1. General provisions
2. Details about our company
3. Processed data. Purpose, duration and basis of processing
4. Sensitive data processed. Purpose, duration and basis of processing
5. Mechanisms and use of automatic decision-making systems
6. Disclosure and further use of your data
7. How we collect data
8. Information security
9. Transferring your data outside the European Economic Area
10. Your rights to personal data
11. Confidentiality of minors
12. Principles of politics
13. Amendments
1.1 The confidentiality of personal data is one of the main concerns within the company S.C. ABI ROPLATI S.R.L. (hereinafter "the Company"). As such, we want to ensure the highest standards of confidentiality, integrity and transparency regarding the personal data we process in our activity.
1.2 As the activity is carried out we need to process a series of personal data with predilection in relation to the specificity of our object of activity we want to provide assurances that the processing will take place in compliance with the principles of transparency and security of personal data. This privacy policy is intended to help you understand what data we collect, why we collect it and what we do with it.
1.3 Our data protection policy and practices focus on the proper and legal processing, exchange and storage of personal information and at the same time ensuring confidentiality, integrity and availability.
1.4 All users have free access to the website www.rpay.eu, subject to compliance with this privacy policy. Our website complies with the General Data Protection Regulation - GDPR (Regulation (EU) 2016/679).
2.1 ABI ROPLATI SRL is a Romanian company, based in the town of Deva, Calea Zărandului 55 B, Hunedoara County, registered with the Trade Register Office under no. J20 / 66/2014, fiscal identification code 32710782, contact address office@rpay.eu.
2.2 The company acts as operator of the personal data collected through the page www.rpay.eu (hereinafter "the Website").
2.3 The operator has the obligation to manage the personal data on a secure basis and only for the specified purposes. that the users of the Site provide to them.
* 3.1.2 for more information on cookies please see our Cookies Policy.
Processed data | Purpose of processing | Retention period | The basis of processing | Where it is stored | Transfer |
3.1.1 the web server log | ensuring the security of the IT network | 6 months | compliance with legal obligations - Article 6 (1) (c) of the Regulation | in electronic format, in the cloud | Yes, in the cloud |
3.1.2 cookies* | |||||
3.2 Email and any other identifying data present therein | To answer the questions and messages we receive and to keep the correspondence records | only as long as the website will be needed | it is necessary to execute a contract or to start the process of contracting at your request (Article 6 (1) (b) | in electronic format, in the cloud | Yes, in the cloud |
3.3 phone number + data provided in telephone/email conversation | To answer the questions and messages we receive and to keep the correspondence records | your consent (Article 6 (1) (a)) | in electronic format, on the server | no | |
3.4 All information provided in postal communications | To answer the questions and messages we receive and to keep the correspondence records | as long as necessary, which will be applied in conjunction with the legal obligations established in our responsibility. | is required for the creation of a contract or to start the process of contracting, at your request (Article 6 (1) (b) | physically, key closet | no |
3.5 Name, first name, email | To send the newsletters | Until you unsubscribe | your consent (Article 6 (1) (a) of the General Data Protection Regulation). | in electronic format, in the cloud | Yes, in the cloud |
3.6 Name, surname, email, telephone | registering and managing the accounts on our website to allow you to access the history of purchased services, invoices and the list of preferences | only as long as they will be needed / until the account is deleted | your consent (Article 6 (1) (a) of the General Data Protection Regulation). | in electronic format, in the cloud | Yes, in the cloud |
3.7 name, first name, home address, e-mail, telephone, billing data, company name - unique identification code and registration number in the Trade Register. | to determine who the contractor is and to be able to contact you; to fulfill our obligations under the contract, including sending receipts, invoices and order confirmations. | six years from the end of the financial year in which you placed your order, in accordance with the requirements of the Fiscal Code | necessary for the good functioning of a contract (Article 6 (1) (b) of the General Data Protection Regulation). | in electronic format, in the cloud | Yes, in the cloud |
The data will be stored for the minimum period necessary to achieve the purpose, taking into account the following:
• the purpose and use of your information both in the present and in the future (for example, if it is necessary to continue storing that information in order to continue to fulfill our obligations under a contract with you or to contact you in the future;
• if we have a legal obligation to continue processing your information (such as any record keeping obligations required by law or relevant regulations);
• if we have any basis to continue processing the information (such as your consent);
• the levels of risk, cost and responsibility involved in continuing to hold the information.
If we mistakenly receive information about you from a third party and / or have no legal basis for processing such information, we will delete your information.
After placing an order on our website, you will need to pay for the goods or services you have ordered. To process your payment, we use third party payment processors: PayU. The payment processors mentioned above collect, use and process your information, including payment information, in accordance with their privacy policies. You can access our privacy policies through the following links: https://www.payu.ro/politica-de-confidentialitate.
PayU is located in Romania. The information regarding the processing of your payment is stored in the European Economic Area on the PayU servers in Romania.
The www.rpay.eu website does not collect sensitive data.
5.1 We use automatic decision-making mechanisms on our website. We do not consider this to have a legal effect on you or affect you in a similar manner.
You have the right to object to our use of the automatic decision making and profiling mechanisms described in this section. You may do this by opting out of cookies and similar technologies in accordance with the method described in the relevant section of this privacy policy. If you do not want us to process your real IP address (usually the IP address assigned by your Internet Service Provider) when you visit our site, you may use a virtual private network (VPN) or a free service.
You can learn more about the use of cookies and similar technologies (including the legal basis for their use) and how to opt-out of these in the Cookies Policy.
Automatic decision-making mechanisms are those decision-making mechanisms through technological means (through a machine) without human involvement.
Using automatic decision-making mechanisms for advertising
We automate the display of advertisements that contain our products and services on other websites you visit through the use of cookies.
Logic involved: automatic display of ads to people who have visited our site increases the efficiency of advertising and is more economical for us than manual display or other advertising methods.
Meaning and expected consequences: cookies will be used to acknowledge that you have visited our site to display advertisements (unless you have blocked such cookies) and will collect information about your behavior online.
How to oppose : You can block these types of cookies using your browser settings. For more information, see our cookie policy.
This section sets out the circumstances under which we will disclose your data to third parties and any additional purposes for which we use your data.
6.1.1 We use a number of service providers that are important to the business and process your information for us and on our behalf,
Telephone Service Providers
Email Service Providers
IT Service Providers
Website Developers
Marketing Service Providers
Email Marketing Service Providers
6.1.2 Your information will be shared with these service providers, where necessary to provide you with the service you have requested, regardless of whether this request is to access our site or ordering goods and services from us.
6.1.3 We do not publicly display the identity of our service providers for security and competitiveness reasons. However, if you would like further information on the identity of the service providers, please contact us directly by e-mail at office@rpay.eu and we will provide you with such information if you have a legitimate reason to request it. br>
6.1.4 Legal basis for processing:
a) consent - the customer has given his consent for the processing of his personal data for one or more specific purposes;
b) End or execution of a contract - processing is necessary to execute a contract to which the customer is a party or to take action at the request of the customer before concluding the contract;
c) fulfillment of a legal obligation - processing is necessary in order to fulfill a legal obligation of the operator;
d) legitimate interest - processing is necessary for the purposes of the legitimate interests pursued by the operator or by a third party, unless the interests or fundamental rights and freedoms of the customer prevail, which requires the protection of personal data, especially when the customer is a child.
6.2.1 We will disclose your information to third parties in certain circumstances, as shown below.
I. Providing information to third parties, such as Google Inc., Facebook. Google collects information by using Google Analytics on our website. Google, Facebook, uses this information, including IP addresses and cookie information, for a variety of purposes, such as improving the quality of our services and your browsing experience. The information is collected by Google and Facebook anonymously.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interests: improving the quality of our services.
II. II. Sharing your information with third parties, which are either related to or associated with the operation of our business, if necessary for us. These third parties include consultants, affiliates, business partners, independent contractors and insurers. Further information on each of these third parties is presented below.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: functioning and efficient management of our business.
• Business partners
Business partners are the companies we work with and provide goods and services similar to those offered by us, which are complementary to our own business or which enable us to provide goods or services that we cannot offer on our own. We share information with our business partners, in case you have requested services that they provide, either independently or in connection with our own services and in order to fulfill our contractual obligations towards you. Our business partners are located in (Romania / European Union).
6.2.2 We do not display the identity of all other third parties with whom we can share information for security reasons and to maintain our competitive advantage. However, if you would like further information on the identity of such third parties, please contact us directly through the contact form on the page (link to the contact form) or by e-mail to the address (email contact) and we will provide you with such information if you have a legitimate reason for requesting and only if we shared the information with such third parties.)
6.2.3 We will disclose your information to a potential buyer or seller or real in the context of a business sale or acquisition, a merger or a similar event, real or potential.
The legal basis for processing: the legitimate interest (Article 6 (1) (f) of the General Regulation) data protection).
Legitimate interest: We allow access to information with a potential buyer, seller or similar person to allow such a transaction.
A. Indication of possible criminal acts or threats to public safety to a competent authority .
If we suspect that criminal or potential behavior has occurred, we will, in certain circumstances, need to contact an authority such as the police. This may be the case, for example, if we suspect a cyber fraud or crime or if we receive malicious threats or communications from us or from third parties.
In general, we will only need to process your information for this purpose , if you were involved in or affected by such an incident in one way or another.
The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: prevention of crime or suspected criminal activity (such as fraud).
B. In connection with the potential application or application of our legal rights
We will use your information in connection with the implementation or potential application of our legal rights, including, for example, the exchange of information with debt collection agencies, if you do not pay the amounts due when you are contractually obligated to do so. Our legal rights may be contractual (if we have concluded a contract with you) or non-contractual (such as the legal rights we have under copyright or criminal liability).
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: to impose our legal rights and to take measures to ensure our legal rights.
C. In connection with a legal or potential legal dispute or proceeding
We may need to use your information if we are involved in a dispute with you or a third party, for example, or for to settle the dispute, either as part of mediation, arbitration or a court decision or similar process.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation) ).
Legitimate interest: settling disputes or possible disputes.
D. For continued compliance with laws, regulations and other legal requirements
We will use and process your information to comply with the legal obligations we are subject to. For example, it may be necessary to disclose your information based on a court order or citation, if we receive one.
Legal basis for processing: compliance with a legal obligation (Article 6 (1) (c)) of the General Regulation on data protection. processing law: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: if the legal obligations are part of the laws of another country and have not been integrated within the legal framework of Romania, we have a legitimate interest in meeting these obligations.
7.1 We collect your personal data, directly from you, for example, when you send us an email requesting an offer / information or when giving us your data for contract or newsletter subscription.
7.2 We collect your personal data and automatically >. When you use our services on the Company's website, we collect information through cookies and by logging your activity. For more information on the use of cookies, please see our cookie policy.
8.1 We take appropriate technical and organizational measures to secure your information and to protect you against unauthorized or illegal use and accidental loss or destruction, including:
• sharing and providing access to your data to the minimum extent necessary, subject to confidentiality restrictions, where appropriate and anonymously, whenever possible;
• using secure servers for storing information;
• verifying the identity of any person who request access to information before granting them access to information;
• use Secure Sockets Layer (SSL) to encrypt any information you submit to us through any forms on our website;
• we transfer your data only through a closed system or encrypted data transfers.
8.2 Sharing of information to us by e-mail
8.2.1 Sending information on the Internet is not entirely secure and if you send us information via the Internet (via e-mail or any other way) ), do so entirely at your own risk.
8.2.2 We cannot be held responsible for any expenses, loss of profits, reputational damage, damages, debts or any another form of loss or damage suffered by you as a result of your decision to transmit information to us by such means.
Your data will not be transferred to countries outside the EEA.
10.1 Subject to certain restrictions, you have the following rights in connection with your data which you may exercise by submitting a written request sent to Calea Zărandului 55 B, Deva, Hunedoara County or by sending an e -mail to office@rpay.eu:
• request access to your information and information regarding the use and processing of your information;
• request the correction or deletion of your data;
• request the limitation of the use of your data;
• receive the information you have provided us in a structured format, commonly used and readable by a device (for example, a CSV file) and the right to transfer that information to another data controller (including a third-party data controller);
• to object to the processing of your data for certain purposes (for more information, see you have the section below entitled "Your right to object to data processing for certain purposes");
• withdraw your consent to use your data at any time we rely on your consent to use or process this information. Please note that withdrawing your consent will not affect the legality of your use and processing of your data based on your consent before the time you withdraw your consent.
10.2 You can also file a complaint regarding the processing of your data with the National Authority for the Processing and Supervision of Personal Data (G-ral Boulevard. Gheorghe Magheru 28-30, Sector 1, postal code 010336, Bucharest, Romania, www.dataprotection.ro , anspdcp@dataprotection.ro).
If you request access to your information, we are required by law to use all reasonable measures to verify your identity before doing so.
These measures are designed to protect your information and reduce your risk of identity theft, identity theft or general unauthorized access to your information
How do we verify your identity?
10.3.1 If we have appropriate information about you in the database, we will try to verify your identity using this information.
If we cannot identify you based on this information or if we do not have sufficient information about you, we may request copies or certificates of documents to verify your identity before we can give you access to your data
We will be able to confirm the exact information we need to verify your identity at your specific circumstances if and when you make such a request.
You have the following rights regarding your data that you can exercise by writing to our company headquarters: the town of Deva, Calea Zărandului 55 B, Hunedoara County or by sending an email to office@rpay.eu:
• object to the use or processing of information by us to carry out a task in the public interest or in our legitimate interest, including analyzing or predicting your behavior based on your information; and
• to object to the use or processing of your data for direct marketing purposes (including any profile we involve in connection with this direct marketing).
10.5 You may also exercise your right to object to the use or processing of your data for direct marketing purposes:
• by clicking the unsubscribe link at the bottom of any the marketing email we send you and following the instructions that appear in your browser, after you click on that link;
• sending an SMS message containing only the word "DELETE" in response to any communication by marketing we send by text message or by accessing the link indicated in the received SMS message; or
• by sending an e-mail to office@rpay.eu, asking us not to send marketing communications or by including the words "UNSUBSCRIBE"; or
10.6 For more information on how you can object to the use of data collected through cookies and similar technologies, see our cookie policy.
11.1 We do not process data of minors under the age of 16.
11.2 We may receive information regarding people who have not reached the age of 16 through fraud or deception of a third party. If we are notified of this, as soon as we verify the information, when the law requires it, we will immediately obtain the consent of the legal representative to use this information or, if we cannot obtain this consent, we will delete the information from our servers. If you would like to notify us of information about persons under the age of 16, please do so by sending an email to office@rpay.eu.
11.3 The data of minors between the ages of 16 and 18 years are processed according to Regulation 679/2016, only with the consent of the data subject.
a) The processing of personal data will be done in a legal, correct and transparent manner;
b) The collection of personal data will be done only for specified, explicit and legitimate purposes and the data will not be further processed in an incompatible manner for those purposes;
c) The collection of personal data will be adequate, relevant and limited to the information necessary for the purpose of processing;
d) The personal data will be accurate and, where necessary, updated;
e) they will take all necessary measures to ensure that incorrect data is deleted or corrected without delay;
f) Personal data will be kept in a form that allows the data subject to be identified and for a period no longer than that in which the data personal data are processed;
g) All personal data will be kept confidential and stored in a manner that ensures the necessary security;
h) Personal data will not be distributed to third parties, only if it is necessary for the purpose of providing services in accordance with the agreements;
i) The customers have the right to request access to the personal data, their rectification and deletion, the opposition or restriction from the processing of the data as well as from the right of data portability.
13.1 We regularly update and change our privacy policy.
13.2 Minor changes to our privacy policy
13.2.1 If we make minor changes to our privacy policy, we will update the Privacy Policy with a new "date" mentioned at the beginning of it. The processing of your information will be governed by the practices established in the new version of the Privacy Policy as of its effective date.
13.3 Major changes to our privacy policy or the purposes for which we process your information
13.3.1 If we make major changes to our privacy policy or intend to use your data for a new purpose or for a purpose other than the purpose for which we initially collected it, we will notify you by email (if possible) or by posting an ad on our website.
13.3.2 We will provide you with information about the change in question and the purpose and any other relevant information before using your information for the new purpose.
13.3.3 Whenever necessary, we will obtain your consent in case the information serves a purpose other than the purposes for which we originally collected it.