Confidentiality Policy 

 

THE NATIONAL RESEARCH AND DEVELOPMENT INSTITUTE FOR INDUSTRIAL ECOLOGY ECOIND, headquartered in Bucharest, 71-73 Drumul Podu Dambovitei, District 6, post code 060652, phone 021/410.03.77;  Fax 021/410.05.75; email: ecoind@incdecoind.ro, sole registration code: 3268360, has the obligation to manage your personal data safely and to use such data only for the purposes listed below.

 

Definitions

  • “personal data” is any information related to an identified or identifiable individual (“person concerned”); an identifiable individual is a person who can be directly or indirectly identified, mainly by reference to an identification element such as a name, an identification number, localisation data, an online identifier or by reference to one or several particular elements specific to that person’s physical, physiological, genetic, psychological, economic, cultural or social identity;
  • “processing” means any operation or set of operations carried out on personal data or on sets of personal data, with or without the use of any automated processing mean, such as collecting, recording, organising, structuring, storing, adapting or modifying, extracting, seeing, using, revealing by way of transmission, dissemination or providing in any other way, aligning, or combining, restricting, deleting or destroying such data.
  • “processing restriction” means marking the personal data stored for the purpose of restricting its future processing.
  • “profiling” means any form of automated personal data processing which implies the use of such personal data to assess certain personal aspects of an individual’s life, mainly to analyse or foresee certain aspects, such as the said individual’s workplace performance, his/her economic situation, his/her health, his/her personal preferences, his/her interests, his/her reliability, his/her behaviour, the place where he/she is or his/her travels.
  • “Nicknaming“ means the processing of personal data in such way to make sure that the data in question cannot be related to a certain person concerned, without additional information, provided that such additional information is stored separately and it is protected by technical and organisational means that prevent it from being attributable to an identified or an identifiable individual.
  • “data record system” means any structured set of personal data, accessible according to certain specific criteria, be it centralised, decentralised or split by functional or geographic criteria. 
  • “operator” means an individual or a legal entity, a public authority, an agency or another body that sets forth, on their own or together with others, the personal data purposes and means to be used. When such purposes and means are set up under the Union’s legislation, or under the domestic legislation, the operator or any specific criteria used to assign the operator may be stipulated in the Union’s or in the domestic legislation.
  • “Operator-authorised person” means any individual or legal entity, any public authority, agency or other body that processes the personal data on the operator’s behalf.
  • “Consignee” means any individual or legal entity, any public authority, agency or other body to whom/ which the personal data is revealed, regardless of whether such body is a third party or not. However, public authorities to which the personal data might be revealed during a certain investigation, in accordance with the Union’s or the domestic legislation, shall not be considered consignees; The processing of such data by the above mentioned authorities shall instead comply with the applicable norms in the field of data protection, in terms of processing purpose.
  • “Third party” means any individual or legal entity, any public authority, agency or other body, other than the person concerned, the operator, the operator-authorised person and the persons who are authorised to process the personal data, under the operator’s direct authority.
  • “Consent” given by the person concerned means any specific, informed, and unambiguous act of free will carried out by the person concerned, under which, the said person accepts, via a statement or another unequivocal action, for their personal data to be processed.
  • “Personal data security breach” means a security breach that accidentally or illegally leads to the destruction, loss, modification or the unauthorised revealing of the personal data sent, stored or processed in any other way, or to the unauthorised accessing of such data.

 

Ways of collecting and processing personal data

The requested information refers, mainly, in its nature,   to personal data (name, address, phone numbers, email addresses) and it is collected:

– directly from you, by filling in offer requests and/or by placing an order for environmental services or by accessing the online contact form.

–  automatically, when you access our website, via cookies or IP (Internet Protocol).

Any information that you provide, shall be considered to be and it shall represent your express consent for your personal data to be used by INCD ECOIND, according to the purposes mentioned below.

The personal data processing is done automatically and/or manually, by filling in the necessary contact details to issue fiscal invoices for our environmental services, by sending the correspondence needed for an order/ an environmental service contract.

All information collected this way shall be processes only for communication purposes, related to the environmental services provided and it shall not be revealed to any third party.  If you do not want your personal data to be collected, please do not provide such data to us.

 

Using personal data and specifying purposes  

You data shall be treated in compliance with the current legislation in place in the field of personal data protection and it shall be used by INCD ECOIND for the following purposes:

for direct marketing purposes, e.g. to keep you informed via email messages, on our services and products or for any other marketing activities carried out by INCD ECOIND and for the administration of our client database (only if the person concerned has expressly and univocally given their consent for the processing of their email address and/or their phone number for this purpose);

for the purpose of processing your request for environmental services, our  INCD ECOIND staff shall fulfil the legal requirements in place in the field of personal data protection.

for statistical purposes, to assess how satisfied our clients are with the  INCD ECOIND services. Your answers will be strictly confidential and they shall be use exclusively to improve our services. The data shall be collected and processed via an external application so there will be no connection between your personal data and the answers you provide in this questionnaire.

 

Confidentiality

Protecting the information while we process your personal date is one of you permanent concerns here, at INCD ECOIND. For this reason, all information collected while you visit our website is processed in observance of the exiting legal provisions in place.

Our website may include connections to other websites, whose content is not under our control. Thus, INCD ECOIND does not take any responsibility and it cannot accept any liability for the content of these websites.

 

INCD ECOIND undertakes not to reveal any information related to you visit to our website, except in legal cases.  

 

Informing the persons concerned on their rights

All those who send their personal data to our website www.incdecoind.ro, have their rights safeguarded according to the legal provisions in place related to their rights:

  • The concerned person’s right of access

The person concerned has the right to obtain, from the operator, a confirmation of the fact that their personal data is being processed and, if such confirmation is issued, the person concerned has the right to access the personal data in question along with the following information:

  • The right to make rectifications

The person concerned has the right to secure, without any undue delay, the rectification of any inaccurate personal data elated to them. Taking into account the purpose for which such data had been collected, the person concerned has the right to secure the supplementation f any incomplete personal data, including by providing an additional declaration.

  • The right to have their data deleted (“the right to be forgotten”)

The person concerned has the right to procure from the operator the deletion of their personal data without any undue delay, and the operator has the obligation to delete such personal data.

  • The right to restrict the processing of personal data

The person concerned has the right to procure from the operator the restriction of their personal data processing.

  • Data portability rights

The person concerned has the right to receive their personal data provided to the operator in a structured frequently used format, which can be automatically read and he/she it has the right to send this data to another operator, without any  obstacles from the operator that received the data in the first place.

  • The opposition right

At any time, the person concerned has the right to oppose the processing of their personal data, including the use of such opposition for profiling purposes. In such cases, the operator shall stop processing the personal data in question, except when it can prove that it has legitimate and urgent reasons justifying the processing of such data, which would have to prevail before the interests, the rights and the freedoms of the person concerned, or the purpose of such processing would have to be the ascertaining, exercising or the defence of a right in court.

  • The right to file a complaint with the supervisory authority

Without any prejudice to other administrative or legal remedies available, any person concerned has the right to file a complaint with a supervisory authority, if they think that the processing of their personal data breaches the existing legal provisions in place in this field. 

 

Amending the confidentiality policy

Any amendments brought to this confidentiality policy in the future, shall be published on this webpage, without any prior notification to you.

 

The “Terms and Conditions” and the “Confidentiality Policy” make u the entire agreement concluded between you and INCD ECOIND, for the use of our website:  www.incdecoind.ro.

 

INCD ECOIND reserves the right to revise and update these rules at any time, without any prior notification to or prior consent from our users.  

 

If you have any questions related to the information comprised in this page, please write to u at the following address: protectiadatelor@incdecoind.ro

 

Cookie Policy

 

In order to comply with the requirements stated in the EU Directive dated May 26, 2012 and the provisions of Law no. 506 dated November 17, 2004, on the processing of personal data and the protection of privacy in the field of electronic communications, all those visiting our website, www.incdecoind.ro, are required to give their consent before having the cookies sent t their computers. The law says that we are allowed to store cookies on your devices, if they are strictly necessary for the operation of our website. For all other types of cookies, we need your consent to store them on your computers.

 

This site uses cookies

 

What is a  “cookie”?

Cookies are small text files that can be used by websites to make their use more efficient.

 

An “Internet Cookie” (also known as “browser cookie” or “HTTP cookie” or simply “cookie”) is a small sized file comprising letters and numbers, which is stored on the user’s computer, mobile terminal or on other pieces of equipment used to access internet.

 

A cookie is installed via a request sent by a web-server to a browser (such as: Internet Explorer, Chrome) and it is totally “passive” (it does not comprise any software programmes, viruses or spyware programmes and it cannot access the information on the user’s hard drive. )

 

A cookie has two parts: its name and its content or value.  

Besides, a cookie’s lifespan is limited; technically speaking, only the web server that sent a cookie to a terminal can access that cookie again, when a user returns to the website associated with the web server in question.

 

The cookies themselves, do not request personal information in order to be used and, in most cases, they do not personally identify the internet users.

 

There are 2 main categories of cookies:

 

Session Cookies – these are stored in the web browser’s cookies form to be memorised by the time the user leaves the website in question or closes the browser window (for example: when logging in / out of an email account  or social media)

Persistent Cookies – these are stored on a computer’s or other equipment’s hard drive (and, in general, they depend on their pre-set lifespan). Persistent cookies also include the ones placed on a website other than the one visited by the user at that time – known as “third party cookies’ – which can be anonymously used to memorise users’ interests, so that the most relevant publicity can be delivered to them.

 

 

What advantages do cookies present?  

A cookie comprises information connecting a web-browser (user) to a web-server (website). If a browser accesses the web server again, the server may read the information already stored and act accordingly. These Cookies provide users with a pleasant web-surfing experience and they assist many websites in their efforts to offer comfortable services to their users: ex. – online confidentiality preferences, language options, shopping carts or relevant publicity.

 

 How long does a cookie live?

Cookies are managed by web servers. A cookie’s lifespan may vary significantly, depending on the purpose for which it had been placed on the users terminal. Some cookies are used for one single session only (session cookies) and they are not retained once the user leaves the website. Other, are kept and reused every time the user comes back to the website (permanent cookies). However, cookies may be deleted by the user at any time, via the browser settings.

 

What are third party cookies?

Certain content cookies on certain websites may be provided via third parties/ third party suppliers (such as: news box, a video or a commercial). These third parties may also place cookies via the website, and such cookies are named “third party cookies” because they are not placed by the owner of the website in question. Third party suppliers must observe as well the existing legislation in place and the confidentiality policy applied by the site owner.

 

How cookies are used by a website.

During a visit on a website, cookies may be placed for the following purposes:

  • To increase the website’s performance ;
  • For visitor analysis ;
  • For geo-targeting;
  • For user registration.

 

Performance cookies

This type of cookies memorises the user’s preferences on a certain site, so such user would no longer need to set them every time he/she comes back t the site.

 

Example: volume settings for video player, the video streaming speed that’s compatible with the browsers.

 

Visitor analysis cookies

Every time a user accesses a website, the analytics software provided by a third party generates a visitor analysis cookie. This cookie tells us that you have visited the website before. The browser shall detect this cookie and, if you don’t have it, one will be generated. This will allow the monitoring of unique visitors accessing the website and it shall assist in assessing their visit frequency.

 

As long as a visitor is not registered on the website, this cookie cannot not be used to identify individuals, but only for statistical purposes. If the user is registered on the website, one can also access the data provided by the user himself, such as the email address and the username – such data being, however, protected by confidentiality, according to the existing legal provisions in place in the field of personal data protection.

 

 

Geo-targeting cookies

These cookies are used by a software determining which country you are from. It is totally anonymous and it is used only for content targeting purposes– even when the user is visiting the page in Romanian or in another language, the commercial received will be the same.  

 

Registration cookies

When you register on a website, a cookie is generated communicating whether you are registered or not. The server uses this cookie to show the account you used to register and whether or not you are entitled to a certain service. Besides, it also allows the association between a comment posted on the website and your username. If you haven’t selected the “keep me registered” option, this cookie will be automatically deleted when you close the browser or shut down your computer.

 

Other third party cookies

On certain pages, third parties may set up anonymous cookies, for the purpose of monitoring the level of popularity that an application achieves or for the purpose of customizing and application. 

 

For instance, when you share an article using the social media button placed on the site, the social media network in question will register your activity.

 

What type of information is stored and accessed through cookies?

 

The cookies keep information in a small sized text file that allows a website to recognize a certain browser. The web server will keep recognizing that browser until the cookies expire or are deleted.

 

A cookie stores important information meant to improve the user’s web surfing experience (such as: language settings, keeping a user logged into an email account, online banking security; keeping products in a shopping cart.)

 

Why are cookies important for the Internet?

Cookies are the central point of an efficient and smooth running of the Internet, helping with the creation of a user- friendly internet surfing experience, adapted to the preferences and interests of each visitor. Refusing or deactivating cookies may render certain sites impossible to use.

 

Examples of important uses given to cookies (that do not need user authentication via an account):

 

Content and services adapted to the user’s preferences – news categories, weather, sports, maps, public and government services, entertainment websites and travel services.

 

Offers tailored to the user’s interests – password saving, language preferences (for instance showing search results in Romanian)

Saving the internet content filters set up to protect children (family mode options, safe search functions).

Measuring, optimising and analytics characteristics  – such as confirming a certain traffic level on a website, the type of content viewed and how a user ends up accessing a website (ex. via search engines, directly, redirected from other websites). Websites carry out these user analyses to improve their services for users.  

 

Security and confidentiality-related issues

 

Cookies ARE NOT viruses! They use plain text formats. They are not made of pieces of code so they cannot be executed, nor can they self-execute. Consequently, they cannot duplicate themselves or replicate on other networks, to run and replicate again. Because they cannot carry out these functions, they cannot be considered viruses.

 

However, cookies can be used for negative purposes. Since they store information on the users’ preferences and web surfing history, both on a certain website and on various websites, cookies may be used as a form of Spyware. Many anti-spyware products are already aware of this fact and they constantly mark cookies to be deleted, during their anti-virus / anti-spyware scan/delete operations.

 

Generally, browsers have confidentiality settings embedded in them, providing various levels of cookie acceptance, a validity period and an automatic delete option once the user visits a certain site.

 

Recommendations for a safe and responsible cookie-based browsing

 

If you share your computer with others, you might want to consider setting your browser in such way to delete your individual web browsing data, every time you close the browser. With this option, you access the desired websites, which place their cookies, but all browsing information is deleted at the end of your web surfing session. 

Install and update your antispyware applications regularly.

 

Many spyware detection and prevention applications include the detection of attacks on sites. Thus, they prevent the browser from accessing a website that might exploit the browser weaknesses or download dangerous software.

 

How can cookies be stopped?

Deactivating and refusing cookies may render certain websites unusable or very difficult to visit and use.

 

The browser can be set up in such way to prevent these cookies from being accepted or, it can be set up to accept cookies from certain websites only.

 

All modern browsers provide you with the possibility to change the cookie settings. These settings are usually placed in the browser’s Options/Settings menu or in its Preferences/ Favourites menu.

 

If you want to find out more about cookies in general, the following website is a good source: www.allaboutcookies.org