ACTIO is committed to safeguarding and respecting your privacy.
ACTIO is the data controller of any personal data provided to us when you visit our website or request a service from us.
This notice explains the principles according to which we may process any personal data we collect from you, or that you provide to us, in connection with your visit to this website and your rights in relation to that information.
Scope of the website
The website www.actio.ro presents general information about ACTIO, our services and our team. This website is not addressed only to ACTIO clients or affiliates. Therefore, we may receive and collect information from you, even if you are not contractually related to ACTIO. We may use your personal data that you send us via e-mail in order to respond to a specific enquiry sent by you.
Personal data means any information relating to an identifiable person. The processing of personal data shall always be in line with the General Data Protection Regulation (GDPR).
Contact details of the data controller
Data controller for the purposes of the General Data Protection Regulation (GDPR) is:
The data we collect
We do not collect personally identifiable data about you - such as your name, address, telephone number, fax number, e-mail address, etc. – unless you choose to email us directly and provide us with your personal data.
We do automatically collect certain non-personally identifiable data when you visit our website – such as the browser types and versions used, the operating system used, the website from which an accessing system reaches our website, the date and time of access to the Internet website, an IP address, the Internet service provider of the accessing system, and any other similar data and information that may be used for customizing the display of our website on your device or in the event of attacks on our information technology systems.
How we normally use data about you
We use non-personally identifiable data to analyze website usage (such as aggregated information on the pages visited by our users), which allows us to improve the design and content of our website. In using the non-personally identifiable data, we don not draw any conclusion about the visitors of our website.
In the ordinary course of business, we may use personal data you provide via e-mail information related to our mandate. If you are not a client of ACTIO, we may use your personal data that you send us via e-mail in order to respond to a specific enquiry sent by you.
We may also use the e-mail addresses in our database for marketing and informative newsletters. Such will be sent along with a clear and easy opt-out option for the recipient.
We will not contact you about other matters, unless you specifically request it, nor will we share, rent, or sell your personal data outside ACTIO, except where we have your approval or where that is necessary to fulfil our obligations to you.
If you are interested in applying for a job at ACTIO and choose to submit resume information by e-mail, we will use it only for the internal application review process. Please direct all job applications to email@example.com and not to other e-mail addresses available on the website.
However, it is possible, though unlikely, that we might be forced to disclose personal data in response to legal process or when we believe in good faith that the law requires it, for example, in response to a court order, subpoena or a law enforcement agency’s request.
Collection of data by third-party websites
Where they are essential to make our website work;
To analyse website traffic to identify what visitors find most interesting;
To compile anonymous, aggregated statistics that allow us to understand how visitors use our website and to help us improve the structure of our website.
We cannot identify you personally in this way. For detailed information about cookies and how they are used on our website, see our Cookies Policy.
You have the ability to accept or decline cookies by clicking the right option on the pop-up window that is automatically displayed when you visit our website or by modifying the settings in your browser.
Our commitment to security
We take reasonable steps to hold information securely in electronic or physical form and to prevent unauthorised access, modification or disclosure.
Our information security policy is sustained by security standards, processes and procedures and we store information in access-controlled premises or in electronic databases requiring logins and passwords. We require our third-party data storage providers to comply with appropriate information security industry standards. All partners and staff and third-party providers with access to confidential information are subject to confidentiality obligations.
Where consent is required, it is a freely given, specific, informed and unambiguous indication of the user’s wishes. The user must provide an active indication that they agree to the processing of their personal data. The user has the right to withdraw consent at any time and must be informed of this right.
Rights of the user
a) Right of confirmation
Each user has the right to obtain from ACTIO the confirmation as to whether the personal data concerning them is being processed.
b) Right of access
Each user has the right to obtain from ACTIO free information about their personal data stored at any time and a copy of this information, upon request.
c) Right of rectification
Each user has the right to obtain from ACTIO the rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, the user has the right to have incomplete personal data completed, if not already complete.
d) Right to erasure (“right be forgotten”)
Each user has the right to erasure of personal data concerning them, and ACTIO has the obligation to erase personal data where one of the following applies, as long as the processing is not necessary: the data are no longer needed for their original purpose (and no new lawful purpose exists); the user withdraws consent to the processing and there are no other lawful grounds for the processing; the user objects to the processing and there are no overriding legitimate grounds for the processing; the personal data has been unlawfully processed; erasure is necessary for compliance with EU law or the domestic law.
e) Right of restriction of processing
The user has the right to obtain from ACTIO restriction of processing where one of the following applies: the accuracy of the data is contested (and only for as long as it takes to verify that accuracy); the processing is unlawful and the user requests restriction (as opposed to exercising the right to erasure); ACTIO no longer needs the data for their original purpose, but the data are still required by ACTIO to establish, exercise or defend legal rights; or if verification of overriding grounds is pending, in the context of an erasure request.
f) Right to data portability
The user has the right to receive a copy of their personal data in a structured, commonly used, machine-readable format that supports re-use; to transfer their personal data from ACTIO to another controller; to store their personal data for further personal use on a private device; and to have their personal data transmitted directly between controllers without hindrance.
g) Right to object to processing
Each user has the right to object, on grounds relating to their particular situation, to the processing of personal data, where the basis for that processing is either: public interest; or legitimate interests of ACTIO.
ACTIO shall no longer process the personal data in the event of the objection, unless we can demonstrate legitimate grounds for the processing which override the interests of the user, or for the establishment, exercise or defence of legal claims.
If ACTIO processes personal data for direct marketing purposes, the user has the right to object at any time to processing of personal data concerning them for such marketing. If the user objects to the processing for direct marketing purposes, ACTIO will no longer process the personal data for these purposes.
h) Right to withdraw data protection consent
Each user has the right to withdraw their consent to processing of their personal data at any time.
Legal basis for the processing
There are several reasons why we hold, process and share individuals’ personal data. Under data protection laws, the lawful reasons for processing personal data include:
To comply with a legal obligation.
For a legitimate interest of ACTIO except where those rights are overridden by the interests or fundamental rights and freedoms of the data subject which require protection.
Below, you may find a non-exhaustive list of purposes for which we process your data, under each legitimate reason.
In some cases, we need to process data to ensure that we are complying with our legal obligations. For example, we need to keep records of our mandates and clients in accordance with the prerequisites of the legal profession in Romania. Statutory reporting requirements are included within this section. As is disclosing information to third parties such as the courts or the police where we are legally obliged to do so.
We have a legitimate interest in processing personal data that we have obtained from you. This includes use of the e-mail addresses in our database for marketing and informative newsletters. Such will be sent along with a clear and easy opt-out option for the recipient.
Using your personal data for our legitimate interest also allows us to:
Run recruitment processes.
Respond to and defend against legal claims or other investigatory processes.
Maintain a secure IT infrastructure.
Please refer to firstname.lastname@example.org if you consider that there is something about your particular situation which makes you want to object to processing on this ground.
Only in limited circumstances, we may approach you for your written consent to allow us to process certain data. For instance, your consent is required in order for us to place cookies on your device.
Routine erasure of personal data
ACTIO shall process and store the personal data of users only for the period necessary to achieve the purpose of processing or storage, or as long as other legislators in laws or regulations to which ACTIO is subject to require. For the retention period of each type of specific personal data you may be concerned about, please send your queries to email@example.com.
Existence of automated decision-making
We do not use automated decision-making or profiling. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person.
Revisions to our Privacy Notice
We review this Privacy Notice regularly and reserve the right to revise it or any part of it from time to time to reflect changes in the law or technology practices. Please review the notice periodically for changes.
We encourage you to read this Privacy Notice carefully, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information. Please send any questions regarding this notice to firstname.lastname@example.org.