Politica de confidențialitate

DATA PRIVACY POLICY

Site https://linktoride.com/ is owned and managed by MAZILU AND PARTNERS CONSULTING SRL, a Romanian company, which can be contacted in the following ways:

Phone +40 785 696 258
e-mail: [email protected]
address: Olt County, Loc Slatina Str. Victoriei 11, sc. C, ap. 2,
Tax data: CUI: RO44455861, Trade Register: J28/622/2021

MAZILU AND PARTNERS CONSULTING SRL acts with the utmost diligence when processing your personal data, in accordance with the principles provided by the data protection legislation applicable in Romania, including the provisions of the General Data Protection Regulation 2016/679/EU on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ('GDPR').

The protection of natural persons with regard to the processing of personal data is a fundamental right. Article 8(1) of the Charter of Fundamental Rights of the European Union (the 'Charter') and Article 16(1) of the Treaty on the Functioning of the European Union (TFEU) provide for the right of everyone to the protection of personal data concerning him or her.

The principles and rules relating to the protection of natural persons with regard to the processing of their personal data should, irrespective of the nationality or place of residence of natural persons, respect their fundamental rights and freedoms, in particular the right to the protection of personal data.

The principles of personal data processing are the basis of the activity of each entity that uses personal data in its activity, regardless of their quantity and type.

Each economic operator or public institution that processes personal data must ensure compliance with the rights and obligations provided by the GDPR, and MAZILU AND PARTNERS CONSULTING SRL has understood the importance of the principles of personal data processing and has implemented internal policies and procedures that ensure compliance with the fundamental rights of individuals whose data are processed in its daily activity.

In this way, the Company has ensured and will ensure that it processes and will process only personal data that are really necessary, for the purposes established according to its specific activity, being able to demonstrate this compliance.

The principles imposed by the Regulation, which the Company has implemented and respects in its activity are:

The principle of responsibility
Principle of transparency
Principle of purpose limitation
Principle of data minimization necessary for the purpose of processing
Principle of data accuracy
Principle of data storage limitation
Principle of integrity and confidentiality

The principle of responsibility is that guideline according to which the data controller must implement compliance policies and processes in accordance with the provisions of the GDPR. The company has taken steps and adopted this principle in its activity, being able to prove compliance with it through the policies and procedures it has implemented.

The company has taken steps and adopted this principle in its activity, being able to prove compliance with it through the policies and procedures it has implemented.

Transparency of processing is the principle under which the controller has clear and specific obligations to inform the data subject, both when it obtains the data directly from the data subject and when it obtains them from third parties.

This principle is respected by informing individuals completely, correctly and objectively before the processing of personal data or in the event of any subsequent change regarding the personal data collected and the processing carried out.

MAZILU AND PARTNERS CONSULTING SRL provides complete, correct and objective information to the data subjects, providing them, upon request, when processing their personal data, with information regarding:

Purpose of processing;
Limitation of processing;
Accuracy of the processed data;
Period of use of the processed data;
Data protection conditions;
Possible disclosure of data to third parties / data transfers abroad;

The request for the manifestation of consent for the processing of personal data contains all the information regarding the processing of personal data, the company using a clear and 3 accessible language, through which it provides complete information. The company ensures compliance with this principle, its provisions being implemented through consent forms.

According to the Principle of Purpose Limitation of Processing, personal data must: "be collected for specified, explicit and legitimate purposes and shall not be further processed in a manner incompatible with those purposes; Further processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes shall not be considered incompatible with the original purposes ."

The company has proceeded to identify the purposes for which it processes each category of data, committing itself both by the Internal Regulation and by the other policies adopted, to process personal data only for the purpose for which they are collected.

In cases where processing is carried out for a purpose other than the initial one, the Company will obtain the prior and express consent of the data subject.

Obtaining consent for secondary purposes will be done through consent forms, in accordance with the provisions of the GDPR.

According to the principle of minimising the data necessary for the purpose of the processing, the data processed "must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ."

In order to comply with this principle, the Company has analyzed the personal data it processes, starting from the purpose of the processing, and has determined which of these data are necessary for the purposes established in the Company's activity, proceeding to delete the data for which there is no clear, legitimate and thorough purpose.

Data for which there is no clear, legitimate and thorough purpose for processing have been deleted from the Company's database.

According to the principle of data accuracy, the data processed must be: 'accurate and, where necessary, up-to-date; all necessary measures must be taken to ensure that personal data which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay .'

The company has implemented mechanisms to ensure that the personal data it processes are accurate and constantly updated.

According to the principle of limiting data storage, the controller is responsible for ensuring that the data it processes are: "kept in a form that allows the identification of data subjects for a period not exceeding the period necessary to fulfil the purposes for which the data are processed; Personal data may be stored for longer periods to the extent that they will be processed exclusively for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes, in accordance with Article 89(1), subject to the implementation of the appropriate technical and organisational measures provided for in this Regulation in order to safeguard the rights and freedoms of the data subject. "

Personal data will not be kept for a longer period of time than is necessary for the purpose for which it was collected.

For the purposes of their protection, personal data should not be retained by data controllers for longer than is necessary to fulfil the purpose for which they were processed, unless personal data are retained for:

archiving in the public interest
scientific or historical research
statistical purposes.

The retention of personal data for periods incompatible with the purposes of the processing or with the legitimate interest of the data controller exposes it to loss and damage to the data, and to potential sanctions from the Supervisory Authority.

Thus, the company has ensured and ensures that personal data are not kept longer than necessary to fulfill the purpose for which they are processed, unless they are kept for archiving in the public interest, for scientific, historical research or statistical purposes.

According to the principle of integrity and confidentiality, it is necessary that data be: "processed in a way that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by taking appropriate technical or organizational measures".

The company or institution processing the data is obliged to process the personal data diligently and in good faith, using, in order to prevent cyber attacks, appropriate technical means.

The operator has implemented the privacy policy, through which it ensures the protection of personal data, both against external risks (cyber attacks) and against possible internal incidents (unauthorized access, loss, accidental deletion).

The Company also undertakes to process personal data diligently and in good faith, using, in order to prevent cyber attacks (malware, ransomware), appropriate technical means.

In the event of a security incident involving loss or theft of personal data, the company undertakes to promptly inform (no later than 72 hours) both the supervisory authority and the individuals concerned, in accordance with the provisions of Regulation (EU) 679/2016 and the policy on the management of security breaches.

The General Data Protection Regulation aims to contribute to the achievement of an area of freedom, security and justice and an economic union, to economic and social progress, to the consolidation and convergence of economies within the internal market and to the well-being of individuals.

Personal data means any information relating to an identified or identifiable natural person, and an identifiable person is that person who can be identified directly or indirectly, in particular, by reference to an identifier or to one or more factors specific to that person's physical, physiological, mental, economic, cultural or social identity.

This policy concerns the confidentiality of the personal data of customers as well as other persons who contact or visit the https://linktoride.com/ website and their representatives and applies to the data collected through our website, as well as other personal data that we collect through the e-mail service.

The Personal Data Privacy Policy describes:

the purposes for which we collect and use your personal data;
the processing grounds on which those purposes are based;
the categories of personal data we collect from you and process;
the duration of the processing process of such data;
your rights as a data subject and how you can exercise those rights;
how and when the information collected from you is used;
How we protect the information collected from you

Purposes for which we collect and use your personal data:

To provide you with access to the functionalities of the linktoride.com website and the linktoride application;
For the administration of the linktoride.ro website;
For the analysis and improvement of the linktoride.ro website and the application that we own;
To send you non-commercial or administrative messages (regarding the user account, changes in the site, changes in services, etc.);

The processing grounds on which these purposes are based

For all purposes, the basis for data processing lies in our legitimate interest to ensure the proper functioning of the website and the application as well as the improvement of the website.

Categories of personal data we collect from you and process

In the context of registering in the Application, you accept and understand that LinktoRide will collect and process some of your personal data, as specified in the Privacy Policy.

Personal data we collect
- The categories of data processed in the context of our interaction with you are, if you open an account on the "Linktoride" platform:
first and last name
email address
phone number
address
birth date

as well as other personal data that you may communicate to us directly, as necessary to fulfill the purposes, such as:

Employer/Company Name
Beneficiary contribution
Car brand (optional field)
Car color (optional field)
Car registration number (optional field).
- To reset your password we require your email address.
- To log in to your account we require

Email (Google, Facebook, Apple Account)
Password

For Create a ride by the driver we require

Curette location/Starting point
Final Point
No. of passengers
Hour and date

For Wallet – to pay for rides, the user needs to enter their card details when adding credit. The card details will not be stored in the application. Each time they top up with credit, they will need to fill in their card details, just like when paying for online purchases.
For Account we request – Profile picture – to set or change your profile picture, we will request permission to access the camera or gallery.

The way of collecting data is directly from the user, from the traffic reports recorded by the servers that host the site, from where we can find out certain information about you, such as your address. IP, the time of your visit, the place from which you entered our website, as well as from the Linktoride app, only if you open an account.

Duration of the processing process of this data

Depending on the purpose for which they are processed, personal data will be kept for as long as necessary to fulfill the purpose of their processing.

Data subjects' rights and how they can be exercised

According to the provisions of Regulation (EU) 679/2016 on the protection of personal data, you have the following rights with regard to the processing of personal data:

The right to be informed about the collection of data;
The right of access to personal data;
The right to rectification of personal data;
Right to erasure;
The right to restrict the processing of personal data;
The right to the portability of personal data;
The right to object;
Rights related to automated decision-making and profiling;
The right to lodge a complaint with the National Supervisory Authority for Personal Data Processing;

To exercise the aforementioned rights and to obtain more information about these rights, please send a written request to our attention as the data controller by email at [email protected]

"You also have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing, located at B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest, 010336, Romania."

We are committed to paying the utmost attention to your requests and answering your questions as soon as possible.

How we protect the information collected from you

Mazilu & Partners does not provide the collected information to third parties without your express and prior consent. Any statistics on our users' traffic, which we will provide to third- party advertising networks or partner sites, is provided only as an aggregate and does not include any personally identifiable information about any individual user.

Information provided directly by the user: This information is used solely for the purpose of your use of the LINKtoRide application developed by us.

Information collected server traffic reports: This type of information helps us identify which sections of our website are of interest to users.

We also use users' IP addresses for the secure administration of our IT system and to prevent criminal activities.

How we protect the information collected from you.

The confidentiality and protection of the information collected from you are a priority for us.

Your access The Linktoride app is protected by a password. We recommend that you do not disclose this password to anyone. The app will never ask you for the password of your accounts in unsolicited messages or phones. We advise you not to reveal this password to the people who ask you to do so.

Changes to the Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page. Where appropriate, we will notify you or ask for your consent. Please check back frequently for any changes or updates to our Privacy Policy.

LinkToRide