Personal data protection policy according to GDPR

                                                                                                                                                                    May 24, 2018

With the entry into force of major changes in EU regulations on data privacy, the forestdesign.ro portal has updated and announced its privacy policy to ensure that all activity and interaction with users complies with the rules provided by GDPR.
The policy initiated was updated before the introduction of the EU General Data Protection Regulation (GDPR), which will be implemented from 25 May 2018. GDPR will involve large-scale changes for businesses - both EU-based and outside the EU - which processes personal data of EU citizens - by significantly increasing the rights and protection of individuals.

Personal data protection policy

This policy applies to the forestdesign.ro portal and to all affiliated companies, management members and our employees. “Affiliate”, in this case, implies that the adoption of this Policy may be imposed by forestdesign.ro, directly or indirectly, based on the vote of the majority, of the majority of the management representatives or by agreement.

Category of processed data

We process the data provided by you:

• Name
• E-mail
• No. phone
• Skype ID
• Web page
• LinkedIn / Facebook profile
• Billing address, headquarters

We will record in the log for security reasons:

• Pages / functions visited
• Exact date and time
• IP address
• Cookies in the browser

We build the customer profile for marketing reasons:
What are the problems you are looking for a solution to, why do you need the services described?
What are the main decision criteria?
The profile is built based on the data provided by you. Our goal is for the messages we send to be really useful and relevant to you. We also do not want to receive general messages that are not addressed to us.
Based on the profile data, with the help of manually set filters, we target and write newsletters. There is no automated decision-making process in our procedure.

Purpose of data processing

We will notify customers by e-mail about new services, free courses and useful information for customer administration.
If we receive a request to this effect, we will delete the respective email address.
Contact details and notes will be kept for 365 days from the last contact.
The use of the system will be recorded in the log for security reasons. The data will be kept in various details for 365 days.
In the case of forestdesign.ro subscriber customers, the contact data and notes will be kept for 3 years from the date of the last contact.
Due to some legal provisions, certain personal data and those registered in the invoice will be kept until the term provided by law (at least 10 years and at most 15 years from the date of issuance of the last invoice).

The scope and applicability of this policy

This policy applies to the forestdesign.ro portal and to all affiliated companies and our employees. In this case, "affiliated" means that forestdesign.ro may require the adoption of this policy, directly or indirectly, based on a majority vote, representation of the majority management or by agreement. The forestdesign.ro portal establishes and applies internal rules, such as regulations and procedures in accordance with this policy.
The policy sets out the basic principles of the forestdesign.ro portal on personal data protection and data security standards and ensures compliance with applicable national and international data protection laws worldwide. Consequently, it encompasses the principles of data protection, agreed at international level, with the intention not to replace, but to supplement those laws on personal data protection and confidentiality ("National Law"). The content of this Policy must be observed in the absence of a corresponding National Legislation or if the National Legislation offers fewer requirements than this Policy. On the other hand, National Law always has priority in the event of a conflict with this Policy or if National Law has stricter requirements than this Policy.
The policy extends to the processing of all personal data. In countries where legal entity data is protected to the same extent as personal data, the Policy applies equally to legal entity data. Anonymous data, as in the case of statistical evaluations and studies, are not the subject of this Policy.

The principles of the forestdesign.ro portal regarding the processing of personal data
Law enforcement, fairness and transparency
Personal data will be collected and processed legally, correctly and transparently to protect the individual rights of data subjects.

Limitation to the specified purpose
Personal data will only be collected for explicit and legitimate purposes and will not be processed in a manner incompatible with the original purposes.

Data accuracy / Timeliness of data
Personal data will be accurate and, where necessary, constantly updated. The forestdesign.ro portal will take all necessary measures to eliminate or rectify inaccuracies promptly.

Limitation to the required data
Personal data will be adequate, relevant and limited to what is strictly necessary. Personal data will not be kept for longer than necessary.

The rights of the subjects of personal data

The forestdesign.ro portal respects the rights of all data subjects, including the rights regarding access to their data, the restriction of their processing or deletion and regarding their accuracy. The forestdesign.ro portal will provide clear and unambiguous information about the manner and purpose of collecting and processing the personal data of the subjects.

Deletion of personal data
The retention period of personal data will be defined. The forestdesign.ro portal eliminates personal data that are no longer necessary in relation to the purposes for which they were collected or if the consent is withdrawn and no other legitimate purpose for data processing applies.

Data processing security / Data security
Personal data will be processed securely. Appropriate technical and organizational measures will be taken regarding data security, against unauthorized processing or alteration, against loss or destruction, as well as against unauthorized disclosure and access to personal data transmitted, stored or processed. The forestdesign.ro portal fully ensures the integrity, availability, confidentiality and authenticity of personal data. In the event of an incident, the forestdesign.ro portal has the ability to restore, in a timely manner, the availability and access to personal data.

Default protection of personal data
The forestdesign.ro portal will implement the appropriate technical and organizational measures to ensure that only the personal data necessary for the specified purposes are processed. The principle of implicit data protection will be followed during the development of new products.

Responsibility
The forestdesign.ro portal assumes responsibility for all activities regarding the processing of personal data. The forestdesign.ro portal manifests its responsibility and has the capacity to demonstrate compliance.

Organization of the forestdesign.ro portal regarding the protection of personal data:
We proceeded to appoint a qualified person, responsible for implementing and observing the aforementioned principles. 
DPO officer contact details
If you have any questions about data protection, you are welcome to contact your data protection officer at any time:
Candrea Bogdan
Data Protection Officer S.C. FOREST DESIGN S.R.L.
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
The forestdesign.ro portal is operated by:
SC FOREST DESIGN S.R.L.
Reg. com .: J08 / 871/2004
CIF: 16357175
Address: Str. Nicovalei no. 33 Brașov, Jud. Braşov
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: 0722.276.272