RisCo Confidentiality Policy

We consider ensuring the right to the protection of personal data as a fundamental commitment of RisCo, therefore we will dedicate all necessary resources and efforts to process your data in full compliance with Regulation (EU) 2016/679 ("General Data Protection Regulation" or "GDPR"), as well as with any other legislation applicable on the territory of Romania. As one of the key principles of this legal framework is transparency, we want to inform you about how we collect, use, transfer and protect your personal data when you interact with us in connection with our products and services, including through our website. on our website or through the applications available on your mobile phone.

We reserve the right to periodically update and modify this Privacy Policy to reflect any changes to the way we process your personal data or any changes to legal requirements. In the event of any such changes, we will display the modified version of the Privacy Policy on our website, for which reason please check the contents of this Privacy Policy periodically.

Who we are and how can you contact us

RisCo is also the trade name of Risco Servicii Financiare S.R.L., a legal entity of Romanian nationality, having its registered office in Bucharest, Bdul Pierre de Coubertin no. 3-5, Office Building, 5th floor, room 5N, sector 2, registered at the trade register with no. J40 / 12529/2014, unique registration code RO33741906, (forwards "RisCo"). For the purposes of data protection legislation, we are the operator when we process your personal data.

As we are always open to your opinions, as well as to provide you with any additional information you may need regarding the processing of your data, we encourage you to contact the RisCo Data Protection Officer at dpo@risco.ro or by post or courier to the address Bucharest, Bdul Pierre de Coubertin no. 3-5, Office Building, 5th floor, room 5N, sector 2 - with the mention: in the attention of the RisCo Data Protection Officer.

What types of personal data we process
In general, we collect your personal data directly from you, so you have control over the type of information you provide to us. By way of example, we receive information from you in this way:
  • - When you create a RisCo account, send us: e-mail address, first and last name, mobile phone number, serial number and identity card, address. All this data is taken over in order to create the user account, to uniquely identify you, to authenticate in your account and to issue invoices in case of purchases.
  • - Within your personal page (My Account) in the RisCo platform you can complete the RisCo Profile by adding additional information, such as: photo, mobile phone number, website, Facebook account, Twitter account, work experience, education, foreign languages, domains interest, fields of communication.

We may also collect and further process certain information regarding your behavior while visiting our website or using your smartphone application, in order to personalize your online experience and provide you with offers tailored to your profile. our website and in the smartphone application we can store and collect information in cookies and similar technologies, according to Cookies policy.

We do not collect or otherwise process sensitive data, included by the General Regulation on data protection in special categories of personal data. We also do not want to collect or process data from people under the age of 18.

Which are the purposes and grounds or data processing
We will use your personal data for the following purposes:
  • 1. To provide RisCo services to your benefit and includes:

    a) Creation and administration of your client account within RisCo platform

    b) Processing of your orders, including their validation and invoicing

    c) Ensuring support services, including responding to your questions.

    The processing of your data for these purposes is in most cases necessary for the conclusion and execution of a contract between RisCo and you. Also, certain processing subject to these purposes is required by applicable law, including tax and accounting law.

  • 2. For the improvement of our services:

    We always want to offer you the best online shopping experience. For this, we may collect and use certain information regarding your user behavior, we may invite you to complete satisfaction questionnaires subsequent to the completion of an order or we may conduct, directly or with the help of partners, market research and research.

    We base these activities on our legitimate interest in conducting business, always taking care that your fundamental rights and freedoms are not affected.

  • 3. For marketing purposes:

    We want to keep you informed about the best offers for the products / services that interest you. In this regard, we can send you any type of message (such as: e-mail / SMS / telephone / mobile push / webpush / etc.) Containing general and thematic information, information on RisCo products and services.

    Marketing communications are based on your prior consent. You can change your mind and withdraw your consent at any time by:

    • - Changing client account settings in the section "My subscriptions"
    • - Access the unsubscribe link displayed in the messages you receive from us, or through
    • - Contacting RisCo using the contact details described above.

    In certain situations, we may base our marketing activities on our legitimate interest in promoting and developing our business. In any case where we use information about you for our legitimate interest, we take care and take all necessary measures to ensure that your fundamental rights and freedoms are not affected. However, you can ask us at any time, by the means described above, to stop the processing of your personal data for marketing purposes, and we will process your request.

  • 4. For the defense of our legitimate interest:

    There may be situations in which we use or transmit information to protect our rights and business. These may include:

    • - Measures to protect the website and the users of the RisCo platform against cyber attacks"
    • - Measures to prevent and detect fraudulent attempts, including the transmission of information to the competent public authorities
    • - Measures to manage various other risks.

    The general basis of these types of processing is our legitimate interest in defending our business, it being understood that we ensure that all the measures we take guarantee a balance between our interests and your fundamental rights and freedoms.

For how long do we keep your personal data

As a general rule, we will store your personal data as long as you have an account on the RisCo platform. You may request us to delete certain information or close your account at any time, and we will respond to such requests, subject to the retention of certain information, including after closing the account, in cases where applicable law or our legitimate interests so require.

To whom do we send your personal information
  • Where applicable, we may transmit or provide access to certain personal data of yours to the following categories of recipients:

    • - courier service providers
    • - payment / banking service providers
    • - marketing / telemarketing service providers.

    If we have a legal obligation or if it is necessary to defend a legitimate interest, we may also disclose certain personal data to public authorities.

    We ensure that access to your data by third parties under private law is made in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them.

In which countries do we transfer your personal information

We currently store and process your personal information only in Romania.

How do we protect the security of your personal information

We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures in accordance with industry standards.

We use the services of the ING Bank payment processor to make payments. Any payment information is encrypted using HTTPS technology with TSL 1.2 encryption.

Despite the measures taken to protect your personal data, we warn you that the transmission of information via the Internet, in general, or through other public networks, is not completely secure, there is a risk that the data may be viewed and used by third parties. unauthorized parties. We cannot be held responsible for such vulnerabilities in systems that are beyond our control.

What rights you have

The general data protection regulations will recognize a number of rights in relation to your personal data. You may request access to your data, the correction of any errors in our files and / or you may object to the processing of your personal data. You may also exercise your right to complain to the competent supervisory authority or to go to court. Depending on the case, you may also have the right to request the deletion of your personal data, the right to restrict the processing of your data and the right to data portability.

You may at any time exercise the following rights:
  • The right to information: you may request information regarding your personal information processing activities.
  • The right to rectification: your may rectify your inaccurate personal information or you may complete them.
  • The right to data deletion: ('dreptul de a fi uitat') poti obtine stergerea datelor, in cazul in care prelucrarea acestora nu a fost legala sau in alte cazuri prevazute de lege.
  • The right to restrict processing: you may solicit restriction of personal information processing in case you dispute data accuracy, as well as in other cases as provisioned by the law.
  • The right of opposition: you may object, in particular, to data processing based on our legitimate interest.
  • Right of data portability: you may receive, in certain conditions, the personal information you provided to us, in a format that can be automatically be read or you can solicit that the respective information to be transmitted to another operator.
  • Right to complain: you may complain against the way we processed your personal information to the National Authority for Processing Personal Information Supervision.
  • Right to withdraw your consent: In cases where the processing is based on your consent, you may withdraw it at any time. Withdrawal of consent will have effect only for the future, the processing performed prior to withdrawal remaining valid.
  • Supplementary rights afferent to automatic decisions: you can request and obtain human intervention regarding the respective processing, you can express your own point of view on this and you can challenge the decision.
Time of response

We intend to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made several requests, in which case we will respond within a maximum of two months. We will let you know if we need more than a month. We may ask if you can tell us exactly what you want to receive or what worries you. This will help us to act faster and shorten the response time to your request.

  • We may continue to use your personal data following a restriction request, if any:
    • - we have your consent.
    • - to ascertain, exercise or ensure the defense of a right in court.
    • - to protect the rights of RisCo or any other natural or legal person.
Complaints
You have the right to submit a complaint to the supervision authority regarding your personal information processing. In Romannia, contact information of the supervisory authority for personal information protection are the following:
  • The National Supervisory Authority for Personal Information Processing
  • B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, cod postal 010336, Bucuresti, Romania
  • Phone: +40.318.059.211 or +40.318.059.212
  • E-mail: anspdcp@dataprotection.ro

Without prejudice to your right to contact the supervisory authority at any time, please contact us in advance, and we promise that we will make every effort to resolve any issue amicably.

Questions and requests regarding data protection

RisCo is at your disposal for any questions, clarifications or any details you may need regarding this Data Processing Policy.

You may also contact us for any suggestions or comments regarding this Policy or how we collect and use your data at the DPO contact details below.

RisCo has appointed a Data Protection Officer whom you can contact regarding any aspect regarding the processing of personal data, at the following contact details:
  • Responsible with Data Protection
  • Address: Bd. Pierre de Coubertin 3-5, Office Building, 5th floor, room 5N, Sector 2, Bucharest
  • E-mail: dpo@risco.ro