1. What does the personal data processing policy entail?

The purpose of this Policy is to explain to you what data we process, why we process it and what we do with it.
Our company uses technical means to store data securely.
Our company will not disclose personal data except for the realization of your interests and fulfillment of legal obligations.
We take privacy seriously and never sell lists or email addresses. We make every effort to securely store and process your personal data carefully. We do not provide personal data to third parties without your consent.
Sending a message through this site confirms that you have accepted the conditions set out below. If you do not agree with these, please do not continue to access the Site and / or send us a message.

2. How to contact us

SOCIETATEA PARASITE STUDIO S.R.L.
Headquarters: str. Tolstoi no. 16 Timisoara
E-mail: office@parasitestudio.ro
Person responsible for the protection of personal data: Wenczel Attila

3. Explanations of the terms and expressions used in this Policy

Personal data controller – The controller responsible for the processing of personal data within the meaning of the Regulation on the protection of personal data no. 679/2016 is the Parasite Studio S.R.L. Company.

The data subject within the meaning of the Regulation regarding the protection of personal data no. 679/2016 – identified or identifiable natural person (who can be identified, directly or indirectly, especially by reference to an identification element: name, identification number, location data, an online identifier, or to one / more elements specific to their physical, physiological, genetic, mental, economic, cultural or social identity). The data subject may be the applicant of a service offered by the Operator, as well as any other natural person whose personal data are transmitted to the Operator (by way of example a customer or potential customer, a user of the Operator’s website, etc.).

Processing of personal data means any operation or set of operations performed on personal data or personal data sets, with or without the use of automated means, such as the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or making available in any other way, alignment or combination, restriction, deletion or destruction.

Profiling means any form of automatic processing of personal data consisting in the use of personal data to assess certain personal aspects of an individual, in particular to analyze or predict aspects of performance at work, the situation economic, health, personal preferences, interests, reliability, behavior, location of the individual or his travels.

Violation of the security of personal data or security breach means a breach of security which leads, accidentally or unlawfully, to the unauthorized destruction, loss, alteration or disclosure of personal data transmitted, stored or otherwise processed or unauthorized access to them.

In accordance with the provisions of Regulation no. 679/2016 on the protection of individuals with regard to the processing of personal data, in the relationship between the company Parasite Studio S.R.L. you, too, have the status of data subject and Parasite Studio S.R.L. holds the status of data operator.

4. What personal data do we process?

We collect your personal data requested through the “SAY HI” field, respectively your name, surname, e-mail and your telephone number, which you provide us with the sending of a message through the “SAY HI” field.

5. Why and how do we process your personal data?

We process your email for the transmission of the requested data within the website, in order to provide you with a response to the message you send us, for communication with you, for the performance of our legitimate activity.

We process your first and last name to know the sender of the message, so that we can communicate with you, in order to carry out our legitimate activity.

We process your phone number so that we can contact you as soon as possible and so that we can arrange any meetings, to communicate with you, to carry out our legitimate activity.

We process the content of the messages you write on the website www.parasitestudio.com, on our e-mail address and the data sent by you because this content is necessary in order to be able to respond to you personally and offer you solutions adapted to your situation. particular. The collection of these personal data and texts of the messages written by you on the website and on our e-mail address is the result of an action by which you choose to send us a message, and the processing of this data will be done under the provisions of art. 6 para.1 lit. f) of Regulation no. 679/2016 regarding the processing of personal data, respectively for the legitimate interest of the subscriber, taking into account our object of activity.

6. What is the legal basis for the processing of your personal data?

The processing of your personal data transmitted through messages through the section “SAY HI” is represented by art. 6 para.1 lit. f) of Regulation no. 679/2016 regarding the processing of personal data, respectively for the legitimate interest of the subscriber, considering our object of activity.

If, following discussions with you, we enter into a contract, it will include an information note regarding the protection of personal data in which you will be informed of all the legal grounds on which your data will be processed gradually: service, storage, archiving, deletion, etc.

If you do not benefit from any service from the subscriber, respectively we will not conclude any contract, your personal data will be deleted within 1 month from the sending of the message.

7. We do not use your personal data to make automated decisions, nor in automated profiling or human intervention processes.

8. About the purposes for which we process personal data

We process your personal data for the purposes described in Section 5.

Our purposes, for which we process personal data are:

  • real;
  • present;
  • legitimate.

We inform you before processing your personal data for secondary purposes:

  • if we initially collect your personal data for a primary purpose;
  • if our secondary purpose is incompatible with the primary purpose.

9. How long do we keep your personal data?

We limit the storage time of your personal data to what is necessary for our processing purposes.

We review the need to keep your personal data, each year we analyze the data collected and processed, in order to filter, sort and maintain processing only for data for which the purpose of processing is current.

If, following your message, we do not enter into a contract, your message and your personal data will be deleted within a maximum of 1 month from the date the message is sent.

If, following the message sent by you, we conclude a contract, it will include an information note regarding the protection of personal data in which you will be informed of all the legal grounds on which your data will be processed. gradually: provision of service, storage, archiving period, deletion, etc.

10. Do we disclose your personal data?

Our company does not disclose your personal data, unless a contract is concluded and this is necessary for the execution of the contract or there are certain legal obligations on the part of the undersigned which involve the disclosure of your personal data.

We remind you that we guarantee the strict confidentiality of your personal data and the messages you send us, maintaining confidentiality being an essential value for us.

11. Do we transfer your personal data outside the EU or the EEA?

We do not transfer your personal data:

  • in non-EU or EEA countries;
  • to international organizations outside the EU or the EEA.

12. Is your personal data safe?

We keep your personal data safe:

  • with appropriate technical measures;
  • with adequate organizational measures;
  • with an adequate level of security;
  • with measures against unauthorized processing;
  • with measures against illegal processing;
  • with measures against accidental or illegal loss;
  • with measures against accidental or unlawful destruction;

We have implemented measures for:

  • discover security breaches;
  • document the causes of the security incident;
  • document which personal data are affected by the security incident;
  • document the actions (and reasons for the actions) to remedy the security breach;
  • to limit the consequences of the Security incident;
  • to recover personal data;
  • to return to a normal state of processing of personal data.

If we have a reasonable degree of certainty that there has been a breach of the security of your personal data processing, then:

  • we report the security incident to the management of our company.
  • we designate a person responsible for:
    • analyze whether the security breach may have adverse effects on you;
    • inform the relevant Cabinet staff;
    • determine to what extent it is necessary to notify the Supervisory Authority of the security incident;
    • determine whether it is necessary to provide you with information about the security incident.
  • we are investigating the security incident.
  • we try to prevent the security incident from leading to:
    • accidental or illegal destruction of personal data;
    • accidental or illegal loss of control of personal data;
    • accidental or illegal loss of access to personal data;
    • accidental or illegal alteration of personal data;
    • unauthorized disclosure of personal data;
    • unauthorized access to personal data.
  • we make every effort to mitigate the immediate risk of injury.
  • notify the Supervisory Authority of the security incident, if the breach is likely to pose a high risk to your rights and freedoms.
  • we inform you about the security breach:
    • if the breach is likely to pose a high risk to your rights and freedoms;
    • as soon as possible;
    • through suitable contact channels, e.g. by e-mail, on our website, etc.
  • we are not obliged to inform you directly if:
    • we have taken steps to make your personal data incomprehensible to anyone who is not authorized to access it;
    • immediately after the security incident, we have taken steps to ensure that the high risk to your rights and freedoms is no longer possible;
    • would involve disproportionate efforts. In such a case, we will inform you through public networks.

13. What are your rights regarding your personal data?

According to Regulation no. 679/2016 as a data subject, you benefit from an accumulation of rights, respectively:
Right to information and access to personal data: the right to obtain confirmation of whether or not personal data concerning you are processed and, if so, access to those data.

Right to rectification: the right to request the Operator and to obtain, without undue delay, the rectification of inaccurate personal data concerning you and / or to obtain the completion of personal data which are incomplete.

The right to delete data (“the right to be forgotten”): the right to obtain the deletion of personal data concerning you, without undue delay, in the cases provided for in Regulation no. 679/2016.

The right to restrict processing: the right to obtain the restriction of processing in certain cases.

Right to data portability: the right to receive personal data concerning you and to pass it on to another controller.

The right to oppose: the right to oppose at any time the processing of personal data concerning you, under the conditions of Regulation no. 679/2016.

The right not to be subject to a decision based solely on automatic processing, including profiling, which produces legal effects that affect you or similarly affect you to a significant extent.

The right to address a complaint to the National Authority for the Supervision of Personal Data Processing (ANSPDCP) in case you consider that your data have not been processed in accordance with the legal provisions.

The rights listed above are not absolute. There are exceptions, so each request received will be analyzed so that we can decide whether it is justified or not. To the extent that the request is substantiated, we will facilitate your exercise of your rights. If the request is unfounded, we will reject it, but we will inform you of the reasons for the refusal and of the rights to lodge a complaint with the Supervisory Authority and to refer it to the competent courts.

14. How can you exercise your rights?

We invite you to contact us about the exercise of your rights regarding the protection of your personal data.

We only accept written requests, because we cannot deal with verbal requests immediately, without first analyzing the content of the request and without first identifying you.

Your application must contain a detailed and accurate description of the right you wish to exercise.

You must provide us with a copy of an identification document to confirm your identity, such as:

  • ID card;
  • passport.

Using the information in your identification document:

  • is limited to confirming your identity;
  • will not generate a storage of your personal data more than is necessary for this purpose or in the legitimate interest to which you have consented by submitting the document.

If we make every effort and fail to identify you and you do not provide us with additional information to help us identify you, we are not obligated to comply with your request.

You can send your request regarding the protection of your personal data to:

  • e-mail address: office@parasitestudio.com
    the e-mail address of the contact person and / or responsible for the protection of personal data;
    directly to our headquarters.
  • You will receive our answer to your requests regarding the protection of your personal data on our web form directly to your contact addresses officially communicated to us: e-mail, home address, place of work, etc.

We have implemented policies that ensure that a request for the protection of your personal data is recognized and resolved within the time limits provided by law.

We will try to respond to your request within 30 days. However, the time limit may be extended by law, depending on various issues, such as the complexity of the application, the large number of applications received or the inability to identify you in a timely manner.