Data Protection Policy
Alfa Rom Consulting SRL, hereinafter called "Alfa Rom", is committed to protecting and respecting your privacy. This Policy (together with other documents referred to herein) provides an overview of how Alfa Rom collects, processes and retains your personal data and of your rights under data protection laws.
What is Personal Data?
Any information about an individual who can be identified, such as by a name, an identification number, specimen signature, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
What is Sensitive Personal Data?
Personal data revealing racial or ethnical origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health-related data, an individual’s sex life or sexual orientation and an individual’s criminal convictions.
Alfa Rom is required by law to ensure that personal data is used fairly and lawfully, and GDPR holds a set of principles which describe how such data should be handled:
- Processed lawfully, fairly and in a transparent manner;
- Collected for specified, explicit and legitimate purposes;
- Adequate, relevant and limited to what is necessary;
- Accurate and, where necessary, kept up to date;
- Kept for no longer than is necessary;
- Ensures appropriate security;
- Demonstrate compliance with the principles.
Data Protection Officer
The Data Protection Officer is the person within the organisation who is responsible for overseeing the data protection strategy and implementation to ensure compliance with GDPR requirements.
Purpose of Processing the Personal Data
Alfa Rom collects, processes and stores personal data in relation to its own employees, contractors and collaborators, work-seekers, delegates and individual client contacts within the context of business relationship. As such, Alfa Rom may retain personal data on individuals for the following purposes:
- Employee administration;
- Fulfilling contractual obligations;
- Accounting and financial obligations;
- Administration and processing of contractors, collaborators and work-seekers personal data for the purposes of providing work finding services, pay and bill, right to work and, if applicable, referencing and security checks;
- Administration and processing of client’s personal data for the purposes of supplying or introducing contractors, collaborators or work-seekers to third parties;
- Advertising, marketing and public relations;
- Emergency situations.
Alfa Rom provides any information relevant to the data processing of an individual in a concise, transparent, intelligible and easily accessible form, using clear and plain language. The information is provided in writing or by other means, including, whenever possible, by electronic means.
Where Alfa Rom collects personal data other than from the individual directly, it will - where required - provide the individual with a Privacy Notice within a reasonable period after obtaining the personal data, but at the latest within two months.
If Alfa Rom intends to disclose the personal data to a third party, then that Privacy Notice will be issued when the personal data is first disclosed (if not issued sooner).
Where Alfa Rom intends to further process the personal data for a purpose other than that for which the data was initially collected, Alfa Rom will provide the individual with information on that other purpose and any relevant further information before it does the further processing.
Personal Data Requests
Individuals are entitled to access, rectify or erase their personal data on request. Should an individual wish to have their data accessed, rectified or erased, they must submit a request to the Data Protection Officer, by using the Personal Data Request Form, F-501, availabe for download below.
F-501-ENG Form (Personal Data Request, English version, PDF file)
F-501-ROU Form (Personal Data Request, Romanian version, PDF file)