Privacy Policy | Disruptcraft

Disruptcraft is the trade name of Coc Radu Cristian PFA with registered office at 136 Bucurestii Noi Blvd., Ground Floor, ap.5, District 1, Bucharest, Romania registered with the sole identification code 48855160 (herein after “Disruptcraft” or “we“). Disruptcraft processes personal data and ensures their protection, according to the applicable legislation in the field, including Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR).

This policy applies in connection with the processing of data carried out by Disruptcraft. This document is relevant for you regardless of your position: client, partner – natural person, representative of a partner – legal entity, applicant for an offer or person contacting us for other purposes (e.g. requests or complaints, visitor to one of our offices or workplaces, employee, visitor to our website, etc.)

The policy deals with the following aspects in the order below:
Categories of personal data we process;
Purposes for which we process those personal data;
Legal grounds justifying our processing;
Persons to whom we disclose the data;
Period for which we store the data;
Consequences of refusing to provide us with your personal data;
Your rights and information on how to exercise them;
Our contact details; and
Situations in which this information note applies and its amendments.

CATEGORIES OF DATA. PURPOSE. LEGAL GROUND

Current or potential clients of Disruptcraft.

We may process personal data regarding our clients’ representatives for:

Providing our services. We will use your data to send you an offer (at your request), to conclude and execute the contract with you, and to ensure that we provide the services you requested. In this case, we will base the processing on the necessity to conclude and/or execute the contract with you and on your consent to send offers. We will mainly process your contact details (name, first name, email, phone number) and, if we have a contractual relationship with you, the data included in the contract with you.

Operation of our services. We will use your data to ensure the operation of our services, by evaluating them and sending transactional or functionality-related messages/alerts of our programs. We also use your data for internal statistics on the functionality of services. We will mainly process your identification data (name, first name, home address, email address, phone number), your feedback, IP address, access and usage log data. The legal basis for these processing will be, as the case may be, the performance of the contract with you, our legitimate interest, or your consent.

Handling your requests. We will use your data to respond to any requests, requirements, complaints, or any other questions you send us within the relationship with you. In this case, the legal basis for the processing will be the performance of the contract with you or, as the case may be, your consent. We will mainly use your name, first name, contact details (name, first name, email address, phone number) and information contained in the request you send us.

Communication for marketing purposes. In order to send you communications and offers regarding our products, services, and promotions (on our initiative), it is necessary to process your personal data. In this case, the data processing will be based on your consent. We will mainly process the following data referring to you: name, first name, email address, phone number.

Members (employees, collaborators, etc.) of our contractual partners – legal entities

We may process your data for:

Maintaining the contractual relationship with the companies you are part of. In order to collaborate with the company you are part of (including communicating with you to resolve any issues that your company or Disruptcraft encounters in connection with the contract between them), we will need to process personal data referring to you. In this case, we will base the processing on our legitimate interests in being able to execute the contracts we have concluded with other companies and to ensure that the other companies execute those contracts in turn. We will mainly process the following data referring to you: name, first name, position, employer/collaborating company, phone number.

Communication for marketing purposes. In order to send you communications and offers regarding our products, services and promotions, it is necessary to process your personal data. In this case, the processing of your data will be based on your consent to receive such communications from us or, as the case may be, on our legitimate interests, where our analysis concluded that our legitimate interests prevail. We will mainly process the following data referring to you: name, first name, phone number, email address.

Our contractual partners – natural persons (business partners, not clients)

We may process your personal data for the following purposes:

In order to be able to conduct business relationships with you. It is necessary to process certain information referring to you in order to start and maintain the collaboration with you. In this case, we will base the processing of data referring to you on the necessity for concluding / executing the contract between you and us. We will mainly process the following data referring to you: name, first name, identity card data.

Handling your requests. We will use your data to respond to any requests, requirements, complaints, or any other questions you send us within the relationship with you. In this case, the legal basis for the processing will be the performance of the contract with you or, as the case may be, your consent.
We will mainly use your name, first name, contact details (email address, phone number), and information contained in the request you send us.

Members of public authorities

We will use your personal data to fulfill our legal obligations, such as responding to requests from authorities, keeping records required by law and others.

If you are a visitor of our websites or interacted with any of our pages on social media

We may use your personal data for the following purposes:

Improving the experience on our website. In order to take into account the preferences you expressed in previous browsing sessions, to adapt our website to the device you use, to solve any problems you may encounter when accessing, we process data such as: IP address; cookie identifiers; other online identifiers; unique device identifier (universal unique identifier – UUID); date and time of accessing the website; history of visits; web request; date and time of request / date and time of accessing the website; device used to access the website; type of Internet browser and browser language; information about events occurring on your device (e.g. errors); hardware settings information of your device; information about your location when accessing our website.

For more information on how we use cookie technology and similar technologies, please access our dedicated policy available at https://www.disruptcraft.com/cookie-policy. The legal basis for the processing will be in most cases your consent or our legitimate interest.

Knowing the opinions you communicate to us. Also, when you post a comment under one of our posts on social media, press the Like button, redistribute our post or send us a message on one of our pages, we will mainly process the data you provided to us (username, profile picture, action taken – like/other reaction or your comment).

In these cases, we will base the processing on your consent.

Managing our communications and IT systems and protecting them. We may process your data for: managing our communications systems; managing our IT security; performing security audits on our IT networks; protecting our data and systems against attacks and other similar acts in the virtual environment.

We will mainly process the following data referring to you: name, first name, email address, phone number.

In this case, we will base the processing on our legitimate interests or, as the case may be, fulfillment of our legal obligations.

If you sent us a review regarding our products or enrolled in our campaigns

We may use your data for the purpose of promoting the company and its projects, including through the use of testimonials provided.

In these cases, the processing is done on the basis of the consent you have given. Data to be processed may be, as the case may be: name, first name, picture, video (in case of testimonials provided this way).

In general, in any position you are in

We may also process your data for the following purposes:

Handling your requests. We will use your data to respond to any requests, requirements, complaints, or any other questions you address to us. We will mainly use your name, first name, contact details (email address, phone number) and information contained in the request you send us. In this case, the legal basis for the processing will be the performance of the contract with you (if any) or, as the case may be, your consent.

Response to requests from authorities or processing data in other cases where the law obliges us.It is possible that sometimes we have a legal obligation to communicate your data to public authorities or other natural or legal persons. In this case, the legal basis for the processing will be the fulfillment of our legal obligations.

Carrying out transactions, restructurings or other operations. In the context of transactions, it is possible to disclose your data to potential purchasers or their consultants or authorities, although we will try to minimize this as much as possible. In this case, the processing will be justified by our legitimate interests or the fulfillment of our legal obligations.

Defending our rights and interests or those of other persons.It is possible to process your data to establish, exercise or defend our rights or interests or those of other persons before courts, bailiffs, notaries public, other public authorities, arbitration tribunals, mediators or other public or private bodies resolving disputes, our lawyers, consultants (such as auditors or experts) or other natural or legal persons, public or private, involved in those disputes. In this situation, we will process your personal data, as the case may be, on the grounds of fulfilling legal obligations incumbent on us or our legitimate interests.

Fraud prevention. We are interested in carrying out our activity legally. Therefore, we may process your data (such as by transmitting this data to our consultants in various fields – auditors, lawyers, etc. or by consulting this data). In these cases, the processing will be justified by our legitimate interests in preventing fraud and other illegalities in our activity or, as the case may be, our legal obligations to ensure the legality of our operations.

About third-party data

If you provide us with personal data regarding other persons (e.g. your representatives, family members, persons in your care, etc.), you must ensure that you informed them about this and directed them to this information note on how Disruptcraft processes personal data.

We will appropriately inform those persons about how we process their data, where applicable.

TO WHOM WE WILL DISCLOSE YOUR PERSONAL DATA

As a rule, we will not disclose your data to other individuals or legal entities.

We limit access to data for people outside of Disruptcraft but in some cases, it may be necessary to disclose your data, as below.

We may disclose your data to other companies or individuals, such as: natural or legal persons acting as data processors for Disruptcraft in various fields (such as archiving documents, document destruction, or data storage, payment services, various services we may outsource), lawyers, other persons, courts, authorities. In these cases, we will disclose the data for legitimate reasons related to our activity, such as ensuring our ability to ensure the security of documents, relieving our activity, establishing, defending and exercising our rights or interests or those of another person.

We also have permission to disclose your personal data (identification data, financial situations, etc.) to the partners or representatives of partners chosen by you.

Also, as mentioned above, in some cases we may have a legal obligation to disclose data to public authorities or other natural or legal persons.

In all these cases we will ensure that the recipients of your personal data process it securely and confidentially, in accordance with the purpose for which we transmitted it to them and respecting your rights.

UNDER WHAT CONDITIONS COULD WE TRANSFER YOUR DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS

At this time we do not transfer and do not intend to transfer your personal data or any part thereof to other companies, organizations or persons in third countries or to international organizations.

If it becomes necessary to transfer the data to any of the destinations above, we will inform you in advance by posting this policy on the website 20 days before its entry into force.

HOW LONG WILL WE KEEP YOUR DATA

We will store your data in accordance with our personal data storage policy, which assigns a storage period based on the processing purpose and the category of data processed.

These periods are based on legal provisions (especially in the field of personal data protection), taking into account also the obligations to store certain data, applicable limitation periods, recommended practices in the field and the purposes of our activity.

For clients, the duration of processing personal data is identical to the duration of the main service provision contract.

WHAT CAN HAPPEN IF YOU DO NOT PROVIDE US WITH THE DATA

In most cases, you do not have an obligation to provide us with your personal data.

However, if you do not provide the requested data, we will not, for example, be able to conclude or negotiate a contract with you, provide our services, allow you access to all the options on our website, respond to complaints or requests or send you communications regarding our products, services and promotions that may be of interest to you.

ABSENCE OF AN AUTOMATED DECISION-MAKING PROCESS

We do not make decisions based solely on the automated processing of your data (including profiling) that produces legal effects concerning you or similarly significantly affects you.

YOUR RIGHTS AND HOW TO EXERCISE THEM

Your rights

You have the following rights:

Right of access to data. You have the right to obtain access to your personal data that we process or control or to copies thereof; you also have the right to obtain from us information regarding the nature, processing and disclosure of that data.

Right to rectification. You have the right to obtain rectification of inaccurate personal data concerning you that we process or control.

Right to erasure (”right to be forgotten”). You have the right to obtain from us the erasure of personal data concerning you that we process or control.

Right to restriction of processing. You have the right to restrict the processing of personal data concerning you that we process or control.

Right to object. You have the right to object to the processing of personal data concerning you by us or on our behalf.

Right to data portability. You have the right to receive your personal data that we process or control in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller.

Right to withdraw consent. In situations where we process your personal data based on your consent, you have the right to withdraw your consent; you can do this at any time, at least as easily as you granted us consent initially; withdrawing consent will not affect the lawfulness of processing your personal data that we have carried out prior to the withdrawal.

Right to lodge a complaint with the supervisory authority. You have the right to lodge a complaint with the supervisory authority for personal data processing regarding the processing of your data by us or on our behalf. In Romania, this personal data processing supervisory authority is the National Supervisory Authority for Personal Data Processing (ANSPDCP).

OUR CONTACT DETAILS

You can contact us at the details below.

Contact details of the personal data protection officer

Full name: Coc Radu Cristian

Correspondence address: 136 Bucureștii Noi Blvd., Ground Floor, ap.5, District 1, Bucharest

Email address: hello@disruptcraft.com

Website: https://www.disruptcraft.com

WHEN THIS INFORMATION APPLIES

This general information applies in connection with the processing of data referring to you by Disruptcraft

This information does not apply in connection with services or products offered by other companies or individuals, including those posted on our websites or about which we inform you otherwise. Also, this information does not cover the activity of other companies or persons advertising our services or products or otherwise processing your data through our websites or on social media in connection with our pages.

CHANGES TO THIS POLICY

It is possible to modify this policy. In such cases, we will inform you in advance by posting this policy on the website 20 days before its entry into force.

We will post this information note on our website as well, at the following link:

https://www.disruptcraft.com/privacy-policy

This version of this policy will enter into force on 01.10.2023.

GLOSSARY OF TERMS

Personal data processing supervisory authority: an independent public authority which, according to the law, has attributions regarding the supervision of compliance with personal data protection legislation. In Romania, this personal data processing supervisory authority is the National Supervisory Authority for Personal Data Processing (ANSPDCP).

Special categories of personal data (sensitive personal data/sensitive data): personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership; genetic data; biometric data for uniquely identifying a natural person;

Personal data: any information relating to an identified or identifiable natural person (referred to as “data subject”). A natural person is identifiable if he/she can be identified, directly or indirectly, in particular by reference to an identification element, such as: name, identification number, location data, online identifier, one/several elements specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. Thus, for example, the notion of personal data includes the following: name and surname; home or residence address; e-mail address; telephone number; personal numerical code (CNP); The categories of personal data concerning you that we process are listed above.

Controller: natural or legal person who determines the purposes and means of the processing of personal data. According to the law, responsibility for complying with legislation regarding personal data lies primarily with the controller. In relation to you, we are the controller and you are the data subject.

Processor: any natural or legal person who processes personal data on behalf of the controller, other than the controller’s employees.

Data subject: the natural person to whom certain personal data relates (to whom it “belongs”). In relation to us (the controller), you are the data subject.

Processing personal data: any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means; for example: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of respective personal data/sets of personal data. These are just examples. Practically, processing means any operation on personal data, whether by automated or manual means.

Third country: any state outside the European Union and the European Economic Area.

<<BACK HOME