This Privacy Notice aims to give you information on how we collect and process your personal data using this website, including any data you may provide through this website when you purchase a product, enter an event or otherwise interact with us.
WHO WE ARE
Asociatia “Da, si eu pot sa lupt cu diabetul” is a company registered in Romania with a registered office in Bucharest, Mihaela Ruxanda Marcu street, 4, sect 6, RAFJ s 6 no 48 / 25.06.2019, CF 41367404
When you use our services, you’ll share some information with us. We want to be upfront about the information we collect, how we use it, who we share it with and the choices we give you to control, access and update your information. For the purposes of data protection legislation, we are the data controller of your personal data.
THE PERSONAL INFORMATION WE COLLECT AND USE
Information collected by us
If you have registered with us, or ordered items from us, we will have your email address, telephone number, postal address and the method you chose to make your purchase with. We also collect information about how you use our services, such as the types of content you view or engage with or the frequency and duration of your activities.
If you have entered the race we will also collect personal information including your date of birth emergency contact (next of kin) information, and your consents to receive communications from event sponsors and partners.
In addition, our servers, logs, and other technologies automatically collect certain information (see below) to help us administer, protect, and improve our services; analyze usage; and improve users’ experience. We share personal information with others only as described in this policy, or when we believe that the law permits or requires it.
Information we collect automatically
Device information: We may also collect information about your device each time you use our site. If you have an account with us, we may collect information from or about the computers, phones or other devices where you log into our services. We may associate the information we collect from your different devices, which helps us provide consistent services across your devices. Here are some examples of the device information that we collect:
- Attributes such as the operating system and hardware version.
- Browser type and IP address
Log information: We also collect log information when you use our website. That information includes, among other things:
- Details about how you’ve engaged with us.
- Device information, such as web browser type and language.
- Access times.
- Pages viewed.
- IP address.
- Identifiers associated with cookies or other technologies that may uniquely identify your device or browser.
- Pages you visit before or after navigating to our website.
HOW WE USE YOUR PERSONAL INFORMATION
We use your information in several different ways. The table below set this out in detail, showing what we do, and why we do it.
|Category of personal data||Purpose for processing||Legal basis under the GDPR|
|Name and contact details||Deliver your purchase to you||Performance of a contract|
|Send you service messages by email or text, such as order updates||Performance of a contract|
|Send you information by email about our new products or services||Consent|
|So that you can enter an event||Performance of a contract|
|Fraud prevention and detection||Legal obligation|
|Date of birth information||Fraud prevention and detection||Legal obligation|
|Payment information (we don’t store this information)||Take payment and give refunds||Performance of a contract|
|Fraud prevention and detection||Legal obligation|
|Contact history with us, eg over the phone, email or social media||Provide customer service and support||Performance of a contract|
|Train our staff||Legitimate interests|
|Information about your phone or laptop, and how you use our website||Improve our website and set default options for you.||Legitimate interests|
|Fraud protection and detection||Legal obligation|
Who we share your personal information with
We share your data with the following categories of companies as an essential part of being able to provide our services to you:
- Companies who provide communication services such as bulk e mailers
- Professional service providers, such as marketing agencies, advertising partners and website hosts who help us run our business
- Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud
- Companies who take part in the operation of events, such as timing and medical services contractors
- Companies approved by you, such as social media sites
We will not share your personal information with any other third party.
How long your personal information will be kept
We will hold on to your information for three years after you close your account, or as long as is needed to be able to provide the services to you for as long as is necessary to provide support-related reporting and trend analysis only. After this time it will be deleted.
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.
CONTROL OVER YOUR INFORMATION
Under the General Data Protection Regulation, you have several important rights available to you for free. In summary, those include rights to:
- Access the personal information we hold about you
- Request that we transfer elements of your data to another service provider
- Request us to correct any mistakes in your information which we hold
- Request the erasure of personal information concerning you in certain situations
- Receive the personal information concerning you which you have provided to us, in a structured format
- Stop any direct marketing
- Object to processing of your personal data
If you would like to exercise any of these rights, please write to us at email@example.com
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made many requests. In this case, we will notify you and keep you updated.
KEEPING YOUR PERSONAL INFORMATION SECURE
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit http://www.getsafeonline.org.
CHANGES TO THIS PRIVACY NOTICE
This privacy notice was published on 01/01/2021 and last updated on 01/01/2021.
Any changes we make to this notice will be posted on this page.
HOW TO CONTACT US
If you wish to contact us please send an email to firstname.lastname@example.org
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.