Privacy Policy.
- Introduction
- Legislative Context
- Data Protection Officer
- How We Collect and Use Your Personal Information
- Disclosure and Transfer of Personal Data
- Your Rights
- Personal Data Retention
- Data Security
- Changes to the Privacy Policy
- Third Party Sites
- About Cookies
- Site Security
- Questions, Concerns, Complaints
1. Introduction
SC EVENT MARKET PLATFORM SRL, Unique Registration Code: 41873363, registered at the Trade Registry Office under no. J40/15205/2019, hereinafter referred to as Event Service Providers - Tulipr.ro, is the operator of personal data transmitted through this site.
Please note that we will not request or receive information of any kind from children under 16 years of age.
On behalf of "Event Service Providers - Tulipr.ro", third parties process personal data, these persons being designated as processors in accordance with the provisions of Regulation (EU) 2016/679. The use of processors is justified by business reasons, most often we are talking about specialized, professional services that can manage the necessary volumes and provide the technology through which Event Service Providers - Tulipr.ro can fulfill its duties. Note that the data is not simultaneously transmitted to all processors.
Event Service Providers - Tulipr.ro is committed to respecting your personal data privacy. We will treat all personal data provided by you as confidential and will only process the information permitted by applicable legislation. This privacy notice describes the policies and practices of Event Service Providers - Tulipr.ro regarding the collection and use of your personal data and establishes your privacy rights.
The confidentiality of information is a permanent responsibility, and therefore we will update this privacy notice from time to time as we undertake new personal data practices or adopt new privacy policies. Regarding the processing of data based on consent (as described below), we will notify you of any changes and will request your additional consent.
2. Legislative Context
According to the requirements of Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the "GDPR Regulation") applicable from May 25, 2018, we have the obligation to manage safely and only for the specified purposes, the personal data you provide to us by using our site in accordance with the provisions of the GDPR Regulation.
For more details on the content of this legal norm, please access the following link:
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679
3. Data Protection Officer
We have appointed a data protection officer regarding all aspects related to the protection of personal data, and you can contact the data protection officer regarding all matters related to the processing of your data and the exercise of your rights according to the applicable legal provisions, especially if you have questions or concerns about how we process your personal data. The email address to contact the data protection officer is: contact@tulipr.ro.
4. How We Collect and Use Your Personal Information
Personal information you provide:
We may collect, store, and use the following types of personal data:
- Information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, visit duration, page views, and website navigation paths)
- Information you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including your name and email address)
- Information you provide to us when using the services on our website, or information that is generated during the use of these services
- Information contained in or relating to any communication you send to us or send through our website (including the correspondence with us, the content of the communication, and the metadata associated with the communication)
- Information regarding the legitimacy of access – passwords, hints, and similar security information used for authentication on our site;
- Any other personal data you choose to send to us.
- Sensitive personal data that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning your sexual life or sexual orientation. Event Service Providers - Tulipr.ro does not intentionally collect or store sensitive personal data from you.
Purposes for using your personal data
Personal data transmitted through this site and personal data that we have collected from you or from third parties or public sources will be used for the purposes specified in this Privacy Policy. Depending on the relationships we have or wish to have with you, we may use your personal data for the following purposes based on the legal grounds presented below:
Communications, based on the legitimate interest of Event Service Providers - Tulipr.ro under Article 6(1)(f) of the GDPR Regulation: if you have contacted us through this site or otherwise, we may process your name, contact details, location, and other information you have provided to respond to your inquiries, to arrange meetings, phone calls, or other communications.
Purchase of products, based on our contract with you under Article 6(1)(b) of the GDPR Regulation: by purchasing products through this site, you agree to become a party to a contract, the Terms and Conditions of which will be stipulated in the contract. In this case, your personal data, such as full name, contact details, address, ID card details, payment details (if you pay) will be processed by Event Service Providers - Tulipr.ro for the following purposes: to conclude the contract for the product purchased from our site, to ship the product to the address indicated by you, to collect the price of the purchased product, or to retain your information when you wish to return the purchased product in accordance with the General Terms and Conditions.
Marketing and public relations, based on your consent under Article 6(1)(a) of the GDPR Regulation: if you are a visitor to our site, we may process by cookies and web beacons your IP address, geographical location, browser type and version, operating system, referral source, visit duration, log files, interactions with our website and online campaigns, data automatically collected about you or your device in accordance with this Privacy Policy, information you provided through the contact form. Please see the "About Cookies" section below for more details.
In some cases, we will receive your personal data directly from you. However, in other cases, we will receive data through third parties or public sources, such as LinkedIn. If applicable law requires it, we will request your consent before collecting personal data through third parties or public sources.
We will not process your personal data for any other purpose incompatible with those listed above or for which you were initially informed unless required by applicable law.
5. Disclosure and Transfer of Personal Data
The information we collect from you will be processed within the European Economic Area and outside the European Economic Area, depending on the purpose of the processing. Event Services Providers - Tulipr.ro strives to apply appropriate safeguards to protect the confidentiality and security of your personal data during transfer and to use it only in accordance with your relationship with Event Services Providers - Tulipr.ro and the practices described in this Privacy Policy. Event Services Providers - Tulipr.ro minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.
To the extent permitted by applicable data protection laws, we may disclose your personal data to customers (for business involvement or to confirm the high quality of our services), suppliers/manufacturers directly/indirectly involved in providing products, suppliers directly/indirectly involved in the marketing and promotion process, agencies, state authorities (including tax authorities), auditors, accountants, judicial experts, lawyers, or other such external advisors of Event Services Providers - Tulipr.ro, or to third parties who provide us with products and services (IT system service providers, financial consultants).
We will clearly indicate to you each data recipient if they are known at the time of initiating the processing. We may also disclose your personal data:
- to the extent that we are required to do so by law.
- in connection with any ongoing or potential legal proceedings.
- to establish, exercise, or defend our legal rights (including providing information to others for the purpose of fraud prevention).
6. Your Rights
The GDPR grants individuals whose personal data is processed a series of rights. In short, the rights you have:
- The right to withdraw consent at any time to stop data processing based on your consent. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal, for the execution of a contract, to fulfill a legal obligation, or to pursue our legitimate interests.
- The right of access - means you have the right to obtain confirmation from us whether or not we are processing personal data concerning you and, if so, access to that data and information about how it is processed. If access cannot be provided within a reasonable time, we will provide you with a date when the information will be transmitted. You may also request additional information about the purpose of the processing, categories of personal data, the source of the information, and how long it will be stored.
- The right to data portability - refers to the right to receive personal data in a structured, commonly used, and machine-readable format, as well as the right for that data to be transmitted directly to another operator if technically feasible.
- The right to object - concerns your right to object to the processing of personal data when the processing is necessary for the performance of a task carried out in the public interest or for the purposes of the legitimate interests pursued by the operator. When personal data is processed for direct marketing purposes or based on express consent, you have the right to object to the processing at any time.
- The right to rectification - refers to the correction, without undue delay, of inaccurate personal data. The rectification will be communicated to each recipient to whom the data has been disclosed, unless this proves impossible or involves disproportionate effort.
- The right to erasure ("the right to be forgotten") - means you have the right to request the deletion of personal data without undue delay if one of the following reasons applies: they are no longer necessary for the purposes for which they were collected or processed; you withdraw consent and there is no other legal ground for processing; you object to processing and there are no overriding legitimate grounds; the personal data has been unlawfully processed; the personal data must be erased to comply with a legal obligation; the personal data has been collected in connection with the offering of information society services.
- The right to restriction of processing - can be exercised if the person contests the accuracy of the data, for a period necessary to verify the accuracy of the data; the processing is unlawful, and you oppose the erasure of the personal data, requesting instead the restriction; if Event Services Providers - Tulipr.ro no longer needs the personal data for processing purposes, but the person requires them for the establishment, exercise, or defense of legal claims; if the person has objected to processing for the period in which it is verified whether the legitimate rights of the operator prevail over those of the respective person.
If you wish to exercise any of these rights, please contact our data protection officer at contact@tulipr.ro at any time.
You have the right to lodge a complaint with the data protection authority if you have concerns about how we process your personal data. Complaints regarding the processing of personal data can be addressed to the National Supervisory Authority for Personal Data Processing at the following contact details:
- postal address: Str. B-dul Gheorghe Magheru nr. 28 – 30, sector 1, Bucharest, Romania, postal code 010336
- Website: http://www.dataprotection.ro
- email address: anspdcp@dataprotection.ro
- phone: +40 318 059 211 or +40 318 059 212
7. Retention of Personal Data
Your personal data is stored by Event Services Providers - Tulipr.ro on its servers.
Your personal data will be retained by Event Services Providers - Tulipr.ro for a period that does not exceed the period necessary to achieve the purposes described above and/or any other duration necessary under our legal obligations, using the following criteria to determine this period:
- When you purchase products through Event Services Providers - Tulipr.ro, we keep your personal data for the duration of our contractual relationship, but no longer than 10 years from the last transaction;
- If you participate in a promotional offer, we keep your personal data for the duration of the promotional offer;
- If you have registered on our site, we keep your personal data until you request its deletion;
- At your request and within 60 days of the termination of the contract/account cancellation at your initiative, Event Services Providers - Tulipr.ro will provide you with the personal information that relates to you. Within 90 days of the termination of the contract, all personal information is deleted unless there is a legal requirement to the contrary. Non-personal and aggregate information is retained.
- If cookies are stored on the computer, we keep them as long as necessary for them to achieve their purposes (e.g., during a session for shopping cart cookies or session ID cookies) and for a period defined in accordance with local regulations and guidelines. In this regard, we mention that data processed through cookies used to provide online behavioral advertising, to personalize our services for you, and to enable content sharing on social media sites (share buttons intended for displaying the site), will be retained for a maximum period of 10 years from their collection, based on your consent.
- If you have not provided your consent for data processing or have revoked consent, we will store only minimal data about you (full name, contact details, references, and notes) for statistics and reporting needs or as justified on another legal basis, such as our legitimate interest.
Without prejudice to the other provisions of this section, we will retain information and documents (including electronic documents) that contain personal data:
- to the extent we are required to do so by law.
- if the information/documents are relevant to any ongoing or potential legal proceedings.
- to establish, exercise, or defend our legal rights (including providing information to others for the purpose of fraud prevention).
8. Security of Personal Data
To protect the privacy of the data and personal information you transmit using this website, we will maintain physical, technical, and administrative safeguards.
We continuously update and test our security technology. We restrict access to your personal data to only those employees who need to know that information to provide you with benefits or services. In addition, we train our employees on the importance of confidentiality and maintaining the privacy and security of your information.
If a personal data breach occurs, we will do everything to eliminate it and assess the level of risk associated with the breach in accordance with our personal data breach policy. If it is determined that the breach may lead to physical, material, or non-material harm to you (e.g., discrimination, identity theft, fraud, or financial loss), we will contact you without undue delay, unless otherwise provided by law. All our efforts will be made in full cooperation with the competent supervisory authority.
9. Changes to the Privacy Policy
We may update this information document from time to time by publishing a new version on this website.
Given that personal data protection laws, interpretations by state bodies, recommendations by supervisory authorities change and improve from time to time, this privacy notice and terms of use are also expected to change. We reserve the right to modify this information document at any time, for any reason, and without notice. Any changes to our privacy policy will be posted on this page so that you are aware of our policies. The provisions contained in this document replace all previous announcements or statements regarding our privacy practices and the terms and conditions governing the use of this website.
10. Third-Party Websites
This site may include hyperlinks and details about third-party websites. We have no control over and are not responsible for the privacy policies and practices of third parties.
11. About Cookies
As is the case with most websites, this site automatically collects certain information and stores it in log files. This includes Internet Protocol (IP) addresses, the geographical location of the computer or device, browser type, operating system, and other information about visits to this site, such as pages viewed. This information is used to improve this website and, due to this constant improvement, to better serve our users. Your IP address may also be used to diagnose problems with our server, to administer this site, to analyze trends, to track user navigation on the site, and to collect demographic information to help us understand visitors" preferences and needs.
This site also uses cookies. For more details about cookies, please refer to the User Information Document about the presence of cookies on the site.
12. Site Security
We cannot guarantee that data transmissions over the Internet can be 100% secure. Consequently, we cannot ensure or guarantee the security of the information you transmit and you understand that any information you transfer to Event Services Providers - Tulipr.ro is at your own risk. However, Event Services Providers - Tulipr.ro uses site security measures in accordance with best practices to protect the website, emails, and mailing lists. These measures include technical, procedural, monitoring, and tracking measures intended to protect data from misuse, unauthorized access or disclosure, loss, alteration, or destruction.
We are aware that misuse incidents or unauthorized program incursions may occur, this being the case for almost every website, service, or user. In such situations, our goals are to move quickly to isolate the problem, to ensure or restore proper functionality, and to minimize inconvenience to our users. If necessary, Event Services Providers - Tulipr.ro will notify the competent authorities about these incidents of misuse or unauthorized incursion into the Event Services Providers - Tulipr.ro site.
13. Questions, Concerns, Complaints
If you have questions regarding your personal information or if you wish to exercise your rights or have concerns or complaints, please contact us by sending an email to the data protection officer at contact@tulipr.ro.
If you wish for us not to use the information you have provided, please send us an email to contact@tulipr.ro with the title "Do not use my data" and your name.
To update or correct your personal data, please contact the data protection officer at contact@tulipr.ro.