INVL Logo

Privacy policy

This Privacy Policy (hereinafter – the Policy) provides information on how Danube Solar Five SRL (hereinafter – the Company) processes personal data. This Policy also describes the basic rights of the Data Subject established in the data protection legal acts and provides the Company’s contact details.

This Policy applies to the processing of personal data of persons who use or have expressed the intention to use the Company’s services.

The company ensures the confidentiality of personal data in accordance with the requirements of valid legal acts and the implementation of appropriate technical and organisational measures to protect personal data from unauthorised access, disclosure, accidental loss, alteration or destruction or other illegal processing. When processing personal data, the company follows the provisions of the General Data Protection Regulation and other legal acts regulating the processing of personal data.

Please note that this Policy may be changed in the future, taking into account amendments of the legislation and the Company’s operations, therefore, we recommend that you review it periodically.

 

  1. CONCEPTS AND DEFINITIONS

Personal data subject (hereinafter – the Data Subject) shall mean a natural person, who uses, has used, expressed the intention to use the services provided by the Company and/or uses the website and submits requests on the website.

Personal data controller shall mean Danube Solar Five SRL, the Company whose website you use and to which you send your inquiries.

Personal data processor shall mean a natural or legal person who processes personal data on behalf of or instruction of the Personal Data Controller.

Personal data shall mean any information related to a natural person, who is a Data Subject, whose identity is known or can be directly or indirectly established by using such data as personal ID number, and one or several attributes of physical, physiological, psychological, economic, cultural or social nature.

Personal data processing shall mean any operation carried out with personal data: collection, recording, accumulation, storage, classification, grouping, aggregation, modification, provision, publication, use, logical and/or arithmetic operations, search, dissemination, destruction or other action or set of actions.

General Data Protection Regulation (hereinafter – the GDPR) shall mean the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Other concepts used in this Policy shall be understood as defined in the GDPR and other legal acts.

 

  1. CATEGORIES OF PERSONAL DATA

Depending on the services that the Data Subject intends to use or uses, the Company processes various categories of personal data. Personal data are most commonly obtained directly from the Data Subject and from the Data Subject’s activities when he/she uses the website.

2.1. Main categories of personal data:

The main categories of personal data include, but are not limited to:

  • Name, surname and e-mail address provided by the Data Subject.
  • Data related to the Data Subject’s visit to the website www.calea2.com: Your visits to the website and use of this website (including your IP address, browser type, duration of visit, number of page views, etc.).
  • Other personal data of the Data Subject and information that you send to the Company in an online request.
  1. OBJECTIVES AND LEGAL BASIS OF PERSONAL DATA PROCESSING

As basis for processing of personal data, the Company may use the Data Subject’s consent to process personal data for a specific purpose, e.g., consent to the use of non-functional cookies, submission of a request on the website. The Company may also process personal data based on the concept of legitimate interest (for example, in order to strengthen IT security, in order to process submitted requests) after implementing the requirements set forth by the GDPR.

The Company may process the Data Subject’s data for the following purposes (including, but not limited to, cases where the Data Subject’s separate consent for data processing is obtained):

  • To maintain relations with Data Subjects;
  • To administer submitted requests;
  • To provide answers to submitted requests through the specified contact details;
  • To administer the website;
  • To improve your browsing experience by adapting this website to the personal needs of visitors;
  • To provide statistical information about our users to third parties, however, this information will not be used to identify any individual user;
  • To manage cookies and the information they collect. You can find out more about how personal data are processed using cookies in the Cookie Policy published on the website.

If the Data Subject uses the contact details form on the Company’s website for requests, the information provided in this form, including the Data Subject’s contact details, shall be stored until the request has been processed and no longer than 2 years from the submission of the request, unless a longer storage period is legally permitted due to other reasons.

 

  1. RECIPIENTS OF PERSONAL DATA

The personal data of the Data Subject may be disclosed/transferred for processing by the Personal Data Controller to the following third parties who, including but not limited to, assist the Personal Data Controller in performing and administering the provision of services:

  • companies providing information technology services (in order to ensure support, improvement and updating of information systems);
  • companies providing website administration and related services;
  • company administering customer requests and providing answers to them;
  • other data processors who process data on behalf of the Personal Data Controller.

Personal data shall not be provided to other third parties, except if this is necessary in accordance with the procedure established by law, for example, to state institutions and authorities and other persons performing the functions assigned to them by law.

  1. RIGHTS OF THE DATA SUBJECT

The Data Subject shall have the rights guaranteed by data protection legislation:

  • To withdraw consent at any time;
  • To familiarise with the data and request information on how the Company processes your personal data;
  • To request a copy of your data being processed from the Company;
  • To correct any information that you believe is inaccurate;
  • To request that we restrict the processing of your personal information;
  • To request that we delete your personal information;
  • To receive your personal information in a structured, commonly used and computer readable format.

Please note that the processing of your personal data is not subject to automated decision-making, including profiling.

The Data Subject shall have the right to file a complaint regarding the processing of personal data in the EU/EEA country, where you have your permanent residence, to the Data Protection Supervisory Authority, if the Data Subject believes that his/her personal data is being processed in violation of his/her rights and legitimate interests under the applicable legislation. If you have any questions, please contact the Company by e-mail [email protected] so that we can resolve them as soon as possible.

 

Data Controller:
Danube Solar Five SRL
Registry no. 9735/2023
European Unique Identifier (EUID) ROONRC.J40/9735/2023
Registration code (CUI – Code unic de inregistrare) 45152025
Address Bucharest, sector 1, 87th Or.lacob Felix Street, Felix Office Building, 1st Floor, Office no. (4 676) 1.4 4