the execution of a particular contract with the Trading Partners.
This processing is based on:
- the execution of a contract to which the Trading Partners are party;
- the legal obligations imposed on us;
- our legitimate interest.
Being a Commercial Partner, we can provide you with communications about our new products and services. If you no longer wish to receive these communications, you can cancel by sending us an email at firstname.lastname@example.org
Candidates for jobs published by Sirius Broker:
In connection with your participation in the recruitment and selection process for one or more of the listed jobs as part of Sirius Broker, we may collect and process your personal data, (ie then information provided in the CV you send us) for the purpose of selecting, evaluating professional skills for the job (s) you apply, and communicating with you during the recruitment process. This processing is based on the legitimate interest of Sirius Broker.
- To whom do we submit our personal data?
Sirius Broker will not transmit (by selling or renting) any third party your personal information.
Within Sirius Broker, only a limited number of staff, such as Sales, Accounting, and IT departments, have access to your personal data on a need-to-know basis. These staff members are subject to confidentiality obligations with respect to personal data. Sirius Broker staff members have the right to manage personal data only on the basis of instructions provided by Sirius Broker in connection with their service responsibilities.
Appropriate technical and organizational measures are taken to protect personal data. This site uses security measures against the loss, alteration or misuse of information under our control. However, Sirius Broker does not assume responsibility for the loss of information caused by software errors with which the site is designed and hosted. We also do not respond for server security errors that host the site.
Personal data may be communicated to governmental authorities, tax authorities and/or law enforcement agencies if required by applicable law or if necessary for the exercise of our rights, including conditions of use, or for the protection of our legitimate interests (including the legitimate interests of third parties) in accordance with the applicable laws.
Your personal data may also be disclosed to third parties as follows:
- To business partners, suppliers and subcontractors for the execution of all the contracts we conclude with you to provide the products and services you require
- For the delivery of insurance policies, the data is transmitted to the courier companies
- To service providers that provide administrative, professional, and technical support to the Company for IT support, security and commercial resources;
- To external consultants (ie lawyers, accountants, auditors), for specific purposes, when necessary
Sirius Broker performs an appropriate prior assessment of the selection of third party service providers and requires these service providers to maintain adequate technical and organizational security measures to protect personal data and process personal data only in accordance with the instructions specified by Sirius Broker. Service providers will be entitled to use subcontractors to provide services to Sirius Broker, provided that each subcontractor respects the same data protection obligations as service providers.
- What is the period for keeping personal data?
We will retain your personal data for the period necessary to meet the purposes listed in this Policy or for the period required by applicable national law, in accordance with the applicable legal minimum retention periods and / or as necessary to exercise our legitimate rights and the legitimate rights of others).
If you are a Customer or a Trading Partner, we will retain your personal data during the course of your contractual relationship with you.
If we have a continuing commercial relationship with you as a Commercial Partner, we will continue to retain this personal data until our commercial relationship is terminated and the minimum retention period imposed by law.
If you are a user of the www.siriusbroker.ro site (i.e., you created a user account on the site), we will keep your personal data for which the user account is active.
If you are a candidate for one or more of the jobs published in the www.siriusbroker.ro careers section, we will keep your personal data throughout the recruitment and selection process, after which the information is deleted (if the candidate was not employed in the company).
If we process your personal data under your consent, such personal data will be processed only for the period of your consent, unless you withdraw or limit your consent before the expiration of that period. In such cases, we will cease processing of that personal data for the relevant purposes, subject to any legal obligation to process such personal data and/or our need to process such personal data for the purposes of our legitimate rights (including the legitimate rights of others).
- Storing personal data and transferring personal data outside the country
The site www.siriusbroker.ro is managed and maintained by PRO COMPUTER SRL and hosted by Globehosting’s servers, located on the territory of Romania.
We intend not to transfer your personal data outside the EEA unless there are adequate safeguards, including:
- a decision on the appropriateness of the European Commission regarding the country or countries of destination;
- a “privacy shield” certification;
- binding corporate rules;
- an approved code of conduct, along with the binding and enforceable commitments of the data controller or the person empowered by the data controller in the country outside the EU and the EEA;
- an approved certification mechanism, together with the binding and enforceable commitment of the data controller or the person empowered by the data controller in a non-EU country and the EEA to apply the appropriate safeguards; or
- EU standard contract clauses approved by the European Commission.
- What rights do you have?
You have the following rights according to the relevant legislation:
- The right to confirm that your personal data is processed by us or to provide you with a copy of your personal data;
- The right to request the rectification or deletion of personal data processed by Sirius Broker;
- The right to request the restriction of personal processing data by Sirius Broker;
- The right to oppose the processing of personal data by Sirius Broker (eg the use of processing for direct marketing purposes);
- The right to request portability of personal data;
- The right to withdraw your consent at any time without affecting the lawfulness of the processing under consent prior to its withdrawal;
- The right to file a complaint with the National Supervisory Authority for Personal Data Processing.
Please be aware that your rights described above may be limited in certain situations and subject to the applicable laws and regulations on the protection of personal data. For example, the right to oppose the processing of your personal data may be limited if we can demonstrate that we have compelling legitimate reasons to process your personal data that outweighs your interests. You will need to prove your identity and give us further details to help us respond to your request.
We will not charge a fee to respond to your request unless this is permitted by law and, if such a tax is levied, it will be reasonable and proportionate to your application.
To exercise one or more of these rights, please contact us at e-mail email@example.com
- Security of personal data
We keep your personal data on Globehosting’s servers on the Romanian territory.
We use appropriate technical and organizational measures to protect your personal data and prevent unauthorized access to it. We have entered into contractual relationships with third parties providing hosting services and these contracts include obligations on organizational and technical security of personal data.
You are responsible for maintaining the confidentiality of all means of authentication (eg username, passwords, etc.) used by you to access parts of the site www.siriusbroker.ro. Data transmission over the Internet is not entirely secure. While we do our best to protect your data, we can not guarantee 100% the security of your data transmitted to our site; any personal data transmission is at your own risk. Once we receive your data, we will use strict security procedures to try to prevent unauthorized access.
- Privacy of minors
The site www.siriusbroker.ro does not knowingly collect personal identification data from people under the age of 16. If the parent or legal guardian is aware that the child in custody provided his personal information to www.siriusbroker.ro, he must immediately inform Sirius Broker at firstname.lastname@example.org. If we discover that a person under the age of 16 has provided personal data through the www.siriusbroker.ro site, then we will destroy this information from our servers immediately, unless the parent or guardian gives his explicit consent to the site’s processing of the child’s personal data for the specified purposes.
If you have any questions or concerns regarding the processing of your personal data by the www.siriusbroker.ro website or if you want to exercise one or more of your rights, you can contact us at email@example.com
Please do not disclose sensitive personal data (such as information about racial or ethnic origin, political opinions, religious or other beliefs, health or membership of a trade union), social security numbers for ounces when you contact us.
Last Updated: May 22, 2018.
Note: We may periodically update this policy and notify you of any change by posting the new version on www.siriusbroker.ro.