PERSONAL DATA PROTECTION

This policy refers to cookies and web pages operated by S.C. ELSACO SOLUTIONS S.R.L.

What Are Cookies?

The cookie is a small file of letters and numbers that will be stored on your computer, mobile terminal, or other equipment of a user accessing the Internet. The cookie is installed through a web browser request from a browser (e.g., Internet Explorer, Chrome, Firefox, etc.) and is completely “passive” (does not contain software, viruses, or spyware and cannot access the information on the user’s hard drive).

What Are Cookies Used for?

These files make it possible to recognize the user’s terminal and present the content in a relevant way, adapted to the user’s preferences. Cookies provide users with a pleasant browsing experience and support Elsaco’s efforts to provide user-friendly services: like: – confidentiality preferences regarding online. They are also used to prepare aggregated anonymous statistics that help us understand how a user benefits from our web pages, allowing us to improve their structure and content, excluding the user’s personal identification.

What Cookies Do We Use?

We use two types of cookies: per session and fixed. The latter are temporary files that remain in the user’s terminal until the end of the session or closing the application (the web browser). Fixed files remain on the user’s terminal for a while in the cookie’s parameters or until they are deleted manually by the user.

How Are Cookies Used by This Site?

A visit to this site may place cookies for purposes of:

• site performance cookies
• visitor analysis cookies

Do Our Cookies Contain Personal Data?
Cookies themselves do not require personal information to be used and, in most cases, do not personally identify Internet users. Personal data collected through the use of cookies can only be collected to facilitate certain user functions. Such data is encrypted in a way that makes unauthorized persons unable to access to them.

Deleting Cookies
In general, an application used to access web pages allows you to save your cookies to the terminal by default. These settings can be changed in such a way that the automatic administration of cookies is blocked by the web browser or the user is informed whenever cookies are sent to his or her terminal. Detailed information about the possibilities and ways of managing cookies can be found in the application settings area (the web browser). Restricting the use of cookies may affect certain features of the web page.

Why Are Internet Cookies Important?
Cookies are the central focus of the efficient Internet, helping to generate a friendly browsing experience and tailored to the preferences and interests of each user. Denying or disabling cookies can make some sites unusable.
Denying or disabling cookies does not mean you will not receive online advertising – just that it will no longer be able to keep track of your preferences and interests highlighted by your browsing behavior.
Examples of important uses of cookies (which do not require authentication of a user through an account):

• content and services tailored to user preferences – product categories and services.
• remember children web-safety filters for content on the Internet (family mode options, safe search functions).
• limit ad serving frequency – limit the number of impressions of an ad for a particular user on a site.
• providing more relevant advertising to the user.
• measurement, optimization, and analytics features – such as confirming a certain level of traffic on a website, what type of content is viewed, and how a user reaches a website (e.g. through search engines, directly from other websites, etc.). Websites run these analyzes of their use to improve sites for the benefit of users.

Security and Privacy Issues
Cookies are NOT Viruses! They use plain text formats. They are not made up of pieces of code so they cannot be executed or can auto-run. Consequently, they cannot duplicate or replicate on other networks to run or replicate again. Because they cannot perform these functions, they cannot be considered viruses.
Cookies can still be used for negative purposes. Because it stores information about user preferences and browsing history, both on a particular site and on several other sites, cookies can be used as a form of Spyware. Many anti-spyware products are aware of this and consistently mark cookies to be deleted in anti-virus/anti-spyware removal/scanning procedures.
In general, browsers have built-in privacy settings that provide different levels of cookie acceptance, shelf life, and automatic deletion after the user has visited a particular site.
Other security issues related to cookies:

• since identity protection is very valuable and is the right of every internet user, it is advisable to know what issues can create cookies. In order to transmit constant information in both ways between the browser and the website, if an attacker or unauthorized person intervenes during the data transmission, the information contained in the cookie can be intercepted.
• although very rarely, this can happen if the browser connects to the server using an unencrypted network (e.g., an unsecured Wi-Fi network).
• other cookie-based attacks involve bad cookie settings on servers. If a website does not require the browser to use only encrypted channels, attackers can use this vulnerability to prevent browsers from sending information through insecure channels. Attackers then use the information for the purpose of unauthorized access to certain sites. It is very important to be careful in choosing the most appropriate method of protecting personal information.

Tips for Safe and Responsible Cookie-Based Navigation
Due to their flexibility and the fact that most of the most visited sites and the biggest ones use cookies, they are almost inevitable. Disabling cookies will not allow the user to access the most popular and used sites including YouTube, Gmail, Yahoo, and others.
Here are a few tips that can help you navigate safely with cookies:

• customize your browser settings for cookies to reflect a comfortable level for your cookie security.
• if you do not mind cookies and you are the only person using your computer, you can set long expiration dates for storing browsing history and personal access data.
• if you share access to your computer, you can consider the browser setting to delete individual browsing data each time you close your browser. This is a way to access sites that place cookies and delete any business information when you close the browsing session.
• install and update your antispyware applications.

Many of the applications for detection and prevention of spyware include the detection of attacks on sites. This prevents the browser from accessing websites that could exploit browser vulnerabilities or download dangerous software.
Make sure your browser is always up-to-date.
Many cookie-based attacks are made by exploiting the weaknesses of the old versions of browsers.
Cookies are everywhere and cannot be avoided if you want to enjoy access to the best and greatest websites on the Internet – local or international. With a clear understanding of how they work and the benefits they bring, you can take the necessary security measures so you can browse with confidence on the internet.
Disabling and refusing to receive cookies can make some sites unfeasible or difficult to visit and use. Also, refusing to accept cookies does not mean you will not get / see online advertising anymore.
It is possible to set up the browser so that these cookies are no longer supported or you can set the browser to accept cookies from a particular site. But for example, if you are not registered using cookies, you will not be able to leave comments.
All modern browsers offer the ability to change cookie settings. These settings are usually found in your browser’s “options” or “preferences” menu.
To understand these settings, the following links may be useful, otherwise you can use the browser’s “help” option for more details:

• Cookie settings in Internet Explorer
• Cookie settings in Firefox
• Cookie settings in Chrome
• Cookie settings in Safari

For 3rd party cookies, you can access this website:

• http://www.youronlinechoices.com/ro/

Useful Links
For more information about cookies and what they do, you should consult this websites:

• Microsoft Cookies guide
• All About Cookies

Context

The European Parliament and the Council adopted on 27 April 2016 Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Regulation (EU) 2016/679 was published in Official Journal of the Union L119 of 4 May 2016 and its provisions will be directly applicable in all Member States of the European Union as of 25 May 2018.

S.C. Elsaco Solutions S.R.L., as a personal data operator, understands to respect and comply with the provisions of Regulation (EU) 2016/679, sense in which formulates and communicates the present notice on the processing of personal data.

This notice is addressed to you, as a concerned person for the processing of your personal data.

Identification Data and Principles of Personal Data Processing

S.C. Elsaco Solutions S.R.L. is an organized society and operates in accordance with the laws of Romania. The headquarters of the company is in Cătămărești-Deal, str. Mihai Eminescu nr. 85, jud. Botoșani, VAT RO 14364265, trade Register Office no:: J7/319/2001, the legal representative being Doru Popa – Administrator.
The designated person within the company for the data processing activity can be contacted at the following address: dpo@elsaco.com or tel: 0231 507 060, int. 2252 or at the address:: str. Mihai Eminescu nr. 85, Cătămărești-Deal,  Botoșani county.
Personal data will be processed by S.C. Elsaco Solutions S.R.L. legally, fairly and transparently to the data subject, being accurate, appropriate, relevant and limited to what is necessary in relation to the purposes for which they are processed. Personal data will be processed for determined, explicit and legitimate purposes.
Personal data will be processed during the course of the business/contractual relationship between you and our company as well as upon their conclusion, to the extent that the further processing of the data is necessary for the observance of the legal provisions in force.

Personal Data to Be Processed

Personal data to be processed by S.C. Elsaco Solutions S.R.L. are the following:

• e-mail address, first and last name, phone number, date of birth, recipient address, delivery address, bank account.

Your provision of this personal data is a legal and contractual obligation on behalf of the data subjects. Processing of personal data by S.C. Elsaco Solutions S.R.L. is a prerequisite for the continuation of the commercial relations between you and our society. Please do not provide other personal data other than the ones strictly necessary.

Purpose of Processing Personal Data

Personal data will be processed by S.C. Elsaco Solutions S.R.L. for:

• drafting the invoices as well as the necessary documents for the payment of the products sold;
• drafting and registering commercial contracts as well as other related documents;
• drafting of the notices, the loading/unloading forms, the purchase documents.
• drafting of consignment notes, CMR, other transport documents;
• making purchase orders;
• preparation and registration of accounting documents, registers and accounting reports;
• employee recruitment.

In order to achieve the aforementioned purposes, the personal data of the persons concerned can be communicated, in strict compliance with Regulation 2016/679 as well as relevant legislation in the field, to public authorities and institutions having fiscal responsibilities as well as to companies and people with whom our company collaborates. In this case S.C. Elsaco Solutions S.R.L. will take, within the limits of the law, measures to ensure the confidentiality and security of personal data.
The companies, institutions and persons who will have access to your personal data are: Employees and collaborators of the Operator, third-party companies: Urgent Cargus SRL, Fan Curier, UNICREDIT BANK, Banca Transilvania, BCR.

The Legal Basis of the Processing

The legal basis for the processing of your personal data is Article 6 (1) (b), (c), and (f) of Regulation (EU) 2016/679, as follows:

• Article 6 (1) (b) is applicable as the processing of personal data is necessary for the execution of commercial and contractual relations;
• Article 6 (1) (c) is applicable since the processing of personal data is necessary for our company to comply with its legal obligations;
• Article 6 (1) (f) is applicable as the processing of personal data is necessary to achieve the legitimate interests pursued by our company, namely to ensure the functioning of the company in order to achieve a profit in strict compliance with the legal provisions as well as the rights of the other persons.

Your Rights as a Person Concerned With the Processing of Personal Data

• The right of access. The data subject has the right to obtain from the operator a confirmation that personal data concerning him/her are processed or, if so, access to the data. A copy of the personal data undergoing processing may be obtained;
• The right to rectification. The data subject has the right to obtain from the controller, without undue delay, the rectification of inaccurate personal data relating to him;
• The right to delete data. The data subject has the right to obtain from the operator the deletion of the personal data relating to him, subject to Article 17 of the Regulation;
• The right to restrict the processing. The person concerned has the right to obtain from the operator the restriction of the processing under the conditions set out in Article 18 of the Regulation;
• The right to data portability. The data subject has the right to receive the personal data which he regards and which he has provided to the operator;
• The right to opposition. At any time, the data subject has the right to oppose, for reasons related to his/her particular situation, the processing of personal data concerning him/her, including the creation of profiles based on those provisions;
• The right not to be the subject of a decision based solely on automatic processing, including the creation of profiles;
• The right to lodge a complaint with the National Supervisory Authority for Personal Data Processing.

S.C Elsaco Solutions S.R.L. does not use an automated decision-making process including the creation of profiles. We provide you on request in full form Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data.

Protection of Personal Data

S.C. Elsaco Solutions S.R.L. as a personal data controller, will take organizational, administrative and technical measures to comply with Regulation 2016/679 as well as to protect the personal data of the data subjects.